Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6e135ea6 by Salvatore Bonaccorso at 2022-03-17T09:20:35+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1548,7 +1548,7 @@ CVE-2022-26661 (An XXE issue was discovered in Tryton
Application Platform (Serv
NOTE: https://bugs.tryton.org/issue11219
NOTE:
https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
CVE-2022-26660 (RunAsSpc 4.0 uses a universal and recoverable encryption key.
In posse ...)
- TODO: check
+ NOT-FOR-US: RunAsSpc
CVE-2022-26659
RESERVED
CVE-2022-26658
@@ -1804,7 +1804,7 @@ CVE-2022-26536
CVE-2022-26535
RESERVED
CVE-2022-26534 (FISCO-BCOS release-3.0.0-rc2 was discovered to contain an
issue where ...)
- TODO: check
+ NOT-FOR-US: FISCO-BCOS
CVE-2022-26533 (Alist v2.1.0 and below was discovered to contain a cross-site
scriptin ...)
NOT-FOR-US: Alist
CVE-2022-25960
@@ -2500,7 +2500,7 @@ CVE-2022-26305
CVE-2022-26301
RESERVED
CVE-2022-26300 (EOS v2.1.0 was discovered to contain a heap-buffer-overflow
via the fu ...)
- TODO: check
+ NOT-FOR-US: EOS
CVE-2022-26299
RESERVED
CVE-2022-26298
@@ -2510,11 +2510,11 @@ CVE-2022-26297
CVE-2022-26296
RESERVED
CVE-2022-26295 (A stored cross-site scripting (XSS) vulnerability in
/ptms/?page=user ...)
- TODO: check
+ NOT-FOR-US: Online Project Time Management System
CVE-2022-26294
RESERVED
CVE-2022-26293 (Online Project Time Management System v1.0 was discovered to
contain a ...)
- TODO: check
+ NOT-FOR-US: Online Project Time Management System
CVE-2022-26292
RESERVED
CVE-2022-26291
@@ -8795,13 +8795,13 @@ CVE-2022-24077
CVE-2022-24076
RESERVED
CVE-2022-24075 (Whale browser before 3.12.129.18 allowed extensions to replace
JavaScr ...)
- TODO: check
+ NOT-FOR-US: Whale browser
CVE-2022-24074 (Whale Bridge, a default extension in Whale browser before
3.12.129.18, ...)
- TODO: check
+ NOT-FOR-US: Whale Bridge
CVE-2022-24073 (The Web Request API in Whale browser before 3.12.129.18
allowed to den ...)
- TODO: check
+ NOT-FOR-US: Whale browser
CVE-2022-24072 (The devtools API in Whale browser before 3.12.129.18 allowed
extension ...)
- TODO: check
+ NOT-FOR-US: Whale browser
CVE-2022-24071 (A Built-in extension in Whale browser before 3.12.129.46
allows attack ...)
NOT-FOR-US: Whale browser
CVE-2022-24070
@@ -15834,7 +15834,7 @@ CVE-2022-22275
CVE-2022-22274
RESERVED
CVE-2022-22273 (** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of
Special Ele ...)
- TODO: check
+ NOT-FOR-US: Sonicwall
CVE-2022-22272 (Improper authorization in TelephonyManager prior to SMR
Jan-2022 Relea ...)
NOT-FOR-US: Samsung
CVE-2022-22271 (A missing input validation before memory copy in TIMA trustlet
prior t ...)
@@ -27889,11 +27889,11 @@ CVE-2021-42732
CVE-2021-42731 (Adobe InDesign versions 16.4 (and earlier) are affected by a
Buffer Ov ...)
NOT-FOR-US: Adobe
CVE-2021-42730 (Adobe Bridge version 11.1.1 (and earlier) is affected by a
memory corr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42729 (Adobe Bridge version 11.1.1 (and earlier) is affected by a
memory corr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42728 (Adobe Bridge 11.1.1 (and earlier) is affected by a stack
overflow vuln ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42727 (Adobe Bridge 11.1.1 (and earlier) is affected by a stack
overflow vuln ...)
