[Git][security-tracker-team/security-tracker][master] NFUs

Wed, 22 Apr 2020 11:42:27 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
652e6666 by Moritz Muehlenhoff at 2020-04-22T20:41:05+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -235,7 +235,7 @@ CVE-2020-11946 (Zoho ManageEngine OpManager before 125120 
allows an unauthentica
 CVE-2020-11945
        RESERVED
 CVE-2020-11944 (Abe (aka bitcoin-abe) through 0.7.2, and 0.8pre, allows XSS in 
__call_ ...)
-       TODO: check
+       NOT-FOR-US: bitcoin-abe
 CVE-2020-11943
        RESERVED
 CVE-2020-11942
@@ -3458,7 +3458,7 @@ CVE-2020-11012
 CVE-2020-11011
        RESERVED
 CVE-2020-11010 (In Tortoise ORM before versions 0.15.23 and 0.16.6, various 
forms of S ...)
-       TODO: check
+       NOT-FOR-US: Tortoise ORM
 CVE-2020-11009
        RESERVED
 CVE-2020-11008 (Affected versions of Git have a vulnerability whereby Git can 
be trick ...)
@@ -4813,7 +4813,7 @@ CVE-2020-10571 (An issue was discovered in psd-tools 
before 1.9.4. The Cython im
 CVE-2020-10570 (The Telegram application through 5.12 for Android, when Show 
Popup is  ...)
        NOT-FOR-US: Telegram for Android
 CVE-2020-10569 (SysAid On-Premise 20.1.11, by default, allows the AJP protocol 
port, w ...)
-       TODO: check
+       NOT-FOR-US: SysAid On-Premise
 CVE-2020-10568 (The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 
for Word ...)
        NOT-FOR-US: sitepress-multilingual-cms (WPML) plugin for WordPress
 CVE-2020-10567 (An issue was discovered in Responsive Filemanager through 
9.14.0. In t ...)
@@ -16996,7 +16996,7 @@ CVE-2020-5270 (In PrestaShop between versions 1.7.6.0 
and 1.7.6.5, there is an o
 CVE-2020-5269 (In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a 
reflect ...)
        NOT-FOR-US: PrestaShop
 CVE-2020-5268 (In Saml2 Authentication Services for ASP.NET before versions 
2.7.0 and ...)
-       TODO: check
+       NOT-FOR-US: Saml2 Authentication Services for ASP.NET
 CVE-2020-5267 (In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a 
possible ...)
        {DLA-2149-1}
        - rails 2:5.2.4.1+dfsg-2 (bug #954304)
@@ -20186,7 +20186,7 @@ CVE-2020-3948 (Linux Guest VMs running on VMware 
Workstation (15.x before 15.5.2
 CVE-2020-3947 (VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 
11.5.2 ...)
        NOT-FOR-US: VMware
 CVE-2020-3946 (InstallBuilder AutoUpdate tool and regular installers enabling 
<che ...)
-       TODO: check
+       NOT-FOR-US: InstallBuilder
 CVE-2020-3945 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 
and 6.6. ...)
        NOT-FOR-US: VMware
 CVE-2020-3944 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 
and 6.6. ...)
@@ -20315,7 +20315,7 @@ CVE-2019-20104 (The OpenID client application in 
Atlassian Crowd before version
 CVE-2019-20103
        RESERVED
 CVE-2019-20102 (The attachment-uploading feature in Atlassian Confluence 
Server from v ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2019-20101
        RESERVED
 CVE-2019-20100 (The Atlassian Application Links plugin is vulnerable to 
cross-site req ...)
@@ -28005,7 +28005,7 @@ CVE-2019-19110
 CVE-2019-19109
        RESERVED
 CVE-2019-19108 (An authentication weakness in the SNMP service in B&R 
Automation R ...)
-       TODO: check
+       NOT-FOR-US: B&R Automation Runtime
 CVE-2019-19107
        RESERVED
 CVE-2019-19106
@@ -35421,7 +35421,7 @@ CVE-2019-17527 (dataForDepandantField in 
models/custormfields.php in the JS JOBS
 CVE-2019-17526 (** DISPUTED ** An issue was discovered in SageMath Sage Cell 
Server th ...)
        NOT-FOR-US: Sage Cell Server (not part of SafeMath as packaged in 
Debian)
 CVE-2019-17525 (The login page on D-Link DIR-615 T1 20.10 devices allows 
remote attack ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2019-17524 (An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices 
allows r ...)
        NOT-FOR-US: Technicolor TC7300 STFA.51.20 devices
 CVE-2019-17523 (An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices 
allows r ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/652e6666b5c2fa43ee9b5950656613fad3703580

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/652e6666b5c2fa43ee9b5950656613fad3703580
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to