[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Mon, 11 May 2020 02:00:17 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cb6aa8a5 by Moritz Muehlenhoff at 2020-05-11T10:58:37+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,11 +27,11 @@ CVE-2020-12768 (An issue was discovered in the Linux kernel 
before 5.6. svm_cpu_
        - linux 5.6.7-1
        NOTE: 
https://git.kernel.org/linus/d80b64ff297e40c2b6f7d7abc1b3eba70d22a068 (5.6-rc4)
 CVE-2020-12766 (Gnuteca 3.8 allows action=main:search:simpleSearch SQL 
Injection via t ...)
-       TODO: check
+       NOT-FOR-US: Gnuteca
 CVE-2020-12765 (Solis Miolo 2.0 allows 
index.php?module=install&amp;action=view&amp;it ...)
-       TODO: check
+       NOT-FOR-US: Solis Miolo
 CVE-2020-12764 (Gnuteca 3.8 allows file.php?folder=/&amp;file= Directory 
Traversal. ...)
-       TODO: check
+       NOT-FOR-US: Gnuteca
 CVE-2020-12763
        RESERVED
 CVE-2020-12762 (json-c through 0.14 has an integer overflow and out-of-bounds 
write vi ...)
@@ -5145,19 +5145,19 @@ CVE-2020-11058
 CVE-2020-11057
        RESERVED
 CVE-2020-11056 (In Sprout Forms before 3.9.0, there is a potential Server-Side 
Templat ...)
-       TODO: check
+       NOT-FOR-US: Sprout Forms
 CVE-2020-11055 (In BookStack greater than or equal to 0.18.0 and less than 
0.29.2, the ...)
-       TODO: check
+       NOT-FOR-US: BookStack
 CVE-2020-11054 (In qutebrowser versions less than 1.11.1, reloading a page 
with certif ...)
        TODO: check
 CVE-2020-11053 (In OAuth2 Proxy before 5.1.1, there is an open redirect 
vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: OAuth2 Proxy
 CVE-2020-11052 (In Sorcery before 0.15.0, there is a brute force vulnerability 
when us ...)
-       TODO: check
+       NOT-FOR-US: Sorcery
 CVE-2020-11051 (In Wiki.js before 2.3.81, there is a stored XSS in the 
Markdown editor ...)
        NOT-FOR-US: Wiki.js
 CVE-2020-11050 (In Java-WebSocket less than or equal to 1.4.1, there is an 
Improper Va ...)
-       TODO: check
+       NOT-FOR-US: Java-WebSocket, different from src:websocket-api
 CVE-2020-11049 (In FreeRDP after 1.1 and before 2.0.0, there is an 
out-of-bound read o ...)
        - freerdp2 <unfixed>
        - freerdp <removed>
@@ -5337,7 +5337,7 @@ CVE-2020-11008 (Affected versions of Git have a 
vulnerability whereby Git can be
 CVE-2020-11007 (In Shopizer before version 2.11.0, using API or Controller 
based versi ...)
        NOT-FOR-US: Shopizer
 CVE-2020-11006 (In Shopizer before version 2.11.0, a script can be injected in 
various ...)
-       TODO: check
+       NOT-FOR-US: Shopizer
 CVE-2020-11005 (The WindowsHello open source library (NuGet 
HaemmerElectronics.SeppPen ...)
        NOT-FOR-US: WindowsHello
 CVE-2020-11004 (SQL Injection was discovered in Admidio before version 3.3.13. 
The mai ...)
@@ -9566,9 +9566,9 @@ CVE-2020-9317
 CVE-2020-9316
        RESERVED
 CVE-2020-9315 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web 
Server 7. ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2020-9314 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web 
Server 7. ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2020-9313
        RESERVED
 CVE-2020-9312
@@ -13144,7 +13144,7 @@ CVE-2020-7805 (An issue was discovered on KT Slim egg 
IML500 (R7283, R8112, R842
 CVE-2020-7804 (ActiveX Control(HShell.dll) in Handy Groupware 1.7.3.1 for 
Windows 7,  ...)
        NOT-FOR-US: Handy Groupware
 CVE-2020-7803 (IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer 2.0.1.3, 
versio ...)
-       TODO: check
+       NOT-FOR-US: Zoneplayer
 CVE-2020-7802 (The Synergy Systems &amp; Solutions (SSS) HUSKY RTU 6049-E70, 
with fir ...)
        NOT-FOR-US: Synergy Systems & Solutions (SSS)
 CVE-2020-7801 (The Synergy Systems &amp; Solutions (SSS) HUSKY RTU 6049-E70, 
with fir ...)
@@ -15844,9 +15844,9 @@ CVE-2020-6654
 CVE-2020-6653
        RESERVED
 CVE-2020-6652 (Incorrect Privilege Assignment vulnerability in Eaton's 
Intelligent Po ...)
-       TODO: check
+       NOT-FOR-US: Eaton
 CVE-2020-6651 (Improper Input Validation in Eaton's Intelligent Power Manager 
(IPM) v ...)
-       TODO: check
+       NOT-FOR-US: Eaton
 CVE-2020-6650 (UPS companion software v1.05 &amp; Prior is affected by 
&#8216;Eval In ...)
        NOT-FOR-US: UPS companion software
 CVE-2020-6649



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb6aa8a503f50e0286b19c68e8f0f2a2f55a2c83

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb6aa8a503f50e0286b19c68e8f0f2a2f55a2c83
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to