[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Wed, 01 Apr 2020 13:22:52 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0d0324e4 by Salvatore Bonaccorso at 2020-04-01T22:22:03+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2020-11459
 CVE-2020-11458
        RESERVED
 CVE-2020-11457 (pfSense before 2.4.5 has stored XSS in 
system_usermanager_addprivs.php ...)
-       TODO: check
+       NOT-FOR-US: pfSense
 CVE-2020-11456 (LimeSurvey before 4.1.12+200324 has stored XSS in 
application/views/ad ...)
        - limesurvey <itp> (bug #472802)
 CVE-2020-11455 (LimeSurvey before 4.1.12+200324 contains a path traversal 
vulnerabilit ...)
@@ -23,7 +23,7 @@ CVE-2020-11451
 CVE-2020-11450
        RESERVED
 CVE-2020-11449 (An issue was discovered on Technicolor TC7337 8.89.17 devices. 
An atta ...)
-       TODO: check
+       NOT-FOR-US: Technicolor devices
 CVE-2020-11448
        RESERVED
 CVE-2020-11447
@@ -1249,23 +1249,23 @@ CVE-2020-10870 (Zim through 0.72.1 creates temporary 
directories with predictabl
 CVE-2020-10869
        RESERVED
 CVE-2020-10868 (An issue was discovered in Avast Antivirus before 20. The 
aswTask RPC  ...)
-       TODO: check
+       NOT-FOR-US: Avast Antivirus
 CVE-2020-10867 (An issue was discovered in Avast Antivirus before 20. The 
aswTask RPC  ...)
-       TODO: check
+       NOT-FOR-US: Avast Antivirus
 CVE-2020-10866 (An issue was discovered in Avast Antivirus before 20. The 
aswTask RPC  ...)
-       TODO: check
+       NOT-FOR-US: Avast Antivirus
 CVE-2020-10865 (An issue was discovered in Avast Antivirus before 20. The 
aswTask RPC  ...)
-       TODO: check
+       NOT-FOR-US: Avast Antivirus
 CVE-2020-10864 (An issue was discovered in Avast Antivirus before 20. The 
aswTask RPC  ...)
-       TODO: check
+       NOT-FOR-US: Avast Antivirus
 CVE-2020-10863 (An issue was discovered in Avast Antivirus before 20. The 
aswTask RPC  ...)
-       TODO: check
+       NOT-FOR-US: Avast Antivirus
 CVE-2020-10862 (An issue was discovered in Avast Antivirus before 20. The 
aswTask RPC  ...)
-       TODO: check
+       NOT-FOR-US: Avast Antivirus
 CVE-2020-10861 (An issue was discovered in Avast Antivirus before 20. The 
aswTask RPC  ...)
-       TODO: check
+       NOT-FOR-US: Avast Antivirus
 CVE-2020-10860 (An issue was discovered in Avast Antivirus before 20. An 
Arbitrary Mem ...)
-       TODO: check
+       NOT-FOR-US: Avast Antivirus
 CVE-2020-10859
        RESERVED
 CVE-2020-10858
@@ -2882,7 +2882,7 @@ CVE-2020-10232 (In version 4.8.0 and earlier of The 
Sleuth Kit (TSK), there is a
        NOTE: https://github.com/sleuthkit/sleuthkit/issues/1836
        NOTE: 
https://github.com/sleuthkit/sleuthkit/commit/459ae818fc8dae717549810150de4d191ce158f1
 CVE-2020-10231 (TP-Link NC200 through 2.1.8_Build_171109, NC210 through 
1.0.9_Build_17 ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2020-10230 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel (for CentOS 6 
and 7) al ...)
        NOT-FOR-US: CentOS-WebPanel.com
 CVE-2020-10229
@@ -2940,9 +2940,9 @@ CVE-2020-10206
 CVE-2020-10205
        RESERVED
 CVE-2020-10204 (Sonatype Nexus Repository before 3.21.2 allows Remote Code 
Execution. ...)
-       TODO: check
+       NOT-FOR-US: Sonatype Nexus Repository
 CVE-2020-10203 (Sonatype Nexus Repository before 3.21.2 allows XSS. ...)
