[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Thu Jan 9 21:05:00 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6767d893 by Salvatore Bonaccorso at 2020-01-09T22:04:04+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1195,7 +1195,7 @@ CVE-2020-6169
CVE-2020-6168
RESERVED
CVE-2020-6167 (A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2020-6166
RESERVED
CVE-2020-6165
@@ -3007,7 +3007,7 @@ CVE-2020-5310 (libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decodin
CVE-2020-5309
RESERVED
CVE-2020-5308 (PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Dairy Farm Shop Management System
CVE-2020-5307 (PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL ...)
NOT-FOR-US: PHPGurukul Dairy Farm Shop Management System
CVE-2020-5306 (Codoforum 4.8.3 allows XSS via a post using parameters display name, t ...)
@@ -3213,7 +3213,7 @@ CVE-2020-5207
CVE-2020-5206
RESERVED
CVE-2020-5205 (In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plu ...)
- TODO: check
+ NOT-FOR-US: Pow
CVE-2020-5204 (In uftpd before 2.11, there is a buffer overflow vulnerability in hand ...)
NOT-FOR-US: uftpd
CVE-2020-5203
@@ -3496,7 +3496,7 @@ CVE-2020-5181
CVE-2020-5180
RESERVED
CVE-2019-20224 (netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows ...)
- TODO: check
+ NOT-FOR-US: Pandora FMS
CVE-2019-20223 (In Support Incident Tracker (SiT!) 3.67, the id parameter is affected ...)
NOT-FOR-US: Support Incident Tracker
CVE-2019-20222 (In Support Incident Tracker (SiT!) 3.67, the Short Application Name an ...)
@@ -12010,7 +12010,7 @@ CVE-2019-19496 (Alfresco Enterprise before 5.2.5 allows stored XSS via an upload
CVE-2019-19495 (The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable t ...)
NOT-FOR-US: Technicolor
CVE-2019-19494 (Broadcom based cable modems across multiple vendors are vulnerable to ...)
- TODO: check
+ NOT-FOR-US: Broadcom based cable modems
CVE-2019-19493 (Kentico before 12.0.50 allows file uploads in which the Content-Type h ...)
NOT-FOR-US: Kentico
CVE-2019-19492 (FreeSWITCH 1.6.10 through 1.10.1 has a default password in event_socke ...)
@@ -12203,7 +12203,7 @@ CVE-2020-1828
CVE-2020-1827
RESERVED
CVE-2020-1826 (Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.17 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-1825
RESERVED
CVE-2020-1824
@@ -12235,7 +12235,7 @@ CVE-2020-1812
CVE-2020-1811
RESERVED
CVE-2020-1810 (Huawei products CloudEngine 12800, S5700, and S6700 have a weak algori ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-1809
RESERVED
CVE-2020-1808
@@ -12281,9 +12281,9 @@ CVE-2020-1789
CVE-2020-1788
RESERVED
CVE-2020-1787 (HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-1786 (HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-1785 (Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of ser ...)
NOT-FOR-US: Huawei
CVE-2019-19466 (SCEditor 2.1.3 allows XSS. ...)
@@ -28161,11 +28161,11 @@ CVE-2019-14922
CVE-2019-14921
RESERVED
CVE-2019-14920 (Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authe ...)
- TODO: check
+ NOT-FOR-US: Billion Smart Energy Router SG600R2 Firmware
CVE-2019-14919 (An exposed Telnet Service on the Billion Smart Energy Router SG600R2 w ...)
- TODO: check
+ NOT-FOR-US: Billion Smart Energy Router SG600R2 Firmware
CVE-2019-14918 (XSS in the DHCP lease-status table in Billion Smart Energy Router SG60 ...)
- TODO: check
+ NOT-FOR-US: Billion Smart Energy Router SG600R2 Firmware
CVE-2019-14917
RESERVED
CVE-2019-14916 (An issue was discovered in PRiSE adAS 1.7.0. A file's format is not pr ...)
@@ -54022,11 +54022,11 @@ CVE-2019-6334 (HP LaserJet, PageWide, OfficeJet Enterprise, and LaserJet Managed
CVE-2019-6333 (A potential security vulnerability has been identified with certain ve ...)
NOT-FOR-US: HP Touchpoint Analytics
CVE-2019-6332 (A potential security vulnerability has been identified with certain HP ...)
