Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6b81c0b3 by Salvatore Bonaccorso at 2020-12-24T22:27:42+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -61,7 +61,7 @@ CVE-2020-35667
CVE-2020-35666 (Steedos Platform through 1.21.24 allows NoSQL injection
because the /a ...)
TODO: check
CVE-2020-35665 (An unauthenticated command-execution vulnerability exists in
TerraMast ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-35664
RESERVED
CVE-2020-35663
@@ -73,7 +73,7 @@ CVE-2020-35661
CVE-2020-35660
RESERVED
CVE-2020-35659 (The DNS query log in Pi-hole before 5.2.2 is vulnerable to
stored XSS. ...)
- TODO: check
+ NOT-FOR-US: Pi-hole
CVE-2020-35658 (SpamTitan before 7.09 allows attackers to tamper with backups,
because ...)
NOT-FOR-US: SpamTitan
CVE-2020-35657 (Jaws through 1.8.0 allows remote authenticated administrators
to execu ...)
@@ -7006,7 +7006,7 @@ CVE-2020-29191
CVE-2020-29190
RESERVED
CVE-2020-29189 (Incorrect Access Control vulnerability in TerraMaster TOS
<= 4.2.06 ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-29188
RESERVED
CVE-2020-29187
@@ -11827,19 +11827,19 @@ CVE-2020-28192
CVE-2020-28191
RESERVED
CVE-2020-28190 (TerraMaster TOS <= 4.2.06 was found to check for updates
(of both s ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28189
REJECTED
CVE-2020-28188 (Remote Command Execution (RCE) vulnerability in TerraMaster
TOS <= ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28187 (Multiple directory traversal vulnerabilities in TerraMaster
TOS <= ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28186 (Email Injection in TerraMaster TOS <= 4.2.06 allows remote
unauthen ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28185 (User Enumeration vulnerability in TerraMaster TOS <= 4.2.06
allows ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28184 (Cross-site scripting (XSS) vulnerability in TerraMaster TOS
<= 4.2. ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28183 (SQL injection vulnerability in SourceCodester Water Billing
System 1.0 ...)
NOT-FOR-US: SourceCodester Water Billing System
CVE-2020-28182
@@ -29614,9 +29614,9 @@ CVE-2020-20279
CVE-2020-20278
RESERVED
CVE-2020-20277 (There are multiple unauthenticated directory traversal
vulnerabilities ...)
- TODO: check
+ NOT-FOR-US: uftpd
CVE-2020-20276 (An unauthenticated stack-based buffer overflow vulnerability
in common ...)
- TODO: check
+ NOT-FOR-US: uftpd
CVE-2020-20275
RESERVED
CVE-2020-20274
@@ -58154,7 +58154,7 @@ CVE-2020-9121
CVE-2020-9120 (CloudEngine 1800V versions V100R019C10SPC500 has a resource
management ...)
TODO: check
CVE-2020-9119 (There is a privilege escalation vulnerability on some Huawei
smart pho ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9118
RESERVED
CVE-2020-9117 (HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and
SydneyM ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b81c0b3327a81554a0ce0dfeb3376ccb3c7296b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b81c0b3327a81554a0ce0dfeb3376ccb3c7296b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
