[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Jan 14 20:48:45 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3ba9a5cf by Salvatore Bonaccorso at 2020-01-14T21:47:51+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1860,7 +1860,7 @@ CVE-2020-6175
 CVE-2020-6174
 	RESERVED
 CVE-2020-6173 (TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncontrolle ...)
-	TODO: check
+	NOT-FOR-US: TUF (aka The Update Framework)
 CVE-2020-6172
 	RESERVED
 CVE-2020-6171
@@ -3202,7 +3202,7 @@ CVE-2020-5511 (PHPGurukul Small CRM v2.0 was found vulnerable to authentication
 CVE-2020-5510 (PHPGurukul Hostel Management System v2.0 allows SQL injection via the  ...)
 	NOT-FOR-US: PHPGurukul Hostel Management System
 CVE-2020-5509 (PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Car Rental Project
 CVE-2020-5508
 	RESERVED
 CVE-2019-20355
@@ -3254,7 +3254,7 @@ CVE-2020-5507
 CVE-2020-5506
 	RESERVED
 CVE-2020-5505 (Freelancy v1.0.0 allows remote command execution via the "file":"data: ...)
-	TODO: check
+	NOT-FOR-US: Freelancy
 CVE-2020-5504 (In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists  ...)
 	{DLA-2060-1}
 	- phpmyadmin <unfixed> (bug #948718)
@@ -4134,11 +4134,11 @@ CVE-2020-5197 (An issue was discovered in GitLab Community Edition (CE) and Ente
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/blog/2020/01/02/security-release-gitlab-12-6-2-released/
 CVE-2020-5196 (Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10 ...)
-	TODO: check
+	NOT-FOR-US: Cerberus FTP Server Enterprise Edition
 CVE-2020-5195 (Reflected XSS through an IMG element in Cerberus FTP Server prior to v ...)
 	NOT-FOR-US: Cerberus FTP Server
 CVE-2020-5194 (The zip API endpoint in Cerberus FTP Server 8 allows an authenticated  ...)
-	TODO: check
+	NOT-FOR-US: Cerberus FTP Server
 CVE-2019-20225 (MyBB before 1.8.22 allows an open redirect on login. ...)
 	NOT-FOR-US: MyBB
 CVE-2013-7486 (Cross-site scripting (XSS) vulnerability in the backend in Open-Xchang ...)
@@ -4146,7 +4146,7 @@ CVE-2013-7486 (Cross-site scripting (XSS) vulnerability in the backend in Open-X
 CVE-2013-7485 (Cross-site scripting (XSS) vulnerability in the backend in Open-Xchang ...)
 	NOT-FOR-US: Open-Xchange App Suite
 CVE-2020-5193 (PHPGurukul Hospital Management System in PHP v4.0 suffers from multipl ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Hospital Management System
 CVE-2020-5192 (PHPGurukul Hospital Management System in PHP v4.0 suffers from multipl ...)
 	NOT-FOR-US: PHPGurukul Hospital Management System
 CVE-2020-5191 (PHPGurukul Hospital Management System in PHP v4.0 suffers from multipl ...)
@@ -4172,7 +4172,7 @@ CVE-2020-5182
 CVE-2020-5181
 	RESERVED
 CVE-2020-5180 (Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to se ...)
-	TODO: check
+	NOT-FOR-US: Viscosity on Widnows and macOS
 CVE-2019-20224 (netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows ...)
 	NOT-FOR-US: Pandora FMS
 CVE-2019-20223 (In Support Incident Tracker (SiT!) 3.67, the id parameter is affected  ...)
@@ -12413,7 +12413,7 @@ CVE-2019-19550
 CVE-2019-19549
 	RESERVED
 CVE-2019-19548 (Norton Power Eraser, prior to 5.3.0.67, may be susceptible to a privil ...)
-	TODO: check
+	NOT-FOR-US: Norton
 CVE-2019-19547 (Symantec Endpoint Detection and Response (SEDR), prior to 4.3.0, may b ...)
 	NOT-FOR-US: Symantec
 CVE-2019-19546 (Norton Password Manager, prior to 6.6.2.5, may be susceptible to an in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3ba9a5cf0fd9673debc6e739a8519c31698ddc74

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3ba9a5cf0fd9673debc6e739a8519c31698ddc74
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200114/2853fba2/attachment.html>

More information about the debian-security-tracker-commits mailing list