[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Fri, 15 May 2020 13:26:28 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
06d38b00 by Salvatore Bonaccorso at 2020-05-15T22:25:40+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2020-13094
        RESERVED
 CVE-2020-13093 (iSpyConnect.com Agent DVR before 2.7.1.0 allows directory 
traversal. ...)
-       TODO: check
+       NOT-FOR-US: iSpyConnect.com Agent DVR
 CVE-2020-13092 (scikit-learn (aka sklearn) through 0.23.0 can unserialize and 
execute  ...)
        TODO: check
 CVE-2020-13091 (pandas through 1.0.3 can unserialize and execute commands from 
an untr ...)
@@ -409,7 +409,7 @@ CVE-2020-12891
 CVE-2020-12890
        RESERVED
 CVE-2020-12889 (MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection 
across us ...)
-       TODO: check
+       NOT-FOR-US: MISP
 CVE-2020-12888 (The VFIO PCI driver in the Linux kernel through 5.6.13 
mishandles atte ...)
        - linux <unfixed>
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1836244
@@ -520,7 +520,7 @@ CVE-2020-12836
 CVE-2020-12835
        RESERVED
 CVE-2020-12834 (eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and 
CCU3 thr ...)
-       TODO: check
+       NOT-FOR-US: eQ-3 Homematic Central Control Unit
 CVE-2020-12833
        RESERVED
 CVE-2020-12832 (The simple-file-list plugin before 4.2.8 for WordPress 
mishandles a .. ...)
@@ -606,7 +606,7 @@ CVE-2020-12800
 CVE-2020-12799
        RESERVED
 CVE-2020-12798 (Cellebrite UFED 5.0 to 7.5.0.845 implements local operating 
system pol ...)
-       TODO: check
+       NOT-FOR-US: Cellebrite UFED
 CVE-2020-12797
        RESERVED
 CVE-2020-12796
@@ -867,7 +867,7 @@ CVE-2020-12687 (An issue was discovered in Serpico before 
1.3.3. The /admin/atta
 CVE-2020-12686
        RESERVED
 CVE-2020-12685 (XSS in the admin help system admin/help.html and 
admin/quicklinks.html ...)
-       TODO: check
+       NOT-FOR-US: Interchange
 CVE-2020-12684
        RESERVED
 CVE-2020-12683 (Katyshop2 before 2.12 has multiple stored XSS issues. ...)
@@ -10819,7 +10819,7 @@ CVE-2020-9075
 CVE-2020-9074
        RESERVED
 CVE-2020-9073 (Huawei P20 smartphones with versions earlier than 
10.0.0.156(C00E156R1 ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2020-9072 (Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 
have a  ...)
        NOT-FOR-US: Huawei
 CVE-2020-9071
@@ -13064,7 +13064,7 @@ CVE-2020-8102
 CVE-2020-8101
        RESERVED
 CVE-2020-8100 (Improper Input Validation vulnerability in the cevakrnl.rv0 
module as  ...)
-       TODO: check
+       NOT-FOR-US: Bitdefender
 CVE-2020-8099 (A vulnerability in the improper handling of junctions in 
Bitdefender A ...)
        NOT-FOR-US: Bitdefender Antivirus Free
 CVE-2020-8098
@@ -14545,7 +14545,7 @@ CVE-2020-7472
 CVE-2019-20390 (A Cross-Site Request Forgery (CSRF) vulnerability was 
discovered in Su ...)
        TODO: check
 CVE-2019-20389 (An XSS issue was identified on the Subrion CMS 4.2.1 
/panel/configurat ...)
-       TODO: check
+       NOT-FOR-US: Subrion CMS
 CVE-2019-20388 (xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an 
xmlSchemaV ...)
        - libxml2 2.9.10+dfsg-2.1 (bug #949583)
        [buster] - libxml2 <no-dsa> (Minor issue)
@@ -29491,7 +29491,7 @@ CVE-2020-1810 (There is a weak algorithm vulnerability 
in some Huawei products.
 CVE-2020-1809
        RESERVED
 CVE-2020-1808 (Huawei smartphones Honor View 20;Honor 20;Honor 20 PRO;Honor 
Magic2 wi ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2020-1807 (HUAWEI Mate 20 smartphones with versions earlier than 
10.0.0.188(C00E7 ...)
        NOT-FOR-US: Huawei
 CVE-2020-1806 (Huawei Honor V10 smartphones with versions earlier than 
10.0.0.156(C00 ...)
@@ -34237,7 +34237,7 @@ CVE-2019-18668 (An issue was discovered in the Currency 
Switcher addon before 2.
 CVE-2019-18667 (/usr/local/www/freeradius_view_config.php in the freeradius3 
package b ...)
        NOT-FOR-US: FreeBSD specific freeradius_view_config.php in the 
freeradius3 package
 CVE-2019-18666 (An issue was discovered on D-Link DAP-1360 revision F devices. 
Remote  ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2019-18665 (The Log module in SECUDOS DOMOS before 5.6 allows local file 
inclusion ...)
        NOT-FOR-US: SECUDOS DOMOS
 CVE-2019-18664 (The Log module in SECUDOS DOMOS before 5.6 allows XSS. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06d38b00f8bfe43e853582d286d2dfc65776d913

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06d38b00f8bfe43e853582d286d2dfc65776d913
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to