[Git][security-tracker-team/security-tracker][master] Process more NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
29de7608 by Salvatore Bonaccorso at 2020-11-30T21:23:38+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,11 +5,11 @@ CVE-2020-29394 (A buffer overflow in the dlt_filter_load function in dlt_common.
 CVE-2020-29393
 	RESERVED
 CVE-2020-29392 (The Estil Hill Lock Password Manager Safe app 2.3 for iOS has a *#06#* ...)
-	TODO: check
+	NOT-FOR-US: Estil Hill Lock Password Manager Safe app for iOS
 CVE-2020-29391
 	RESERVED
 CVE-2020-29390 (Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi ...)
-	TODO: check
+	NOT-FOR-US: Zeroshell
 CVE-2020-29389
 	RESERVED
 CVE-2020-29388
@@ -21,7 +21,7 @@ CVE-2020-29386
 CVE-2020-29385
 	RESERVED
 CVE-2020-29384 (An issue was discovered in PNGOUT 2020-01-15. When compressing a craft ...)
-	TODO: check
+	NOT-FOR-US: PNGOUT
 CVE-2020-29383 (An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1. ...)
 	NOT-FOR-US: V-SOL devices
 CVE-2020-29382 (An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 ...)
@@ -93,7 +93,7 @@ CVE-2020-29366
 CVE-2020-29365
 	RESERVED
 CVE-2020-29364 (In NetArt News Lister 1.0.0, the news headlines are vulnerable to stor ...)
-	TODO: check
+	NOT-FOR-US: NetArt News Lister
 CVE-2020-29363
 	RESERVED
 CVE-2020-29362
@@ -7151,9 +7151,9 @@ CVE-2020-27661 [divide by zero in dwc2_handle_packet() in hw/usb/hcd-dwc2.c]
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html
 	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=bea2a9e3e00b275dc40cfa09c760c715b8753e03 (v5.2.0-rc0)
 CVE-2020-27660 (SQL injection vulnerability in request.cgi in Synology SafeAccess befo ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2020-27659 (Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAc ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2020-27658 (Synology Router Manager (SRM) before 1.2.4-8081 does not include the H ...)
 	NOT-FOR-US: Synology Router Manager (SRM)
 CVE-2020-27657 (Cleartext transmission of sensitive information vulnerability in DDNS  ...)
@@ -12061,7 +12061,7 @@ CVE-2020-25539
 CVE-2020-25538 (An authenticated attacker can inject malicious code into "lang" parame ...)
 	NOT-FOR-US: CMSuno
 CVE-2020-25537 (File upload vulnerability exists in UCMS 1.5.0, and the attacker can t ...)
-	TODO: check
+	NOT-FOR-US: UCMS
 CVE-2020-25536
 	RESERVED
 CVE-2020-25535
@@ -27630,7 +27630,7 @@ CVE-2020-17903
 CVE-2020-17902
 	RESERVED
 CVE-2020-17901 (Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers t ...)
-	TODO: check
+	NOT-FOR-US: PbootCMS
 CVE-2020-17900
 	RESERVED
 CVE-2020-17899
@@ -53165,7 +53165,7 @@ CVE-2020-8353 (Prior to August 10, 2020, some Lenovo Desktop and Workstation sys
 CVE-2020-8352 (In some Lenovo Desktop models, the Configuration Change Detection BIOS ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8351 (A privilege escalation vulnerability was reported in Lenovo PCManager  ...)
-	TODO: check
+	NOT-FOR-US: Lenovo PCManager
 CVE-2020-8350 (An authentication bypass vulnerability was reported in Lenovo ThinkPad ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8349 (An internal security review has identified an unauthenticated remote c ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29de76087d29084e49d8be408c7b2ac57ad589ee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29de76087d29084e49d8be408c7b2ac57ad589ee
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201130/0be1ad88/attachment.html>