NOT-FOR-US: Adobe
CVE-2021-42726 (Adobe Bridge version 11.1.1 (and earlier) is affected by a
memory corr ...)
@@ -27901,17 +27901,17 @@ CVE-2021-42726 (Adobe Bridge version 11.1.1 (and
earlier) is affected by a memor
CVE-2021-42725 (Adobe Bridge version 11.1.1 (and earlier) is affected by a
memory corr ...)
NOT-FOR-US: Adobe
CVE-2021-42724 (Adobe Bridge version 11.1.1 (and earlier) is affected by a
memory corr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42723 (Adobe Bridge version 11.1.1 (and earlier) is affected by an
out-of-bou ...)
NOT-FOR-US: Adobe
CVE-2021-42722 (Adobe Bridge version 11.1.1 (and earlier) is affected by an
out-of-bou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42721 (Acrobat Bridge versions 11.1.1 and earlier are affected by a
use-after ...)
NOT-FOR-US: Adobe
CVE-2021-42720 (Adobe Bridge version 11.1.1 (and earlier) is affected by an
out-of-bou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42719 (Adobe Bridge version 11.1.1 (and earlier) is affected by an
out-of-bou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42718
RESERVED
CVE-2021-3894 [sctp: local DoS: unprivileged user can cause BUG()]
@@ -28307,7 +28307,7 @@ CVE-2022-0001 (Non-transparent sharing of branch
predictor selectors between con
CVE-2021-42553
RESERVED
CVE-2021-42552 (Cross-site Scripting (XSS) vulnerability in ArchivistaBox
webclient al ...)
- TODO: check
+ NOT-FOR-US: ArchivistaBox
CVE-2021-42551 (Cross-site Scripting (XSS) vulnerability in the search
functionality o ...)
NOT-FOR-US: AlCoda NetBiblio WebOPAC
CVE-2021-42549 (Insufficient Input Validation in the search functionality of
Wordpress ...)
@@ -28343,7 +28343,7 @@ CVE-2021-42535
CVE-2021-42534 (The affected product’s web application does not properly
neutral ...)
NOT-FOR-US: Trane
CVE-2021-42533 (Adobe Bridge version 11.1.1 (and earlier) is affected by a
double free ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42532
RESERVED
CVE-2021-42531
@@ -28355,9 +28355,9 @@ CVE-2021-42529
CVE-2021-42528
RESERVED
CVE-2021-42527 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier)
is affect ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42526 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier)
is affect ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42525 (Acrobat Animate versions 21.0.9 (and earlier)is affected by an
out-of- ...)
NOT-FOR-US: Adobe
CVE-2021-42524 (Adobe Animate version 21.0.9 (and earlier) are affected by an
out-of-b ...)
@@ -30206,9 +30206,9 @@ CVE-2021-42266 (Adobe Animate version 21.0.9 (and
earlier) is affected by a memo
CVE-2021-42265
RESERVED
CVE-2021-42264 (Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null
pointer ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42263 (Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null
pointer ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-3882 (LedgerSMB does not set the 'Secure' attribute on the session
authoriza ...)
- ledgersmb <not-affected> (Vulnerable code introduced later)
NOTE: https://huntr.dev/bounties/7061d97a-98a5-495a-8ba0-3a4c66091e9d/
@@ -30909,7 +30909,7 @@ CVE-2021-41989
CVE-2021-41988
RESERVED
CVE-2021-41987 (In the SCEP Server of RouterOS in certain Mikrotik products,
an attack ...)
- TODO: check
+ NOT-FOR-US: Mikrotik
CVE-2021-41986
RESERVED
CVE-2021-41985
@@ -33879,45 +33879,45 @@ CVE-2021-40797 (An issue was discovered in the routes
middleware in OpenStack Ne
NOTE: neutron-api in Debian is served over UWSGI, cf.
https://bugs.debian.org/994202
NOTE: and so serves the requests and stops the process.
