[Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Jan 22 20:24:16 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
02dadd14 by Salvatore Bonaccorso at 2020-01-22T21:23:50+01:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1955,9 +1955,9 @@ CVE-2020-6962
CVE-2020-6961
RESERVED
CVE-2020-6960 (The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prio ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2020-6959 (The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prio ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2020-6958 (An XXE vulnerability in JnlpSupport in Yet Another Java Service Wrappe ...)
NOT-FOR-US: Yet Another Java Service Wrapper (YAJSW)
CVE-2020-6957
@@ -2164,7 +2164,7 @@ CVE-2020-6859 (Multiple Insecure Direct Object Reference vulnerabilities in incl
CVE-2020-6858
RESERVED
CVE-2020-6857 (CarbonFTP v1.4 uses insecure proprietary password encryption with a ha ...)
- TODO: check
+ NOT-FOR-US: CarbonFTP
CVE-2020-6856
RESERVED
CVE-2020-6855
@@ -5637,7 +5637,7 @@ CVE-2020-5223
CVE-2020-5222
RESERVED
CVE-2020-5221 (In uftpd before 2.11, it is possible for an unauthenticated user to pe ...)
- TODO: check
+ NOT-FOR-US: uftpd
CVE-2020-5220
RESERVED
CVE-2020-5219
@@ -10123,7 +10123,7 @@ CVE-2019-19844 (Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 al
NOTE: https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e (2.2.x branch)
NOTE: https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2 (1.11.x branch)
CVE-2019-19843 (Incorrect access control in the web interface in Ruckus Wireless Unlea ...)
- TODO: check
+ NOT-FOR-US: Ruckus devices
CVE-2019-19842
RESERVED
CVE-2019-19841
@@ -10137,11 +10137,11 @@ CVE-2019-19838
CVE-2019-19837
RESERVED
CVE-2019-19836 (AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200. ...)
- TODO: check
+ NOT-FOR-US: Ruckus devices
CVE-2019-19835
RESERVED
CVE-2019-19834 (Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed throug ...)
- TODO: check
+ NOT-FOR-US: Ruckus devices
CVE-2019-20043 (In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.ph ...)
{DSA-4599-1}
- wordpress 5.3.2+dfsg1-1 (bug #946905)
@@ -14856,7 +14856,7 @@ CVE-2020-1790
CVE-2020-1789
RESERVED
CVE-2020-1788 (Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-1787 (HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1 ...)
NOT-FOR-US: Huawei
CVE-2020-1786 (HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69 ...)
@@ -14977,9 +14977,9 @@ CVE-2019-19416
CVE-2019-19415
RESERVED
CVE-2019-19414 (There is an integer overflow vulnerability in LDAP server of some Huaw ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2019-19413 (There is an integer overflow vulnerability in LDAP client of some Huaw ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2019-19412
RESERVED
CVE-2019-19411 (USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R00 ...)
@@ -15080,7 +15080,7 @@ CVE-2019-19394
CVE-2019-19393
RESERVED
CVE-2019-19392 (The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly Dot ...)
- TODO: check
+ NOT-FOR-US: forDNN.UsersExportImport module for DNN
CVE-2019-19391 (** DISPUTED ** In LuaJIT through 2.0.5, as used in Moonjit before 2.1. ...)
- luajit <unfixed> (bug #946053; unimportant)
NOTE: https://github.com/LuaJIT/LuaJIT/pull/526
@@ -22931,7 +22931,7 @@ CVE-2019-17586
CVE-2019-17585
RESERVED
CVE-2019-17584 (The Meinberg SyncBox/PTP/PTPv2 devices have default SSH keys which all ...)
- TODO: check
+ NOT-FOR-US: Meinberg SyncBox/PTP/PTPv2 devices
CVE-2019-17583 (idreamsoft iCMS 7.0.15 allows remote attackers to cause a denial of se ...)
NOT-FOR-US: idreamsoft iCMS
CVE-2019-17582
@@ -39119,7 +39119,7 @@ CVE-2019-12492 (Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961
CVE-2019-12491 (OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to r ...)
NOT-FOR-US: OnApp
CVE-2019-12490 (An issue was discovered in Simple Machines Forum (SMF) before 2.0.16. ...)
- TODO: check
+ NOT-FOR-US: Simple Machines Forum (SMF)
CVE-2019-12489 (An issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Aske ...)
NOT-FOR-US: Fastweb Askey RTV1907VW devices
CVE-2019-12488
@@ -55511,7 +55511,7 @@ CVE-2019-6860
CVE-2019-6859
RESERVED
CVE-2019-6858 (A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX ...)
- TODO: check
+ NOT-FOR-US: MSX Configurator
CVE-2019-6857 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
NOT-FOR-US: Modicon
CVE-2019-6856 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
@@ -57314,7 +57314,7 @@ CVE-2019-6148
CVE-2019-6147 (Forcepoint NGFW Security Management Center (SMC) versions lower than 6 ...)
NOT-FOR-US: Forcepoint NGFW Security Management Center
CVE-2019-6146 (It has been reported that cross-site scripting (XSS) is possible in Fo ...)
- TODO: check
+ NOT-FOR-US: Forcepoint Web Security
CVE-2019-6145 (Forcepoint VPN Client for Windows versions lower than 6.6.1 have an un ...)
NOT-FOR-US: Forcepoint
CVE-2019-6144 (This vulnerability allows a normal (non-admin) user to disable the For ...)
@@ -58707,7 +58707,7 @@ CVE-2019-5649
CVE-2019-5648
RESERVED
CVE-2019-5647 (The Chrome Plugin for Rapid7 AppSpider can incorrectly keep browser se ...)
- TODO: check
+ NOT-FOR-US: Chrome Plugin for Rapid7 AppSpider
CVE-2019-5646
RESERVED
CVE-2019-5645
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/02dadd140b8c710a1e7e4bb2f00a6cf7b78fb6df
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/02dadd140b8c710a1e7e4bb2f00a6cf7b78fb6df
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200122/b9bd2893/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list