[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Mar 12 21:14:18 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d3f6f837 by Salvatore Bonaccorso at 2020-03-12T22:13:51+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2261,7 +2261,7 @@ CVE-2020-9466 (The Export Users to CSV plugin through 1.4.2 for WordPress allows
 CVE-2020-9465 (An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2020-9464 (A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP B ...)
-	TODO: check
+	NOT-FOR-US: BECKHOFF Ethernet TCP/IP Bus Coupler BK9000
 CVE-2020-9463 (Centreon 19.10 allows remote authenticated users to execute arbitrary  ...)
 	- centreon-web <itp> (bug #913903)
 CVE-2020-9462
@@ -2324,9 +2324,9 @@ CVE-2020-9438
 CVE-2020-9437
 	RESERVED
 CVE-2020-9436 (PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G  ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2020-9435 (PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G  ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2020-9434 (openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 cert ...)
 	NOT-FOR-US: lua-openssl (different from lua-luaossl)
 CVE-2020-9433 (openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certi ...)
@@ -7286,9 +7286,9 @@ CVE-2020-7256
 CVE-2020-7255
 	RESERVED
 CVE-2020-7254 (Privilege Escalation vulnerability in the command line interface in Mc ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2020-7253 (Improper access control vulnerability in masvc.exe in McAfee Agent (MA ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2020-7252 (Unquoted service executable path in DXL Broker in McAfee Data eXchange ...)
 	NOT-FOR-US: McAfee
 CVE-2020-7251 (Improper access control vulnerability in Configuration Tool in McAfee  ...)
@@ -8229,7 +8229,7 @@ CVE-2020-6860 (libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar
 CVE-2020-6859 (Multiple Insecure Direct Object Reference vulnerabilities in includes/ ...)
 	NOT-FOR-US: Ultimate Member plugin for WordPress
 CVE-2020-6858 (Hotels Styx through 1.0.0.beta8 allows HTTP response splitting due to  ...)
-	TODO: check
+	NOT-FOR-US: Hotels Styx
 CVE-2020-6857 (CarbonFTP v1.4 uses insecure proprietary password encryption with a ha ...)
 	NOT-FOR-US: CarbonFTP
 CVE-2020-6856 (An XML External Entity (XEE) vulnerability exists in the JOC Cockpit c ...)
@@ -25076,11 +25076,11 @@ CVE-2020-0907
 CVE-2020-0906
 	RESERVED
 CVE-2020-0905 (An remote code execution vulnerability exists in Microsoft Dynamics Bu ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0904
 	RESERVED
 CVE-2020-0903 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Excha ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0902 (An elevation of privilege vulnerability exists in Service Fabric File  ...)
 	TODO: check
 CVE-2020-0901
@@ -25090,21 +25090,21 @@ CVE-2020-0900
 CVE-2020-0899
 	RESERVED
 CVE-2020-0898 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0897 (An elevation of privilege vulnerability exists when the Windows Work F ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0896 (An elevation of privilege vulnerability exists when Windows improperly ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0895
 	RESERVED
 CVE-2020-0894 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0893 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0892 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0891 (This vulnerability is caused when SharePoint Server does not properly  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0890
 	RESERVED
 CVE-2020-0889
@@ -25112,23 +25112,23 @@ CVE-2020-0889
 CVE-2020-0888
 	RESERVED
 CVE-2020-0887 (An elevation of privilege vulnerability exists in Windows when the Win ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0886
 	RESERVED
 CVE-2020-0885 (An information disclosure vulnerability exists when the Windows GDI co ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0884 (A spoofing vulnerability exists in Microsoft Visual Studio as it inclu ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0883 (A remote code execution vulnerability exists in the way that the Windo ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0882 (An information disclosure vulnerability exists when the Windows GDI co ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0881 (A remote code execution vulnerability exists in the way that the Windo ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0880 (An information disclosure vulnerability exists when the Windows GDI co ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0879 (An information disclosure vulnerability exists in the way that the Win ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-0878
 	RESERVED
 CVE-2020-0877 (An elevation of privilege vulnerability exists in Windows when the Win ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3f6f837dccbe8646a2d268d6ce50b38c59ee6af

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3f6f837dccbe8646a2d268d6ce50b38c59ee6af
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200312/1ed90a60/attachment.html>

More information about the debian-security-tracker-commits mailing list