[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Jan 24 20:47:02 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4fd74ece by Salvatore Bonaccorso at 2020-01-24T21:46:38+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1527,7 +1527,7 @@ CVE-2020-7247
 CVE-2020-7246 (A remote code execution (RCE) vulnerability exists in qdPM 9.1 and ear ...)
 	NOT-FOR-US: qdPM
 CVE-2020-7245 (Incorrect username validation in the registration processes of CTFd th ...)
-	TODO: check
+	NOT-FOR-US: CTFd
 CVE-2020-7244 (Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated admi ...)
 	NOT-FOR-US: Comtech Stampede FX-1010 devices
 CVE-2020-7243 (Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated admi ...)
@@ -1582,7 +1582,7 @@ CVE-2020-7228 (The Calculated Fields Form plugin through 1.0.353 for WordPress s
 CVE-2020-7227 (Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosur ...)
 	NOT-FOR-US: Westermo MRD-315 devices
 CVE-2020-7226 (CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and  ...)
-	TODO: check
+	NOT-FOR-US: cryptacular
 CVE-2020-7225
 	RESERVED
 CVE-2020-7224
@@ -2146,17 +2146,17 @@ CVE-2020-6968
 CVE-2020-6967
 	RESERVED
 CVE-2020-6966 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetr ...)
-	TODO: check
+	NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6965 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetr ...)
-	TODO: check
+	NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6964 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetr ...)
-	TODO: check
+	NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6963 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetr ...)
-	TODO: check
+	NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6962 (In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemet ...)
-	TODO: check
+	NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6961 (In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemet ...)
-	TODO: check
+	NOT-FOR-US: ApexPro Telemetry Server
 CVE-2020-6960 (The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prio ...)
 	NOT-FOR-US: Honeywell
 CVE-2020-6959 (The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prio ...)
@@ -13199,9 +13199,9 @@ CVE-2019-19634 (class.upload.php in verot.net class.upload through 1.0.3 and 2.x
 CVE-2019-19633
 	RESERVED
 CVE-2019-19632 (An issue was discovered in Big Switch Big Monitoring Fabric 6.2 throug ...)
-	TODO: check
+	NOT-FOR-US: Big Switch Networks
 CVE-2019-19631 (An issue was discovered in Big Switch Big Monitoring Fabric 6.2 throug ...)
-	TODO: check
+	NOT-FOR-US: Big Switch Networks
 CVE-2019-19630 (HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() ...)
 	{DLA-2026-1}
 	- htmldoc 1.9.7-1 (low)
@@ -15513,7 +15513,7 @@ CVE-2020-1690
 CVE-2019-19364 (A weak malicious user can escalate its privilege whenever CatalystProd ...)
 	NOT-FOR-US: Sony Catalyst Production Suite
 CVE-2019-19363 (An issue was discovered in Ricoh (including Savin and Lanier) Windows  ...)
-	TODO: check
+	NOT-FOR-US: Ricoh
 CVE-2019-19362 (An issue was discovered in the Chat functionality of the TeamViewer de ...)
 	NOT-FOR-US: TeamViewer
 CVE-2019-19361
@@ -270474,7 +270474,7 @@ CVE-2013-3962 (Cross-site scripting (XSS) vulnerability in Grandstream GXV3501,
 CVE-2013-3961 (SQL injection vulnerability in edit_event.php in Simple PHP Agenda bef ...)
 	NOT-FOR-US: Simple PHP Agenda
 CVE-2013-3960 (Easytime Studio Easy File Manager 1.1 has a HTTP request security bypa ...)
-	TODO: check
+	NOT-FOR-US: Easytime Studio Easy File Manager
 CVE-2013-3959 (The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIM ...)
 	NOT-FOR-US: Siemens WinCC
 CVE-2013-3958 (The login implementation in the Web Navigator in Siemens WinCC before  ...)
@@ -277054,15 +277054,15 @@ CVE-2013-1600
 CVE-2013-1599
 	RESERVED
 CVE-2013-1598 (A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras  ...)
-	TODO: check
+	NOT-FOR-US: Vivotek PT7135 IP Cameras
 CVE-2013-1597 (A Directory Traversal vulnerability exists in Vivotek PT7135 IP Camera ...)
-	TODO: check
+	NOT-FOR-US: Vivotek PT7135 IP Cameras
 CVE-2013-1596 (An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Cam ...)
-	TODO: check
+	NOT-FOR-US: Vivotek PT7135 IP Cameras
 CVE-2013-1595 (A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 030 ...)
-	TODO: check
+	NOT-FOR-US: Vivotek PT7135 IP Cameras
 CVE-2013-1594 (An Information Disclosure vulnerability exists via a GET request in Vi ...)
-	TODO: check
+	NOT-FOR-US: Vivotek PT7135 IP Cameras
 CVE-2013-1593 (A Denial of Service vulnerability exists in the WRITE_C function in th ...)
 	NOT-FOR-US: SAP
 CVE-2013-1592 (A Buffer Overflow vulnerability exists in the Message Server service _ ...)
@@ -279718,7 +279718,7 @@ CVE-2012-6454
 CVE-2012-6452 (Axway Secure Messenger before 6.5 Updated Release 7, as used in Axway  ...)
 	NOT-FOR-US: Axway Secure Messenger
 CVE-2012-6451 (Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass ...)
-	TODO: check
+	NOT-FOR-US: Lorex LNC116 and LNC104 IP Cameras
 CVE-2012-6450
 	RESERVED
 CVE-2012-6449
@@ -284184,7 +284184,7 @@ CVE-2012-5390 (The standard universe shadow (condor_shadow.std) component in Con
 	- condor <not-affected> (standard universe is disabled in the Debian package, see bug #697936)
 	NOTE: http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
 CVE-2012-5389 (NULL Pointer Dereference in PowerTCP WebServer for ActiveX 1.9.2 and e ...)
-	TODO: check
+	NOT-FOR-US: PowerTCP WebServer for ActiveX
 CVE-2012-5388 (Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the Wh ...)
 	NOT-FOR-US: White Label CMS
 CVE-2012-5387 (Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4fd74ece8c72e2dd979aab9253ccde7df4c8aa5a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4fd74ece8c72e2dd979aab9253ccde7df4c8aa5a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200124/1e824cd7/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list