[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso
carnil at debian.org
Thu Dec 24 21:28:05 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6b81c0b3 by Salvatore Bonaccorso at 2020-12-24T22:27:42+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -61,7 +61,7 @@ CVE-2020-35667
CVE-2020-35666 (Steedos Platform through 1.21.24 allows NoSQL injection because the /a ...)
TODO: check
CVE-2020-35665 (An unauthenticated command-execution vulnerability exists in TerraMast ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-35664
RESERVED
CVE-2020-35663
@@ -73,7 +73,7 @@ CVE-2020-35661
CVE-2020-35660
RESERVED
CVE-2020-35659 (The DNS query log in Pi-hole before 5.2.2 is vulnerable to stored XSS. ...)
- TODO: check
+ NOT-FOR-US: Pi-hole
CVE-2020-35658 (SpamTitan before 7.09 allows attackers to tamper with backups, because ...)
NOT-FOR-US: SpamTitan
CVE-2020-35657 (Jaws through 1.8.0 allows remote authenticated administrators to execu ...)
@@ -7006,7 +7006,7 @@ CVE-2020-29191
CVE-2020-29190
RESERVED
CVE-2020-29189 (Incorrect Access Control vulnerability in TerraMaster TOS <= 4.2.06 ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-29188
RESERVED
CVE-2020-29187
@@ -11827,19 +11827,19 @@ CVE-2020-28192
CVE-2020-28191
RESERVED
CVE-2020-28190 (TerraMaster TOS <= 4.2.06 was found to check for updates (of both s ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28189
REJECTED
CVE-2020-28188 (Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28187 (Multiple directory traversal vulnerabilities in TerraMaster TOS <= ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28186 (Email Injection in TerraMaster TOS <= 4.2.06 allows remote unauthen ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28185 (User Enumeration vulnerability in TerraMaster TOS <= 4.2.06 allows ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28184 (Cross-site scripting (XSS) vulnerability in TerraMaster TOS <= 4.2. ...)
- TODO: check
+ NOT-FOR-US: TerraMaster TOS
CVE-2020-28183 (SQL injection vulnerability in SourceCodester Water Billing System 1.0 ...)
NOT-FOR-US: SourceCodester Water Billing System
CVE-2020-28182
@@ -29614,9 +29614,9 @@ CVE-2020-20279
CVE-2020-20278
RESERVED
CVE-2020-20277 (There are multiple unauthenticated directory traversal vulnerabilities ...)
- TODO: check
+ NOT-FOR-US: uftpd
CVE-2020-20276 (An unauthenticated stack-based buffer overflow vulnerability in common ...)
- TODO: check
+ NOT-FOR-US: uftpd
CVE-2020-20275
RESERVED
CVE-2020-20274
@@ -58154,7 +58154,7 @@ CVE-2020-9121
CVE-2020-9120 (CloudEngine 1800V versions V100R019C10SPC500 has a resource management ...)
TODO: check
CVE-2020-9119 (There is a privilege escalation vulnerability on some Huawei smart pho ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9118
RESERVED
CVE-2020-9117 (HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b81c0b3327a81554a0ce0dfeb3376ccb3c7296b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b81c0b3327a81554a0ce0dfeb3376ccb3c7296b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201224/0ce1dd03/attachment.html>
More information about the debian-security-tracker-commits
mailing list