[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Sep 30 21:21:55 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cfc83302 by Salvatore Bonaccorso at 2020-09-30T22:21:36+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2020-26165
 CVE-2020-26164
 	RESERVED
 CVE-2020-26163 (BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Ori ...)
-	TODO: check
+	NOT-FOR-US: BigBlueButton Greenlight
 CVE-2020-26162
 	RESERVED
 CVE-2020-26161
@@ -23,9 +23,9 @@ CVE-2019-20921 (bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS)
 CVE-2019-20920 (Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrar ...)
 	TODO: check
 CVE-2020-26158 (Leanote Desktop through 2.6.2 allows XSS because a note's title is mis ...)
-	TODO: check
+	NOT-FOR-US: Leanote Desktop
 CVE-2020-26157 (Leanote Desktop through 2.6.2 allows XSS because a note's title is mis ...)
-	TODO: check
+	NOT-FOR-US: Leanote Desktop
 CVE-2020-26156
 	RESERVED
 CVE-2020-26155
@@ -37,7 +37,7 @@ CVE-2020-26152
 CVE-2020-26151
 	RESERVED
 CVE-2020-26150 (info.php in Logaritmo Aware CallManager 2012 allows remote attackers t ...)
-	TODO: check
+	NOT-FOR-US: Logaritmo Aware CallManager 2012
 CVE-2020-26149 (NATS nats.js before 2.0.0-209, nats.ws before 1.0.0-111, and nats.deno ...)
 	TODO: check
 CVE-2020-26154 (url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when  ...)
@@ -3194,7 +3194,7 @@ CVE-2020-24723
 CVE-2020-24722
 	RESERVED
 CVE-2020-24721 (An issue was discovered in the GAEN (aka Google Apple Encounter Notifi ...)
-	TODO: check
+	NOT-FOR-US: GAEN (Google Apple Encounter Notification) protocol
 CVE-2020-24720
 	RESERVED
 CVE-2020-24719
@@ -9624,7 +9624,7 @@ CVE-2020-21566
 CVE-2020-21565
 	RESERVED
 CVE-2020-21564 (An issue was discovered in Pluck CMS v4.7.11. There is a file upload v ...)
-	TODO: check
+	NOT-FOR-US: Pluck CMS
 CVE-2020-21563
 	RESERVED
 CVE-2020-21562
@@ -13408,11 +13408,11 @@ CVE-2020-19674
 CVE-2020-19673
 	RESERVED
 CVE-2020-19672 (Niushop B2B2C Multi-business basic version V1.11, can bypass the admin ...)
-	TODO: check
+	NOT-FOR-US: Niushop B2B2C Multi-business basic
 CVE-2020-19671
 	RESERVED
 CVE-2020-19670 (In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication ca ...)
-	TODO: check
+	NOT-FOR-US: Niushop B2B2C Multi-Business Basic Edition
 CVE-2020-19669
 	RESERVED
 CVE-2020-19668
@@ -21311,7 +21311,7 @@ CVE-2020-15851 (Lack of access control in Nakivo Backup & Replication Transp
 CVE-2020-15850 (Insecure permissions in Nakivo Backup & Replication Director versi ...)
 	NOT-FOR-US: Nakivo Backup
 CVE-2020-15849 (Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in t ...)
-	TODO: check
+	NOT-FOR-US: Re:Desk
 CVE-2020-15848
 	RESERVED
 CVE-2020-15847
@@ -21607,7 +21607,7 @@ CVE-2020-15733
 CVE-2020-15732
 	RESERVED
 CVE-2020-15731 (An improper Input Validation vulnerability in the code handling file r ...)
-	TODO: check
+	NOT-FOR-US: Bitdefender
 CVE-2020-15730
 	RESERVED
 CVE-2020-15729
@@ -22345,9 +22345,9 @@ CVE-2020-15490 (An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.1911
 CVE-2020-15489 (An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 dev ...)
 	NOT-FOR-US: Wavlink WL-WN530HG4
 CVE-2020-15488 (Re:Desk 2.3 allows insecure file upload. ...)
-	TODO: check
+	NOT-FOR-US: Re:Desk
 CVE-2020-15487 (Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Re:Desk
 CVE-2020-15486 (An issue was discovered on Dr Trust ECG Pen 2.00.08 devices. Because t ...)
 	NOT-FOR-US: Dr Trust ECG Pen 2.00.08 devices
 CVE-2020-15485 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
@@ -51548,7 +51548,7 @@ CVE-2020-4631 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in n
 CVE-2020-4630
 	RESERVED
 CVE-2020-4629 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4628
 	RESERVED
 CVE-2020-4627



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cfc83302309f17d94576028e832a975bdcb9064d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cfc83302309f17d94576028e832a975bdcb9064d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200930/f6297d7b/attachment.html>

More information about the debian-security-tracker-commits mailing list