-       TODO: check
+       NOT-FOR-US: Sonatype Nexus Repository
 CVE-2020-10202
        RESERVED
 CVE-2020-10201
@@ -2950,7 +2950,7 @@ CVE-2020-10201
 CVE-2020-10200
        RESERVED
 CVE-2020-10199 (Sonatype Nexus Repository before 3.21.2 allows JavaEL 
Injection (issue ...)
-       TODO: check
+       NOT-FOR-US: Sonatype Nexus Repository
 CVE-2020-10198
        RESERVED
 CVE-2020-10197
@@ -13561,7 +13561,7 @@ CVE-2020-5550
 CVE-2020-5549
        RESERVED
 CVE-2020-5548 (Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and 
earlier), Yam ...)
-       TODO: check
+       NOT-FOR-US: Yamaha
 CVE-2020-5547 (Resource Management Errors vulnerability in TCP function 
included in t ...)
        NOT-FOR-US: Mitsubishi
 CVE-2020-5546 (Improper Neutralization of Argument Delimiters in a Command 
('Argument ...)
@@ -62694,7 +62694,7 @@ CVE-2019-7757
 CVE-2019-7756
        RESERVED
 CVE-2019-7755 (In webERP 4.15, the Import Bank Transactions function fails to 
sanitiz ...)
-       TODO: check
+       NOT-FOR-US: webERP
 CVE-2019-7754
        RESERVED
 CVE-2019-7753 (Verydows 2.0 has XSS via the 
index.php?m=api&amp;c=stats&amp;a=count r ...)
@@ -65732,7 +65732,7 @@ CVE-2019-6587
 CVE-2019-6586
        RESERVED
 CVE-2019-6585 (A vulnerability has been identified in SCALANCE S602 (All 
versions &gt ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2019-6584 (A vulnerability has been identified in SIEMENS LOGO!8 
(6ED1052-xyyxx-0 ...)
        NOT-FOR-US: Siemens
 CVE-2019-6583
@@ -68321,7 +68321,7 @@ CVE-2019-5650
 CVE-2019-5649
        RESERVED
 CVE-2019-5648 (Authenticated, administrative access to a Barracuda Load 
Balancer ADC  ...)
-       TODO: check
+       NOT-FOR-US: Barracuda
 CVE-2019-5647 (The Chrome Plugin for Rapid7 AppSpider can incorrectly keep 
browser se ...)
        NOT-FOR-US: Chrome Plugin for Rapid7 AppSpider
 CVE-2019-5646
@@ -71992,13 +71992,13 @@ CVE-2019-3947 (Fuji Electric V-Server before 6.0.33.0 
stores database credential
 CVE-2019-3946 (Fuji Electric V-Server before 6.0.33.0 is vulnerable to denial 
of serv ...)
        NOT-FOR-US: Fuji Electric V-Server
 CVE-2019-3945 (Web server running on Parrot ANAFI can be crashed due to the 
SDK comma ...)
-       TODO: check
+       NOT-FOR-US: Parrot ANAFI
 CVE-2019-3944 (Parrot ANAFI is vulnerable to Wi-Fi deauthentication attack, 
allowing  ...)
-       TODO: check
+       NOT-FOR-US: Parrot ANAFI
 CVE-2019-3943 (MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 
6.42.12 ...)
        NOT-FOR-US: MikroTik
 CVE-2019-3942 (Advantech WebAccess 8.3.4 does not properly restrict an RPC 
call that  ...)
-       TODO: check
+       NOT-FOR-US: Advantech WebAccess
 CVE-2019-3941 (Advantech WebAccess 8.3.4 allows unauthenticated, remote 
attackers to  ...)
        NOT-FOR-US: Advantech WebAccess
 CVE-2019-3940 (Advantech WebAccess 8.3.4 is vulnerable to file upload attacks 
via una ...)
@@ -106588,7 +106588,7 @@ CVE-2018-11108
 CVE-2018-11107
        RESERVED
 CVE-2018-11106 (NETGEAR has released fixes for a pre-authentication command 
injection  ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2018-11105 (There is stored cross site scripting in the 
wp-live-chat-support plugi ...)
        NOT-FOR-US: Wordpress plugin
 CVE-2018-11104



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d0324e422d74a04a058750b44541996fde36bc5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d0324e422d74a04a058750b44541996fde36bc5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to