[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
659fc26d by Moritz Muehlenhoff at 2020-03-30T18:10:32+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7284,7 +7284,7 @@ CVE-2020-7919 (Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/crypto
 	NOTE: https://github.com/golang/go/commit/f938e06d0623d0e1de202575d16f1e126741f6e0 (go1.13.7)
 	TODO: check older versions than golang-1.11
 CVE-2020-7918 (An insecure direct object reference in webmail in totemo totemomail 7. ...)
-	TODO: check
+	NOT-FOR-US: totemo totemomail
 CVE-2020-7917
 	RESERVED
 CVE-2020-7916 (be_teacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 ...)
@@ -11951,7 +11951,7 @@ CVE-2020-5865
 CVE-2020-5864
 	RESERVED
 CVE-2020-5863 (In NGINX Controller versions prior to 3.2.0, an unauthenticated attack ...)
-	TODO: check
+	NOT-FOR-US: NGINX Controller
 CVE-2020-5862 (On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2020-5861 (On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in so ...)
@@ -12575,7 +12575,7 @@ CVE-2020-5553 (mailform version 1.04 allows remote attackers to execute arbitrar
 CVE-2020-5552 (Cross-site scripting vulnerability in mailform version 1.04 allows rem ...)
 	NOT-FOR-US: mailform
 CVE-2020-5551 (Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenti ...)
-	TODO: check
+	NOT-FOR-US: Toyota
 CVE-2020-5550
 	RESERVED
 CVE-2020-5549
@@ -50988,7 +50988,7 @@ CVE-2019-11356 (The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 a
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1717828
 	NOTE: https://github.com/cyrusimap/cyrus-imapd/commit/a5779db8163b99463e25e7c476f9cbba438b65f3
 CVE-2019-11355 (An issue was discovered in Poly (formerly Polycom) HDX 3.1.13. A featu ...)
-	TODO: check
+	NOT-FOR-US: Poly (formerly Polycom) HDX
 CVE-2019-11354 (The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows te ...)
 	NOT-FOR-US: client in Electronic Arts (EA) Origin on Windows
 CVE-2019-11353 (The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker  ...)
@@ -51019,7 +51019,7 @@ CVE-2019-11345 (Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN C
 CVE-2019-11344 (data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute a ...)
 	NOT-FOR-US: Pluck CMS
 CVE-2019-11343 (Torpedo Query before 2.5.3 mishandles the LIKE operator in ConditionBu ...)
-	TODO: check
+	NOT-FOR-US: Torpedo Query
 CVE-2019-11342
 	RESERVED
 CVE-2019-11341 (On certain Samsung P(9.0) phones, an attacker with physical access can ...)
@@ -51686,9 +51686,9 @@ CVE-2019-11076 (Cribl UI 1.5.0 allows remote attackers to run arbitrary commands
 CVE-2019-11075
 	RESERVED
 CVE-2019-11074 (A Write to Arbitrary Location in Disk vulnerability exists in PRTG Net ...)
-	TODO: check
+	NOT-FOR-US: PRTG Network Monitor
 CVE-2019-11073 (A Remote Code Execution vulnerability exists in PRTG Network Monitor b ...)
-	TODO: check
+	NOT-FOR-US: PRTG Network Monitor
 CVE-2019-11072 (** DISPUTED ** lighttpd before 1.4.54 has a signed integer overflow, w ...)
 	- lighttpd 1.4.53-4 (bug #926885)
 	[stretch] - lighttpd <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/659fc26dbaf2ac7aed85ef66f1c6d0d1be2173ca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/659fc26dbaf2ac7aed85ef66f1c6d0d1be2173ca
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200330/4b062ebd/attachment.html>