[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Fri, 09 Oct 2020 01:18:24 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d064ca66 by Salvatore Bonaccorso at 2020-10-09T10:17:38+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -772,7 +772,7 @@ CVE-2020-26569
 CVE-2020-26568
        RESERVED
 CVE-2020-26567 (An issue was discovered on D-Link DSR-250N before 3.17B 
devices. The C ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2020-26566
        RESERVED
 CVE-2020-26565
@@ -866,7 +866,7 @@ CVE-2020-26524 (CodeLathe FileCloud before 20.2.0.11915 
allows username enumerat
 CVE-2020-26523 (Froala Editor before 3.2.2 allows XSS via pasted content. ...)
        NOT-FOR-US: Froala Editor
 CVE-2020-26522 (A cross-site request forgery (CSRF) vulnerability in 
mod/user/act_user ...)
-       TODO: check
+       NOT-FOR-US: Garfield Petshop
 CVE-2020-26521
        RESERVED
 CVE-2020-26520
@@ -1599,7 +1599,7 @@ CVE-2020-26164 (In kdeconnect-kde (aka KDE Connect) 
before 20.08.2, an attacker
 CVE-2020-26163 (BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host 
and Ori ...)
        NOT-FOR-US: BigBlueButton Greenlight
 CVE-2020-26162 (Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 
before 073 ...)
-       TODO: check
+       NOT-FOR-US: Xerox
 CVE-2020-26161
        RESERVED
 CVE-2020-26160 (jwt-go before 4.0.0-preview1 allows attackers to bypass 
intended acces ...)
@@ -3591,13 +3591,13 @@ CVE-2013-7490 (An issue was discovered in the DBI 
module before 1.632 for Perl.
        NOTE: 
https://github.com/perl5-dbi/dbi/commit/a8b98e988d6ea2946f5f56691d6d5ead53f65766
        NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=86744
 CVE-2020-25273 (In SourceCodester Online Bus Booking System 1.0, there is 
Authenticati ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Online Bus Booking System
 CVE-2020-25272 (In SourceCodester Online Bus Booking System 1.0, there is XSS 
through  ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Online Bus Booking System
 CVE-2020-25271 (PHPGurukul hospital-management-system-in-php 4.0 allows XSS 
via admin/ ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul hospital-management-system-in-php
 CVE-2020-25270 (PHPGurukul hostel-management-system 2.1 allows XSS via 
Guardian Name,  ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul hostel-management-system
 CVE-2020-25269 (An issue was discovered in InspIRCd 2 before 2.0.29 and 3 
before 3.6.0 ...)
        {DSA-4764-1 DLA-2375-1}
        - inspircd <unfixed> (bug #960650)
@@ -3619,9 +3619,9 @@ CVE-2020-25265
 CVE-2020-25264
        RESERVED
 CVE-2020-25263 (PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) 
via the ...)
-       TODO: check
+       NOT-FOR-US: PyroCMS
 CVE-2020-25262 (PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) 
via the ...)
-       TODO: check
+       NOT-FOR-US: PyroCMS
 CVE-2020-25261
        RESERVED
 CVE-2020-25260 (An issue was discovered in Hyland OnBase through 18.0.0.32 and 
19.x th ...)
@@ -5757,7 +5757,7 @@ CVE-2020-24303
 CVE-2020-24302
        RESERVED
 CVE-2020-24301 (Users of the HAPI FHIR Testpage Overlay 5.0.0 and below can 
use a spec ...)
-       TODO: check
+       NOT-FOR-US: HAPI FHIR Testpage Overlay
 CVE-2020-24300
        RESERVED
 CVE-2020-24299
@@ -23007,7 +23007,7 @@ CVE-2020-15840 (In Liferay Portal before 7.3.1, Liferay 
Portal 6.2 EE, and Lifer
 CVE-2020-15839 (Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix 
pack 18 an ...)
        NOT-FOR-US: Liferay
 CVE-2020-15838 (The Agent Update System in ConnectWise Automate before 2020.8 
allows P ...)
-       TODO: check
+       NOT-FOR-US: ConnectWise Automate
 CVE-2020-15837
        RESERVED
 CVE-2020-15836
@@ -24578,11 +24578,11 @@ CVE-2020-15245
 CVE-2020-15244
        RESERVED
 CVE-2020-15243 (Affected versions of Smartstore have a missing WebApi 
Authentication a ...)
-       TODO: check
+       NOT-FOR-US: Smartstore
 CVE-2020-15242 (Next.js versions &gt;=9.5.0 and &lt;9.5.4 are vulnerable to an 
Open Re ...)
        TODO: check
 CVE-2020-15241 (TYPO3 Fluid Engine (package `typo3fluid/fluid`) before 
versions 2.0.5, ...)
-       TODO: check
+       NOT-FOR-US: TYPO3 Fluid Engine
 CVE-2020-15240
        RESERVED
 CVE-2020-15239 (In xmpp-http-upload before version 0.4.0, when the GET method 
is attac ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d064ca66c2beb7daa2aaad7e3cadb50b30669ca2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d064ca66c2beb7daa2aaad7e3cadb50b30669ca2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to