[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed, 20 Apr 2022 01:55:53 -0700 


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ca108f35 by Neil Williams at 2022-04-20T09:55:14+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -111624,23 +111624,23 @@ CVE-2020-25170 (An Excel Macro Injection 
vulnerability exists in the export feat
 CVE-2020-25169 (The affected Reolink P2P products do not sufficiently protect 
data tra ...)
        NOT-FOR-US: Reolink P2P products
 CVE-2020-25168 (Hard-coded credentials in the B. Braun Melsungen AG SpaceCom 
Version L ...)
-       TODO: check
+       NOT-FOR-US: B. Braun Melsungen AG
 CVE-2020-25167 (OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose 
informat ...)
        TODO: check
 CVE-2020-25166 (An improper verification of the cryptographic signature of 
firmware up ...)
-       TODO: check
+       NOT-FOR-US: B. Braun Melsungen AG
 CVE-2020-25165 (BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and 
BD Alar ...)
        NOT-FOR-US: BD Alaris PC Unit
 CVE-2020-25164 (A vulnerability in the B. Braun Melsungen AG SpaceCom Version 
L81/U61  ...)
-       TODO: check
+       NOT-FOR-US: B. Braun Melsungen AG
 CVE-2020-25163 (A remote attacker with write access to PI ProcessBook files 
could inje ...)
        TODO: check
 CVE-2020-25162 (A XPath injection vulnerability in the B. Braun Melsungen AG 
SpaceCom  ...)
-       TODO: check
+       NOT-FOR-US: B. Braun Melsungen AG
 CVE-2020-25161 (The WADashboard component of WebAccess/SCADA Versions 9.0 and 
prior ma ...)
        NOT-FOR-US: WebAccess/SCADA
 CVE-2020-25160 (Improper access controls in the B. Braun Melsungen AG SpaceCom 
Version ...)
-       TODO: check
+       NOT-FOR-US: B. Braun Melsungen AG
 CVE-2020-25159 (499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to 
a stack- ...)
        NOT-FOR-US: 499ES
 CVE-2020-25158 (A reflected cross-site scripting (XSS) vulnerability in the B. 
Braun M ...)
@@ -111648,19 +111648,19 @@ CVE-2020-25158 (A reflected cross-site scripting 
(XSS) vulnerability in the B. B
 CVE-2020-25157 (The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL 
injection ...)
        NOT-FOR-US: R-SeeNet
 CVE-2020-25156 (Active debug code in the B. Braun Melsungen AG SpaceCom 
Version L8/U61 ...)
-       TODO: check
+       NOT-FOR-US: B. Braun Melsungen AG
 CVE-2020-25155 (The affected product transmits unencrypted sensitive 
information, whic ...)
        NOT-FOR-US: NEXCOM
 CVE-2020-25154 (An open redirect vulnerability in the administrative interface 
of the  ...)
-       TODO: check
+       NOT-FOR-US: B. Braun Melsungen AG
 CVE-2020-25153 (The built-in web service for MOXA NPort IAW5000A-I/O firmware 
version  ...)
        NOT-FOR-US: MOXA NPort IAW5000A-I/O firmware
 CVE-2020-25152 (A session fixation vulnerability in the B. Braun Melsungen AG 
SpaceCom ...)
-       TODO: check
+       NOT-FOR-US: B. Braun Melsungen AG
 CVE-2020-25151 (The affected product does not properly validate input, which 
may allow ...)
        NOT-FOR-US: NEXCOM
 CVE-2020-25150 (A relative path traversal attack in the B. Braun Melsungen AG 
SpaceCom ...)
-       TODO: check
+       NOT-FOR-US: B. Braun Melsungen AG
 CVE-2020-25149 (An issue was discovered in Observium Professional, Enterprise 
& Co ...)
        NOT-FOR-US: Observium
 CVE-2020-25148 (An issue was discovered in Observium Professional, Enterprise 
& Co ...)
