[Git][security-tracker-team/security-tracker][master] Process NFU

Salvatore Bonaccorso Fri, 21 Feb 2020 01:03:14 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
acf5984e by Salvatore Bonaccorso at 2020-02-21T10:01:51+01:00
Process NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,11 +11,11 @@ CVE-2020-9322
 CVE-2020-9321
        RESERVED
 CVE-2020-9320 (Avira AV Engine before 8.3.54.138 allows virus-detection bypass 
via a  ...)
-       TODO: check
+       NOT-FOR-US: Avira
 CVE-2020-9319
        RESERVED
 CVE-2020-9318 (Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an 
administrative us ...)
-       TODO: check
+       NOT-FOR-US: Red Gate SQL Monitor
 CVE-2020-9317
        RESERVED
 CVE-2020-9316
@@ -650,7 +650,7 @@ CVE-2020-9017
 CVE-2020-9016 (Dolibarr 11.0 allows XSS via the joinfiles, topic, or code 
parameter,  ...)
        - dolibarr <removed>
 CVE-2020-9015 (Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, 
and DCS-7 ...)
-       TODO: check
+       NOT-FOR-US: Arista devices
 CVE-2020-9014
        RESERVED
 CVE-2020-9013 (Arvato Skillpipe 3.0 allows attackers to bypass intended print 
restric ...)
@@ -749,7 +749,7 @@ CVE-2020-8991 (vg_lookup in daemons/lvmetad/lvmetad-core.c 
in LVM2 2.02 mismanag
        NOTE: 
https://sourceware.org/git/?p=lvm2.git;a=commit;h=bcf9556b8fcd16ad8997f80cc92785f295c66701
        NOTE: 2.03.00 upstream removed lvmetad (and the still vulnerable code)
 CVE-2020-8990 (Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 
allow  ...)
-       TODO: check
+       NOT-FOR-US: Western Digital My Cloud Home
 CVE-2020-8989 (In the Voatz application 2020-01-01 for Android, the amount of 
data tr ...)
        NOT-FOR-US: Voatz application for Android
 CVE-2020-8988 (The Voatz application 2020-01-01 for Android allows only 100 
million d ...)
@@ -809,7 +809,7 @@ CVE-2020-8962 (A stack-based buffer overflow was found on 
the D-Link DIR-842 REV
 CVE-2020-8961
        RESERVED
 CVE-2020-8960 (Western Digital mycloud.com before Web Version 2.2.0-134 allows 
XSS. ...)
-       TODO: check
+       NOT-FOR-US: Western Digital mycloud.com
 CVE-2020-8959 (Western Digital WesternDigitalSSDDashboardSetup.exe before 
3.0.2.0 all ...)
        NOT-FOR-US: Western Digital
 CVE-2020-8958
@@ -5227,7 +5227,7 @@ CVE-2020-6979
 CVE-2020-6978
        RESERVED
 CVE-2020-6977 (A restricted desktop environment escape vulnerability exists in 
the Ki ...)
-       TODO: check
+       NOT-FOR-US: GE
 CVE-2020-6976
        RESERVED
 CVE-2020-6975 (Digi International ConnectPort LTS 32 MEI, Firmware Version 
1.4.3 (820 ...)
@@ -5245,7 +5245,7 @@ CVE-2020-6970 (A Heap-based Buffer Overflow was found in 
Emerson OpenEnterprise
 CVE-2020-6969 (It is possible to unmask credentials and other sensitive 
information o ...)
        NOT-FOR-US: AutomationDirect
 CVE-2020-6968 (Honeywell INNCOM INNControl 3 allows workstation users to 
escalate app ...)
-       TODO: check
+       NOT-FOR-US: Honeywell
 CVE-2020-6967
        RESERVED
 CVE-2020-6966 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE 
Telemetr ...)
@@ -13260,9 +13260,9 @@ CVE-2020-3767
 CVE-2020-3766
        RESERVED
 CVE-2020-3765 (Adobe After Effects versions 16.1.2 and earlier have an 
out-of-bounds  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2020-3764 (Adobe Media Encoder versions 14.0 and earlier have an 
out-of-bounds wr ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2020-3763 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 
2017.011 ...)
        NOT-FOR-US: Adobe
 CVE-2020-3762 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 
2017.011 ...)
@@ -14922,7 +14922,7 @@ CVE-2019-19743 (On D-Link DIR-615 devices, a normal 
user is able to create a roo
 CVE-2019-19742 (On D-Link DIR-615 devices, the User Account Configuration page 
is vuln ...)
        NOT-FOR-US: D-Link
 CVE-2019-19741 (Electronic Arts Origin 10.5.55.33574 is vulnerable to local 
privilege  ...)
-       TODO: check
+       NOT-FOR-US: Electronic Arts Origin
 CVE-2019-19740 (Octeth Oempro 4.7 and 4.8 allow SQL injection. The parameter 
CampaignI ...)
        NOT-FOR-US: Octeth Oempro
 CVE-2019-19739 (MFScripts YetiShare 3.5.2 through 4.5.3 does not set the 
Secure flag o ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/acf5984e2e29b8617b67bb7ab958adace4ec345c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/acf5984e2e29b8617b67bb7ab958adace4ec345c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFU

Reply via email to