[Git][security-tracker-team/security-tracker][master] Process more NFUs

Thu, 05 Nov 2020 12:38:15 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bef6de19 by Salvatore Bonaccorso at 2020-11-05T21:37:26+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -245,7 +245,7 @@ CVE-2020-28117
 CVE-2020-28116
        RESERVED
 CVE-2020-28115 (SQL Injection vulnerability in "Documents component" found in 
AudimexE ...)
-       TODO: check
+       NOT-FOR-US: AudimexEE
 CVE-2020-28114
        RESERVED
 CVE-2020-28113
@@ -385,7 +385,7 @@ CVE-2020-28049 (An issue was discovered in SDDM before 
0.19.0. It incorrectly st
 CVE-2020-28048
        RESERVED
 CVE-2020-28047 (AudimexEE before 14.1.1 is vulnerable to Reflected XSS 
(Cross-Site-Scr ...)
-       TODO: check
+       NOT-FOR-US: AudimexEE
 CVE-2020-27347 [tmux buffer overflow in CSI parsing]
        RESERVED
        - tmux 3.1c-1
@@ -1363,7 +1363,7 @@ CVE-2020-27690 (The Relish (Verve Connect) VH510 device 
with firmware before 1.0
 CVE-2020-27689 (The Relish (Verve Connect) VH510 device with firmware before 
1.0.1.6L0 ...)
        NOT-FOR-US: Relish (Verve Connect) VH510 device
 CVE-2020-27688 (RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to 
encrypt ...)
-       TODO: check
+       NOT-FOR-US: RVTools
 CVE-2020-27687
        RESERVED
 CVE-2020-27686
@@ -2377,7 +2377,7 @@ CVE-2020-27404
 CVE-2020-27403
        RESERVED
 CVE-2020-27402 (The HK1 Box S905X3 TV Box contains a vulnerability that allows 
a local ...)
-       TODO: check
+       NOT-FOR-US: HK1 Box S905X3 TV Box
 CVE-2020-27401
        RESERVED
 CVE-2020-27400
@@ -4269,11 +4269,11 @@ CVE-2020-26509
 CVE-2020-26508
        RESERVED
 CVE-2020-26507 (A CSV Injection (also known as Formula Injection) 
vulnerability in the ...)
-       TODO: check
+       NOT-FOR-US: Marmind web application
 CVE-2020-26506 (An Authorization Bypass vulnerability in the Marmind web 
application w ...)
-       TODO: check
+       NOT-FOR-US: Marmind web application
 CVE-2020-26505 (A Stored Cross-Site Scripting (XSS) vulnerability in the 
“Marmin ...)
-       TODO: check
+       NOT-FOR-US: Marmind web application
 CVE-2020-26504
        RESERVED
 CVE-2020-26503
@@ -6770,9 +6770,9 @@ CVE-2020-25401
 CVE-2020-25400
        RESERVED
 CVE-2020-25399 (Stored XSS in InterMind iMind Server through 3.13.65 allows 
any user t ...)
-       TODO: check
+       NOT-FOR-US: InterMind iMind Server
 CVE-2020-25398 (CSV Injection exists in InterMind iMind Server through 3.13.65 
via the ...)
-       TODO: check
+       NOT-FOR-US: InterMind iMind Server
 CVE-2020-25397
        RESERVED
 CVE-2020-25396
@@ -8006,7 +8006,7 @@ CVE-2020-24851
 CVE-2020-24850
        RESERVED
 CVE-2020-24849 (A remote code execution vulnerability is identified in 
FruityWifi thro ...)
-       TODO: check
+       NOT-FOR-US: FruityWifi
 CVE-2020-24848 (FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL 
: ALL) N ...)
        NOT-FOR-US: FruityWifi
 CVE-2020-24847 (A Cross-Site Request Forgery (CSRF) vulnerability is 
identified in Fru ...)
@@ -30905,7 +30905,7 @@ CVE-2020-14242
 CVE-2020-14241
        RESERVED
 CVE-2020-14240 (HCL Notes versions previous to releases 9.0.1 FP10 IF8, 10.0.1 
FP6 and ...)
