[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Fri, 03 Apr 2020 23:42:30 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a2655c8b by Salvatore Bonaccorso at 2020-04-04T08:40:24+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2020-11503
 CVE-2020-11502
        RESERVED
 CVE-2020-11500 (Zoom Client for Meetings through 4.6.9 uses the ECB mode of 
AES for vi ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2020-11499 (Firmware Analysis and Comparison Tool (FACT) 3 has Stored XSS 
when upd ...)
        NOT-FOR-US: Firmware Analysis and Comparison Tool
 CVE-2020-11498 (Slack Nebula through 1.1.0 contains a relative path 
vulnerability that ...)
@@ -2218,11 +2218,11 @@ CVE-2020-10603
 CVE-2020-10602
        RESERVED
 CVE-2020-10601 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote 
Module allow  ...)
-       TODO: check
+       NOT-FOR-US: VISAM VBASE Editor
 CVE-2020-10600
        RESERVED
 CVE-2020-10599 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote 
Module may al ...)
-       TODO: check
+       NOT-FOR-US: VISAM VBASE Editor
 CVE-2020-10598 (In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia 
(PAS) ES  ...)
        NOT-FOR-US: Pyxis
 CVE-2020-10597 (The affected insulin pump is designed to communicate using a 
wireless  ...)
@@ -6657,11 +6657,11 @@ CVE-2020-8647 (There is a use-after-free vulnerability 
in the Linux kernel throu
 CVE-2020-8640
        RESERVED
 CVE-2020-8639 (An unrestricted file upload vulnerability in keywordsImport.php 
in Tes ...)
-       TODO: check
+       NOT-FOR-US: TestLink
 CVE-2020-8638 (A SQL injection vulnerability in TestLink 1.9.20 allows 
attackers to e ...)
-       TODO: check
+       NOT-FOR-US: TestLink
 CVE-2020-8637 (A SQL injection vulnerability in TestLink 1.9.20 allows 
attackers to e ...)
-       TODO: check
+       NOT-FOR-US: TestLink
 CVE-2020-8636 (An issue was discovered in OpServices OpMon 9.3.2 that allows 
Remote C ...)
        NOT-FOR-US: OpServices OpMon
 CVE-2020-8635 (Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets 
insecure per ...)
@@ -10438,7 +10438,7 @@ CVE-2020-7010
 CVE-2020-7009 (Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 
7.6.2  ...)
        - elasticsearch <removed>
 CVE-2020-7008 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module 
may al ...)
-       TODO: check
+       NOT-FOR-US: VISAM VBASE Editor
 CVE-2020-7007 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the 
attacker  ...)
        NOT-FOR-US: Moxa
 CVE-2020-7006 (Systech Corporation NDS-5000 Terminal Server, NDS/5008 (8 Port, 
RJ45), ...)
@@ -10446,7 +10446,7 @@ CVE-2020-7006 (Systech Corporation NDS-5000 Terminal 
Server, NDS/5008 (8 Port, R
 CVE-2020-7005 (In Honeywell WIN-PAK 4.7.2, Web and prior versions, the 
affected produ ...)
        NOT-FOR-US: Honeywell
 CVE-2020-7004 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module 
may al ...)
-       TODO: check
+       NOT-FOR-US: VISAM VBASE Editor
 CVE-2020-7003 (In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and 
IOxpre ...)
        NOT-FOR-US: Moxa
 CVE-2020-7002 (Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and 
prior.  ...)
@@ -10454,7 +10454,7 @@ CVE-2020-7002 (Delta Industrial Automation CNCSoft 
ScreenEditor, v1.00.96 and pr
 CVE-2020-7001 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the 
affected  ...)
        NOT-FOR-US: Moxa
 CVE-2020-7000 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module 
may al ...)
-       TODO: check
+       NOT-FOR-US: VISAM VBASE Editor
 CVE-2020-6999 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some 
of the p ...)
        NOT-FOR-US: Moxa
 CVE-2020-6998
@@ -10466,7 +10466,7 @@ CVE-2020-6996
 CVE-2020-6995 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and 
PT-7828 ser ...)
        NOT-FOR-US: Moxa
 CVE-2020-6994 (A buffer overflow vulnerability was found in some devices of 
Hirschman ...)
-       TODO: check
+       NOT-FOR-US: Hirschmann Automation and Control HiOS and HiSecOS
 CVE-2020-6993 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and 
PT-7828 ser ...)
        NOT-FOR-US: Moxa
 CVE-2020-6992



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2655c8bdf4a5a8282efd924327c9f4509c71aa6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2655c8bdf4a5a8282efd924327c9f4509c71aa6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to