Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b41af301 by Neil Williams at 2022-07-04T12:20:16+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -77544,7 +77544,7 @@ CVE-2021-32430
CVE-2021-32429
RESERVED
CVE-2021-32428 (SQL Injection vulnerability in viaviwebtech Android EBook App
(Books A ...)
- TODO: check
+ NOT-FOR-US: viaviwebtech Android eBook app
CVE-2021-32427
RESERVED
CVE-2021-32426 (In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject
arbitrary Ja ...)
@@ -88845,17 +88845,17 @@ CVE-2021-28153 (An issue was discovered in GNOME GLib
before 2.66.8. When g_file
[buster] - glib2.0 2.58.3-2+deb10u3
NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2325
CVE-2021-3435 (Information leakage in le_ecred_conn_req(). Zephyr versions
>= v2.4 ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3434 (Stack based buffer overflow in le_ecred_conn_req(). Zephyr
versions &g ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3433 (Invalid channel map in CONNECT_IND results to Deadlock. Zephyr
version ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3432 (Invalid interval in CONNECT_IND leads to Division by Zero.
Zephyr vers ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3431 (Assertion reachable with repeated LL_FEATURE_REQ. Zephyr
versions > ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3430 (Assertion reachable with repeated LL_CONNECTION_PARAM_REQ.
Zephyr vers ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3429
RESERVED
{DLA-2601-1}
@@ -92496,17 +92496,17 @@ CVE-2021-26640
CVE-2021-26639
RESERVED
CVE-2021-26638 (Improper Authentication vulnerability in S&D
smarthome(smartcare) ...)
- TODO: check
+ NOT-FOR-US: SmartHome Android app
CVE-2021-26637 (There is no account authentication and permission check logic
in the f ...)
- TODO: check
+ NOT-FOR-US: SiHAS devices
CVE-2021-26636 (Stored XSS and SQL injection vulnerability in MaxBoard could
lead to o ...)
- TODO: check
+ NOT-FOR-US: Maxboard
CVE-2021-26635 (In the code that verifies the file size in the ark library, it
is poss ...)
- TODO: check
+ NOT-FOR-US: bandisoft ark library
CVE-2021-26634 (SQL injection and file upload attacks are possible due to
insufficient ...)
- TODO: check
+ NOT-FOR-US: Maxboard
CVE-2021-26633 (SQL injection and Local File Inclusion (LFI) vulnerabilities
in MaxBoa ...)
- TODO: check
+ NOT-FOR-US: Maxboard
CVE-2021-26632
RESERVED
CVE-2021-26631 (Improper input validation vulnerability in Mangboard commerce
package ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b41af3010e1b54b6b59f65e6a210dfea3959446c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b41af3010e1b54b6b59f65e6a210dfea3959446c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
