[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Tue, 04 Aug 2020 13:17:48 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
347a3225 by Salvatore Bonaccorso at 2020-08-04T22:16:36+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1268,15 +1268,15 @@ CVE-2020-16205
 CVE-2020-16204
        RESERVED
 CVE-2020-16203 (Delta Industrial Automation CNCSoft ScreenEditor, Versions 
1.01.23 and ...)
-       TODO: check
+       NOT-FOR-US: Delta Industrial Automation
 CVE-2020-16202
        RESERVED
 CVE-2020-16201 (Delta Industrial Automation CNCSoft ScreenEditor, Versions 
1.01.23 and ...)
-       TODO: check
+       NOT-FOR-US: Delta Industrial Automation
 CVE-2020-16200
        RESERVED
 CVE-2020-16199 (Delta Industrial Automation CNCSoft ScreenEditor, Versions 
1.01.23 and ...)
-       TODO: check
+       NOT-FOR-US: Delta Industrial Automation
 CVE-2020-16198
        RESERVED
 CVE-2020-16197
@@ -1411,7 +1411,7 @@ CVE-2020-16135 (libssh 0.9.4 has a NULL pointer 
dereference in tftpserver.c if s
        NOTE: 
https://bugs.libssh.org/rLIBSSHe631ebb3e2247dd25e9678e6827c20dc73b73238
        NOTE: https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120
 CVE-2020-16134 (An issue was discovered on Swisscom Internet Box 2, Internet 
Box Stand ...)
-       TODO: check
+       NOT-FOR-US: Swisscom
 CVE-2020-16133
        RESERVED
 CVE-2020-16132
@@ -1786,7 +1786,7 @@ CVE-2020-15958
 CVE-2020-15957 (An issue was discovered in DP3T-Backend-SDK before 1.1.1 for 
Decentral ...)
        NOT-FOR-US: DP3T-Backend-SDK for Decentralised Privacy-Preserving 
Proximity Tracing (DP3T)
 CVE-2020-15956 (ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 
allows re ...)
-       TODO: check
+       NOT-FOR-US: ACTi NVR3 Standard Server
 CVE-2020-15955
        RESERVED
 CVE-2020-15954 (KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 
communicati ...)
@@ -3046,7 +3046,7 @@ CVE-2020-15469 (In QEMU 4.2.0, a MemoryRegionOps object 
may lack read/write call
 CVE-2020-15468 (Persian VIP Download Script 1.0 allows SQL Injection via the 
cart_edit ...)
        NOT-FOR-US: Persian VIP Download Script
 CVE-2020-15467 (The administrative interface of Cohesive Networks vns3:vpn 
appliances  ...)
-       TODO: check
+       NOT-FOR-US: Cohesive Networks vns3:vpn appliances
 CVE-2020-15466 (In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into 
an infin ...)
        - wireshark 3.2.5-1 (low)
        [buster] - wireshark <postponed> (Can be fixed along in next 3.0.x DSA)
@@ -8022,9 +8022,9 @@ CVE-2020-13525
 CVE-2020-13524
        RESERVED
 CVE-2020-13523 (An exploitable information disclosure vulnerability exists in 
SoftPerf ...)
-       TODO: check
+       NOT-FOR-US: SoftPerfect
 CVE-2020-13522 (An exploitable arbitrary file delete vulnerability exists in 
SoftPerfe ...)
-       TODO: check
+       NOT-FOR-US: SoftPerfect
 CVE-2020-13521
        RESERVED
 CVE-2020-13520
@@ -28155,7 +28155,7 @@ CVE-2020-6014
 CVE-2020-6013 (ZoneAlarm Firewall and Antivirus products before version 
15.8.109.1843 ...)
        NOT-FOR-US: ZoneAlarm
 CVE-2020-6012 (ZoneAlarm Anti-Ransomware before version 1.0.713 copies files 
for the  ...)
-       TODO: check
+       NOT-FOR-US: ZoneAlarm
 CVE-2020-6011
        RESERVED
 CVE-2020-6010 (LearnPress Wordpress plugin version prior and including 3.2.6.7 
is vul ...)
