[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
240d55e2 by Salvatore Bonaccorso at 2020-02-10T21:18:17+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2020-8832
 CVE-2020-8831
        RESERVED
 CVE-2019-20451 (The HTTP API in Prismview System 9 11.10.17.00 and Prismview 
Player 11 ...)
-       TODO: check
+       NOT-FOR-US: Prismview
 CVE-2017-18642
        RESERVED
 CVE-2020-8830
@@ -29,7 +29,7 @@ CVE-2020-8827
 CVE-2020-8826
        RESERVED
 CVE-2020-8825 (index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 
allows store ...)
-       TODO: check
+       NOT-FOR-US: Vanilla Forums
 CVE-2020-8824
        RESERVED
 CVE-2020-8823 (htmlfile in lib/transport/htmlfile.js in SockJS before 3.0 is 
vulnerab ...)
@@ -11189,13 +11189,13 @@ CVE-2019-20063 (hdf/dataobject.c in libmysofa before 
0.8 has an uninitialized us
        NOTE: https://github.com/hoene/libmysofa/issues/67
        NOTE: 
https://github.com/hoene/libmysofa/commit/ecb7b743b6f6d47b93a7bc680a60071a0f9524c6
 CVE-2019-20062 (MFScripts YetiShare v3.5.2 through v4.5.4 might allow an 
attacker to r ...)
-       TODO: check
+       NOT-FOR-US: MFScripts YetiShare
 CVE-2019-20061 (The user-introduction email in MFScripts YetiShare v3.5.2 
through v4.5 ...)
-       TODO: check
+       NOT-FOR-US: MFScripts YetiShare
 CVE-2019-20060 (MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive 
information ...)
-       TODO: check
+       NOT-FOR-US: MFScripts YetiShare
 CVE-2019-20059 (payment_manage.ajax.php and various *_manage.ajax.php in 
MFScripts Yet ...)
-       TODO: check
+       NOT-FOR-US: MFScripts YetiShare
 CVE-2019-20058 (** DISPUTED ** Bolt 3.7.0, if Symfony Web Profiler is used, 
allows XSS ...)
        NOT-FOR-US: Bolt CMS
 CVE-2019-20057 (com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in 
Proxyman  ...)
@@ -15243,29 +15243,29 @@ CVE-2019-19672
 CVE-2019-19671
        RESERVED
 CVE-2019-19670 (A HTTP Response Splitting vulnerability was identified in the 
Web Sett ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP Server
 CVE-2019-19669 (A CSRF vulnerability exists in the Upload Center Forms 
Component of We ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP
 CVE-2019-19668 (A CSRF vulnerability exists in the File Types component of Web 
File Ma ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP
 CVE-2019-19667 (A CSRF vulnerability exists in the Block Clients component of 
Web File ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP
 CVE-2019-19666 (A CSRF vulnerability exists in the Event Notices Settings of 
Web File  ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP
 CVE-2019-19665 (A CSRF vulnerability exists in the FTP Settings of Web File 
Manager in ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP
 CVE-2019-19664 (A CSRF vulnerability exists in the Web Settings of Web File 
Manager in ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP
 CVE-2019-19663 (A CSRF vulnerability exists in the Folder Sets Settings of Web 
File Ma ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP
 CVE-2019-19662 (A CSRF vulnerability exists in the Web File Manager's 
Create/Delete Ac ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP
 CVE-2019-19661 (A Cookie based reflected XSS exists in the Web File Manager of 
Rumpus  ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP
 CVE-2019-19660 (A CSRF vulnerability exists in the Web File Manager's Network 
Setting  ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP
 CVE-2019-19659 (A CSRF vulnerability exists in the Web File Manager's Edit 
Accounts fu ...)
-       TODO: check
+       NOT-FOR-US: Rumpus FTP
 CVE-2019-19658
        RESERVED
 CVE-2019-19657
@@ -282091,7 +282091,7 @@ CVE-2012-6451 (Lorex LNC116 and LNC104 IP Cameras 
have a Remote Authentication B
 CVE-2012-6450
        RESERVED
 CVE-2012-6449 (The clientconf.html and detailbw.html pages in x3 in cPanel 
& WHM  ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2012-6448 (Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 
11.34.0 all ...)
        NOT-FOR-US: cPanel
 CVE-2012-6447 (Cross-site scripting (XSS) vulnerability in Splunk Web in 
Splunk 5.0.0 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/240d55e2a204cd4d8aa88aa5299049cdaf88c92f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/240d55e2a204cd4d8aa88aa5299049cdaf88c92f
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits