[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Tue, 22 Dec 2020 12:54:34 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
45060b59 by Salvatore Bonaccorso at 2020-12-22T21:53:59+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19596,7 +19596,7 @@ CVE-2020-25108 (An issue was discovered in the DNS 
implementation in Ethernut in
 CVE-2020-25107 (An issue was discovered in the DNS implementation in Ethernut 
in Nut/O ...)
        NOT-FOR-US: Nut/OS
 CVE-2020-25106 (Nanosystems SupRemo 4.1.3.2348 allows attackers to obtain 
LocalSystem  ...)
-       TODO: check
+       NOT-FOR-US: Nanosystems SupRemo
 CVE-2020-25105 (eramba c2.8.1 and Enterprise before e2.19.3 has a weak 
password recove ...)
        NOT-FOR-US: eramba
 CVE-2020-25104 (eramba c2.8.1 and Enterprise before e2.19.3 allows XSS via a 
crafted f ...)
@@ -20752,13 +20752,13 @@ CVE-2020-24583 (An issue was discovered in Django 2.2 
before 2.2.16, 3.0 before
 CVE-2020-24582 (Zulip Desktop before 5.4.3 allows XSS because string escaping 
is misha ...)
        NOT-FOR-US: Zulip Desktop
 CVE-2020-24581 (An issue was discovered on D-Link DSL-2888A devices with 
firmware prio ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2020-24580 (An issue was discovered on D-Link DSL-2888A devices with 
firmware prio ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2020-24579 (An issue was discovered on D-Link DSL-2888A devices with 
firmware prio ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2020-24578 (An issue was discovered on D-Link DSL-2888A devices with 
firmware prio ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2020-24577
        RESERVED
 CVE-2020-24576
@@ -29749,7 +29749,7 @@ CVE-2020-20140 (Cross Site Scripting (XSS) 
vulnerability in Remote Report compon
 CVE-2020-20139 (Cross Site Scripting (XSS) vulnerability in the Remote JSON 
component  ...)
        TODO: check
 CVE-2020-20138 (Cross Site Scripting (XSS) vulnerability in the Showtime2 
Slideshow mo ...)
-       TODO: check
+       NOT-FOR-US: CMS Made Simple (CMSMS)
 CVE-2020-20137
        RESERVED
 CVE-2020-20136 (QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are 
affected by an  ...)
@@ -45182,7 +45182,7 @@ CVE-2020-13572
 CVE-2020-13571
        RESERVED
 CVE-2020-13570 (A use-after-free vulnerability exists in the JavaScript engine 
of Foxi ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2020-13569
        RESERVED
 CVE-2020-13568
@@ -45202,13 +45202,13 @@ CVE-2020-13562
 CVE-2020-13561
        RESERVED
 CVE-2020-13560 (A use after free vulnerability exists in the JavaScript engine 
of Foxi ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2020-13559
        RESERVED
 CVE-2020-13558
        RESERVED
 CVE-2020-13557 (A use after free vulnerability exists in the JavaScript engine 
of Foxi ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2020-13556 (An out-of-bounds write vulnerability exists in the Ethernet/IP 
server  ...)
        NOT-FOR-US: EIP Stack Group OpENer
 CVE-2020-13555
@@ -45228,7 +45228,7 @@ CVE-2020-13549
 CVE-2020-13548
        RESERVED
 CVE-2020-13547 (A type confusion vulnerability exists in the JavaScript engine 
of Foxi ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2020-13546
        RESERVED
 CVE-2020-13545
@@ -58307,7 +58307,7 @@ CVE-2020-8996 (AnyShare Cloud 6.0.9 allows 
authenticated directory traversal to
 CVE-2019-20456 (Goverlan Reach Console before 9.50, Goverlan Reach Server 
before 3.50, ...)
        NOT-FOR-US: Goverlan
 CVE-2020-8995 (Programi Bilanc Build 007 Release 014 31.01.2020 supplies a 
.exe file  ...)
-       TODO: check
+       NOT-FOR-US: Programi Bilanc
 CVE-2019-20455 (Gateways/Gateway.php in Heartland &amp; Global Payments PHP 
SDK before ...)
        NOT-FOR-US: Heartland & Global Payments PHP SDK
 CVE-2019-20454 (An out-of-bounds read was discovered in PCRE before 10.34 when 
the pat ...)
@@ -170277,7 +170277,7 @@ CVE-2018-7582 (WebLog Expert Web Server Enterprise 
9.4 allows Remote Denial Of S
 CVE-2018-7581 (\ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog 
Expert We ...)
        NOT-FOR-US: WebLog Expert Web Server Enterprise
 CVE-2018-7580 (Philips Hue is vulnerable to a Denial of Service attack. 
Sending a SYN ...)
-       TODO: check
+       NOT-FOR-US: Philips Hue
 CVE-2017-18211 (In ImageMagick 7.0.7, a NULL pointer dereference vulnerability 
was fou ...)
        {DLA-2366-1}
        - imagemagick 8:6.9.9.34+dfsg-3 (low)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45060b59935ed05698d9d6ab7bb2bfe4e014be4c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45060b59935ed05698d9d6ab7bb2bfe4e014be4c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to