[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Mon, 04 Jan 2021 12:31:25 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
092c61b9 by Salvatore Bonaccorso at 2021-01-04T21:30:52+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2021-3014 (In MikroTik RouterOS through 2021-01-04, the hotspot login page 
is vul ...)
-       TODO: check
+       NOT-FOR-US: MikroTik RouterOS
 CVE-2021-3013
        RESERVED
 CVE-2021-3012
@@ -971,7 +971,7 @@ CVE-2020-36156 (An issue was discovered in the Ultimate 
Member plugin before 2.1
 CVE-2020-36155 (An issue was discovered in the Ultimate Member plugin before 
2.1.12 fo ...)
        NOT-FOR-US: Ultimate Member plugin for WordPress
 CVE-2020-36154 (The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 
has Full ...)
-       TODO: check
+       NOT-FOR-US: Pearson VUE VTS Installer
 CVE-2020-36153
        RESERVED
 CVE-2020-36152
@@ -1055,7 +1055,7 @@ CVE-2020-36114
 CVE-2020-36113
        RESERVED
 CVE-2020-36112 (CSE Bookstore version 1.0 is vulnerable to time-based blind, 
boolean-b ...)
-       TODO: check
+       NOT-FOR-US: CSE Bookstore
 CVE-2020-36111
        RESERVED
 CVE-2020-36110
@@ -1351,9 +1351,9 @@ CVE-2020-35966
 CVE-2021-3007 (Zend Framework 3.0.0 has a deserialization vulnerability that 
can lead ...)
        TODO: check
 CVE-2021-21495 (MK-AUTH through 19.01 K4.9 allows CSRF for password changes 
via the ce ...)
-       TODO: check
+       NOT-FOR-US: MK-AUTH
 CVE-2021-21494 (MK-AUTH through 19.01 K4.9 allows XSS via the 
admin/logs_ajax.php tipo ...)
-       TODO: check
+       NOT-FOR-US: MK-AUTH
 CVE-2020-35965 (decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an 
out-of-bounds  ...)
        - ffmpeg <unfixed>
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26532
@@ -6036,7 +6036,7 @@ CVE-2020-35221
 CVE-2020-35220
        RESERVED
 CVE-2020-35219 (The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers 
to acce ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2020-35218
        RESERVED
 CVE-2020-35217
@@ -90493,7 +90493,7 @@ CVE-2019-16962
 CVE-2019-16961
        RESERVED
 CVE-2019-16960 (SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV template 
file wit ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2019-16959 (SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also 
known as Fo ...)
        NOT-FOR-US: SolarWinds
 CVE-2019-16958 (Cross-site Scripting (XSS) vulnerability in SolarWinds Web 
Help Desk 1 ...)
@@ -90501,7 +90501,7 @@ CVE-2019-16958 (Cross-site Scripting (XSS) 
vulnerability in SolarWinds Web Help
 CVE-2019-16957 (SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name 
field of ...)
        NOT-FOR-US: SolarWinds
 CVE-2019-16956 (SolarWinds Web Help Desk 12.7.0 allows XSS via the Request 
Type parame ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2019-16955 (SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG 
documen ...)
        NOT-FOR-US: SolarWinds
 CVE-2019-16954



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/092c61b9eb48069796826ae4acf1ee5d3ca6fe5f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/092c61b9eb48069796826ae4acf1ee5d3ca6fe5f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to