[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Aug 26 21:37:42 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9c11e684 by Salvatore Bonaccorso at 2020-08-26T22:37:12+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2060,13 +2060,13 @@ CVE-2020-23659 (WebPort-v1.19.17121 is affected by Cross Site Scripting (XSS) on
 CVE-2020-23658 (PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS) via infus ...)
 	TODO: check
 CVE-2020-23657 (NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "C ...)
-	TODO: check
+	NOT-FOR-US: NavigateCMS
 CVE-2020-23656 (NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "C ...)
-	TODO: check
+	NOT-FOR-US: NavigateCMS
 CVE-2020-23655 (NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "C ...)
-	TODO: check
+	NOT-FOR-US: NavigateCMS
 CVE-2020-23654 (NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) via the modu ...)
-	TODO: check
+	NOT-FOR-US: NavigateCMS
 CVE-2020-23653
 	RESERVED
 CVE-2020-23652
@@ -17121,7 +17121,7 @@ CVE-2020-16195
 CVE-2020-16194
 	RESERVED
 CVE-2020-16193 (osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.ph ...)
-	TODO: check
+	NOT-FOR-US: osTicket
 CVE-2020-16192 (LimeSurvey 4.3.2 allows reflected XSS because application/controllers/ ...)
 	- limesurvey <itp> (bug #472802)
 CVE-2020-16191
@@ -18867,9 +18867,9 @@ CVE-2020-15501
 CVE-2020-15500 (An issue was discovered in server.js in TileServer GL through 3.0.0. T ...)
 	NOT-FOR-US: TileServer GL
 CVE-2020-15499 (An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_ ...)
-	TODO: check
+	NOT-FOR-US: ASUS RT-AC1900P routers
 CVE-2020-15498 (An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_ ...)
-	TODO: check
+	NOT-FOR-US: ASUS RT-AC1900P routers
 CVE-2020-15497 (** DISPUTED ** jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build ...)
 	NOT-FOR-US: Jalios JCMS
 CVE-2020-15496
@@ -18893,15 +18893,15 @@ CVE-2020-15488
 CVE-2020-15487
 	RESERVED
 CVE-2020-15486 (An issue was discovered on Dr Trust ECG Pen 2.00.08 devices. Because t ...)
-	TODO: check
+	NOT-FOR-US: Dr Trust ECG Pen 2.00.08 devices
 CVE-2020-15485
 	RESERVED
 CVE-2020-15484 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
-	TODO: check
+	NOT-FOR-US: Nescomed Multipara Monitor M1000 devices
 CVE-2020-15483 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
-	TODO: check
+	NOT-FOR-US: Nescomed Multipara Monitor M1000 devices
 CVE-2020-15482 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
-	TODO: check
+	NOT-FOR-US: Nescomed Multipara Monitor M1000 devices
 CVE-2020-15481
 	RESERVED
 CVE-2020-15480 (An issue was discovered in PassMark BurnInTest through 9.1, OSForensic ...)
@@ -19625,7 +19625,7 @@ CVE-2020-15160
 CVE-2020-15159
 	RESERVED
 CVE-2020-15158 (In libIEC61850 before version 1.4.3, when a message with COTP message  ...)
-	TODO: check
+	NOT-FOR-US: libIEC61850
 CVE-2020-15157
 	RESERVED
 CVE-2020-15156
@@ -21092,7 +21092,7 @@ CVE-2020-14500 (Secomea GateManager all versions prior to 9.2c, An attacker can
 CVE-2020-14499 (Advantech iView, versions 5.6 and prior, has an improper access contro ...)
 	NOT-FOR-US: Advantech
 CVE-2020-14498 (HMS Industrial Networks AB eCatcher all versions prior to 6.5.5. The a ...)
-	TODO: check
+	NOT-FOR-US: HMS Industrial Networks AB eCatche
 CVE-2020-14497 (Advantech iView, versions 5.6 and prior, contains multiple SQL injecti ...)
 	NOT-FOR-US: Advantech
 CVE-2020-14496



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c11e684fcfae9ccbf3186d7f92d76f5f531fa59

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c11e684fcfae9ccbf3186d7f92d76f5f531fa59
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200826/1a559ade/attachment.html>

More information about the debian-security-tracker-commits mailing list