[Git][security-tracker-team/security-tracker][master] Process more NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d95d0c8f by Salvatore Bonaccorso at 2020-10-29T21:33:42+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,17 +3,17 @@ CVE-2020-28000
 CVE-2020-27999
        RESERVED
 CVE-2020-27998 (An issue was discovered in FastReport before 2020.4.0. It 
lacks a Scri ...)
-       TODO: check
+       NOT-FOR-US: FastReport
 CVE-2020-27997
        RESERVED
 CVE-2020-27996 (An issue was discovered in SmartStoreNET before 4.0.1. It does 
not pro ...)
-       TODO: check
+       NOT-FOR-US: SmartStoreNET
 CVE-2020-27995 (SQL Injection in Zoho ManageEngine Applications Manager 14 
before 1456 ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2020-27994
        RESERVED
 CVE-2020-27993 (Hrsale 2.0.0 allows download?type=files&filename=../ 
directory tra ...)
-       TODO: check
+       NOT-FOR-US: Hrsale
 CVE-2020-27992
        RESERVED
 CVE-2020-27991
@@ -425,9 +425,9 @@ CVE-2021-0202
 CVE-2021-0201
        RESERVED
 CVE-2020-27887 (An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An 
authent ...)
-       TODO: check
+       NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2020-27886 (An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 
5.3-8. T ...)
-       TODO: check
+       NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2020-27885
        RESERVED
 CVE-2020-27884
@@ -705,13 +705,13 @@ CVE-2020-27749
 CVE-2020-27748
        RESERVED
 CVE-2020-27747 (An issue was discovered in Click Studios Passwordstate 8.9 
(Build 8973 ...)
-       TODO: check
+       NOT-FOR-US: Click Studios Passwordstate
 CVE-2020-27746
        RESERVED
 CVE-2020-27745
        RESERVED
 CVE-2020-27744 (An issue was discovered on Western Digital My Cloud NAS 
devices before ...)
-       TODO: check
+       NOT-FOR-US: Western Digital My Cloud NAS devices
 CVE-2020-27743 (libtac in pam_tacplus through 1.5.1 lacks a check for a 
failure of RAN ...)
        - libpam-tacplus <unfixed> (bug #973250)
        NOTE: https://github.com/kravietz/pam_tacplus/pull/163
@@ -1284,27 +1284,27 @@ CVE-2020-27660
 CVE-2020-27659
        RESERVED
 CVE-2020-27658 (Synology Router Manager (SRM) before 1.2.4-8081 does not 
include the H ...)
-       TODO: check
+       NOT-FOR-US: Synology Router Manager (SRM)
 CVE-2020-27657 (Cleartext transmission of sensitive information vulnerability 
in DDNS  ...)
-       TODO: check
+       NOT-FOR-US: Synology Router Manager (SRM)
 CVE-2020-27656 (Cleartext transmission of sensitive information vulnerability 
in DDNS  ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2020-27655 (Improper access control vulnerability in Synology Router 
Manager (SRM) ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2020-27654 (Improper access control vulnerability in lbd in Synology 
Router Manage ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2020-27653 (Algorithm downgrade vulnerability in QuickConnect in Synology 
Router M ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2020-27652 (Algorithm downgrade vulnerability in QuickConnect in Synology 
DiskStat ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2020-27651 (Synology Router Manager (SRM) before 1.2.4-8081 does not set 
the Secur ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2020-27650 (Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does 
not set t ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2020-27649 (Improper certificate validation vulnerability in OpenVPN 
client in Syn ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2020-27648 (Improper certificate validation vulnerability in OpenVPN 
client in Syn ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2020-27647
        RESERVED
 CVE-2020-27646 (Biscom Secure File Transfer (SFT) before 5.1.1082 and 6.x 
before 6.0.1 ...)
@@ -5944,7 +5944,7 @@ CVE-2020-25518
 CVE-2020-25517
        RESERVED
 CVE-2020-25516 (WSO2 Enterprise Integrator 6.6.0 or earlier contains a stored 
cross-si ...)
-       TODO: check
+       NOT-FOR-US: WSO2 Enterprise Integrator
 CVE-2020-25515 (Sourcecodester Simple Library Management System 1.0 is 
affected by Ins ...)
        NOT-FOR-US: Sourcecodester Simple Library Management System
 CVE-2020-25514 (Sourcecodester Simple Library Management System 1.0 is 
affected by Inc ...)
@@ -14712,7 +14712,7 @@ CVE-2020-21268
 CVE-2020-21267
        RESERVED
 CVE-2020-21266 (Broadleaf Commerce 5.1.14-GA is affected by cross-site 
scripting (XSS) ...)
-       TODO: check
+       NOT-FOR-US: Broadleaf Commerce
 CVE-2020-21265
        RESERVED
 CVE-2020-21264



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d95d0c8ffe820ac9e92630a4ae031c9e2f17b360

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d95d0c8ffe820ac9e92630a4ae031c9e2f17b360
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits