[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Feb 10 20:18:53 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
240d55e2 by Salvatore Bonaccorso at 2020-02-10T21:18:17+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2020-8832
 CVE-2020-8831
 	RESERVED
 CVE-2019-20451 (The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 ...)
-	TODO: check
+	NOT-FOR-US: Prismview
 CVE-2017-18642
 	RESERVED
 CVE-2020-8830
@@ -29,7 +29,7 @@ CVE-2020-8827
 CVE-2020-8826
 	RESERVED
 CVE-2020-8825 (index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows store ...)
-	TODO: check
+	NOT-FOR-US: Vanilla Forums
 CVE-2020-8824
 	RESERVED
 CVE-2020-8823 (htmlfile in lib/transport/htmlfile.js in SockJS before 3.0 is vulnerab ...)
@@ -11189,13 +11189,13 @@ CVE-2019-20063 (hdf/dataobject.c in libmysofa before 0.8 has an uninitialized us
 	NOTE: https://github.com/hoene/libmysofa/issues/67
 	NOTE: https://github.com/hoene/libmysofa/commit/ecb7b743b6f6d47b93a7bc680a60071a0f9524c6
 CVE-2019-20062 (MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to r ...)
-	TODO: check
+	NOT-FOR-US: MFScripts YetiShare
 CVE-2019-20061 (The user-introduction email in MFScripts YetiShare v3.5.2 through v4.5 ...)
-	TODO: check
+	NOT-FOR-US: MFScripts YetiShare
 CVE-2019-20060 (MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information ...)
-	TODO: check
+	NOT-FOR-US: MFScripts YetiShare
 CVE-2019-20059 (payment_manage.ajax.php and various *_manage.ajax.php in MFScripts Yet ...)
-	TODO: check
+	NOT-FOR-US: MFScripts YetiShare
 CVE-2019-20058 (** DISPUTED ** Bolt 3.7.0, if Symfony Web Profiler is used, allows XSS ...)
 	NOT-FOR-US: Bolt CMS
 CVE-2019-20057 (com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman  ...)
@@ -15243,29 +15243,29 @@ CVE-2019-19672
 CVE-2019-19671
 	RESERVED
 CVE-2019-19670 (A HTTP Response Splitting vulnerability was identified in the Web Sett ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP Server
 CVE-2019-19669 (A CSRF vulnerability exists in the Upload Center Forms Component of We ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP
 CVE-2019-19668 (A CSRF vulnerability exists in the File Types component of Web File Ma ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP
 CVE-2019-19667 (A CSRF vulnerability exists in the Block Clients component of Web File ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP
 CVE-2019-19666 (A CSRF vulnerability exists in the Event Notices Settings of Web File  ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP
 CVE-2019-19665 (A CSRF vulnerability exists in the FTP Settings of Web File Manager in ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP
 CVE-2019-19664 (A CSRF vulnerability exists in the Web Settings of Web File Manager in ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP
 CVE-2019-19663 (A CSRF vulnerability exists in the Folder Sets Settings of Web File Ma ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP
 CVE-2019-19662 (A CSRF vulnerability exists in the Web File Manager's Create/Delete Ac ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP
 CVE-2019-19661 (A Cookie based reflected XSS exists in the Web File Manager of Rumpus  ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP
 CVE-2019-19660 (A CSRF vulnerability exists in the Web File Manager's Network Setting  ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP
 CVE-2019-19659 (A CSRF vulnerability exists in the Web File Manager's Edit Accounts fu ...)
-	TODO: check
+	NOT-FOR-US: Rumpus FTP
 CVE-2019-19658
 	RESERVED
 CVE-2019-19657
@@ -282091,7 +282091,7 @@ CVE-2012-6451 (Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication B
 CVE-2012-6450
 	RESERVED
 CVE-2012-6449 (The clientconf.html and detailbw.html pages in x3 in cPanel & WHM  ...)
-	TODO: check
+	NOT-FOR-US: cPanel
 CVE-2012-6448 (Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 11.34.0 all ...)
 	NOT-FOR-US: cPanel
 CVE-2012-6447 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 5.0.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/240d55e2a204cd4d8aa88aa5299049cdaf88c92f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/240d55e2a204cd4d8aa88aa5299049cdaf88c92f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200210/751b9335/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list