- TODO: check
+ NOT-FOR-US: HP InkJet printers
CVE-2019-6331 (An issue was found in Samsung Mobile Print (Android) versions prior to ...)
TODO: check
CVE-2019-6330 (A potential security vulnerability has been identified in the software ...)
- TODO: check
+ NOT-FOR-US: HP Access Control
CVE-2019-6329 (HP Support Assistant 8.7.50 and earlier allows a user to gain system p ...)
NOT-FOR-US: HP Support Assistant
CVE-2019-6328 (HP Support Assistant 8.7.50 and earlier allows a user to gain system p ...)
@@ -54046,9 +54046,9 @@ CVE-2019-6322 (HP has identified a security vulnerability with some versions of
CVE-2019-6321 (HP has identified a security vulnerability with some versions of Works ...)
NOT-FOR-US: HP
CVE-2019-6320 (Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4 ...)
- TODO: check
+ NOT-FOR-US: HP DeskJet 3630 All-in-One Printers models
CVE-2019-6319 (HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K ...)
- TODO: check
+ NOT-FOR-US: HP DeskJet 3630 All-in-One Printers models
CVE-2019-6318 (HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP L ...)
NOT-FOR-US: HP
CVE-2018-20720 (ABB Relion 630 devices 1.1 before 1.1.0.C0, 1.2 before 1.2.0.B3, and 1 ...)
@@ -248289,7 +248289,7 @@ CVE-2014-3757 (SQL injection vulnerability in sorter.php in the phpManufaktur ki
CVE-2014-3754
RESERVED
CVE-2014-3753 (AgileBits 1Password through 1.0.9.340 allows security feature bypass ...)
- TODO: check
+ NOT-FOR-US: AgileBits 1Password
CVE-2014-3752 (The MiniIcpt.sys driver in G Data TotalProtection 2014 24.0.2.1 and ea ...)
NOT-FOR-US: G Data TotalProtection
CVE-2014-3751
@@ -251626,9 +251626,9 @@ CVE-2014-2653 (The verify_host_key function in sshconnect.c in the client in Ope
CVE-2014-2652 (SQL injection vulnerability in OpenScape Deployment Service (DLS) befo ...)
NOT-FOR-US: OpenScape Deployment Service
CVE-2014-2651 (Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an a ...)
- TODO: check
+ NOT-FOR-US: Unify OpenStage/OpenScape Desk Phone IP SIP
CVE-2014-2650 (Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an ...)
- TODO: check
+ NOT-FOR-US: Unify OpenStage / OpenScape Desk Phone IP
CVE-2014-2649 (Unspecified vulnerability in HP Operations Manager 9.20 on UNIX allows ...)
NOT-FOR-US: HP Operations Manager
CVE-2014-2648 (Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on UN ...)
@@ -264870,7 +264870,7 @@ CVE-2013-4794
CVE-2013-4793 (The update function in umbraco.webservices/templates/templateService.c ...)
NOT-FOR-US: Umbraco
CVE-2011-5266 (Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2 ...)
- TODO: check
+ NOT-FOR-US: Imperva SecureSphere Web Application Firewall (WAF)
CVE-2013-4792
RESERVED
CVE-2013-4791
@@ -279188,13 +279188,13 @@ CVE-2012-6071 (nuSOAP before 0.7.3-5 does not properly check the hostname of a c
CVE-2012-6070 (Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may ...)
- falconpl 0.9.6.9-git20120606-2 (bug #696681)
CVE-2011-5250 (Snare for Linux before 1.7.0 has CSRF in the web interface. ...)
- TODO: check
+ NOT-FOR-US: Snare for Linux
CVE-2011-5249 (Cross-site scripting (XSS) vulnerability in the events page in the Sys ...)
NOT-FOR-US: SNARE
CVE-2011-5248
RESERVED
CVE-2011-5247 (Snare for Linux before 1.7.0 has password disclosure because the rende ...)
- TODO: check
+ NOT-FOR-US: Snare for Linux
CVE-2009-5133
RESERVED
CVE-2012-6069 (Directory traversal vulnerability in the Runtime Toolkit in CODESYS Ru ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6767d893d5928f074b708a53b3bcbe02d451890a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6767d893d5928f074b708a53b3bcbe02d451890a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200109/e6ee50c5/attachment.html>
More information about the debian-security-tracker-commits
mailing list