[Git][security-tracker-team/security-tracker][master] 2 commits: Process more NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Aug 27 21:56:55 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7c530725 by Salvatore Bonaccorso at 2020-08-27T22:56:03+02:00
Process more NFUs

- - - - -
cb32848e by Salvatore Bonaccorso at 2020-08-27T22:56:38+02:00
Merge remote-tracking branch 'origin/master' into master

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,13 +23,13 @@ CVE-2020-24708
 CVE-2020-24707
 	RESERVED
 CVE-2020-24706 (An issue was discovered in certain WSO2 products. The Try It tool allo ...)
-	TODO: check
+	NOT-FOR-US: WSO2
 CVE-2020-24705 (An issue was discovered in certain WSO2 products. A valid Carbon Manag ...)
-	TODO: check
+	NOT-FOR-US: WSO2
 CVE-2020-24704 (An issue was discovered in certain WSO2 products. The Try It tool allo ...)
-	TODO: check
+	NOT-FOR-US: WSO2
 CVE-2020-24703 (An issue was discovered in certain WSO2 products. A valid Carbon Manag ...)
-	TODO: check
+	NOT-FOR-US: WSO2
 CVE-2020-24702
 	RESERVED
 CVE-2020-24701
@@ -1091,7 +1091,7 @@ CVE-2020-24204
 CVE-2020-24203 (Insecure File Permissions and Arbitrary File Upload in the upload pic  ...)
 	TODO: check
 CVE-2020-24202 (File Upload component in Projects World House Rental v1.0 suffers from ...)
-	TODO: check
+	NOT-FOR-US: Projects World House Rental
 CVE-2020-24201
 	RESERVED
 CVE-2020-24200
@@ -1103,7 +1103,7 @@ CVE-2020-24198
 CVE-2020-24197
 	RESERVED
 CVE-2020-24196 (An Arbitrary File Upload in Vehicle Image Upload in Online Bike Rental ...)
-	TODO: check
+	NOT-FOR-US: Online Bike Rental
 CVE-2020-24195
 	RESERVED
 CVE-2020-24194
@@ -1529,29 +1529,29 @@ CVE-2020-23985
 CVE-2020-23984 (Online Hotel Booking System Pro PHP Version 1.3 has Persistent Cross-s ...)
 	TODO: check
 CVE-2020-23983 (Michael-design iChat Realtime PHP Live Support System 1.6 has persiste ...)
-	TODO: check
+	NOT-FOR-US: Michael-design iChat Realtime PHP Live Support System
 CVE-2020-23982 (DesignMasterEvents Conference management 1.0.0 has cross site scriptin ...)
-	TODO: check
+	NOT-FOR-US: DesignMasterEvents Conference management
 CVE-2020-23981 (13enforme CMS 1.0 has Cross Site Scripting via the "content.php" id pa ...)
-	TODO: check
+	NOT-FOR-US: 13enforme CMS
 CVE-2020-23980 (DesignMasterEvents Conference management 1.0.0 allows SQL Injection vi ...)
-	TODO: check
+	NOT-FOR-US: DesignMasterEvents Conference management
 CVE-2020-23979 (13enforme CMS 1.0 has SQL Injection via the 'content.php' id parameter ...)
-	TODO: check
+	NOT-FOR-US: 13enforme CMS
 CVE-2020-23978 (SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the  ...)
-	TODO: check
+	NOT-FOR-US: Soluzione Globale Ecommerce CMS
 CVE-2020-23977 (KandNconcepts Club CMS 1.1 and 1.2 has cross site scripting via the 't ...)
-	TODO: check
+	NOT-FOR-US: KandNconcepts Club CMS
 CVE-2020-23976 (Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection  ...)
-	TODO: check
+	NOT-FOR-US: Webexcels Ecommerce CMS
 CVE-2020-23975 (Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scr ...)
-	TODO: check
+	NOT-FOR-US: Webexcels Ecommerce CMS
 CVE-2020-23974 (Create-Project Manager 1.07 has Multi Persistent Cross-site Scripting  ...)
 	TODO: check
 CVE-2020-23973 (KandNconcepts Club CMS 1.1 and 1.2 has SQL Injection via the 'team.php ...)
-	TODO: check
+	NOT-FOR-US: KandNconcepts Club CMS
 CVE-2020-23972 (In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can  ...)
-	TODO: check
+	NOT-FOR-US: Joomla Component GMapFP
 CVE-2020-23971
 	RESERVED
 CVE-2020-23970
@@ -17350,7 +17350,7 @@ CVE-2020-16144
 CVE-2020-16143 (The seafile-client client 7.0.8 for Seafile is vulnerable to DLL hijac ...)
 	- seafile-client <not-affected> (Windows-specific)
 CVE-2020-16142 (On Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles, the B ...)
-	TODO: check
+	NOT-FOR-US: Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles
 CVE-2020-16141
 	RESERVED
 CVE-2020-16140
@@ -19020,7 +19020,7 @@ CVE-2020-15487
 CVE-2020-15486 (An issue was discovered on Dr Trust ECG Pen 2.00.08 devices. Because t ...)
 	NOT-FOR-US: Dr Trust ECG Pen 2.00.08 devices
 CVE-2020-15485 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
-	TODO: check
+	NOT-FOR-US: Nescomed Multipara Monitor M1000 devices
 CVE-2020-15484 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
 	NOT-FOR-US: Nescomed Multipara Monitor M1000 devices
 CVE-2020-15483 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e1a25dbe8ce26e4e865fc80049fe79295442e9e5...cb32848ecce87acc724ed21950648b530a9da4dc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e1a25dbe8ce26e4e865fc80049fe79295442e9e5...cb32848ecce87acc724ed21950648b530a9da4dc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200827/fde8b46c/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list