[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Jul 31 07:04:29 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1d337436 by Salvatore Bonaccorso at 2020-07-31T08:04:13+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2020-16165 (The DAO/DTO implementation in SpringBlade through 2.7.1 allows SQL Inj ...)
-	TODO: check
+	NOT-FOR-US: SpringBlade
 CVE-2020-16164 (** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x  ...)
-	TODO: check
+	NOT-FOR-US: RIPE NCC RPKI Validator
 CVE-2020-16163 (** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x  ...)
-	TODO: check
+	NOT-FOR-US: RIPE NCC RPKI Validator
 CVE-2020-16162 (** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x  ...)
-	TODO: check
+	NOT-FOR-US: RIPE NCC RPKI Validator
 CVE-2020-16161
 	RESERVED
 CVE-2020-16160
@@ -430,7 +430,7 @@ CVE-2020-15959
 CVE-2020-15958
 	RESERVED
 CVE-2020-15957 (An issue was discovered in DP3T-Backend-SDK before 1.1.1 for Decentral ...)
-	TODO: check
+	NOT-FOR-US: DP3T-Backend-SDK for Decentralised Privacy-Preserving Proximity Tracing (DP3T)
 CVE-2020-15956
 	RESERVED
 CVE-2020-15955
@@ -4915,7 +4915,7 @@ CVE-2020-14160
 CVE-2020-14159 (By using an Automate API in ConnectWise Automate before 2020.5.178, a  ...)
 	NOT-FOR-US: ConnectWise
 CVE-2020-14158 (The ABUS Secvest FUMO50110 hybrid module does not have any security me ...)
-	TODO: check
+	NOT-FOR-US: ABUS Secvest FUMO50110 hybrid module
 CVE-2020-14157 (The wireless-communication feature of the ABUS Secvest FUBE50001 devic ...)
 	NOT-FOR-US: ABUS
 CVE-2020-14156 (user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020 ...)
@@ -21135,7 +21135,7 @@ CVE-2020-8215 (A buffer overflow is present in canvas version <= 1.6.9, which
 CVE-2020-8214 (A path traversal vulnerability in servey version < 3 allows an atta ...)
 	NOT-FOR-US: servey
 CVE-2020-8213 (An information exposure vulnerability exists in UniFi Protect v1.13.3  ...)
-	TODO: check
+	NOT-FOR-US: UniFi Protect
 CVE-2020-8212
 	RESERVED
 CVE-2020-8211
@@ -22218,11 +22218,11 @@ CVE-2020-7831
 CVE-2020-7830
 	RESERVED
 CVE-2020-7829 (DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vuln ...)
-	TODO: check
+	NOT-FOR-US: DaviewIndy
 CVE-2020-7828 (DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vuln ...)
-	TODO: check
+	NOT-FOR-US: DaviewIndy
 CVE-2020-7827 (DaviewIndy 8.98.7 and earlier version contain Use-After-Free vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: DaviewIndy
 CVE-2020-7826 (EyeSurfer BflyInstallerX.ocx v1.0.0.16 and earlier versions contain a  ...)
 	NOT-FOR-US: EyeSurfer BflyInstallerX.ocx
 CVE-2020-7825 (A vulnerability exists that could allow the execution of operating sys ...)
@@ -23585,7 +23585,7 @@ CVE-2020-7207
 CVE-2020-7206 (HP nagios plugin for iLO (nagios-plugins-hpilo v1.50 and earlier) has  ...)
 	TODO: check
 CVE-2020-7205 (A potential security vulnerability has been identified in HPE Intellig ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2020-7204
 	RESERVED
 CVE-2020-7203
@@ -27255,13 +27255,13 @@ CVE-2020-5765 (Nessus 8.10.0 and earlier were found to contain a Stored XSS vuln
 CVE-2020-5764 (MX Player Android App versions prior to v1.24.5, are vulnerable to a d ...)
 	NOT-FOR-US: MX Player Android App
 CVE-2020-5763 (Grandstream HT800 series firmware version 1.0.17.5 and below contain a ...)
-	TODO: check
+	NOT-FOR-US: Grandstream
 CVE-2020-5762 (Grandstream HT800 series firmware version 1.0.17.5 and below is vulner ...)
-	TODO: check
+	NOT-FOR-US: Grandstream
 CVE-2020-5761 (Grandstream HT800 series firmware version 1.0.17.5 and below is vulner ...)
-	TODO: check
+	NOT-FOR-US: Grandstream
 CVE-2020-5760 (Grandstream HT800 series firmware version 1.0.17.5 and below is vulner ...)
-	TODO: check
+	NOT-FOR-US: Grandstream
 CVE-2020-5759 (Grandstream UCM6200 series firmware version 1.0.20.23 and below is vul ...)
 	NOT-FOR-US: Grandstream
 CVE-2020-5758 (Grandstream UCM6200 series firmware version 1.0.20.23 and below is vul ...)
@@ -27559,9 +27559,9 @@ CVE-2020-5613 (Cross-site scripting vulnerability in KonaWiki 3.1.0 and earlier
 CVE-2020-5612 (Cross-site scripting vulnerability in KonaWiki 2.2.0 and earlier allow ...)
 	TODO: check
 CVE-2020-5611 (Cross-site request forgery (CSRF) vulnerability in Social Sharing Plug ...)
-	TODO: check
+	NOT-FOR-US: Social Sharing Plugin for WordPress
 CVE-2020-5610 (Global TechStream (GTS) for TOYOTA dealers version 15.10.032 and earli ...)
-	TODO: check
+	NOT-FOR-US: Global TechStream (GTS) for TOYOTA dealers
 CVE-2020-5609
 	RESERVED
 CVE-2020-5608
@@ -33025,7 +33025,7 @@ CVE-2020-3673
 CVE-2020-3672
 	RESERVED
 CVE-2020-3671 (Use-after-free issue could occur due to dangling pointer when generati ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2020-3670
 	RESERVED
 CVE-2020-3669
@@ -33745,7 +33745,7 @@ CVE-2020-3454
 CVE-2020-3453
 	RESERVED
 CVE-2020-3452 (A vulnerability in the web services interface of Cisco Adaptive Securi ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3451
 	RESERVED
 CVE-2020-3450 (A vulnerability in the web-based management interface of Cisco Vision  ...)
@@ -34845,7 +34845,7 @@ CVE-2020-2986
 CVE-2020-2985
 	RESERVED
 CVE-2020-2984 (Vulnerability in the Oracle Configuration Manager product of Oracle En ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-2983 (Vulnerability in the Oracle Data Masking and Subsetting product of Ora ...)
 	NOT-FOR-US: Oracle
 CVE-2020-2982 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d337436d9fb8139e7757370a5ec08fe7cfd013c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d337436d9fb8139e7757370a5ec08fe7cfd013c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200731/06b28c85/attachment.html>


More information about the debian-security-tracker-commits mailing list