[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Mar 20 22:01:50 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0b8c06f8 by Salvatore Bonaccorso at 2020-03-20T23:01:23+01:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -221,7 +221,7 @@ CVE-2020-10599
 CVE-2020-10598
 	RESERVED
 CVE-2020-10597 (The affected insulin pump is designed to communicate using a wireless  ...)
-	TODO: check
+	NOT-FOR-US: Insulet
 CVE-2020-10596 (OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS atta ...)
 	NOT-FOR-US: OpenCart
 CVE-2018-21037 (Subrion CMS 4.1.5 (and possibly earlier versions) allow CSRF to change ...)
@@ -8366,7 +8366,7 @@ CVE-2020-7008
 CVE-2020-7007
 	RESERVED
 CVE-2020-7006 (Systech Corporation NDS-5000 Terminal Server, NDS/5008 (8 Port, RJ45), ...)
-	TODO: check
+	NOT-FOR-US: Systech Corporation
 CVE-2020-7005
 	RESERVED
 CVE-2020-7004
@@ -16142,7 +16142,7 @@ CVE-2020-3924 (DVR firmware in TAT-76 and TAT-77 series of products, provided by
 CVE-2020-3923 (DVR firmware in TAT-76 and TAT-77 series of products, provided by TONN ...)
 	NOT-FOR-US: DVR firmware in TAT-76 and TAT-77 series
 CVE-2020-3922 (LisoMail, by ArmorX, allows SQL Injections, attackers can access the d ...)
-	TODO: check
+	NOT-FOR-US: LisoMail
 CVE-2020-3921
 	RESERVED
 CVE-2020-3920
@@ -17893,11 +17893,11 @@ CVE-2020-3268
 CVE-2020-3267
 	RESERVED
 CVE-2020-3266 (A vulnerability in the CLI of Cisco SD-WAN Solution software could all ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3265 (A vulnerability in Cisco SD-WAN Solution software could allow an authe ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3264 (A vulnerability in Cisco SD-WAN Solution software could allow an authe ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2020-3263
 	RESERVED
 CVE-2020-3262
@@ -19767,9 +19767,9 @@ CVE-2019-19679 (In "Xray Test Management for Jira" prior to version 3.5.5, remot
 CVE-2019-19678 (In "Xray Test Management for Jira" prior to version 3.5.5, remote auth ...)
 	NOT-FOR-US: Xray Test Management for Jira
 CVE-2019-19677 (arxes-tolina 3.0.0 allows User Enumeration. ...)
-	TODO: check
+	NOT-FOR-US: Arxes Tolina
 CVE-2019-19676 (A CSV injection in arxes-tolina 3.0.0 allows malicious users to gain r ...)
-	TODO: check
+	NOT-FOR-US: Arxes Tolina
 CVE-2019-19675 (In Ivanti Workspace Control before 10.3.180.0. a locally authenticated ...)
 	NOT-FOR-US: Ivanti Workspace Control
 CVE-2019-19674
@@ -19939,13 +19939,13 @@ CVE-2019-19615 (Multiple XSS vulnerabilities exist in the Backup & Restore m
 CVE-2019-19614 (An issue was discovered in Halvotec RAQuest 10.23.10801.0. The login p ...)
 	NOT-FOR-US: Halvotec RAQuest
 CVE-2019-19613 (** DISPUTED ** An issue was discovered in Halvotec RaQuest 10.23.10801 ...)
-	TODO: check
+	NOT-FOR-US: Halvotec RaQuest
 CVE-2019-19612 (** DISPUTED ** An issue was discovered in Halvotec RaQuest 10.23.10801 ...)
-	TODO: check
+	NOT-FOR-US: Halvotec RaQuest
 CVE-2019-19611 (An issue was discovered in Halvotec RaQuest 10.23.10801.0. One of the  ...)
 	NOT-FOR-US: Halvotec RaQuest
 CVE-2019-19610 (** DISPUTED ** An issue was discovered in Halvotec RaQuest 10.23.10801 ...)
-	TODO: check
+	NOT-FOR-US: Halvotec RaQuest
 CVE-2019-19609 (The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Co ...)
 	NOT-FOR-US: Strapi
 CVE-2019-19608 (A SQL injection vulnerability in in the web conferencing component of  ...)
@@ -21638,9 +21638,9 @@ CVE-2020-1881 (NIP6800;Secospace USG6600;USG9500 products with versions of V500R
 CVE-2020-1880
 	RESERVED
 CVE-2020-1879 (There is an improper integrity checking vulnerability on some huawei p ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-1878 (Huawei smartphone OxfordS-AN00A with versions earlier than 10.0.1.152D ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-1877 (NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R0 ...)
 	NOT-FOR-US: Huawei
 CVE-2020-1876 (NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R0 ...)
@@ -21668,11 +21668,11 @@ CVE-2020-1866
 CVE-2020-1865
 	RESERVED
 CVE-2020-1864 (Some Huawei products have a security vulnerability due to improper aut ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-1863 (Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, an ...)
 	NOT-FOR-US: Huawei
 CVE-2020-1862 (There is a double free vulnerability in some Huawei products. A local  ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-1861 (CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700 ...)
 	NOT-FOR-US: Huawei
 CVE-2020-1860 (NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C3 ...)
@@ -21804,13 +21804,13 @@ CVE-2020-1798
 CVE-2020-1797
 	RESERVED
 CVE-2020-1796 (There is an improper authorization vulnerability in several smartphone ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-1795 (There is a logic error vulnerability in several smartphones. The softw ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-1794 (There is an improper authentication vulnerability in several smartphon ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-1793 (There is an improper authentication vulnerability in several smartphon ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-1792 (Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C ...)
 	NOT-FOR-US: Huawei
 CVE-2020-1791 (HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E7 ...)
@@ -21839,7 +21839,7 @@ CVE-2019-19462 (relay_open in kernel/relay.c in the Linux kernel through 5.4.1 a
 	- linux <unfixed>
 	[jessie] - linux <not-affected> (Vulnerability introduced later)
 CVE-2019-19461 (Post-authentication Stored XSS in Team Password Manager through 7.93.2 ...)
-	TODO: check
+	NOT-FOR-US: Team Password Manager
 CVE-2019-19460 (An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product' ...)
 	NOT-FOR-US: SALTO ProAccess SPACE
 CVE-2019-19459 (An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b8c06f80639727b097f579ab11a5ef5583af44e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b8c06f80639727b097f579ab11a5ef5583af44e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200320/75876fe2/attachment.html>

More information about the debian-security-tracker-commits mailing list