[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Nov 17 20:22:25 GMT 2020 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ad9bdde5 by Salvatore Bonaccorso at 2020-11-17T21:22:07+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -445,9 +445,9 @@ CVE-2020-28690
 CVE-2020-28689
 	RESERVED
 CVE-2020-28688 (The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCR ...)
-	TODO: check
+	NOT-FOR-US: Artworks Gallery
 CVE-2020-28687 (The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASC ...)
-	TODO: check
+	NOT-FOR-US: Artworks Gallery
 CVE-2020-28686
 	RESERVED
 CVE-2020-28685
@@ -527,7 +527,7 @@ CVE-2020-28649 (The orbisius-child-theme-creator plugin before 1.5.2 for WordPre
 CVE-2020-28648 (Improper input validation in the Auto-Discovery component of Nagios XI ...)
 	NOT-FOR-US: Nagios XI
 CVE-2020-28647 (In Progress MOVEit Transfer before 2020.1, a malicious user could craf ...)
-	TODO: check
+	NOT-FOR-US: Progress MOVEit Transfer
 CVE-2020-28646
 	RESERVED
 CVE-2020-28645
@@ -4258,21 +4258,21 @@ CVE-2020-28142
 CVE-2020-28141
 	RESERVED
 CVE-2020-28140 (SourceCodester Online Clothing Store 1.0 is affected by an arbitrary f ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Clothing Store
 CVE-2020-28139 (SourceCodester Online Clothing Store 1.0 is affected by a cross-site s ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Clothing Store
 CVE-2020-28138 (SourceCodester Online Clothing Store 1.0 is affected by a SQL Injectio ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Clothing Store
 CVE-2020-28137
 	RESERVED
 CVE-2020-28136 (An Arbitrary File Upload is discovered in SourceCodester Tourism Manag ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Tourism Management System
 CVE-2020-28135
 	RESERVED
 CVE-2020-28134
 	RESERVED
 CVE-2020-28133 (An issue was discovered in SourceCodester Simple Grocery Store Sales A ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Simple Grocery Store Sales And Inventory System
 CVE-2020-28132
 	RESERVED
 CVE-2020-28131
@@ -6139,17 +6139,17 @@ CVE-2020-27560 (ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFr
 CVE-2020-27559
 	RESERVED
 CVE-2020-27558 (Use of an undocumented user in BASETech GE-131 BT-1837836 firmware 201 ...)
-	TODO: check
+	NOT-FOR-US: BASETech
 CVE-2020-27557 (Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT ...)
-	TODO: check
+	NOT-FOR-US: BASETech
 CVE-2020-27556 (A predictable device ID in BASETech GE-131 BT-1837836 firmware 2018092 ...)
-	TODO: check
+	NOT-FOR-US: BASETech
 CVE-2020-27555 (Use of default credentials for the telnet server in BASETech GE-131 BT ...)
-	TODO: check
+	NOT-FOR-US: BASETech
 CVE-2020-27554 (Cleartext Transmission of Sensitive Information vulnerability in BASET ...)
-	TODO: check
+	NOT-FOR-US: BASETech
 CVE-2020-27553 (A directory traversal vulnerability in BASETech GE-131 BT-1837836 firm ...)
-	TODO: check
+	NOT-FOR-US: BASETech
 CVE-2020-27552
 	RESERVED
 CVE-2020-27551
@@ -10082,7 +10082,7 @@ CVE-2020-25748 (A Cleartext Transmission issue was discovered on Rubetek RV-3406
 CVE-2020-25747 (The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (f ...)
 	NOT-FOR-US: Rubetek
 CVE-2020-25746 (QED ResourceXpress Qubi3 devices before 1.40.9 could allow a local att ...)
-	TODO: check
+	NOT-FOR-US: QED ResourceXpress Qubi3 devices
 CVE-2020-25745
 	RESERVED
 CVE-2020-25744 (SaferVPN before 5.0.3.3 on Windows could allow low-privileged users to ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad9bdde59e10fac5d5aef8b2c0f0f38d492beeef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad9bdde59e10fac5d5aef8b2c0f0f38d492beeef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201117/a2352a21/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list