summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMoritz Muehlenhoff <jmm@debian.org>2021-10-14 23:37:50 +0200
committerMoritz Muehlenhoff <jmm@debian.org>2021-10-14 23:37:50 +0200
commit023e9e542c4f54aca6e631966aae49e63a94356b (patch)
tree9a5cff9fb23efefd0876b2af8f1ed21ec76ddcd3
parentcd40ee32bc93e4478736e5d1f185173ef5754c4b (diff)
NFUs
-rw-r--r--data/CVE/2021.list42
1 files changed, 21 insertions, 21 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index c9ded7d6e4..f46982caa3 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -45,7 +45,7 @@ CVE-2021-42371
CVE-2021-42370
RESERVED
CVE-2021-42369 (Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows ...)
- TODO: check
+ NOT-FOR-US: Imagicle Application Suite
CVE-2021-42368
RESERVED
CVE-2021-42367
@@ -357,9 +357,9 @@ CVE-2021-42230
CVE-2021-42229
RESERVED
CVE-2021-42228 (Cross Site Request Forgery (CSRF) vulnerability exists in KindEdirot 4 ...)
- TODO: check
+ NOT-FOR-US: KindEditor
CVE-2021-42227 (Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x vi ...)
- TODO: check
+ NOT-FOR-US: KindEditor
CVE-2021-42226
RESERVED
CVE-2021-42225
@@ -2794,7 +2794,7 @@ CVE-2021-41144
CVE-2021-41143
RESERVED
CVE-2021-41142 (Tuleap Open ALM is a libre and open source tool for end to end traceab ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2021-41141
RESERVED
CVE-2021-41140
@@ -2802,7 +2802,7 @@ CVE-2021-41140
CVE-2021-41139 (Anuko Time Tracker is an open source, web-based time tracking applicat ...)
NOT-FOR-US: Anuko Time Tracker
CVE-2021-41138 (Frontier is Substrate's Ethereum compatibility layer. In the newly int ...)
- TODO: check
+ NOT-FOR-US: Frontier
CVE-2021-41137 (Minio is a Kubernetes native application for cloud storage. All users ...)
TODO: check
CVE-2021-41136 (Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to version ...)
@@ -2814,7 +2814,7 @@ CVE-2021-41135
CVE-2021-41134
RESERVED
CVE-2021-41132 (OMERO.web provides a web based client and plugin infrastructure. In ve ...)
- TODO: check
+ NOT-FOR-US: OMERO.web
CVE-2021-41131
RESERVED
CVE-2021-41130 (Extensible Service Proxy, a.k.a. ESP is a proxy which enables API mana ...)
@@ -6969,7 +6969,7 @@ CVE-2021-39332
CVE-2021-39331
RESERVED
CVE-2021-39330 (The Formidable Form Builder WordPress plugin is vulnerable to Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39329
RESERVED
CVE-2021-39328
@@ -9394,11 +9394,11 @@ CVE-2021-38348 (The Advance Search WordPress plugin is vulnerable to Reflected C
CVE-2021-38347 (The Custom Website Data WordPress plugin is vulnerable to Reflected Cr ...)
NOT-FOR-US: WordPress plugin
CVE-2021-38346 (The Brizy Page Builder plugin &lt;= 2.3.11 for WordPress allowed authe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38345 (The Brizy Page Builder plugin &lt;= 2.3.11 for WordPress used an incor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38344 (The Brizy Page Builder plugin &lt;= 2.3.11 for WordPress was vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38343 (The Nested Pages WordPress plugin &lt;= 3.1.15 was vulnerable to an Op ...)
NOT-FOR-US: WordPress plugin
CVE-2021-38342 (The Nested Pages WordPress plugin &lt;= 3.1.15 was vulnerable to Cross ...)
@@ -10393,7 +10393,7 @@ CVE-2021-37935
CVE-2021-37934
RESERVED
CVE-2021-37933 (An LDAP injection vulnerability in /account/login in Huntflow Enterpri ...)