-       TODO: check
+       NOT-FOR-US: HCL Notes
 CVE-2020-14239
        RESERVED
 CVE-2020-14238
@@ -30941,7 +30941,7 @@ CVE-2020-14224
 CVE-2020-14223 (HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to 
cross-site scri ...)
        NOT-FOR-US: HCL Digital Experience
 CVE-2020-14222 (HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross 
site scri ...)
-       TODO: check
+       NOT-FOR-US: HCL Digital Experience
 CVE-2020-14221
        RESERVED
 CVE-2020-14220
@@ -32532,7 +32532,7 @@ CVE-2020-13663 [Drupal SA 2020-004]
        NOTE: https://www.drupal.org/sa-core-2020-004
        NOTE: 
https://git.drupalcode.org/project/drupal/-/commit/3999b8f658bf2ef8e96a7ee8ccb279c5d3073006
 CVE-2020-13661 (Telerik Fiddler through 5.0.20202.18177 allows attackers to 
execute ar ...)
-       TODO: check
+       NOT-FOR-US: Telerik
 CVE-2020-13660 (CMS Made Simple through 2.2.14 allows XSS via a crafted File 
Picker pr ...)
        NOT-FOR-US: CMS Made Simple
 CVE-2020-13659 (address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL 
pointer d ...)
@@ -36381,11 +36381,11 @@ CVE-2020-12149
 CVE-2020-12148
        RESERVED
 CVE-2020-12147 (In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 
8.10.11+, ...)
-       TODO: check
+       NOT-FOR-US: Silver Peak Unity Orchestrator
 CVE-2020-12146 (In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 
8.10.11+, ...)
-       TODO: check
+       NOT-FOR-US: Silver Peak Unity Orchestrator
 CVE-2020-12145 (Silver Peak Unity Orchestrator versions prior to 8.9.11+, 
8.10.11+, or ...)
-       TODO: check
+       NOT-FOR-US: Silver Peak Unity Orchestrator
 CVE-2020-12144 (The certificate used to identify the Silver Peak Cloud Portal 
to EdgeC ...)
        NOT-FOR-US: Silver Peak Cloud Portal
 CVE-2020-12143 (The certificate used to identify Orchestrator to EdgeConnect 
devices i ...)
@@ -47598,7 +47598,7 @@ CVE-2020-8269
 CVE-2020-8268
        RESERVED
 CVE-2020-8267 (A security issue was found in UniFi Protect controller v1.14.10 
and ea ...)
-       TODO: check
+       NOT-FOR-US: UniFi Protect controller
 CVE-2020-8266
        RESERVED
 CVE-2020-8265
@@ -50390,9 +50390,9 @@ CVE-2020-7131 (This document describes a security 
vulnerability in Blade Mainten
 CVE-2020-7130 (HPE OneView Global Dashboard (OVGD) 1.9 has a remote 
information discl ...)
        NOT-FOR-US: HPE
 CVE-2020-7129 (A remote execution of arbitrary commands vulnerability was 
discovered  ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2020-7128 (A remote unauthenticated arbitrary code execution vulnerability 
was di ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2020-7127 (A remote unauthenticated arbitrary code execution vulnerability 
was di ...)
        NOT-FOR-US: Aruba
 CVE-2020-7126 (A remote server-side request forgery (ssrf) vulnerability was 
discover ...)
@@ -58015,7 +58015,7 @@ CVE-2020-4099
 CVE-2020-4098
        RESERVED
 CVE-2020-4097 (In HCL Notes version 9 previous to release 9.0.1 FixPack 10 
Interim Fi ...)
-       TODO: check
+       NOT-FOR-US: HCL Notes
 CVE-2020-4096
        RESERVED
 CVE-2020-4095 ("BigFix Platform is storing clear text credentials within the 
system's ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bef6de19452b27a0a4d3d878af1ddcf00e25e5ae

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bef6de19452b27a0a4d3d878af1ddcf00e25e5ae
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to