[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Tue, 19 May 2020 13:38:33 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1dddb4b8 by Salvatore Bonaccorso at 2020-05-19T22:37:28+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3736,7 +3736,7 @@ CVE-2020-11809
 CVE-2020-11808
        RESERVED
 CVE-2020-11807 (Because of Unrestricted Upload of a File with a Dangerous 
Type, Source ...)
-       TODO: check
+       NOT-FOR-US: Sourcefabric Newscoop
 CVE-2020-11806 (In MailStore Outlook Add-in (and Email Archive Outlook Add-in) 
through ...)
        NOT-FOR-US: MailStore Outlook Add-in
 CVE-2020-11805
@@ -4265,7 +4265,7 @@ CVE-2020-11717
 CVE-2020-11716
        RESERVED
 CVE-2020-11715 (Panasonic P99 devices through 2020-04-10 have Incorrect Access 
Control ...)
-       TODO: check
+       NOT-FOR-US: Panasonic
 CVE-2020-11714 (eten PSG-6528VM 1.1 devices allow XSS via System Contact or 
System Loc ...)
        NOT-FOR-US: eten PSG-6528VM 1.1 devices
 CVE-2020-11713 (wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c 
that does n ...)
@@ -12579,7 +12579,7 @@ CVE-2020-8436 (XSS was discovered in the 
RegistrationMagic plugin 4.6.0.0 for Wo
 CVE-2020-8435 (An issue was discovered in the RegistrationMagic plugin 4.6.0.0 
for Wo ...)
        NOT-FOR-US: RegistrationMagic plugin for WordPress
 CVE-2020-8434 (Jenzabar JICS (aka Internet Campus Solution) before 9.0.1 Patch 
3, 9.1 ...)
-       TODO: check
+       NOT-FOR-US: Jenzabar JICS (aka Internet Campus Solution)
 CVE-2020-8433
        RESERVED
 CVE-2019-20445 (HttpObjectDecoder.java in Netty before 4.1.44 allows a 
Content-Length  ...)
@@ -14079,7 +14079,7 @@ CVE-2020-7811
 CVE-2020-7810
        RESERVED
 CVE-2020-7809 (ALSong 3.46 and earlier version contain a Document Object Model 
(DOM)  ...)
-       TODO: check
+       NOT-FOR-US: ALSong
 CVE-2020-7808
        RESERVED
 CVE-2020-7807
@@ -14774,7 +14774,7 @@ CVE-2020-7473 (In certain situations, all versions of 
Citrix ShareFile StorageZo
 CVE-2020-7472
        RESERVED
 CVE-2019-20390 (A Cross-Site Request Forgery (CSRF) vulnerability was 
discovered in Su ...)
-       TODO: check
+       NOT-FOR-US: Subrion CMS
 CVE-2019-20389 (An XSS issue was identified on the Subrion CMS 4.2.1 
/panel/configurat ...)
        NOT-FOR-US: Subrion CMS
 CVE-2019-20388 (xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an 
xmlSchemaV ...)
@@ -16006,7 +16006,7 @@ CVE-2020-6958 (An XXE vulnerability in JnlpSupport in 
Yet Another Java Service W
 CVE-2020-6957
        RESERVED
 CVE-2020-6956 (PCS DEXICON 3.4.1 allows XSS via the loginName parameter in 
login_acti ...)
-       TODO: check
+       NOT-FOR-US: PCS DEXICON
 CVE-2020-6955 (An issue was discovered on Cayin SMP-PRO4 devices. They allow 
image_pr ...)
        NOT-FOR-US: Cayin SMP-PRO4 devices
 CVE-2020-6954 (An issue was discovered on Cayin SMP-PRO4 devices. A user can 
discover ...)
@@ -18130,9 +18130,9 @@ CVE-2020-6095 (An exploitable denial of service 
vulnerability exists in the GstR
 CVE-2020-6094 (An exploitable code execution vulnerability exists in the TIFF 
fillinr ...)
        NOT-FOR-US: Accusoft ImageGear
 CVE-2020-6093 (An exploitable information disclosure vulnerability exists in 
the way  ...)
-       TODO: check
+       NOT-FOR-US: Nitro Pro
 CVE-2020-6092 (An exploitable code execution vulnerability exists in the way 
Nitro Pr ...)
-       TODO: check
+       NOT-FOR-US: Nitro Pro
 CVE-2020-6091
        RESERVED
 CVE-2020-6090
@@ -18192,7 +18192,7 @@ CVE-2020-6076 (An exploitable out-of-bounds write 
vulnerability exists in the ig
 CVE-2020-6075 (An exploitable out-of-bounds write vulnerability exists in the 
store_d ...)
        NOT-FOR-US: Accusoft
 CVE-2020-6074 (An exploitable code execution vulnerability exists in the PDF 
parser o ...)
-       TODO: check
+       NOT-FOR-US: Nitro Pro
 CVE-2020-6073 (An exploitable denial-of-service vulnerability exists in the 
TXT recor ...)
        {DSA-4671-1}
        - libmicrodns <removed>
@@ -29804,7 +29804,7 @@ CVE-2019-19456 (A Reflected XSS was found in the server 
selection box inside the
 CVE-2019-19455
        RESERVED
 CVE-2019-19454 (An arbitrary file download was found in the "Download Log" 
functionali ...)
-       TODO: check
+       NOT-FOR-US: Wowza Streaming Engine
 CVE-2019-19453
        RESERVED
 CVE-2019-19452 (A buffer overflow was found in Patriot Viper RGB through 1.1 
when proc ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dddb4b848f3ec7198ac1707de6a18317599e35f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dddb4b848f3ec7198ac1707de6a18317599e35f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to