- TODO: check
+ NOT-FOR-US: Huntflow Enterprise
CVE-2021-37932
RESERVED
CVE-2021-3681
@@ -13842,11 +13842,11 @@ CVE-2021-36391
CVE-2021-36390
RESERVED
CVE-2021-36389 (In Yellowfin before 9.6.1 it is possible to enumerate and download upl ...)
- TODO: check
+ NOT-FOR-US: Yellowfin
CVE-2021-36388 (In Yellowfin before 9.6.1 it is possible to enumerate and download use ...)
- TODO: check
+ NOT-FOR-US: Yellowfin
CVE-2021-36387 (In Yellowfin before 9.6.1 there is a Stored Cross-Site Scripting vulne ...)
- TODO: check
+ NOT-FOR-US: Yellowfin
CVE-2021-36386 (report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits i ...)
- fetchmail 6.4.16-4 (unimportant)
NOTE: https://www.fetchmail.info/fetchmail-SA-2021-01.txt
@@ -15907,7 +15907,7 @@ CVE-2021-35500
CVE-2021-35499
RESERVED
CVE-2021-35498 (The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX, ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2021-35497 (The FTL Server (tibftlserver) and Docker images containing tibftlserve ...)
NOT-FOR-US: TIBCO
CVE-2021-35496 (The XMLA Connections component of TIBCO Software Inc.'s TIBCO JasperRe ...)
@@ -21290,11 +21290,11 @@ CVE-2021-33181 (Server-Side Request Forgery (SSRF) vulnerability in webapi compo
CVE-2021-33180 (Improper neutralization of special elements used in an SQL command ('S ...)
NOT-FOR-US: Synology
CVE-2021-33179 (The general user interface in Nagios XI versions prior to 5.8.4 is vul ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2021-33178 (The Manage Backgrounds functionality within Nagvis versions prior to 2 ...)
TODO: check
CVE-2021-33177 (The Bulk Modifications functionality in Nagios XI versions prior to 5. ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2021-33176 (VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to a denia ...)
NOT-FOR-US: VerneMQ MQTT Broker
CVE-2021-33175 (EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of ser ...)
@@ -22818,11 +22818,11 @@ CVE-2021-32573 (** DISPUTED ** The express-cart package through 1.1.10 for Node.
CVE-2021-32572 (Speco Web Viewer through 2021-05-12 allows Directory Traversal via GET ...)
NOT-FOR-US: Speco Web Viewer
CVE-2021-32571 (** UNSUPPORTED WHEN ASSIGNED ** In OSS-RC systems of the release 18B a ...)
- TODO: check
+ NOT-FOR-US: OSS-RC
CVE-2021-32570
RESERVED
CVE-2021-32569 (** UNSUPPORTED WHEN ASSIGNED ** In OSS-RC systems of the release 18B a ...)
- TODO: check
+ NOT-FOR-US: OSS-RC
CVE-2021-32568 (mrdoc is vulnerable to Deserialization of Untrusted Data ...)
NOT-FOR-US: mrdoc
CVE-2021-32567 (Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Se ...)
@@ -32598,7 +32598,7 @@ CVE-2021-28662 (An issue was discovered in Squid 4.x before 4.15 and 5.x before
NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-jjq6-mh2h-g39h
NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-b1c37c9e7b30d0efb5e5ccf8200f2a646b9c36f8.patch
CVE-2021-28661 (Default SilverStripe GraphQL Server (aka silverstripe/graphql) 3.x thr ...)
- TODO: check
+ NOT-FOR-US: ilverStripe GraphQL Server
CVE-2021-3449 (An OpenSSL TLS server may crash if sent a maliciously crafted renegoti ...)
{DSA-4875-1}
- openssl 1.1.1k-1
@@ -34958,7 +34958,7 @@ CVE-2021-27666
RESERVED
NOT-FOR-US: Android
CVE-2021-27665 (An unauthenticated remote user could exploit a potential integer overf ...)
- TODO: check
+ NOT-FOR-US: Johnson Controls
CVE-2021-27664 (Under certain configurations an unauthenticated remote user could be g ...)
NOT-FOR-US: exacqVision
CVE-2021-27663 (A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy