[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Mon Apr 12 21:20:22 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0e40551a by Salvatore Bonaccorso at 2021-04-12T22:20:00+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15271,7 +15271,7 @@ CVE-2021-3130 (Within the Open-AudIT up to version 3.5.3 application, the web in
 CVE-2021-3129 (Ignition before 2.5.2, as used in Laravel and other products, allows u ...)
 	NOT-FOR-US: Ignition
 CVE-2021-3128 (In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers  ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2021-23920
 	RESERVED
 CVE-2021-23919
@@ -15466,7 +15466,7 @@ CVE-2021-23836 (An issue was discovered in flatCore before 2.0.0 build 139. A st
 CVE-2021-23835 (An issue was discovered in flatCore before 2.0.0 build 139. A local fi ...)
 	NOT-FOR-US: flatCore CMS
 CVE-2021-3125 (In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 & ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2021-3124 (Stored cross-site scripting (XSS) in form field in robust.systems prod ...)
 	NOT-FOR-US: WordPress Plugin Custom Global Variables
 CVE-2021-3123
@@ -16675,7 +16675,7 @@ CVE-2021-23271 (The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBC
 CVE-2021-3113 (Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote attackers  ...)
 	NOT-FOR-US: Netsia SEBA+
 CVE-2021-23270 (In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur tha ...)
-	TODO: check
+	NOT-FOR-US: Gargoyle OS
 CVE-2021-23269
 	RESERVED
 CVE-2021-23268
@@ -30375,7 +30375,7 @@ CVE-2020-28874 (reset-password.php in ProjectSend before r1295 allows remote att
 CVE-2020-28873 (Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability b ...)
 	NOT-FOR-US: Fluxbb
 CVE-2020-28872 (An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/ ...)
-	TODO: check
+	NOT-FOR-US: Monitorr
 CVE-2020-28871 (Remote code execution in Monitorr v1.7.6m in upload.php allows an unau ...)
 	NOT-FOR-US: Monitorr
 CVE-2020-28870 (In InoERP 0.7.2, an unauthorized attacker can execute arbitrary code o ...)
@@ -44543,7 +44543,7 @@ CVE-2020-24287
 CVE-2020-24286
 	RESERVED
 CVE-2020-24285 (INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to ...)
-	TODO: check
+	NOT-FOR-US: intelbras
 CVE-2020-24284
 	RESERVED
 CVE-2020-24283
@@ -62273,7 +62273,7 @@ CVE-2020-15736
 CVE-2020-15735
 	RESERVED
 CVE-2020-15734 (An Origin Validation Error vulnerability in Bitdefender Safepay allows ...)
-	TODO: check
+	NOT-FOR-US: Bitdefender
 CVE-2020-15733 (An Origin Validation Error vulnerability in the SafePay component of B ...)
 	NOT-FOR-US: Bitdefender Antivirus Plus
 CVE-2020-15732
@@ -63272,7 +63272,7 @@ CVE-2020-15392 (A user enumeration vulnerability flaw was found in Venki Supravi
 CVE-2020-15391 (The UI in DevSpace 4.13.0 allows web sites to execute actions on pods  ...)
 	NOT-FOR-US: DevSpace
 CVE-2020-15390 (pyActivity in Pega Platform 8.4.0.237 has a security misconfiguration  ...)
-	TODO: check
+	NOT-FOR-US: Pega Platform
 CVE-2020-15389 (jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free th ...)
 	{DSA-4882-1 DLA-2277-1}
 	- openjpeg2 2.4.0-1 (bug #965220)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e40551a07bb2dca9be48d4324d19fded889d224

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e40551a07bb2dca9be48d4324d19fded889d224
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210412/2551886a/attachment-0001.htm>
