Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9fa4fa1d by Salvatore Bonaccorso at 2020-05-22T22:41:28+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,17 +27,17 @@ CVE-2020-13396 (An issue was discovered in FreeRDP before 
2.1.1. An out-of-bound
 CVE-2020-13395
        RESERVED
 CVE-2020-13394 (An issue was discovered on Tenda AC6 V1.0 
V15.03.05.19_multi_TD01, AC9 ...)
-       TODO: check
+       NOT-FOR-US: Tenda devices
 CVE-2020-13393 (An issue was discovered on Tenda AC6 V1.0 
V15.03.05.19_multi_TD01, AC9 ...)
-       TODO: check
+       NOT-FOR-US: Tenda devices
 CVE-2020-13392 (An issue was discovered on Tenda AC6 V1.0 
V15.03.05.19_multi_TD01, AC9 ...)
-       TODO: check
+       NOT-FOR-US: Tenda devices
 CVE-2020-13391 (An issue was discovered on Tenda AC6 V1.0 
V15.03.05.19_multi_TD01, AC9 ...)
-       TODO: check
+       NOT-FOR-US: Tenda devices
 CVE-2020-13390 (An issue was discovered on Tenda AC6 V1.0 
V15.03.05.19_multi_TD01, AC9 ...)
-       TODO: check
+       NOT-FOR-US: Tenda devices
 CVE-2020-13389 (An issue was discovered on Tenda AC6 V1.0 
V15.03.05.19_multi_TD01, AC9 ...)
-       TODO: check
+       NOT-FOR-US: Tenda devices
 CVE-2020-13388 (An exploitable vulnerability exists in the 
configuration-loading funct ...)
        TODO: check
 CVE-2020-13387
@@ -47,7 +47,7 @@ CVE-2020-13386
 CVE-2020-13385
        RESERVED
 CVE-2020-13384 (Monstra CMS 3.0.4 allows remote authenticated users to upload 
and exec ...)
-       TODO: check
+       NOT-FOR-US: Monstra CMS
 CVE-2020-13383
        RESERVED
 CVE-2020-13382
@@ -97,13 +97,13 @@ CVE-2020-13361
 CVE-2019-20805
        RESERVED
 CVE-2019-20804 (Gila CMS before 1.11.6 allows CSRF with resultant XSS via the 
admin/th ...)
-       TODO: check
+       NOT-FOR-US: Gila CMS
 CVE-2019-20803 (Gila CMS before 1.11.6 has reflected XSS via the 
admin/content/postcat ...)
-       TODO: check
+       NOT-FOR-US: Gila CMS
 CVE-2018-21234 (Jodd before 5.0.4 performs Deserialization of Untrusted JSON 
Data when ...)
        TODO: check
 CVE-2017-18868 (Digi XBee 2 devices do not have an effective protection 
mechanism agai ...)
-       TODO: check
+       NOT-FOR-US: Digi XBee 2 devices
 CVE-2020-13360
        RESERVED
 CVE-2020-13359
@@ -498,7 +498,7 @@ CVE-2020-13168
 CVE-2020-13167 (Netsweeper through 6.4.3 allows unauthenticated remote code 
execution  ...)
        TODO: check
 CVE-2020-13166 (The management tool in MyLittleAdmin 3.8 allows remote 
attackers to ex ...)
-       TODO: check
+       NOT-FOR-US: MyLittleAdmin
 CVE-2020-13165
        RESERVED
 CVE-2020-13164 (In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 
2.6.16, the ...)
@@ -1202,7 +1202,7 @@ CVE-2020-12837
 CVE-2020-12836
        RESERVED
 CVE-2020-12835 (An issue was discovered in SmartBear ReadyAPI SoapUI Pro 
3.2.5. Due to ...)
-       TODO: check
+       NOT-FOR-US: SmartBear ReadyAPI SoapUI Pro
 CVE-2020-12834 (eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and 
CCU3 thr ...)
        NOT-FOR-US: eQ-3 Homematic Central Control Unit
 CVE-2020-12833
@@ -1223,7 +1223,7 @@ CVE-2020-12829
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1808510
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1786026
 CVE-2020-12828 (An issue was discovered in AnchorFree VPN SDK before 
1.3.3.218. The VP ...)
-       TODO: check
+       NOT-FOR-US: AnchorFree VPN SDK
 CVE-2020-12827
        RESERVED
 CVE-2019-20796
@@ -2159,7 +2159,7 @@ CVE-2020-12433
 CVE-2020-12432
        RESERVED
 CVE-2020-12431 (A Windows privilege change issue was discovered in Splashtop 
Software  ...)
-       TODO: check
+       NOT-FOR-US: Splashtop Software Updater
 CVE-2020-12430 (An issue was discovered in qemuDomainGetStatsIOThread in 
qemu/qemu_dri ...)
        [experimental] - libvirt 6.2.0-1
        - libvirt <unfixed> (low; bug #959447)
@@ -3128,7 +3128,7 @@ CVE-2020-12040
 CVE-2020-12039
        RESERVED
 CVE-2020-12038 (Products that use EDS Subsystem: Version 28.0.1 and prior 
(FactoryTalk ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2020-12037
        RESERVED
 CVE-2020-12036
@@ -3136,7 +3136,7 @@ CVE-2020-12036
 CVE-2020-12035
        RESERVED
 CVE-2020-12034 (Products that use EDS Subsystem: Version 28.0.1 and prior 
(FactoryTalk ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2020-12033
        RESERVED
 CVE-2020-12032
@@ -4806,7 +4806,7 @@ CVE-2020-11718
 CVE-2020-11717
        RESERVED
 CVE-2020-11716 (Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro 
devices throu ...)
-       TODO: check
+       NOT-FOR-US: Panasonic
 CVE-2020-11715 (Panasonic P99 devices through 2020-04-10 have Incorrect Access 
Control ...)
        NOT-FOR-US: Panasonic
 CVE-2020-11714 (eten PSG-6528VM 1.1 devices allow XSS via System Contact or 
System Loc ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fa4fa1d94fef3905d46eeddc9eaad577c9d9598

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fa4fa1d94fef3905d46eeddc9eaad577c9d9598
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to