[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri, 24 Dec 2021 00:52:22 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
799e7727 by Salvatore Bonaccorso at 2021-12-24T09:51:33+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2021-45472 (In MediaWiki through 1.37, XSS can occur in 
Wikibase because an
 CVE-2021-45471 (In MediaWiki through 1.37, blocked IP addresses are allowed to 
edit En ...)
        TODO: check
 CVE-2021-45470 (lib/DatabaseLayer.py in cve-search before 4.1.0 allows regular 
express ...)
-       TODO: check
+       NOT-FOR-US: cve-search
 CVE-2021-4161
        RESERVED
 CVE-2021-45469 (In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel 
through 5.15 ...)
@@ -2763,7 +2763,7 @@ CVE-2021-26255
 CVE-2021-23189
        RESERVED
 CVE-2021-23175 (NVIDIA GeForce Experience contains a vulnerability in user 
authorizati ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2021-23171
        RESERVED
 CVE-2021-23170
@@ -3191,9 +3191,9 @@ CVE-2021-44602
 CVE-2021-44601
        RESERVED
 CVE-2021-44600 (The password parameter on Simple Online Mens Salon Management 
System ( ...)
-       TODO: check
+       NOT-FOR-US: Simple Online Mens Salon Management System (MSMS)
 CVE-2021-44599 (The id parameter from Online Enrollment Management System 1.0 
system a ...)
-       TODO: check
+       NOT-FOR-US: Online Enrollment Management System
 CVE-2021-44598
        RESERVED
 CVE-2021-44597
@@ -3433,7 +3433,7 @@ CVE-2021-44528 [Possible Open Redirect in Host 
Authorization Middleware]
 CVE-2021-44527 (A vulnerability found in UniFi Switch firmware Version 5.43.35 
and ear ...)
        NOT-FOR-US: UniFi Switch firmware
 CVE-2021-44526 (Zoho ManageEngine ServiceDesk Plus before 12003 allows 
authentication  ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2021-44525 (Zoho ManageEngine PAM360 before build 5303 allows attackers to 
modify  ...)
        NOT-FOR-US: Zoho ManageEngine
 CVE-2021-44524 (A vulnerability has been identified in SiPass integrated V2.76 
(All ve ...)
@@ -3464,7 +3464,7 @@ CVE-2021-4047
        RESERVED
        NOT-FOR-US: Red Hat OpenShift 4.9 incomplete fix for CVE-2021-39242
 CVE-2021-23198 (mySCADA myPRO: Versions 8.20.0 and prior has a feature where 
the passw ...)
-       TODO: check
+       NOT-FOR-US: mySCADA myPRO
 CVE-2021-44521
        RESERVED
 CVE-2021-4046
@@ -3637,7 +3637,7 @@ CVE-2021-23179
 CVE-2021-44464
        RESERVED
 CVE-2021-44453 (mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable 
debug interf ...)
-       TODO: check
+       NOT-FOR-US: mySCADA myPRO
 CVE-2021-44451
        RESERVED
 CVE-2021-44450 (A vulnerability has been identified in JT Utilities (All 
versions < ...)
@@ -4942,23 +4942,23 @@ CVE-2021-43991 (The Kentico Xperience CMS version 13.0 
– 13.0.43 is vulner
 CVE-2021-43990
        RESERVED
 CVE-2021-43989 (mySCADA myPRO Versions 8.20.0 and prior stores passwords using 
MD5, wh ...)
-       TODO: check
+       NOT-FOR-US: mySCADA myPRO
 CVE-2021-43988
        RESERVED
 CVE-2021-43987 (An additional, nondocumented administrative account exists in 
mySCADA  ...)
-       TODO: check
+       NOT-FOR-US: mySCADA myPRO
 CVE-2021-43986
        RESERVED
 CVE-2021-43985 (An unauthenticated remote attacker can access mySCADA myPRO 
Versions 8 ...)
-       TODO: check
+       NOT-FOR-US: mySCADA myPRO
 CVE-2021-43984 (mySCADA myPRO: Versions 8.20.0 and prior has a feature where 
the firmw ...)
-       TODO: check
+       NOT-FOR-US: mySCADA myPRO
 CVE-2021-43983 (WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable 
to mult ...)
        NOT-FOR-US: WECON LeviStudioU
 CVE-2021-43982 (Delta Electronics CNCSoft Versions 1.01.30 and prior are 
vulnerable to ...)
        NOT-FOR-US: Delta
 CVE-2021-43981 (mySCADA myPRO: Versions 8.20.0 and prior has a feature to send 
emails, ...)
-       TODO: check
+       NOT-FOR-US: mySCADA myPRO
 CVE-2021-43980
        RESERVED
 CVE-2021-43979 (** DISPUTED ** Styra Open Policy Agent (OPA) Gatekeeper 
through 3.7.0  ...)
@@ -50094,7 +50094,7 @@ CVE-2021-27009
 CVE-2021-27008
        RESERVED
 CVE-2021-27007 (NetApp Virtual Desktop Service (VDS) when used with an HTML5 
gateway i ...)
-       TODO: check
+       NOT-FOR-US: NetApp Virtual Desktop Service
 CVE-2021-27006 (StorageGRID (formerly StorageGRID Webscale) versions 11.5 
prior to 11. ...)
        TODO: check
 CVE-2021-27005 (Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 
9.7P16,  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/799e7727b57f4273096b6cf3e9386d079baca326

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/799e7727b57f4273096b6cf3e9386d079baca326
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to