Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
84280c81 by Salvatore Bonaccorso at 2020-03-11T21:19:11+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,7 +17,7 @@ CVE-2020-10378
CVE-2020-10377
RESERVED
CVE-2020-10376 (Technicolor TC7337NET 08.89.17.23.03 devices allow remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Technicolor
CVE-2020-10375
RESERVED
CVE-2020-10374
@@ -450,7 +450,7 @@ CVE-2020-10183
CVE-2020-10182
RESERVED
CVE-2020-10181 (goform/formEMR30 in Sumavision Enhanced Multimedia Router
(EMR) 3.0.4. ...)
- TODO: check
+ NOT-FOR-US: Sumavision Enhanced Multimedia Router
CVE-2019-20502 (An issue was discovered in EFS Easy Chat Server 3.1. There is
a buffer ...)
NOT-FOR-US: EFS Easy Chat Server
CVE-2020-10180 (The ESET AV parsing engine allows virus-detection bypass via a
crafted ...)
@@ -4110,7 +4110,7 @@ CVE-2020-8542
CVE-2020-8541
RESERVED
CVE-2020-8540 (An XML external entity (XXE) vulnerability iin Zoho
ManageEngine Deskt ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine Desktop Central
CVE-2020-8539
RESERVED
CVE-2020-8538
@@ -11688,7 +11688,7 @@ CVE-2020-5205 (In Pow (Hex package) before 1.0.16, the
use of Plug.Session in Po
CVE-2020-5204 (In uftpd before 2.11, there is a buffer overflow vulnerability
in hand ...)
NOT-FOR-US: uftpd
CVE-2020-5203 (In Fat-Free Framework 3.7.1, attackers can achieve arbitrary
code exec ...)
- TODO: check
+ NOT-FOR-US: Fat-Free Framework
CVE-2020-5202 (apt-cacher-ng through 3.3 allows local users to obtain
sensitive infor ...)
- apt-cacher-ng 3.3.1-1
[buster] - apt-cacher-ng <no-dsa> (Minor issue)
@@ -20232,11 +20232,11 @@ CVE-2020-1983
CVE-2020-1982
RESERVED
CVE-2020-1981 (A predictable temporary filename vulnerability in PAN-OS allows
local ...)
- TODO: check
+ NOT-FOR-US: PAN-OS
CVE-2020-1980 (A shell command injection vulnerability in the PAN-OS CLI
allows a loc ...)
- TODO: check
+ NOT-FOR-US: PAN-OS
CVE-2020-1979 (A format string vulnerability in the PAN-OS log daemon (logd)
on Panor ...)
- TODO: check
+ NOT-FOR-US: PAN-OS
CVE-2020-1978
RESERVED
CVE-2020-1977 (Insufficient Cross-Site Request Forgery (XSRF) protection on
Expeditio ...)
@@ -21291,7 +21291,7 @@ CVE-2019-19383 (freeFTPd 1.0.8 has a
Post-Authentication Buffer Overflow via a c
CVE-2019-19382 (Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions
on the ...)
NOT-FOR-US: Max Secure Anti Virus Plus
CVE-2019-19381 (oauth/oauth2/v1/saml/ in Abacus OAuth Login
2019_01_r4_20191021_0000 b ...)
- TODO: check
+ NOT-FOR-US: Abacus OAuth Login
CVE-2019-19380
RESERVED
CVE-2019-19379 (In app/Controller/TagsController.php in MISP 2.4.118, users
can bypass ...)
@@ -33595,7 +33595,7 @@ CVE-2019-16109 (An issue was discovered in
Plataformatec Devise before 4.7.1. It
CVE-2019-16108
RESERVED
CVE-2019-16107 (Missing form token validation in phpBB 3.2.7 allows CSRF in
deleting p ...)
- TODO: check
+ NOT-FOR-US: phpBB
CVE-2018-21014 (The buddyboss-media plugin through 3.2.3 for WordPress has
stored XSS. ...)
NOT-FOR-US: Wordpress plugin
CVE-2018-21013 (The Swape theme before 1.2.1 for WordPress has incorrect
access contro ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84280c812c73c666f01135183f024338b36bd452
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84280c812c73c666f01135183f024338b36bd452
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
