[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Jan 11 20:18:44 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dc1960d6 by Salvatore Bonaccorso at 2021-01-11T21:15:52+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1187,7 +1187,7 @@ CVE-2021-23255
 CVE-2021-23254
 	RESERVED
 CVE-2021-23253 (Opera Mini for Android below 53.1 displays URL left-aligned in the add ...)
-	TODO: check
+	NOT-FOR-US: Opera Mini for Android
 CVE-2021-23252
 	RESERVED
 CVE-2021-23251
@@ -9396,7 +9396,7 @@ CVE-2020-35485
 CVE-2020-35484
 	RESERVED
 CVE-2020-35483 (AnyDesk before 6.1.0 on Windows, when run in portable mode on a system ...)
-	TODO: check
+	NOT-FOR-US: AnyDesk
 CVE-2020-35482
 	RESERVED
 CVE-2020-35481
@@ -20769,19 +20769,19 @@ CVE-2020-27295
 CVE-2020-27294
 	RESERVED
 CVE-2020-27293 (Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a type conf ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics CNCSoft-B
 CVE-2020-27292
 	RESERVED
 CVE-2020-27291 (Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics CNCSoft-B
 CVE-2020-27290
 	RESERVED
 CVE-2020-27289 (Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a null poin ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics CNCSoft-B
 CVE-2020-27288
 	RESERVED
 CVE-2020-27287 (Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics CNCSoft-B
 CVE-2020-27286
 	RESERVED
 CVE-2020-27285 (The default configuration of Crimson 3.1 (Build versions prior to 3119 ...)
@@ -20793,7 +20793,7 @@ CVE-2020-27283 (An attacker could send a specially crafted message to Crimson 3.
 CVE-2020-27282
 	RESERVED
 CVE-2020-27281 (A stack-based buffer overflow may exist in Delta Electronics CNCSoft S ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics CNCSoft ScreenEditor
 CVE-2020-27280
 	RESERVED
 CVE-2020-27279 (A NULL pointer deference vulnerability has been identified in the prot ...)
@@ -20801,11 +20801,11 @@ CVE-2020-27279 (A NULL pointer deference vulnerability has been identified in th
 CVE-2020-27278
 	RESERVED
 CVE-2020-27277 (Delta Electronics DOPSoft Version 4.0.8.21 and prior has a null pointe ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics DOPSoft
 CVE-2020-27276
 	RESERVED
 CVE-2020-27275 (Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics DOPSoft
 CVE-2020-27274
 	RESERVED
 CVE-2020-27273
@@ -28355,7 +28355,7 @@ CVE-2020-24005
 CVE-2020-24004
 	RESERVED
 CVE-2020-24003 (Microsoft Skype through 8.59.0.77 on macOS has the disable-library-val ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Skype on MacOS
 CVE-2020-24002
 	RESERVED
 CVE-2020-24001
@@ -29073,9 +29073,9 @@ CVE-2020-23646
 CVE-2020-23645
 	RESERVED
 CVE-2020-23644 (XSS exists in JIZHICMS 1.7.1 via index.php/Error/index?msg={XSS] to Ho ...)
-	TODO: check
+	NOT-FOR-US: JIZHICMS
 CVE-2020-23643 (XSS exists in JIZHICMS 1.7.1 via index.php/Wechat/checkWeixin?signatur ...)
-	TODO: check
+	NOT-FOR-US: JIZHICMS
 CVE-2020-23642
 	RESERVED
 CVE-2020-23641
@@ -29101,7 +29101,7 @@ CVE-2020-23632
 CVE-2020-23631
 	RESERVED
 CVE-2020-23630 (A blind SQL injection vulnerability exists in zzcms ver201910 based on ...)
-	TODO: check
+	NOT-FOR-US: zzcms
 CVE-2020-23629
 	RESERVED
 CVE-2020-23628
@@ -51602,7 +51602,7 @@ CVE-2020-13561
 CVE-2020-13560 (A use after free vulnerability exists in the JavaScript engine of Foxi ...)
