[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed, 14 Jul 2021 12:16:29 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
151c3df1 by Salvatore Bonaccorso at 2021-07-14T21:15:58+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39179,7 +39179,7 @@ CVE-2021-20783
 CVE-2021-20782 (Cross-site request forgery (CSRF) vulnerability in Software 
License Ma ...)
        TODO: check
 CVE-2021-20781 (Cross-site request forgery (CSRF) vulnerability in WordPress 
Meta Data ...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2021-20780 (Cross-site request forgery (CSRF) vulnerability in WPCS - 
WordPress Cu ...)
        NOT-FOR-US: Wordpress plugin
 CVE-2021-20779 (Cross-site request forgery (CSRF) vulnerability in WordPress 
Email Tem ...)
@@ -39247,7 +39247,7 @@ CVE-2021-20749 (Cross-site scripting vulnerability in 
Fudousan plugin ver5.7.0 a
 CVE-2021-20748 (Retty App for Android versions prior to 4.8.13 and Retty App 
for iOS v ...)
        NOT-FOR-US: Retty
 CVE-2021-20747 (Improper authorization in handler for custom URL scheme 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: Retty App
 CVE-2021-20746 (Cross-site scripting vulnerability in WordPress Popular Posts 
5.3.2 an ...)
        NOT-FOR-US: Wordpress plugin
 CVE-2021-20745 (Inkdrop versions prior to v5.3.1 allows an attacker to execute 
arbitra ...)
@@ -39554,11 +39554,11 @@ CVE-2021-20597
 CVE-2021-20596
        RESERVED
 CVE-2021-20595 (Improper Restriction of XML External Entity Reference 
vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2021-20594
        RESERVED
 CVE-2021-20593 (Incorrect Implementation of Authentication Algorithm in 
Mitsubishi Ele ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2021-20592
        RESERVED
 CVE-2021-20591 (Uncontrolled Resource Consumption vulnerability in Mitsubishi 
Electric ...)
@@ -48224,7 +48224,7 @@ CVE-2020-28402 (An improper authorization vulnerability 
exists in Star Practice
 CVE-2020-28401 (An improper authorization vulnerability exists in Star 
Practice Manage ...)
        NOT-FOR-US: Star Practice Management Web
 CVE-2020-28400 (A vulnerability has been identified in Development/Evaluation 
Kits for ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2020-28399
        RESERVED
 CVE-2020-28398
@@ -62908,7 +62908,7 @@ CVE-2020-23081
 CVE-2020-23080
        RESERVED
 CVE-2020-23079 (SSRF vulnerability in Halo <=1.3.2 exists in the SMTP 
configuration ...)
-       TODO: check
+       NOT-FOR-US: Halo
 CVE-2020-23078
        RESERVED
 CVE-2020-23077
@@ -68702,11 +68702,11 @@ CVE-2020-20254 (Mikrotik RouterOs before 6.47 (stable 
tree) suffers from a memor
 CVE-2020-20253 (Mikrotik RouterOs before 6.47 (stable tree) suffers from a 
divison by  ...)
        NOT-FOR-US: Mikrotik RouterOs
 CVE-2020-20252 (Mikrotik RouterOs before stable version 6.47 suffers from a 
memory cor ...)
-       TODO: check
+       NOT-FOR-US: Mikrotik
 CVE-2020-20251
        RESERVED
 CVE-2020-20250 (Mikrotik RouterOs before stable version 6.47 suffers from a 
memory cor ...)
-       TODO: check
+       NOT-FOR-US: Mikrotik
 CVE-2020-20249
        RESERVED
 CVE-2020-20248
@@ -69763,17 +69763,17 @@ CVE-2020-19724
 CVE-2020-19723
        RESERVED
 CVE-2020-19722 (An unhandled memory allocation failure in Core/Ap4Atom.cpp of 
Bento 1. ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2020-19721 (A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of 
Bento 1.5.1 ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2020-19720 (An unhandled memory allocation failure in Core/AP4IkmsAtom.cpp 
of Bent ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2020-19719 (A buffer overflow vulnerability in Ap4ElstAtom.cpp of Bento 
1.5.1-628  ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2020-19718 (An unhandled memory allocation failure in Core/Ap4Atom.cpp of 
Bento 1. ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2020-19717 (An unhandled memory allocation failure in Core/Ap48bdlAtom.cpp 
of Bent ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2020-19716 (A buffer overflow vulnerability in the Databuf function in 
types.cpp o ...)
        TODO: check
 CVE-2020-19715 (An integer overflow vulnerability in the getUShort function of 
Exiv2 0 ...)
@@ -70810,11 +70810,11 @@ CVE-2020-19205
 CVE-2020-19204 (Lightning Wire Labs IPFire 2.21 (x86_64) - Core Update 130 is 
affected ...)
        NOT-FOR-US: IPFire
 CVE-2020-19203 (Netgate pfSense Community Edition 2.4.4 - p2 (arm64) is 
affected by: C ...)
-       TODO: check
+       NOT-FOR-US: Netgate pfSense Community Edition
 CVE-2020-19202 (An authenticated Stored XSS (Cross-site Scripting) exists in 
the "capt ...)
        NOT-FOR-US: IPFire
 CVE-2020-19201 (Netgate pfSense 2.4.4 - p2 is affected by: Cross Site 
Scripting (XSS). ...)
-       TODO: check
+       NOT-FOR-US: Netgate pfSense
 CVE-2020-19200
        RESERVED
 CVE-2020-19199 (A Cross Site Request Forgery (CSRF) vulnerability exists in 
PHPOK 5.2. ...)
@@ -71140,9 +71140,9 @@ CVE-2020-19040
 CVE-2020-19039
        RESERVED
 CVE-2020-19038 (File Deletion vulnerability in Halo 0.4.3 via delBackup. ...)
-       TODO: check
+       NOT-FOR-US: Halo
 CVE-2020-19037 (Incorrect Access Control vulnearbility in Halo 0.4.3, which 
allows a m ...)
-       TODO: check
+       NOT-FOR-US: Halo
 CVE-2020-19036
        RESERVED
 CVE-2020-19035
@@ -71252,13 +71252,13 @@ CVE-2020-18984
 CVE-2020-18983
        RESERVED
 CVE-2020-18982 (Cross Sie Scripting (XSS) vulnerability in Halo 0.4.3 via 
CommentAutho ...)
-       TODO: check
+       NOT-FOR-US: Halo
 CVE-2020-18981
        RESERVED
 CVE-2020-18980 (Remote Code Executon vulnerability in Halo 0.4.3 via the 
remoteAddr an ...)
-       TODO: check
+       NOT-FOR-US: Halo
 CVE-2020-18979 (Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via the 
X-forwa ...)
-       TODO: check
+       NOT-FOR-US: Halo
 CVE-2020-18978
        RESERVED
 CVE-2020-18977
@@ -72134,7 +72134,7 @@ CVE-2020-18546
 CVE-2020-18545
        RESERVED
 CVE-2020-18544 (SQL Injection in WMS v1.0 allows remote attackers to execute 
arbitrary ...)
-       TODO: check
+       NOT-FOR-US: WMS
 CVE-2020-18543
        RESERVED
 CVE-2020-18542



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/151c3df14143beab6519db31df8db80eb65048bd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/151c3df14143beab6519db31df8db80eb65048bd
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to