@@ -31637,7 +31637,7 @@ CVE-2020-4633
 CVE-2020-4632
        RESERVED
 CVE-2020-4631 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in 
non-de ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4630
        RESERVED
 CVE-2020-4629
@@ -31815,7 +31815,7 @@ CVE-2020-4544
 CVE-2020-4543
        RESERVED
 CVE-2020-4542 (IBM Jazz Foundation and IBM Engineering products are vulnerable 
to cro ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4541
        RESERVED
 CVE-2020-4540
@@ -31849,7 +31849,7 @@ CVE-2020-4527 (IBM Planning Analytics 2.0 could allow a 
remote attacker to obtai
 CVE-2020-4526
        RESERVED
 CVE-2020-4525 (IBM Jazz Foundation and IBM Engineering products are vulnerable 
to cro ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4524
        RESERVED
 CVE-2020-4523
@@ -31981,7 +31981,7 @@ CVE-2020-4461 (IBM Security Access Manager Appliance 
9.0.7.1 could allow an auth
 CVE-2020-4460
        RESERVED
 CVE-2020-4459 (IBM Security Verify Access 10.7 contains hard-coded 
credentials, such  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4458
        RESERVED
 CVE-2020-4457
@@ -32079,7 +32079,7 @@ CVE-2020-4412 (The Spectrum Scale 4.2.0.0 through 
4.2.3.21 and 5.0.0.0 through 5
 CVE-2020-4411 (The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 
5.0.4. ...)
        NOT-FOR-US: IBM
 CVE-2020-4410 (IBM Jazz Foundation and IBM Engineering products could allow an 
authen ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4409
        RESERVED
 CVE-2020-4408 (The IBM QRadar Advisor 1.1 through 2.5.2 with Watson App for 
IBM QRada ...)
@@ -32107,7 +32107,7 @@ CVE-2020-4398
 CVE-2020-4397 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 transmits sensitive 
informati ...)
        NOT-FOR-US: IBM
 CVE-2020-4396 (IBM Jazz Foundation and IBM Engineering products are vulnerable 
to cro ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4395
        RESERVED
 CVE-2020-4394
@@ -33442,7 +33442,7 @@ CVE-2019-20003 (Feldtech easescreen Crystal 9.0 
Web-Services 9.0.1.16265 allows
 CVE-2019-20002 (Formula Injection exists in the export feature in SolarWinds 
WebHelpDe ...)
        NOT-FOR-US: SolarWinds WebHelpDesk
 CVE-2019-20001 (An issue was discovered in RICOH Streamline NX Client Tool and 
RICOH S ...)
-       TODO: check
+       NOT-FOR-US: RICOH
 CVE-2019-20000 (The malware scan function in BullGuard Premium Protection 
20.0.371.8 h ...)
        NOT-FOR-US: BullGuard Premium Protection
 CVE-2019-19999 (Halo before 1.2.0-beta.1 allows Server Side Template Injection 
(SSTI)  ...)
@@ -39700,11 +39700,11 @@ CVE-2019-19457 (SALTO ProAccess SPACE 5.4.3.0 allows 
XSS. ...)
 CVE-2019-19456 (A Reflected XSS was found in the server selection box inside 
the login ...)
        NOT-FOR-US: Wowza Streaming Engine
 CVE-2019-19455 (Wowza Streaming Engine through 2019-11-28 has Insecure 
Permissions. ...)
-       TODO: check
+       NOT-FOR-US: Wowza Streaming Engine
 CVE-2019-19454 (An arbitrary file download was found in the "Download Log" 
functionali ...)
        NOT-FOR-US: Wowza Streaming Engine
 CVE-2019-19453 (Wowza Streaming Engine through 2019-11-28 allows XSS (issue 1 
of 2). ...)
-       TODO: check
+       NOT-FOR-US: Wowza Streaming Engine
 CVE-2019-19452 (A buffer overflow was found in Patriot Viper RGB through 1.1 
when proc ...)
        NOT-FOR-US: Patriot Viper RGB
 CVE-2019-19451 (When GNOME Dia before 2019-11-27 is launched with a filename 
argument  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/347a32250c052ecc63fc876bce4f0336e53b7c9a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/347a32250c052ecc63fc876bce4f0336e53b7c9a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to