[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Feb 6 20:23:25 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9e3d185e by Salvatore Bonaccorso at 2020-02-06T21:23:00+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -239,7 +239,7 @@ CVE-2020-8659
 CVE-2020-8658 (The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp- ...)
 	NOT-FOR-US: BestWebSoft Htaccess plugin for WordPress
 CVE-2020-8657 (An issue was discovered in EyesOfNetwork 5.3. The installation uses th ...)
-	TODO: check
+	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2020-8656
 	RESERVED
 CVE-2020-8655
@@ -283,7 +283,7 @@ CVE-2020-8638
 CVE-2020-8637
 	RESERVED
 CVE-2020-8636 (An issue was discovered in OpServices OpMon 9.3.2 that allows Remote C ...)
-	TODO: check
+	NOT-FOR-US: OpServices OpMon
 CVE-2020-8635
 	RESERVED
 CVE-2020-8634
@@ -1800,9 +1800,9 @@ CVE-2020-7955 (HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did no
 	NOTE: https://github.com/hashicorp/consul/issues/7160
 	NOTE: Fixed in 1.6.3.
 CVE-2020-7954 (An issue was discovered in OpServices OpMon 9.3.2. Starting from the a ...)
-	TODO: check
+	NOT-FOR-US: OpServices OpMon
 CVE-2020-7953 (An issue was discovered in OpServices OpMon 9.3.2. Without authenticat ...)
-	TODO: check
+	NOT-FOR-US: OpServices OpMon
 CVE-2020-7952 (rendersystemdx9.dll in Valve Dota 2 before 7.23f allows remote attacke ...)
 	NOT-FOR-US: rendersystemdx9.dll in Valve Dota 2
 CVE-2020-7951 (meshsystem.dll in Valve Dota 2 before 7.23e allows remote attackers to ...)
@@ -4419,7 +4419,7 @@ CVE-2020-6769
 CVE-2020-6768
 	RESERVED
 CVE-2020-6767 (A path traversal vulnerability in the Bosch Video Management System (B ...)
-	TODO: check
+	NOT-FOR-US: Bosch
 CVE-2020-6766
 	RESERVED
 CVE-2020-6765
@@ -6678,7 +6678,7 @@ CVE-2020-5722
 CVE-2020-5721
 	RESERVED
 CVE-2020-5720 (MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerab ...)
-	TODO: check
+	NOT-FOR-US: MikroTik WinBox
 CVE-2020-5719
 	RESERVED
 CVE-2020-5718
@@ -12421,7 +12421,7 @@ CVE-2019-19802 (In Gallagher Command Centre Server v8.10 prior to v8.10.1134(MR4
 CVE-2019-19801 (In Gallagher Command Centre Server versions of v8.10 prior to v8.10.11 ...)
 	NOT-FOR-US: Gallagher Command Centre Server
 CVE-2019-19800 (Zoho ManageEngine Applications Manager 14 before 14520 allows a remote ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine Applications Manager
 CVE-2019-19799
 	RESERVED
 CVE-2019-19798
@@ -24958,7 +24958,7 @@ CVE-2019-17654
 CVE-2019-17653
 	RESERVED
 CVE-2019-17652 (A stack buffer overflow vulnerability in FortiClient for Linux 6.2.1 a ...)
-	TODO: check
+	NOT-FOR-US: Fortiguard FortiClient
 CVE-2019-17651 (An Improper Neutralization of Input vulnerability in the description a ...)
 	NOT-FOR-US: FortiSIEM
 CVE-2019-17650 (An Improper Neutralization of Special Elements used in a Command vulne ...)
@@ -29322,7 +29322,7 @@ CVE-2019-16154 (An improper neutralization of input during web page generation i
 CVE-2019-16153 (A hard-coded password vulnerability in the Fortinet FortiSIEM database ...)
 	NOT-FOR-US: Fortinet
 CVE-2019-16152 (A Denial of service (DoS) vulnerability in FortiClient for Linux 6.2.1 ...)
-	TODO: check
+	NOT-FOR-US: Fortiguard FortiClient
 CVE-2019-16151
 	RESERVED
 CVE-2019-16150
@@ -30555,7 +30555,7 @@ CVE-2011-5329 (The redirection plugin before 2.2.9 for WordPress has XSS in the
 CVE-2019-15712 (An improper access control vulnerability in FortiMail admin webUI 6.2. ...)
 	NOT-FOR-US: FortiMail admin webUI
 CVE-2019-15711 (A privilege escalation vulnerability in FortiClient for Linux 6.2.1 an ...)
-	TODO: check
+	NOT-FOR-US: Fortiguard FortiClient
 CVE-2019-15710 (An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, ...)
 	NOT-FOR-US: FortiExtender
 CVE-2019-15709
@@ -41802,7 +41802,7 @@ CVE-2019-12428 [Mandatory External Authentication Provider Sign-In Restrictions
 CVE-2019-12427 (Zimbra Collaboration before 8.8.15 Patch 1 is vulnerable to a non-pers ...)
 	NOT-FOR-US: Zimbra Collaboration
 CVE-2019-12426 (an unauthenticated user could get access to information of some backen ...)
-	TODO: check
+	NOT-FOR-US: Apache OFBiz
 CVE-2019-12425
 	RESERVED
 CVE-2019-12424



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9e3d185ed736dadc70d80fa10af93a4f65fc6e8b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9e3d185ed736dadc70d80fa10af93a4f65fc6e8b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200206/e6246f24/attachment.html>

More information about the debian-security-tracker-commits mailing list