Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
873685ab by Neil Williams at 2022-05-09T09:41:33+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35183,7 +35183,7 @@ CVE-2021-33845 (The Splunk Enterprise REST API allows
enumeration of usernames v
CVE-2021-31559 (A crafted request bypasses S2S TCP Token authentication
writing arbitr ...)
TODO: check
CVE-2021-26253 (A potential vulnerability in Splunk Enterprise's
implementation of DUO ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2021-43336 (An Out-of-Bounds Write vulnerability exists when reading a DXF
file us ...)
NOT-FOR-US: Open Design Alliance Drawings SDK
CVE-2021-43335
@@ -76842,25 +76842,26 @@ CVE-2021-27769
CVE-2021-27768
RESERVED
CVE-2021-27767 (The BigFix Console installer is created with InstallShield,
which was ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27766 (The BigFix Client installer is created with InstallShield,
which was a ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27765 (The BigFix Server API installer is created with InstallShield,
which w ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27764 (Cookie without HTTPONLY flag set. NUMBER cookie(s) was set
without Sec ...)
- TODO: check
+ NOT-FOR-US: HCL
+ NOTE: error in CVE URL -
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0097778
CVE-2021-27763
RESERVED
CVE-2021-27762 (Misconfigured security-related HTTP headers: Several
security-related ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27761 (Weak web transport security (Weak TLS): An attacker may be
able to dec ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27760 (An issue was discovered in the Sametime chat feature in the
Notes 11.0 ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27759 (This vulnerability arises because the application allows the
user to p ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27758 (There is a security vulnerability in login form related to
Cross-site ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27757 (" Insecure password storage issue.The application stores
sensitive inf ...)
NOT-FOR-US: HCL
CVE-2021-27756 ("TLS-RSA cipher suites are not disabled in BigFix Compliance
up to v2. ...)
@@ -76874,7 +76875,7 @@ CVE-2021-27753 ("Sametime Android PathTraversal
Vulnerability" ...)
CVE-2021-27752
RESERVED
CVE-2021-27751 (HCL Commerce is affected by an Insufficient Session Expiration
vulnera ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2021-27750
RESERVED
CVE-2021-27749
@@ -77584,7 +77585,7 @@ CVE-2021-27427 (RIOT OS version 2020.01.1 is vulnerable
to integer wrap-around i
CVE-2021-27426 (GE UR IED firmware versions prior to version 8.1x with
“Basic ...)
NOT-FOR-US: General Electric Universal Relays
CVE-2021-27425 (Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer
wrap-aro ...)
- TODO: check
+ NOT-FOR-US: Cesanta Mongoose
CVE-2021-27424 (GE UR firmware versions prior to version 8.1x shares MODBUS
memory map ...)
NOT-FOR-US: General Electric Universal Relays
CVE-2021-27423
@@ -77592,7 +77593,7 @@ CVE-2021-27423
CVE-2021-27422 (GE UR firmware versions prior to version 8.1x web server
interface is ...)
NOT-FOR-US: General Electric Universal Relays
CVE-2021-27421 (NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to
integer o ...)
- TODO: check
+ NOT-FOR-US: NXP MCUXpresso SDK
CVE-2021-27420 (GE UR firmware versions prior to version 8.1x web server task
does not ...)
NOT-FOR-US: General Electric Universal Relays
CVE-2021-27419 (uClibc-ng versions prior to 1.0.37 are vulnerable to integer
wrap-arou ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/873685abaff4a7c2f8b994019fdb32cb85597db4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/873685abaff4a7c2f8b994019fdb32cb85597db4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
