[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Fri, 24 Jan 2020 12:47:14 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4fd74ece by Salvatore Bonaccorso at 2020-01-24T21:46:38+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1527,7 +1527,7 @@ CVE-2020-7247
 CVE-2020-7246 (A remote code execution (RCE) vulnerability exists in qdPM 9.1 
and ear ...)
        NOT-FOR-US: qdPM
 CVE-2020-7245 (Incorrect username validation in the registration processes of 
CTFd th ...)
-       TODO: check
+       NOT-FOR-US: CTFd
 CVE-2020-7244 (Comtech Stampede FX-1010 7.4.3 devices allow remote 
authenticated admi ...)
        NOT-FOR-US: Comtech Stampede FX-1010 devices
 CVE-2020-7243 (Comtech Stampede FX-1010 7.4.3 devices allow remote 
authenticated admi ...)
@@ -1582,7 +1582,7 @@ CVE-2020-7228 (The Calculated Fields Form plugin through 
1.0.353 for WordPress s
 CVE-2020-7227 (Westermo MRD-315 1.7.3 and 1.7.4 devices have an information 
disclosur ...)
        NOT-FOR-US: Westermo MRD-315 devices
 CVE-2020-7226 (CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo 
CAS and  ...)
-       TODO: check
+       NOT-FOR-US: cryptacular
 CVE-2020-7225
        RESERVED
 CVE-2020-7224
@@ -2146,17 +2146,17 @@ CVE-2020-6968
 CVE-2020-6967
        RESERVED
 CVE-2020-6966 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE 
Telemetr ...)
-       TODO: check
+       NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6965 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE 
Telemetr ...)
-       TODO: check
+       NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6964 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE 
Telemetr ...)
-       TODO: check
+       NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6963 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE 
Telemetr ...)
-       TODO: check
+       NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6962 (In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE 
Telemet ...)
-       TODO: check
+       NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6961 (In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE 
Telemet ...)
-       TODO: check
+       NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6960 (The following versions of MAXPRO VMS and NVR, MAXPRO 
VMS:HNMSWVMS prio ...)
        NOT-FOR-US: Honeywell
 CVE-2020-6959 (The following versions of MAXPRO VMS and NVR, MAXPRO 
VMS:HNMSWVMS prio ...)
@@ -13199,9 +13199,9 @@ CVE-2019-19634 (class.upload.php in verot.net 
class.upload through 1.0.3 and 2.x
 CVE-2019-19633
        RESERVED
 CVE-2019-19632 (An issue was discovered in Big Switch Big Monitoring Fabric 
6.2 throug ...)
-       TODO: check
+       NOT-FOR-US: Big Switch Networks
 CVE-2019-19631 (An issue was discovered in Big Switch Big Monitoring Fabric 
6.2 throug ...)
-       TODO: check
+       NOT-FOR-US: Big Switch Networks
 CVE-2019-19630 (HTMLDOC 1.9.7 allows a stack-based buffer overflow in the 
hd_strlcpy() ...)
        {DLA-2026-1}
        - htmldoc 1.9.7-1 (low)
@@ -15513,7 +15513,7 @@ CVE-2020-1690
 CVE-2019-19364 (A weak malicious user can escalate its privilege whenever 
CatalystProd ...)
        NOT-FOR-US: Sony Catalyst Production Suite
 CVE-2019-19363 (An issue was discovered in Ricoh (including Savin and Lanier) 
Windows  ...)
-       TODO: check
+       NOT-FOR-US: Ricoh
 CVE-2019-19362 (An issue was discovered in the Chat functionality of the 
TeamViewer de ...)
        NOT-FOR-US: TeamViewer
 CVE-2019-19361
@@ -270474,7 +270474,7 @@ CVE-2013-3962 (Cross-site scripting (XSS) 
vulnerability in Grandstream GXV3501,
 CVE-2013-3961 (SQL injection vulnerability in edit_event.php in Simple PHP 
Agenda bef ...)
        NOT-FOR-US: Simple PHP Agenda
 CVE-2013-3960 (Easytime Studio Easy File Manager 1.1 has a HTTP request 
security bypa ...)
-       TODO: check
+       NOT-FOR-US: Easytime Studio Easy File Manager
 CVE-2013-3959 (The Web Navigator in Siemens WinCC before 7.2 Update 1, as used 
in SIM ...)
        NOT-FOR-US: Siemens WinCC
 CVE-2013-3958 (The login implementation in the Web Navigator in Siemens WinCC 
before  ...)
@@ -277054,15 +277054,15 @@ CVE-2013-1600
 CVE-2013-1599
        RESERVED
 CVE-2013-1598 (A Command Injection vulnerability exists in Vivotek PT7135 IP 
Cameras  ...)
-       TODO: check
+       NOT-FOR-US: Vivotek PT7135 IP Cameras
 CVE-2013-1597 (A Directory Traversal vulnerability exists in Vivotek PT7135 IP 
Camera ...)
-       TODO: check
+       NOT-FOR-US: Vivotek PT7135 IP Cameras
 CVE-2013-1596 (An Authentication Bypass Vulnerability exists in Vivotek PT7135 
IP Cam ...)
-       TODO: check
+       NOT-FOR-US: Vivotek PT7135 IP Cameras
 CVE-2013-1595 (A Buffer Overflow vulnerability exists in Vivotek PT7135 IP 
Camera 030 ...)
-       TODO: check
+       NOT-FOR-US: Vivotek PT7135 IP Cameras
 CVE-2013-1594 (An Information Disclosure vulnerability exists via a GET 
request in Vi ...)
-       TODO: check
+       NOT-FOR-US: Vivotek PT7135 IP Cameras
 CVE-2013-1593 (A Denial of Service vulnerability exists in the WRITE_C 
function in th ...)
        NOT-FOR-US: SAP
 CVE-2013-1592 (A Buffer Overflow vulnerability exists in the Message Server 
service _ ...)
@@ -279718,7 +279718,7 @@ CVE-2012-6454
 CVE-2012-6452 (Axway Secure Messenger before 6.5 Updated Release 7, as used in 
Axway  ...)
        NOT-FOR-US: Axway Secure Messenger
 CVE-2012-6451 (Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication 
Bypass ...)
-       TODO: check
+       NOT-FOR-US: Lorex LNC116 and LNC104 IP Cameras
 CVE-2012-6450
        RESERVED
 CVE-2012-6449
@@ -284184,7 +284184,7 @@ CVE-2012-5390 (The standard universe shadow 
(condor_shadow.std) component in Con
        - condor <not-affected> (standard universe is disabled in the Debian 
package, see bug #697936)
        NOTE: 
http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
 CVE-2012-5389 (NULL Pointer Dereference in PowerTCP WebServer for ActiveX 
1.9.2 and e ...)
-       TODO: check
+       NOT-FOR-US: PowerTCP WebServer for ActiveX
 CVE-2012-5388 (Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in 
the Wh ...)
        NOT-FOR-US: White Label CMS
 CVE-2012-5387 (Cross-site request forgery (CSRF) vulnerability in 
wlcms-plugin.php in ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4fd74ece8c72e2dd979aab9253ccde7df4c8aa5a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4fd74ece8c72e2dd979aab9253ccde7df4c8aa5a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to