[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Apr 29 09:23:37 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1494e16d by Salvatore Bonaccorso at 2020-04-29T10:23:10+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,7 +17,7 @@ CVE-2020-12449
 CVE-2020-12448
 	RESERVED
 CVE-2020-12447 (A Local File Inclusion (LFI) issue on Onkyo TX-NR585 1000-0000-000-000 ...)
-	TODO: check
+	NOT-FOR-US: Onkyo
 CVE-2020-12446
 	RESERVED
 CVE-2020-12445
@@ -25,9 +25,9 @@ CVE-2020-12445
 CVE-2020-12444
 	RESERVED
 CVE-2020-12443 (BigBlueButton before 2.2.6 allows remote attackers to read arbitrary f ...)
-	TODO: check
+	NOT-FOR-US: BigBlueButton
 CVE-2020-12442 (Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2020-12441
 	RESERVED
 CVE-2020-12440
@@ -449,7 +449,7 @@ CVE-2020-12263
 CVE-2020-12262
 	RESERVED
 CVE-2020-12261 (Open-AudIT 3.3.0 allows an XSS attack after login. ...)
-	TODO: check
+	NOT-FOR-US: Open-AudIT
 CVE-2020-12260
 	RESERVED
 CVE-2020-12259
@@ -772,9 +772,9 @@ CVE-2020-12105 (OpenConnect through 8.08 mishandles negative return values from
 CVE-2020-12104
 	RESERVED
 CVE-2020-12103 (In Tiny File Manager 2.4.1, there is a vulnerability in the ajax file  ...)
-	TODO: check
+	NOT-FOR-US: Tiny File Manager
 CVE-2020-12102 (In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Tiny File Manager
 CVE-2020-12101
 	RESERVED
 CVE-2020-12100
@@ -4403,7 +4403,7 @@ CVE-2020-11016
 CVE-2020-11015
 	RESERVED
 CVE-2020-11014 (Electron-Cash-SLP before version 3.6.2 has a vulnerability. All token  ...)
-	TODO: check
+	NOT-FOR-US: Electron-Cash-SLP
 CVE-2020-11013 (Their is an information disclosure vulnerability in Helm from version  ...)
 	- helm-kubernetes <itp> (bug #910799)
 CVE-2020-11012 (MinIO versions before RELEASE.2020-04-23T00-58-49Z have an authenticat ...)
@@ -6845,7 +6845,7 @@ CVE-2020-10096 (An issue was discovered in Zammad 3.0 through 3.2. It does not p
 CVE-2020-10095
 	RESERVED
 CVE-2020-10094 (A cross-site scripting (XSS) vulnerability in Lexmark CS31x before LW7 ...)
-	TODO: check
+	NOT-FOR-US: Lexmark
 CVE-2020-10093 (A cross-site scripting (XSS) vulnerability in Lexmark Pro910 series in ...)
 	NOT-FOR-US: Lexmark
 CVE-2020-10092 (GitLab 12.1 through 12.8.1 allows XSS. A cross-site scripting vulnerab ...)
@@ -10556,43 +10556,43 @@ CVE-2020-8491
 CVE-2020-8490
 	RESERVED
 CVE-2020-8489 (Insufficient protection of the inter-process communication functions i ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8488 (Insufficient protection of the inter-process communication functions i ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8487 (Insufficient protection of the inter-process communication functions i ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8486 (Insufficient protection of the inter-process communication functions i ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8485 (Insufficient protection of the inter-process communication functions i ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8484 (Insufficient protection of the inter-process communication functions i ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8483
 	RESERVED
 CVE-2020-8482
 	RESERVED
 CVE-2020-8481 (For ABB products ABB Ability™ System 800xA and related system ex ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8480
 	RESERVED
 CVE-2020-8479 (For the Central Licensing Server component used in ABB products ABB Ab ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8478 (Insufficient protection of the inter-process communication functions i ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8477 (The installations for ABB System 800xA Information Manager versions 5. ...)
 	NOT-FOR-US: ABB
 CVE-2020-8476 (For the Central Licensing Server component used in ABB products ABB Ab ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8475 (For the Central Licensing Server component used in ABB products ABB Ab ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8474 (Weak Registry permissions in ABB System 800xA Base allow low privilege ...)
 	NOT-FOR-US: ABB
 CVE-2020-8473 (Insufficient folder permissions used by system functions in ABB System ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8472 (Insufficient folder permissions used by system functions in ABB System ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8471 (For the Central Licensing Server component used in ABB products ABB Ab ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2020-8470 (Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Sec ...)
 	NOT-FOR-US: Trend Micro
 CVE-2020-8469 (Trend Micro Password Manager for Windows version 5.0 is affected by a  ...)
@@ -21171,7 +21171,7 @@ CVE-2020-3957
 CVE-2020-3956
 	RESERVED
 CVE-2020-3955 (ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2020-3954 (Open Redirect vulnerability exists in VMware vRealize Log Insight prio ...)
 	NOT-FOR-US: VMware
 CVE-2020-3953 (Cross Site Scripting (XSS) vulnerability exists in VMware vRealize Log ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1494e16dd5127cfe3afc6fbacab588c3bcef8cc0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1494e16dd5127cfe3afc6fbacab588c3bcef8cc0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200429/85a8310f/attachment.html>

More information about the debian-security-tracker-commits mailing list