CVE-2021-40796 (Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null
pointer ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40795
RESERVED
CVE-2021-40794 (Adobe Premiere Pro version 15.4.1 (and earlier) is affected by
a memor ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40793 (Adobe Premiere Pro version 15.4.1 (and earlier) is affected by
a memor ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40792 (Adobe Premiere Pro version 15.4.1 (and earlier) is affected by
a memor ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40791
RESERVED
CVE-2021-40790
RESERVED
CVE-2021-40789 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier)
is affect ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40788 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier)
is affect ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40787 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier)
is affect ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40786 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier)
is affect ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40785 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier)
is affect ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40784 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected
by a memo ...)
NOT-FOR-US: Adobe
CVE-2021-40783 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected
by a memo ...)
NOT-FOR-US: Adobe
CVE-2021-40782 (Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null
pointer ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40781 (Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null
pointer ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40780 (Adobe Media Encoder version 15.4.1 (and earlier) is affected
by a memo ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40779 (Adobe Media Encoder version 15.4.1 (and earlier) is affected
by a memo ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40778 (Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null
pointer ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40777 (Adobe Media Encoder version 15.4.1 (and earlier) is affected
by a memo ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40776
RESERVED
CVE-2021-40775 (Adobe Prelude version 10.1 (and earlier) is affected by a
memory corru ...)
@@ -33933,21 +33933,21 @@ CVE-2021-40771 (Adobe Prelude version 10.1 (and
earlier) is affected by a memory
CVE-2021-40770 (Adobe Prelude version 10.1 (and earlier) is affected by a
memory corru ...)
NOT-FOR-US: Adobe
CVE-2021-40769 (Adobe Character Animator version 4.4 (and earlier versions)
are affect ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40768 (Adobe Character Animator version 4.4 (and earlier) is affected
by a Nu ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40767 (Adobe Character Animator version 4.4 (and earlier) is affected
by an A ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40766 (Adobe Character Animator version 4.4 (and earlier versions)
are affect ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40765 (Adobe Character Animator version 4.4 (and earlier) is affected
by a me ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40764 (Adobe Character Animator version 4.4 (and earlier) is affected
by a me ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40763 (Adobe Character Animator version 4.4 (and earlier) is affected
by a me ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40762 (Adobe Character Animator version 4.4 (and earlier) is affected
by a Nu ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40761 (Adobe After Effects version 18.4.1 (and earlier) is affected
by a Null ...)
NOT-FOR-US: Adobe
CVE-2021-40760 (Adobe After Effects version 18.4.1 (and earlier) is affected
by a memo ...)
@@ -33971,7 +33971,7 @@ CVE-2021-40752 (Adobe After Effects version 18.4 (and
earlier) is affected by a
CVE-2021-40751 (Adobe After Effects version 18.4 (and earlier) is affected by
a memory ...)
NOT-FOR-US: Adobe
CVE-2021-40750 (Adobe Bridge version 11.1.1 (and earlier) is affected by a
Null pointe ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40749
RESERVED
CVE-2021-40748
@@ -33987,23 +33987,23 @@ CVE-2021-40744
CVE-2021-40743
RESERVED
CVE-2021-40742 (Adobe Audition version 14.4 (and earlier) is affected by a
Null pointe ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40741 (Adobe Audition version 14.4 (and earlier) is affected by an
Access of ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40740 (Adobe Audition version 14.4 (and earlier) is affected by a
memory corr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40739 (Adobe Audition version 14.4 (and earlier) is affected by a
memory corr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40738 (Adobe Audition version 14.4 (and earlier) is affected by a
memory corr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40737 (Adobe Audition version 14.4 (and earlier) is affected by a
Null pointe ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40736 (Adobe Audition version 14.4 (and earlier) is affected by a
memory corr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40735 (Adobe Audition version 14.4 (and earlier) is affected by a
memory corr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40734 (Adobe Audition version 14.4 (and earlier) is affected by a
memory corr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40733 (Adobe Animate version 21.0.9 (and earlier) is affected by a
memory cor ...)
NOT-FOR-US: Adobe
CVE-2021-40732 (XMP Toolkit version 2020.1 (and earlier) is affected by a null
pointer ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e135ea6197281f663c34432f791515ecccd6d62
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e135ea6197281f663c34432f791515ecccd6d62
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
