[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso Fri, 01 Jan 2021 12:21:04 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
aab7a2ef by Salvatore Bonaccorso at 2021-01-01T21:20:32+01:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2021-3003
        RESERVED
 CVE-2021-3002 (Seo Panel 4.8.0 allows reflected XSS via the 
seo/seopanel/login.php?se ...)
-       TODO: check
+       NOT-FOR-US: Seo Panel
 CVE-2021-3001
        RESERVED
 CVE-2020-35951 (An issue was discovered in the Quiz and Survey Master plugin 
before 7. ...)
@@ -214,7 +214,7 @@ CVE-2020-35858 (An issue was discovered in the prost crate 
before 0.6.1 for Rust
 CVE-2020-35857 (An issue was discovered in the trust-dns-server crate before 
0.18.1 fo ...)
        TODO: check
 CVE-2019-25011 (NetBox through 2.6.2 allows an Authenticated User to conduct 
an XSS at ...)
-       TODO: check
+       NOT-FOR-US: NetBox
 CVE-2019-25010 (An issue was discovered in the failure crate through 
2019-11-13 for Ru ...)
        - rust-failure <unfixed>
        NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0036.html
@@ -17958,7 +17958,7 @@ CVE-2020-26167 (In FUEL CMS 11.4.12 and before, the 
page preview feature allows
 CVE-2020-26166 (The file upload functionality in qdPM 9.1 doesn't check the 
file descr ...)
        NOT-FOR-US: qdPM
 CVE-2020-26165 (qdPM through 9.1 allows PHP Object Injection via 
timeReportActions::ex ...)
-       TODO: check
+       NOT-FOR-US: qdPM
 CVE-2020-26164 (In kdeconnect-kde (aka KDE Connect) before 20.08.2, an 
attacker on the ...)
        - kdeconnect 20.08.2-1 (bug #971736)
        [buster] - kdeconnect <no-dsa> (Minor issue)
@@ -18695,15 +18695,15 @@ CVE-2020-25848 (HGiga MailSherlock contains weak 
authentication flaw that attack
 CVE-2020-25847 (This command injection vulnerability allows attackers to 
execute arbit ...)
        NOT-FOR-US: QNAP
 CVE-2020-25846 (The digest generation function of NHIServiSignAdapter has not 
been ver ...)
-       TODO: check
+       NOT-FOR-US: NHIServiSignAdapter
 CVE-2020-25845 (Multiple functions of NHIServiSignAdapter failed to verify the 
users&# ...)
-       TODO: check
+       NOT-FOR-US: NHIServiSignAdapter
 CVE-2020-25844 (The digest generation function of NHIServiSignAdapter has not 
been ver ...)
-       TODO: check
+       NOT-FOR-US: NHIServiSignAdapter
 CVE-2020-25843 (NHIServiSignAdapter fails to verify the length of digital 
credential f ...)
-       TODO: check
+       NOT-FOR-US: NHIServiSignAdapter
 CVE-2020-25842 (The encryption function of NHIServiSignAdapter fail to verify 
the file ...)
-       TODO: check
+       NOT-FOR-US: NHIServiSignAdapter
 CVE-2020-25841
        RESERVED
 CVE-2020-25840
@@ -51280,13 +51280,13 @@ CVE-2020-11837
 CVE-2020-11836
        RESERVED
 CVE-2020-11835 (In 
/SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_d ...)
-       TODO: check
+       NOT-FOR-US: oppo
 CVE-2020-11834 (In 
/SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the  ...)
-       TODO: check
+       NOT-FOR-US: oppo
 CVE-2020-11833 (In 
/SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_m ...)
-       TODO: check
+       NOT-FOR-US: oppo
 CVE-2020-11832 (In functions charging_limit_current_write and 
charging_limit_time_writ ...)
-       TODO: check
+       NOT-FOR-US: oppo
 CVE-2020-11831 (OvoiceManager has system permission to write vulnerability 
reports for ...)
        NOT-FOR-US: OvoiceManager
 CVE-2020-11830 (QualityProtect has a vulnerability to execute arbitrary system 
command ...)
@@ -134373,15 +134373,15 @@ CVE-2018-19947 (The vulnerability have been 
reported to affect earlier versions
 CVE-2018-19946 (The vulnerability have been reported to affect earlier 
versions of Hel ...)
        NOT-FOR-US: QNAP
 CVE-2018-19945 (A vulnerability has been reported to affect earlier QNAP 
devices runni ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2018-19944 (A cleartext transmission of sensitive information 
vulnerability has be ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2018-19943 (If exploited, this cross-site scripting vulnerability could 
allow remo ...)
        NOT-FOR-US: QNAP
 CVE-2018-19942
        RESERVED
 CVE-2018-19941 (A vulnerability has been reported to affect QNAP NAS. If 
exploited, th ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2018-19940
        RESERVED
 CVE-2018-19939 (The Goodix GT9xx touchscreen driver for custom Linux kernels 
on Xiaomi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aab7a2ef16c5f323748dbe675a7e05c951206bd9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aab7a2ef16c5f323748dbe675a7e05c951206bd9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process several NFUs

Reply via email to