diff options
author | Moritz Mühlenhoff <jmm@debian.org> | 2021-05-23 20:24:05 +0200 |
---|---|---|
committer | Moritz Mühlenhoff <jmm@debian.org> | 2021-05-23 20:24:05 +0200 |
commit | 37eabfc0568bce651532cc3a345837c361a844e6 (patch) | |
tree | 9c264d0b1fbfc5156ab867084688a467eca87460 /data/CVE | |
parent | 5d0b05e3a4726962981ed8c4844ef08d42963ec1 (diff) |
NFUs
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/list.2008 | 2 | ||||
-rw-r--r-- | data/CVE/list.2020 | 12 | ||||
-rw-r--r-- | data/CVE/list.2021 | 16 |
3 files changed, 15 insertions, 15 deletions
diff --git a/data/CVE/list.2008 b/data/CVE/list.2008 index a5bc41ea0d..3dad705c6b 100644 --- a/data/CVE/list.2008 +++ b/data/CVE/list.2008 @@ -9469,7 +9469,7 @@ CVE-2008-3281 (libxml2 2.6.32 and earlier does not properly detect recursion dur - libxml2 2.6.32.dfsg-3 (medium) - chromium-browser 5.0.375.29~r46008-1 CVE-2008-3280 (It was found that various OpenID Providers (OPs) had TLS Server Certif ...) - TODO: check + NOT-FOR-US: Historic OpenID issues CVE-2008-3279 (Untrusted search path vulnerability in libbrlttybba.so in brltty 3.7.2 ...) - brltty <not-affected> (RedHat-specific) CVE-2008-3278 (frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Lin ...) diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index e3b7896d99..2511bc46d6 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -9002,7 +9002,7 @@ CVE-2020-27211 (Nordic Semiconductor nRF52840 devices through 2020-10-19 have im CVE-2020-27210 RESERVED CVE-2020-27209 (The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simp ...) - TODO: check + NOT-FOR-US: micro-ecc CVE-2020-27208 (The flash read-out protection (RDP) level is not enforced during the d ...) NOT-FOR-US: SoloKeys Solo CVE-2020-27207 (Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sq ...) @@ -15616,9 +15616,9 @@ CVE-2020-24398 CVE-2020-24397 (An issue was discovered in the client side of Zoho ManageEngine Deskto ...) NOT-FOR-US: Zoho ManageEngine Desktop Central CVE-2020-24396 (homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH key ...) - TODO: check + NOT-FOR-US: homee Brain Cube CVE-2020-24395 (The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28 ...) - TODO: check + NOT-FOR-US: homee Brain Cube CVE-2020-24394 (In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) ca ...) - linux 5.7.6-1 (bug #962254) [buster] - linux 4.19.131-1 @@ -16980,9 +16980,9 @@ CVE-2020-23768 (An information disclosure vulnerability was discovered in alipay CVE-2020-23767 RESERVED CVE-2020-23766 (An arbitrary file deletion vulnerability was discovered on htmly v2.7. ...) - TODO: check + NOT-FOR-US: htmly CVE-2020-23765 (A file upload vulnerability was discovered in the file path /bl-plugin ...) - TODO: check + NOT-FOR-US: Bludit CVE-2020-23764 RESERVED CVE-2020-23763 (SQL injection in admin.php in Online Book Store 1.0 allows remote atta ...) @@ -43083,7 +43083,7 @@ CVE-2020-12062 (** DISPUTED ** The scp client in OpenSSH 8.2 incorrectly sends d NOTE: Negligible security impact, a malicious peer can achieve no more than already NOTE: able o achieve within the scp protocol. CVE-2020-12061 (An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Com ...) - TODO: check + NOT-FOR-US: Nitrokey firmware CVE-2020-12060 RESERVED CVE-2020-12059 (An issue was discovered in Ceph through 13.2.9. A POST request with an ...) diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index e8330a67c4..56d5db4baa 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1869,7 +1869,7 @@ CVE-2021-32634 (Emissary is a distributed, peer-to-peer, data-driven workflow fr CVE-2021-32633 (Zope is an open-source web application server. In Zope versions prior ...) TODO: check CVE-2021-32632 (Pajbot is a Twitch chat bot. Pajbot versions prior to 1.52 are vulnera ...) - TODO: check + NOT-FOR-US: Pajbot CVE-2021-32631 RESERVED CVE-2021-32630 (Admidio is a free, open source user management system for websites of ...) @@ -1897,7 +1897,7 @@ CVE-2021-32620 CVE-2021-32619 RESERVED CVE-2021-32618 (The Python "Flask-Security-Too" package is used for adding security fe ...) - TODO: check + NOT-FOR-US: Flask-Security-Too CVE-2021-32617 (Exiv2 is a command-line utility and C++ library for reading, writing, ...) - exiv2 <unfixed> (bug #988731) [bullseye] - exiv2 <no-dsa> (Minor issue) @@ -8702,7 +8702,7 @@ CVE-2021-29625 (Adminer is open-source database management software. A cross-sit NOTE: https://github.com/vrana/adminer/security/advisories/GHSA-2v82-5746-vwqc NOTE: https://github.com/vrana/adminer/commit/4043092ec2c0de2258d60a99d0c5958637d051a7 CVE-2021-29624 (fastify-csrf is an open-source plugin helps developers protect their F ...) - TODO: check + NOT-FOR-US: fastify-csrf CVE-2021-29623 (Exiv2 is a C++ library and a command-line utility to read, write, dele ...) - exiv2 <unfixed> (bug #988481) [bullseye] - exiv2 <no-dsa> (Minor issue) @@ -13790,11 +13790,11 @@ CVE-2021-27436 (WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-si CVE-2021-27435 RESERVED CVE-2021-27434 (Products with Unified Automation .NET based OPC UA Client/Server SDK B ...) - TODO: check + NOT-FOR-US: Unified Automation .NET CVE-2021-27433 RESERVED CVE-2021-27432 (OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC U ...) - TODO: check + NOT-FOR-US: OPC Foundation UA .NET CVE-2021-27431 RESERVED CVE-2021-27430 @@ -23130,7 +23130,7 @@ CVE-2021-23388 CVE-2021-23387 RESERVED CVE-2021-23386 (This affects the package dns-packet before 5.2.2. It creates buffers w ...) - TODO: check + NOT-FOR-US: Node dns-packet CVE-2021-23385 RESERVED CVE-2021-23384 (The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to ...) @@ -29336,7 +29336,7 @@ CVE-2021-20591 CVE-2021-20590 (Improper authentication vulnerability in GOT2000 series GT27 model all ...) NOT-FOR-US: Mitsubishi CVE-2021-20589 (Buffer access with incorrect length value vulnerability in GOT2000 ser ...) - TODO: check + NOT-FOR-US: Mitsubishi CVE-2021-20588 (Improper handling of length parameter inconsistency vulnerability in M ...) NOT-FOR-US: Mitsubishi CVE-2021-20587 (Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Eng ...) @@ -29852,7 +29852,7 @@ CVE-2021-20333 CVE-2021-20332 RESERVED CVE-2021-20331 (Specific versions of the MongoDB C# Driver may erroneously publish eve ...) - TODO: check + NOT-FOR-US: MongoDB C# Driver CVE-2021-20330 RESERVED CVE-2021-20329 |