[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Dec 1 20:29:36 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2a5a9894 by Salvatore Bonaccorso at 2020-12-01T21:29:14+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -307,7 +307,7 @@ CVE-2020-29317
 CVE-2020-29316
 	RESERVED
 CVE-2020-29315 (ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows r ...)
-	TODO: check
+	NOT-FOR-US: ThinkAdmin
 CVE-2020-29314
 	RESERVED
 CVE-2020-29313
@@ -969,7 +969,7 @@ CVE-2020-28995
 CVE-2020-28994 (A SQL injection vulnerability was discovered in Karenderia Multiple Re ...)
 	NOT-FOR-US: Karenderia Multiple Restaurant System
 CVE-2020-28993 (A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadba ...)
-	TODO: check
+	NOT-FOR-US: ATX miniCMTS200a Broadband Gateway
 CVE-2020-28992
 	RESERVED
 CVE-2020-28991 (Gitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a git proto ...)
@@ -1024,9 +1024,9 @@ CVE-2020-XXXX [RUSTSEC-2020-0070: lock_api: Some lock_api lock guard objects can
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0070.html
 	NOTE: https://github.com/Amanieu/parking_lot/pull/262
 CVE-2020-28971 (An issue was discovered on Western Digital My Cloud OS 5 devices befor ...)
-	TODO: check
+	NOT-FOR-US: Western Digital My Cloud OS 5 devices
 CVE-2020-28970 (An issue was discovered on Western Digital My Cloud OS 5 devices befor ...)
-	TODO: check
+	NOT-FOR-US: Western Digital My Cloud OS 5 devices
 CVE-2020-28969
 	RESERVED
 CVE-2020-28968
@@ -1098,7 +1098,7 @@ CVE-2020-28941 (An issue was discovered in drivers/accessibility/speakup/spk_tty
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/11/19/3
 CVE-2020-28940 (On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admi ...)
-	TODO: check
+	NOT-FOR-US: Western Digital My Cloud OS 5 devices
 CVE-2020-28939
 	RESERVED
 CVE-2020-28938
@@ -9259,7 +9259,7 @@ CVE-2020-26764
 CVE-2020-26763
 	RESERVED
 CVE-2020-26762 (A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3. ...)
-	TODO: check
+	NOT-FOR-US: Edimax IP-Camera
 CVE-2020-26761
 	RESERVED
 CVE-2020-26760
@@ -12983,7 +12983,7 @@ CVE-2020-25183
 CVE-2020-25182
 	RESERVED
 CVE-2020-25181 (WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer over ...)
-	TODO: check
+	NOT-FOR-US: WECON PLC Editor
 CVE-2020-25180
 	RESERVED
 CVE-2020-25179
@@ -12991,7 +12991,7 @@ CVE-2020-25179
 CVE-2020-25178
 	RESERVED
 CVE-2020-25177 (WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer ove ...)
-	TODO: check
+	NOT-FOR-US: WECON PLC Editor
 CVE-2020-25176
 	RESERVED
 CVE-2020-25175
@@ -52857,7 +52857,7 @@ CVE-2020-8541 (OX App Suite through 7.10.3 allows XXE attacks. ...)
 CVE-2020-8540 (An XML external entity (XXE) vulnerability in Zoho ManageEngine Deskto ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
 CVE-2020-8539 (Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.00 ...)
-	TODO: check
+	NOT-FOR-US: Kia Motors Head Unit with Software
 CVE-2020-8538
 	RESERVED
 CVE-2020-8537
@@ -55819,7 +55819,7 @@ CVE-2020-7337
 CVE-2020-7336
 	RESERVED
 CVE-2020-7335 (Privilege Escalation vulnerability in Microsoft Windows client McAfee  ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2020-7334 (Improper privilege assignment vulnerability in the installer McAfee Ap ...)
 	NOT-FOR-US: McAfee
 CVE-2020-7333 (Cross site scripting vulnerability in the firewall ePO extension of Mc ...)
@@ -56927,7 +56927,7 @@ CVE-2020-6882
 CVE-2020-6881
 	RESERVED
 CVE-2020-6880 (A ZXELINK wireless controller has a SQL injection vulnerability. A rem ...)
-	TODO: check
+	NOT-FOR-US: ZXELINK
 CVE-2020-6879 (Some ZTE devices have input verification vulnerabilities. The devices  ...)
 	NOT-FOR-US: ZTE
 CVE-2020-6878
@@ -63856,7 +63856,7 @@ CVE-2020-4130
 CVE-2020-4129 (HCL Domino is susceptible to a lockout policy bypass vulnerability in  ...)
 	NOT-FOR-US: HCL Domino
 CVE-2020-4128 (HCL Domino is susceptible to a lockout policy bypass vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: HCL Domino
 CVE-2020-4127 (HCL Domino is susceptible to a Login CSRF vulnerability. With a valid  ...)
 	NOT-FOR-US: HCL Domino
 CVE-2020-4126 (HCL iNotes is susceptible to a sensitive cookie exposure vulnerability ...)
@@ -81277,7 +81277,7 @@ CVE-2019-16960
 CVE-2019-16959
 	RESERVED
 CVE-2019-16958 (Cross-site Scripting (XSS) vulnerability in SolarWinds Web Help Desk 1 ...)
-	TODO: check
+	NOT-FOR-US:  SolarWinds Web Help Desk
 CVE-2019-16957
 	RESERVED
 CVE-2019-16956



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a5a9894d663998ea7e9a25b64e9908a109717d4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a5a9894d663998ea7e9a25b64e9908a109717d4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201201/ebfc39ad/attachment.html>

More information about the debian-security-tracker-commits mailing list