@@ -130819,7 +130819,7 @@ CVE-2020-16240 (GE Digital APM Classic, Versions 4.4 
and prior. An insecure dire
 CVE-2020-16239 (Philips SureSigns VS4, A.07.107 and prior. When an actor 
claims to hav ...)
        NOT-FOR-US: Philips SureSigns
 CVE-2020-16238 (A vulnerability in the configuration import mechanism of the 
B. Braun  ...)
-       TODO: check
+       NOT-FOR-US: B. Braun Melsungen AG
 CVE-2020-16237 (Philips SureSigns VS4, A.07.107 and prior. The product 
receives input  ...)
        NOT-FOR-US: Philips SureSigns
 CVE-2020-16236 (FPWIN Pro is vulnerable to an out-of-bounds read vulnerability 
when a  ...)
@@ -138343,7 +138343,7 @@ CVE-2020-13592 (An exploitable SQL injection 
vulnerability exists in "global_lis
 CVE-2020-13591 (An exploitable SQL injection vulnerability exists in the 
"access_rules ...)
        NOT-FOR-US: Rukovoditel Project Management App
 CVE-2020-13590 (Multiple exploitable SQL injection vulnerabilities exist in 
the 'entit ...)
-       TODO: check
+       NOT-FOR-US: Rukovoditel Project Management App
 CVE-2020-13589 (An exploitable SQL injection vulnerability exists in the 
‘entiti ...)
        NOT-FOR-US: Rukovoditel Project Management App
 CVE-2020-13588 (An exploitable SQL injection vulnerability exists in the 
‘entiti ...)
@@ -138409,7 +138409,7 @@ CVE-2020-13569 (A cross-site request forgery 
vulnerability exists in the GACL fu
 CVE-2020-13568 (SQL injection vulnerability exists in phpGACL 3.3.7. A 
specially craft ...)
        NOT-FOR-US: phpGACL
 CVE-2020-13567 (Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. 
A speci ...)
-       TODO: check
+       NOT-FOR-US: phpGACL
 CVE-2020-13566 (SQL injection vulnerabilities exist in phpGACL 3.3.7. A 
specially craf ...)
        NOT-FOR-US: phpGACL
 CVE-2020-13565 (An open redirect vulnerability exists in the return_page 
redirection f ...)
@@ -138567,7 +138567,7 @@ CVE-2020-13497 (An exploitable vulnerability exists 
in the way Pixar OpenUSD 20.
 CVE-2020-13496 (An exploitable vulnerability exists in the way Pixar OpenUSD 
20.05 han ...)
        NOT-FOR-US: Pixar OpenUSD
 CVE-2020-13495 (An exploitable vulnerability exists in the way Pixar OpenUSD 
20.05 han ...)
-       TODO: check
+       NOT-FOR-US: Pixar OpenUSD
 CVE-2020-13494 (A heap overflow vulnerability exists in the Pixar OpenUSD 
20.05 parsin ...)
        NOT-FOR-US: Pixar OpenUSD
 CVE-2020-13493 (A heap overflow vulnerability exists in Pixar OpenUSD 20.05 
when the s ...)
@@ -159177,7 +159177,7 @@ CVE-2020-6101 (An exploitable code execution 
vulnerability exists in the Shader
 CVE-2020-6100 (An exploitable memory corruption vulnerability exists in AMD 
atidxx64. ...)
        NOT-FOR-US: AMD
 CVE-2020-6099 (An exploitable code execution vulnerability exists in the file 
format  ...)
-       TODO: check
+       NOT-FOR-US: Graphisoft BIMx
 CVE-2020-6098 (An exploitable denial of service vulnerability exists in the 
freeDiame ...)
        - freediameter 1.2.1-8 (bug #985088)
        [buster] - freediameter 1.2.1-7+deb10u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca108f35cb9b4cd9d924c832ecd71803b9f0d456

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca108f35cb9b4cd9d924c832ecd71803b9f0d456
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to