Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6c0578eb by Salvatore Bonaccorso at 2022-01-05T21:34:41+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -65180,17 +65180,17 @@ CVE-2021-21879 (A directory traversal vulnerability
exists in the Web Manager Fi
CVE-2021-21878 (A local file inclusion vulnerability exists in the Web Manager
Applica ...)
NOT-FOR-US: antronix PremierWave
CVE-2021-21877 (Specially-crafted HTTP requests can lead to arbitrary command
executio ...)
- TODO: check
+ NOT-FOR-US: Lantronix
CVE-2021-21876 (Specially-crafted HTTP requests can lead to arbitrary command
executio ...)
- TODO: check
+ NOT-FOR-US: Lantronix
CVE-2021-21875 (A specially-crafted HTTP request can lead to arbitrary command
executi ...)
- TODO: check
+ NOT-FOR-US: Lantronix
CVE-2021-21874 (A specially-crafted HTTP request can lead to arbitrary command
executi ...)
- TODO: check
+ NOT-FOR-US: Lantronix
CVE-2021-21873 (A specially-crafted HTTP request can lead to arbitrary command
executi ...)
- TODO: check
+ NOT-FOR-US: Lantronix
CVE-2021-21872 (An OS command injection vulnerability exists in the Web
Manager Diagno ...)
- TODO: check
+ NOT-FOR-US: Lantronix
CVE-2021-21871 (A memory corruption vulnerability exists in the DMG File
Format Handle ...)
NOT-FOR-US: PowerISO
CVE-2021-21870 (A use-after-free vulnerability exists in the JavaScript engine
of Foxi ...)
@@ -71295,9 +71295,9 @@ CVE-2021-20150 (Trendnet AC2600 TEW-827DRU version
2.08B01 improperly discloses
CVE-2021-20149 (Trendnet AC2600 TEW-827DRU version 2.08B01 does not have
sufficient ac ...)
NOT-FOR-US: Trendnet
CVE-2021-20148 (ManageEngine ADSelfService Plus below build 6116 stores the
password p ...)
- TODO: check
+ NOT-FOR-US: ManageEngine
CVE-2021-20147 (ManageEngine ADSelfService Plus below build 6116 contains an
observabl ...)
- TODO: check
+ NOT-FOR-US: ManageEngine
CVE-2021-20146 (An unprotected ssh private key exists on the Gryphon devices
which cou ...)
NOT-FOR-US: Gryphon Tower routers
CVE-2021-20145 (Gryphon Tower routers contain an unprotected openvpn
configuration fil ...)
@@ -71323,11 +71323,11 @@ CVE-2021-20136 (ManageEngine Log360 Builds < 5235
are affected by an improper
CVE-2021-20135 (Nessus versions 8.15.2 and earlier were found to contain a
local privi ...)
NOT-FOR-US: Nessus
CVE-2021-20134 (Quagga Services on D-Link DIR-2640 less than or equal to
version 1.11B ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2021-20133 (Quagga Services on D-Link DIR-2640 less than or equal to
version 1.11B ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2021-20132 (Quagga Services on D-Link DIR-2640 less than or equal to
version 1.11B ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2021-20131 (ManageEngine ADManager Plus Build 7111 contains a
post-authentication ...)
NOT-FOR-US: ManageEngine ADManager Plus
CVE-2021-20130 (ManageEngine ADManager Plus Build 7111 contains a
post-authentication ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c0578eba8232fee4f238869043d68e796135ace
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c0578eba8232fee4f238869043d68e796135ace
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
