[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Fri May 15 21:26:15 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
06d38b00 by Salvatore Bonaccorso at 2020-05-15T22:25:40+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2020-13094
RESERVED
CVE-2020-13093 (iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. ...)
- TODO: check
+ NOT-FOR-US: iSpyConnect.com Agent DVR
CVE-2020-13092 (scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute ...)
TODO: check
CVE-2020-13091 (pandas through 1.0.3 can unserialize and execute commands from an untr ...)
@@ -409,7 +409,7 @@ CVE-2020-12891
CVE-2020-12890
RESERVED
CVE-2020-12889 (MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across us ...)
- TODO: check
+ NOT-FOR-US: MISP
CVE-2020-12888 (The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles atte ...)
- linux <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1836244
@@ -520,7 +520,7 @@ CVE-2020-12836
CVE-2020-12835
RESERVED
CVE-2020-12834 (eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 thr ...)
- TODO: check
+ NOT-FOR-US: eQ-3 Homematic Central Control Unit
CVE-2020-12833
RESERVED
CVE-2020-12832 (The simple-file-list plugin before 4.2.8 for WordPress mishandles a .. ...)
@@ -606,7 +606,7 @@ CVE-2020-12800
CVE-2020-12799
RESERVED
CVE-2020-12798 (Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system pol ...)
- TODO: check
+ NOT-FOR-US: Cellebrite UFED
CVE-2020-12797
RESERVED
CVE-2020-12796
@@ -867,7 +867,7 @@ CVE-2020-12687 (An issue was discovered in Serpico before 1.3.3. The /admin/atta
CVE-2020-12686
RESERVED
CVE-2020-12685 (XSS in the admin help system admin/help.html and admin/quicklinks.html ...)
- TODO: check
+ NOT-FOR-US: Interchange
CVE-2020-12684
RESERVED
CVE-2020-12683 (Katyshop2 before 2.12 has multiple stored XSS issues. ...)
@@ -10819,7 +10819,7 @@ CVE-2020-9075
CVE-2020-9074
RESERVED
CVE-2020-9073 (Huawei P20 smartphones with versions earlier than 10.0.0.156(C00E156R1 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9072 (Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a ...)
NOT-FOR-US: Huawei
CVE-2020-9071
@@ -13064,7 +13064,7 @@ CVE-2020-8102
CVE-2020-8101
RESERVED
CVE-2020-8100 (Improper Input Validation vulnerability in the cevakrnl.rv0 module as ...)
- TODO: check
+ NOT-FOR-US: Bitdefender
CVE-2020-8099 (A vulnerability in the improper handling of junctions in Bitdefender A ...)
NOT-FOR-US: Bitdefender Antivirus Free
CVE-2020-8098
@@ -14545,7 +14545,7 @@ CVE-2020-7472
CVE-2019-20390 (A Cross-Site Request Forgery (CSRF) vulnerability was discovered in Su ...)
TODO: check
CVE-2019-20389 (An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configurat ...)
- TODO: check
+ NOT-FOR-US: Subrion CMS
CVE-2019-20388 (xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaV ...)
- libxml2 2.9.10+dfsg-2.1 (bug #949583)
[buster] - libxml2 <no-dsa> (Minor issue)
@@ -29491,7 +29491,7 @@ CVE-2020-1810 (There is a weak algorithm vulnerability in some Huawei products.
CVE-2020-1809
RESERVED
CVE-2020-1808 (Huawei smartphones Honor View 20;Honor 20;Honor 20 PRO;Honor Magic2 wi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-1807 (HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E7 ...)
NOT-FOR-US: Huawei
CVE-2020-1806 (Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00 ...)
@@ -34237,7 +34237,7 @@ CVE-2019-18668 (An issue was discovered in the Currency Switcher addon before 2.
CVE-2019-18667 (/usr/local/www/freeradius_view_config.php in the freeradius3 package b ...)
NOT-FOR-US: FreeBSD specific freeradius_view_config.php in the freeradius3 package
CVE-2019-18666 (An issue was discovered on D-Link DAP-1360 revision F devices. Remote ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2019-18665 (The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion ...)
NOT-FOR-US: SECUDOS DOMOS
CVE-2019-18664 (The Log module in SECUDOS DOMOS before 5.6 allows XSS. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06d38b00f8bfe43e853582d286d2dfc65776d913
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06d38b00f8bfe43e853582d286d2dfc65776d913
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200515/3c81b267/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list