 	NOT-FOR-US: Foxit
 CVE-2020-13559 (A denial-of-service vulnerability exists in the traffic-logging functi ...)
-	TODO: check
+	NOT-FOR-US: FreyrSCADA IEC-60879-5-104 Server Simulator
 CVE-2020-13558
 	RESERVED
 CVE-2020-13557 (A use after free vulnerability exists in the JavaScript engine of Foxi ...)
@@ -75523,7 +75523,7 @@ CVE-2020-4871
 CVE-2020-4870 (IBM MQ 9.2 CD and LTS are vulnerable to a denial of service attack cau ...)
 	NOT-FOR-US: IBM
 CVE-2020-4869 (IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of servi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4868
 	RESERVED
 CVE-2020-4867
@@ -81862,7 +81862,7 @@ CVE-2018-21032 (A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and H
 CVE-2020-2509
 	RESERVED
 CVE-2020-2508 (A command injection vulnerability has been reported to affect QTS and  ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2020-2507
 	RESERVED
 CVE-2020-2506
@@ -167106,7 +167106,7 @@ CVE-2018-11248 (util/FileDownloadUtils.java in FileDownloader 1.7.3 does not che
 CVE-2018-11247 (The JMX/RMI interface in Nasdaq BWise 5.0 does not require authenticat ...)
 	NOT-FOR-US: SAP
 CVE-2018-11246 (K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-11245 (app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex  ...)
 	NOT-FOR-US: MISP
 CVE-2018-11244 (The BBE theme before 1.53 for WordPress allows a direct launch of an H ...)
@@ -167713,17 +167713,17 @@ CVE-2018-11012 (ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd
 CVE-2018-11011 (ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to Front ...)
 	NOT-FOR-US: ruibaby Halo
 CVE-2018-11010 (A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Prem ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-11009 (A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Prem ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-11008 (An Incorrect Access Control issue was discovered in K7Computing K7Anti ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-11007 (A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium  ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-11006 (An Incorrect Access Control issue was discovered in K7Computing K7Anti ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-11005 (A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium  ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-11004 (An issue was discovered in SDcms v1.5. Cross-site request forgery (CSR ...)
 	NOT-FOR-US: SDcms
 CVE-2018-11003 (An issue was discovered in YXcms 1.4.7. Cross-site request forgery (CS ...)
@@ -172132,9 +172132,9 @@ CVE-2018-9335 (The PAN-OS session browser in PAN-OS 6.1.20 and earlier, PAN-OS 7
 CVE-2018-9334 (The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, ...)
 	NOT-FOR-US: PAN-OS
 CVE-2018-9333 (K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buff ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-9332 (K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: In ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-9331 (An issue was discovered in zzcms 8.2. user/adv.php allows remote attac ...)
 	NOT-FOR-US: zzcms
 CVE-2016-10720
@@ -173977,11 +173977,11 @@ CVE-2017-18233 (An issue was discovered in Exempi before 2.4.4. Integer overflow
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102151
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=65a8492832b7335ffabd01f5f64d89dec757c260
 CVE-2018-8726 (K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buff ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-8725 (K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Bu ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-8724 (K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Inco ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2018-8723
 	RESERVED
 CVE-2018-8722 (Zoho ManageEngine Desktop Central version 9.1.0 build 91099 has multip ...)
@@ -175471,7 +175471,7 @@ CVE-2018-8046 (The getTip() method of Action Columns of Sencha Ext JS 4 to 6 bef
 CVE-2018-8045 (In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable ...)
 	NOT-FOR-US: Joomla!
 CVE-2018-8044 (K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Inco ...)
-	TODO: check
+	NOT-FOR-US: K7Computing K7AntiVirus Premium
 CVE-2017-18223 (BMC Remedy AR System before 9.1 SP3, when Remedy AR Authentication is  ...)
 	NOT-FOR-US: BMC Remedy AR System
 CVE-2018-8043 (The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc1960d655a060554e9268acf2d71eccc2a1de5d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc1960d655a060554e9268acf2d71eccc2a1de5d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210111/31c70b15/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list