[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
94ec2326 by Salvatore Bonaccorso at 2020-09-15T22:34:58+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1100,7 +1100,7 @@ CVE-2020-25074
 CVE-2020-25072
 	RESERVED
 CVE-2020-25071 (Nifty Project Management Web Application 2020-08-26 allows XSS, via Ad ...)
-	TODO: check
+	NOT-FOR-US: Nifty Project Management Web Application
 CVE-2020-25070 (USVN (aka User-friendly SVN) before 1.0.10 allows CSRF, related to the ...)
 	NOT-FOR-US: User-friendly SVN
 CVE-2020-25069 (USVN (aka User-friendly SVN) before 1.0.10 allows attackers to execute ...)
@@ -4348,7 +4348,7 @@ CVE-2020-23514
 CVE-2020-23513
 	RESERVED
 CVE-2020-23512 (VR CAM P1 Model P1 v1 has an incorrect access control vulnerability wh ...)
-	TODO: check
+	NOT-FOR-US: VR CAM P1 Model P1
 CVE-2020-23511
 	RESERVED
 CVE-2020-23510
@@ -4470,7 +4470,7 @@ CVE-2020-23453
 CVE-2020-23452
 	RESERVED
 CVE-2020-23451 (Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead  ...)
-	TODO: check
+	NOT-FOR-US: Spiceworks
 CVE-2020-23450 (Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed  ...)
 	NOT-FOR-US: Spiceworks
 CVE-2020-23449
@@ -19336,17 +19336,17 @@ CVE-2020-16103
 CVE-2020-16102
 	RESERVED
 CVE-2020-16101 (It is possible for an unauthenticated remote DCOM websocket connection ...)
-	TODO: check
+	NOT-FOR-US: Gallagher Command Centre Server
 CVE-2020-16100 (It is possible for an unauthenticated remote DCOM websocket connection ...)
-	TODO: check
+	NOT-FOR-US: Gallagher Command Centre Server
 CVE-2020-16099 (In Gallagher Command Centre v8.20 prior to v8.20.1093(MR2) it is possi ...)
-	TODO: check
+	NOT-FOR-US: Gallagher Command Centre Server
 CVE-2020-16098 (It is possible to enumerate access card credentials via an unauthentic ...)
-	TODO: check
+	NOT-FOR-US: Gallagher Command Centre Server
 CVE-2020-16097 (On controllers running versions of v8.20 prior to vCR8.20.200221b (dis ...)
-	TODO: check
+	NOT-FOR-US: Gallagher Command Centre Server
 CVE-2020-16096 (In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.0 ...)
-	TODO: check
+	NOT-FOR-US: Gallagher Command Centre Server
 CVE-2020-16095 (The dlf (aka Kitodo.Presentation) extension before 3.1.2 for TYPO3 all ...)
 	NOT-FOR-US: dlf for TYPO3
 CVE-2020-16094 (In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious  ...)
@@ -21604,7 +21604,7 @@ CVE-2020-15180
 CVE-2020-15179 (The ScratchSig extension for MediaWiki before version 1.0.1 allows sto ...)
 	TODO: check
 CVE-2020-15178 (In PrestaShop contactform module (prestashop/contactform) before versi ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2020-15177
 	RESERVED
 CVE-2020-15176
@@ -40605,7 +40605,7 @@ CVE-2020-8348
 CVE-2020-8347
 	RESERVED
 CVE-2020-8346 (A denial of service vulnerability was reported in the Lenovo Vantage c ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2020-8345
 	RESERVED
 CVE-2020-8344
@@ -40613,7 +40613,7 @@ CVE-2020-8344
 CVE-2020-8343
 	RESERVED
 CVE-2020-8342 (A race condition vulnerability was reported in Lenovo System Update pr ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2020-8341 (In Lenovo systems, SMM BIOS Write Protection is used to prevent writes ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8340 (A cross-site scripting (XSS) vulnerability was discovered in the legac ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94ec23265447127eea6e7be02c857186de44da9d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94ec23265447127eea6e7be02c857186de44da9d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200915/18e692bb/attachment.html>