[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
84280c81 by Salvatore Bonaccorso at 2020-03-11T21:19:11+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,7 +17,7 @@ CVE-2020-10378
 CVE-2020-10377
 	RESERVED
 CVE-2020-10376 (Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Technicolor
 CVE-2020-10375
 	RESERVED
 CVE-2020-10374
@@ -450,7 +450,7 @@ CVE-2020-10183
 CVE-2020-10182
 	RESERVED
 CVE-2020-10181 (goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4. ...)
-	TODO: check
+	NOT-FOR-US: Sumavision Enhanced Multimedia Router
 CVE-2019-20502 (An issue was discovered in EFS Easy Chat Server 3.1. There is a buffer ...)
 	NOT-FOR-US: EFS Easy Chat Server
 CVE-2020-10180 (The ESET AV parsing engine allows virus-detection bypass via a crafted ...)
@@ -4110,7 +4110,7 @@ CVE-2020-8542
 CVE-2020-8541
 	RESERVED
 CVE-2020-8540 (An XML external entity (XXE) vulnerability iin Zoho ManageEngine Deskt ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine Desktop Central
 CVE-2020-8539
 	RESERVED
 CVE-2020-8538
@@ -11688,7 +11688,7 @@ CVE-2020-5205 (In Pow (Hex package) before 1.0.16, the use of Plug.Session in Po
 CVE-2020-5204 (In uftpd before 2.11, there is a buffer overflow vulnerability in hand ...)
 	NOT-FOR-US: uftpd
 CVE-2020-5203 (In Fat-Free Framework 3.7.1, attackers can achieve arbitrary code exec ...)
-	TODO: check
+	NOT-FOR-US: Fat-Free Framework
 CVE-2020-5202 (apt-cacher-ng through 3.3 allows local users to obtain sensitive infor ...)
 	- apt-cacher-ng 3.3.1-1
 	[buster] - apt-cacher-ng <no-dsa> (Minor issue)
@@ -20232,11 +20232,11 @@ CVE-2020-1983
 CVE-2020-1982
 	RESERVED
 CVE-2020-1981 (A predictable temporary filename vulnerability in PAN-OS allows local  ...)
-	TODO: check
+	NOT-FOR-US: PAN-OS
 CVE-2020-1980 (A shell command injection vulnerability in the PAN-OS CLI allows a loc ...)
-	TODO: check
+	NOT-FOR-US: PAN-OS
 CVE-2020-1979 (A format string vulnerability in the PAN-OS log daemon (logd) on Panor ...)
-	TODO: check
+	NOT-FOR-US: PAN-OS
 CVE-2020-1978
 	RESERVED
 CVE-2020-1977 (Insufficient Cross-Site Request Forgery (XSRF) protection on Expeditio ...)
@@ -21291,7 +21291,7 @@ CVE-2019-19383 (freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a c
 CVE-2019-19382 (Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the  ...)
 	NOT-FOR-US: Max Secure Anti Virus Plus
 CVE-2019-19381 (oauth/oauth2/v1/saml/ in Abacus OAuth Login 2019_01_r4_20191021_0000 b ...)
-	TODO: check
+	NOT-FOR-US: Abacus OAuth Login
 CVE-2019-19380
 	RESERVED
 CVE-2019-19379 (In app/Controller/TagsController.php in MISP 2.4.118, users can bypass ...)
@@ -33595,7 +33595,7 @@ CVE-2019-16109 (An issue was discovered in Plataformatec Devise before 4.7.1. It
 CVE-2019-16108
 	RESERVED
 CVE-2019-16107 (Missing form token validation in phpBB 3.2.7 allows CSRF in deleting p ...)
-	TODO: check
+	NOT-FOR-US: phpBB
 CVE-2018-21014 (The buddyboss-media plugin through 3.2.3 for WordPress has stored XSS. ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-21013 (The Swape theme before 1.2.1 for WordPress has incorrect access contro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84280c812c73c666f01135183f024338b36bd452

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84280c812c73c666f01135183f024338b36bd452
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200311/6508b712/attachment.html>