[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Aug 11 21:21:00 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3c37877b by Salvatore Bonaccorso at 2020-08-11T22:19:04+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39,7 +39,7 @@ CVE-2020-17468
 CVE-2020-17467
 	RESERVED
 CVE-2020-17466 (Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by  ...)
-	TODO: check
+	NOT-FOR-US: Turcom TRCwifiZone
 CVE-2020-17465
 	RESERVED
 CVE-2020-17464
@@ -4038,7 +4038,7 @@ CVE-2020-15599 (Victor CMS through 2019-02-28 allows XSS via the register.php us
 CVE-2020-15598
 	RESERVED
 CVE-2020-15597 (SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statute ...)
-	TODO: check
+	NOT-FOR-US: SOPlanning
 CVE-2020-15596
 	RESERVED
 CVE-2019-20906
@@ -5257,7 +5257,7 @@ CVE-2020-15073 (An issue was discovered in phpList through 3.5.4. An XSS vulnera
 CVE-2020-15072 (An issue was discovered in phpList through 3.5.4. An error-based SQL I ...)
 	- phplist <itp> (bug #612288)
 CVE-2020-15071 (content/content.blueprintsevents.php in Symphony CMS 3.0.0 allows XSS  ...)
-	TODO: check
+	NOT-FOR-US: Symphony CMS
 CVE-2020-15070
 	RESERVED
 CVE-2020-15069 (Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow an ...)
@@ -10168,17 +10168,17 @@ CVE-2020-13181
 CVE-2020-13180
 	RESERVED
 CVE-2020-13179 (Broker Protocol messages in Teradici PCoIP Standard Agent for Windows  ...)
-	TODO: check
+	NOT-FOR-US: Teradici
 CVE-2020-13178 (A function in the Teradici PCoIP Standard Agent for Windows and Graphi ...)
-	TODO: check
+	NOT-FOR-US: Teradici
 CVE-2020-13177 (The support bundler in Teradici PCoIP Standard Agent for Windows and G ...)
-	TODO: check
+	NOT-FOR-US: Teradici
 CVE-2020-13176 (The Management Interface of the Teradici Cloud Access Connector and Cl ...)
-	TODO: check
+	NOT-FOR-US: Teradici
 CVE-2020-13175 (The Management Interface of the Teradici Cloud Access Connector and Cl ...)
-	TODO: check
+	NOT-FOR-US: Teradici
 CVE-2020-13174 (The web server in the Teradici Managament console versions 20.04 and 2 ...)
-	TODO: check
+	NOT-FOR-US: Teradici
 CVE-2020-13173 (Initialization of the pcoip_credential_provider in Teradici PCoIP Stan ...)
 	NOT-FOR-US: Teradici
 CVE-2020-13172
@@ -10311,7 +10311,7 @@ CVE-2020-13126 (An issue was discovered in the Elementor Pro plugin before 2.9.4
 CVE-2020-13125 (An issue was discovered in the "Ultimate Addons for Elementor" plugin  ...)
 	NOT-FOR-US: "Ultimate Addons for Elementor" plugin for WordPress
 CVE-2020-13124 (SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: SABnzbd
 CVE-2020-13123
 	RESERVED
 CVE-2020-13122
@@ -15475,7 +15475,7 @@ CVE-2020-11554 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 bef
 CVE-2020-11553 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...)
 	NOT-FOR-US: Castle Rock SNMPc
 CVE-2020-11552 (An elevation of privilege vulnerability exists in ManageEngine ADSelfS ...)
-	TODO: check
+	NOT-FOR-US: ManageEngine
 CVE-2020-11551 (An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on  ...)
 	NOT-FOR-US: Netgear
 CVE-2020-11550 (An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on  ...)
@@ -21153,9 +21153,9 @@ CVE-2020-9406 (IBL Online Weather before 4.3.5a allows unauthenticated eval inje
 CVE-2020-9405 (IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS  ...)
 	NOT-FOR-US: IBL Online Weather
 CVE-2020-9404 (In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stor ...)
-	TODO: check
+	NOT-FOR-US: PACTware
 CVE-2020-9403 (In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stor ...)
-	TODO: check
+	NOT-FOR-US: PACTware
 CVE-2020-9402 (Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 al ...)
 	- python-django 2:2.2.11-1 (low; bug #953102)
 	[buster] - python-django 1:1.11.29-1~deb10u1
@@ -21594,7 +21594,7 @@ CVE-2020-9246
 CVE-2020-9245 (HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUA ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9244 (HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8); ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9243 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9242
@@ -33345,9 +33345,9 @@ CVE-2020-4488
 CVE-2020-4487
 	RESERVED
 CVE-2020-4486 (IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to ov ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4485 (IBM QRadar 7.2.0 through 7.2.9 could allow an authenticated user to di ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4484
 	RESERVED
 CVE-2020-4483



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c37877bc8ca0e154482038105bd2cb811a6464c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c37877bc8ca0e154482038105bd2cb811a6464c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200811/891d8e96/attachment.html>

More information about the debian-security-tracker-commits mailing list