Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ac07f474 by Salvatore Bonaccorso at 2020-08-07T14:22:51+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8377,7 +8377,7 @@ CVE-2020-13795 (An issue was discovered in Navigate CMS
through 2.8.7. It allows
CVE-2020-13794
RESERVED
CVE-2020-13793 (Unsafe storage of AD credentials in Ivanti DSM netinst 5.1 due
to a st ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2020-13792 (PlayTube 1.8 allows disclosure of user details via
ajax.php?type=../ad ...)
NOT-FOR-US: PlayTube
CVE-2019-20837 (An issue was discovered in Foxit Reader and PhantomPDF before
9.5. It ...)
@@ -25757,7 +25757,7 @@ CVE-2020-7363
CVE-2020-7362
RESERVED
CVE-2020-7361 (The EasyCorp ZenTao Pro application suffers from an OS command
injecti ...)
- TODO: check
+ NOT-FOR-US: EasyCorp ZenTao Pro application
CVE-2020-7360
RESERVED
CVE-2020-7359
@@ -25765,9 +25765,9 @@ CVE-2020-7359
CVE-2020-7358
RESERVED
CVE-2020-7357 (Cayin CMS suffers from an authenticated OS semi-blind command
injectio ...)
- TODO: check
+ NOT-FOR-US: Cayin CMS
CVE-2020-7356 (CAYIN xPost suffers from an unauthenticated SQL Injection
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: CAYIN xPost
CVE-2020-7355 (Cross-site Scripting (XSS) vulnerability in the 'notes' field
of a dis ...)
NOT-FOR-US: Metasploit Pro
CVE-2020-7354 (Cross-site Scripting (XSS) vulnerability in the 'host' field of
a disc ...)
@@ -45672,7 +45672,7 @@ CVE-2019-18620
CVE-2019-18619 (Incorrect parameter validation in the synaTee component of
Synaptics W ...)
TODO: check
CVE-2019-18618 (Incorrect access control in the firmware of Synaptics VFS75xx
family f ...)
- TODO: check
+ NOT-FOR-US: firmware of Synaptics VFS75xx family fingerprint sensors
CVE-2019-18617
RESERVED
CVE-2019-18616
@@ -137017,7 +137017,7 @@ CVE-2017-18114
CVE-2017-18113
RESERVED
CVE-2017-18112 (Affected versions of Atlassian Fisheye allow remote attackers
to view ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2017-18111 (The OAuthHelper in Atlassian Application Links before version
5.0.10, ...)
NOT-FOR-US: Atlassian Application Links
CVE-2017-18110 (The administration backup restore resource in Atlassian Crowd
before v ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac07f474d7757d6100fb67ffaab7d9ecc4e2c093
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac07f474d7757d6100fb67ffaab7d9ecc4e2c093
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
