[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Thu Jan 7 22:50:27 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
38b5358a by Salvatore Bonaccorso at 2021-01-07T23:50:01+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13016,7 +13016,7 @@ CVE-2020-28674
CVE-2020-28673
RESERVED
CVE-2020-28672 (MonoCMS Blog 1.0 is affected by incorrect access control that can lead ...)
- TODO: check
+ NOT-FOR-US: MonoCMS Blog
CVE-2020-28671
RESERVED
CVE-2020-28670
@@ -20703,7 +20703,7 @@ CVE-2020-26775
CVE-2020-26774
RESERVED
CVE-2020-26773 (Restaurant Reservation System 1.0 suffers from an authenticated SQL in ...)
- TODO: check
+ NOT-FOR-US: Restaurant Reservation System
CVE-2020-26772
RESERVED
CVE-2020-26771
@@ -23831,7 +23831,7 @@ CVE-2020-25478
CVE-2020-25477
RESERVED
CVE-2020-25476 (Liferay CMS Portal version 7.1.3 and 7.2.1 have a blind persistent cro ...)
- TODO: check
+ NOT-FOR-US: Liferay CMS Portal
CVE-2020-25475 (SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injectio ...)
NOT-FOR-US: SimplePHPscripts News Script PHP Pro
CVE-2020-25474 (SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site S ...)
@@ -50320,7 +50320,7 @@ CVE-2020-13575
CVE-2020-13574
RESERVED
CVE-2020-13573 (A denial-of-service vulnerability exists in the Ethernet/IP server fun ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation RSLinx Classic
CVE-2020-13572
RESERVED
CVE-2020-13571
@@ -74200,19 +74200,19 @@ CVE-2020-4900 (IBM Business Automation Workflow 19.0.0.3 stores potentially sens
CVE-2020-4899 (IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensit ...)
NOT-FOR-US: IBM
CVE-2020-4898 (IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expec ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4897 (IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4896 (IBM Emptoris Sourcing 10.1.0, 10.1.1, and 10.1.3 is vulnerable to web ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4895 (IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 is ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4894
RESERVED
CVE-2020-4893 (IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 tr ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4892 (IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site sc ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4891
RESERVED
CVE-2020-4890
@@ -134066,21 +134066,21 @@ CVE-2018-1000883 (Elixir Plug Plug version All contains a Header Injection vulne
CVE-2018-20317
RESERVED
CVE-2018-20316 (Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9 ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2018-20315 (Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9 ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2018-20314 (Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9 ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2018-20313 (Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9 ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2018-20312 (Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9 ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2018-20311 (Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9 ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2018-20310 (Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9 ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2018-20309 (Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9 ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2018-20308
RESERVED
CVE-2018-1000882 (WeBid version up to current version 1.2.2 contains a Directory Travers ...)
@@ -143606,7 +143606,7 @@ CVE-2018-19420 (In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads bu
CVE-2018-19419
RESERVED
CVE-2018-19418 (Foxit PDF ActiveX before 5.5.1 allows remote code execution via comman ...)
- TODO: check
+ NOT-FOR-US: Foxit PDF ActiveX
CVE-2018-19417 (An issue was discovered in the MQTT server in Contiki-NG before 4.2. T ...)
NOT-FOR-US: Contiki-NG
CVE-2018-19517 (An issue was discovered in sysstat 12.1.1. The remap_struct function i ...)
@@ -145860,9 +145860,9 @@ CVE-2018-18690 (In the Linux kernel before 4.17, a local attacker able to set at
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1105025
NOTE: https://git.kernel.org/linus/7b38460dc8e4eafba06c78f8e37099d3b34d473c
CVE-2018-18689 (The Portable Document Format (PDF) specification does not provide any ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2018-18688 (The Portable Document Format (PDF) specification does not provide any ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2018-18687
RESERVED
CVE-2018-18686
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38b5358a8ccde21fa8bb666f82f7ae5e18996aaf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38b5358a8ccde21fa8bb666f82f7ae5e18996aaf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210107/22fcc25a/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list