[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Tue, 01 Dec 2020 12:29:47 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2a5a9894 by Salvatore Bonaccorso at 2020-12-01T21:29:14+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -307,7 +307,7 @@ CVE-2020-29317
 CVE-2020-29316
        RESERVED
 CVE-2020-29315 (ThinkAdmin version v1 v6 has a stored XSS vulnerability which 
allows r ...)
-       TODO: check
+       NOT-FOR-US: ThinkAdmin
 CVE-2020-29314
        RESERVED
 CVE-2020-29313
@@ -969,7 +969,7 @@ CVE-2020-28995
 CVE-2020-28994 (A SQL injection vulnerability was discovered in Karenderia 
Multiple Re ...)
        NOT-FOR-US: Karenderia Multiple Restaurant System
 CVE-2020-28993 (A Directory Traversal vulnerability exists in ATX miniCMTS200a 
Broadba ...)
-       TODO: check
+       NOT-FOR-US: ATX miniCMTS200a Broadband Gateway
 CVE-2020-28992
        RESERVED
 CVE-2020-28991 (Gitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a 
git proto ...)
@@ -1024,9 +1024,9 @@ CVE-2020-XXXX [RUSTSEC-2020-0070: lock_api: Some lock_api 
lock guard objects can
        NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0070.html
        NOTE: https://github.com/Amanieu/parking_lot/pull/262
 CVE-2020-28971 (An issue was discovered on Western Digital My Cloud OS 5 
devices befor ...)
-       TODO: check
+       NOT-FOR-US: Western Digital My Cloud OS 5 devices
 CVE-2020-28970 (An issue was discovered on Western Digital My Cloud OS 5 
devices befor ...)
-       TODO: check
+       NOT-FOR-US: Western Digital My Cloud OS 5 devices
 CVE-2020-28969
        RESERVED
 CVE-2020-28968
@@ -1098,7 +1098,7 @@ CVE-2020-28941 (An issue was discovered in 
drivers/accessibility/speakup/spk_tty
        [stretch] - linux <not-affected> (Vulnerable code not present)
        NOTE: https://www.openwall.com/lists/oss-security/2020/11/19/3
 CVE-2020-28940 (On Western Digital My Cloud OS 5 devices before 5.06.115, the 
NAS Admi ...)
-       TODO: check
+       NOT-FOR-US: Western Digital My Cloud OS 5 devices
 CVE-2020-28939
        RESERVED
 CVE-2020-28938
@@ -9259,7 +9259,7 @@ CVE-2020-26764
 CVE-2020-26763
        RESERVED
 CVE-2020-26762 (A stack-based buffer-overflow exists in Edimax IP-Camera 
IC-3116W (v3. ...)
-       TODO: check
+       NOT-FOR-US: Edimax IP-Camera
 CVE-2020-26761
        RESERVED
 CVE-2020-26760
@@ -12983,7 +12983,7 @@ CVE-2020-25183
 CVE-2020-25182
        RESERVED
 CVE-2020-25181 (WECON PLC Editor Versions 1.3.8 and prior has a heap-based 
buffer over ...)
-       TODO: check
+       NOT-FOR-US: WECON PLC Editor
 CVE-2020-25180
        RESERVED
 CVE-2020-25179
@@ -12991,7 +12991,7 @@ CVE-2020-25179
 CVE-2020-25178
        RESERVED
 CVE-2020-25177 (WECON PLC Editor Versions 1.3.8 and prior has a stack-based 
buffer ove ...)
-       TODO: check
+       NOT-FOR-US: WECON PLC Editor
 CVE-2020-25176
        RESERVED
 CVE-2020-25175
@@ -52857,7 +52857,7 @@ CVE-2020-8541 (OX App Suite through 7.10.3 allows XXE 
attacks. ...)
 CVE-2020-8540 (An XML external entity (XXE) vulnerability in Zoho ManageEngine 
Deskto ...)
        NOT-FOR-US: Zoho ManageEngine Desktop Central
 CVE-2020-8539 (Kia Motors Head Unit with Software version: SOP.003.30.18.0703, 
SOP.00 ...)
-       TODO: check
+       NOT-FOR-US: Kia Motors Head Unit with Software
 CVE-2020-8538
        RESERVED
 CVE-2020-8537
@@ -55819,7 +55819,7 @@ CVE-2020-7337
 CVE-2020-7336
        RESERVED
 CVE-2020-7335 (Privilege Escalation vulnerability in Microsoft Windows client 
McAfee  ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2020-7334 (Improper privilege assignment vulnerability in the installer 
McAfee Ap ...)
        NOT-FOR-US: McAfee
 CVE-2020-7333 (Cross site scripting vulnerability in the firewall ePO 
extension of Mc ...)
@@ -56927,7 +56927,7 @@ CVE-2020-6882
 CVE-2020-6881
        RESERVED
 CVE-2020-6880 (A ZXELINK wireless controller has a SQL injection 
vulnerability. A rem ...)
-       TODO: check
+       NOT-FOR-US: ZXELINK
 CVE-2020-6879 (Some ZTE devices have input verification vulnerabilities. The 
devices  ...)
        NOT-FOR-US: ZTE
 CVE-2020-6878
@@ -63856,7 +63856,7 @@ CVE-2020-4130
 CVE-2020-4129 (HCL Domino is susceptible to a lockout policy bypass 
vulnerability in  ...)
        NOT-FOR-US: HCL Domino
 CVE-2020-4128 (HCL Domino is susceptible to a lockout policy bypass 
vulnerability in  ...)
-       TODO: check
+       NOT-FOR-US: HCL Domino
 CVE-2020-4127 (HCL Domino is susceptible to a Login CSRF vulnerability. With a 
valid  ...)
        NOT-FOR-US: HCL Domino
 CVE-2020-4126 (HCL iNotes is susceptible to a sensitive cookie exposure 
vulnerability ...)
@@ -81277,7 +81277,7 @@ CVE-2019-16960
 CVE-2019-16959
        RESERVED
 CVE-2019-16958 (Cross-site Scripting (XSS) vulnerability in SolarWinds Web 
Help Desk 1 ...)
-       TODO: check
+       NOT-FOR-US:  SolarWinds Web Help Desk
 CVE-2019-16957
        RESERVED
 CVE-2019-16956



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a5a9894d663998ea7e9a25b64e9908a109717d4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a5a9894d663998ea7e9a25b64e9908a109717d4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to