[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Apr 29 21:17:25 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8e11470b by Salvatore Bonaccorso at 2020-04-29T22:15:06+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2020-12464 (usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel
CVE-2020-12463
RESERVED
CVE-2020-12462 (The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with ...)
- TODO: check
+ NOT-FOR-US: ninja-forms plugin for WordPress
CVE-2020-12461 (PHP-Fusion 9.03.50 allows SQL Injection because maincore.php has an in ...)
TODO: check
CVE-2020-12460
@@ -385,7 +385,7 @@ CVE-2017-18862 (Certain NETGEAR devices are affected by authentication bypass. T
CVE-2017-18861 (Certain NETGEAR devices are affected by CSRF. This affects ReadyNAS Su ...)
NOT-FOR-US: Netgear
CVE-2017-18860 (Certain NETGEAR devices are affected by debugging command execution. T ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2017-18859 (Certain NETGEAR devices are affected by slowdown/stoppage. This affect ...)
NOT-FOR-US: Netgear
CVE-2017-18858 (Certain NETGEAR devices are affected by command execution. This affect ...)
@@ -393,13 +393,13 @@ CVE-2017-18858 (Certain NETGEAR devices are affected by command execution. This
CVE-2017-18857 (The NETGEAR Insight application before 2.42 for Android and iOS is aff ...)
NOT-FOR-US: Netgear
CVE-2017-18856 (NETGEAR ReadyNAS devices before 6.6.1 are affected by command injectio ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2017-18855 (NETGEAR WNR854T devices before 1.5.2 are affected by command execution ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2017-18854 (NETGEAR ReadyNAS 6.6.1 and earlier is affected by command injection. ...)
TODO: check
CVE-2017-18853 (Certain NETGEAR devices are affected by password recovery and file acc ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2016-11060 (Certain NETGEAR devices are affected by insecure renegotiation. This a ...)
NOT-FOR-US: Netgear
CVE-2016-11059 (Certain NETGEAR devices are affected by password exposure. This affect ...)
@@ -75356,11 +75356,11 @@ CVE-2019-4290
CVE-2019-4289
RESERVED
CVE-2019-4288 (IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could discl ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4287
RESERVED
CVE-2019-4286 (IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 could discl ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4285 (IBM WebSphere Application Server - Liberty Admin Center could allow a ...)
NOT-FOR-US: IBM
CVE-2019-4284 (IBM Cloud Private 2.1.0 , 3.1.0, 3.1.1, and 3.1.2 could allow a local ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e11470b7d3b9beaed7b88ff06ea4c23035368ef
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e11470b7d3b9beaed7b88ff06ea4c23035368ef
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200429/1593e464/attachment.html>
More information about the debian-security-tracker-commits
mailing list