[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Mon, 21 Dec 2020 12:27:57 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e1a6c84c by Salvatore Bonaccorso at 2020-12-21T21:27:18+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2898,13 +2898,13 @@ CVE-2020-35278
 CVE-2020-35277
        RESERVED
 CVE-2020-35276 (EgavilanMedia ECM Address Book 1.0 is affected by SQL 
injection. An at ...)
-       TODO: check
+       NOT-FOR-US: EgavilanMedia ECM Address Book
 CVE-2020-35275 (Coastercms v5.8.18 is affected by cross-site Scripting (XSS). 
A user c ...)
-       TODO: check
+       NOT-FOR-US: Coastercms
 CVE-2020-35274 (DotCMS Add Template with admin panel 20.11 is affected by 
cross-site S ...)
-       TODO: check
+       NOT-FOR-US: DotCMS
 CVE-2020-35273 (EgavilanMedia User Registration &amp; Login System with Admin 
Panel 1. ...)
-       TODO: check
+       NOT-FOR-US: EgavilanMedia User Registration & Login System with Admin 
Panel
 CVE-2020-35272
        RESERVED
 CVE-2020-35271
@@ -13817,7 +13817,7 @@ CVE-2020-27256
 CVE-2020-27255 (A heap overflow vulnerability exists within FactoryTalk Linx 
Version 6 ...)
        NOT-FOR-US: FactoryTalk
 CVE-2020-27254 (Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, 
XEGK, X ...)
-       TODO: check
+       NOT-FOR-US: Emerson
 CVE-2020-27253 (A flaw exists in the Ingress/Egress checks routine of 
FactoryTalk Linx ...)
        NOT-FOR-US: FactoryTalk
 CVE-2020-27252 (Medtronic MyCareLink Smart 25000 all versions are vulnerable 
to a race ...)
@@ -16882,7 +16882,7 @@ CVE-2020-25903
 CVE-2020-25902
        RESERVED
 CVE-2020-25901 (Host Header Injection in Spiceworks 7.5.7.0 allowing the 
attacker to r ...)
-       TODO: check
+       NOT-FOR-US: Spiceworks
 CVE-2020-25900
        RESERVED
 CVE-2020-25899
@@ -42596,7 +42596,7 @@ CVE-2020-14227
 CVE-2020-14226
        RESERVED
 CVE-2020-14225 (HCL iNotes is susceptible to a Tabnabbing vulnerability caused 
by impr ...)
-       TODO: check
+       NOT-FOR-US: HCL iNotes
 CVE-2020-14224 (A vulnerability in the MIME message handling of the HCL Notes 
v9 clien ...)
        NOT-FOR-US: HCL Notes
 CVE-2020-14223 (HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to 
cross-site scri ...)
@@ -62826,9 +62826,9 @@ CVE-2020-6884
 CVE-2020-6883
        RESERVED
 CVE-2020-6882 (ZTE E8810/E8820/E8822 series routers have an information leak 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2020-6881 (ZTE E8810/E8820/E8822 series routers have an MQTT DoS 
vulnerability, w ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2020-6880 (A ZXELINK wireless controller has a SQL injection 
vulnerability. A rem ...)
        NOT-FOR-US: ZXELINK
 CVE-2020-6879 (Some ZTE devices have input verification vulnerabilities. The 
devices  ...)
@@ -70055,7 +70055,7 @@ CVE-2020-4001 (The SD-WAN Orchestrator 3.3.2, 3.4.x, 
and 4.0.x has default passw
 CVE-2020-4000 (The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 
3.4.4, ...)
        NOT-FOR-US: VMware
 CVE-2020-3999 (VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware 
Workstation (16. ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2020-3998 (VMware Horizon Client for Windows (5.x prior to 5.5.0) contains 
an inf ...)
        NOT-FOR-US: VMware
 CVE-2020-3997 (VMware Horizon Server (7.x prior to 7.10.3 or 7.13.0) contains 
a Cross ...)
@@ -87243,7 +87243,7 @@ CVE-2019-16961
 CVE-2019-16960
        RESERVED
 CVE-2019-16959 (SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also 
known as Fo ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2019-16958 (Cross-site Scripting (XSS) vulnerability in SolarWinds Web 
Help Desk 1 ...)
        NOT-FOR-US: SolarWinds Web Help Desk
 CVE-2019-16957 (SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name 
field of ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1a6c84c3f1eff9c7070133dcbdfa507b5f5d3d1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1a6c84c3f1eff9c7070133dcbdfa507b5f5d3d1
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to