[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Jan 14 08:46:54 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
112ec5b5 by Salvatore Bonaccorso at 2021-01-14T09:46:33+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21471,15 +21471,15 @@ CVE-2020-27269
 CVE-2020-27268
 	RESERVED
 CVE-2020-27267 (KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, Thin ...)
-	TODO: check
+	NOT-FOR-US: KEPServerEX
 CVE-2020-27266
 	RESERVED
 CVE-2020-27265 (KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, Th ...)
-	TODO: check
+	NOT-FOR-US: KEPServerEX
 CVE-2020-27264
 	RESERVED
 CVE-2020-27263 (KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, Th ...)
-	TODO: check
+	NOT-FOR-US: KEPServerEX
 CVE-2020-27262 (Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7. ...)
 	NOT-FOR-US: Innokas Yhtyma Oy
 CVE-2020-27261
@@ -50690,15 +50690,15 @@ CVE-2020-14104
 CVE-2020-14103
 	RESERVED
 CVE-2020-14102 (There is command injection when ddns processes the hostname, which cau ...)
-	TODO: check
+	NOT-FOR-US: Xiaomi
 CVE-2020-14101 (The data collection SDK of the router web management interface caused  ...)
-	TODO: check
+	NOT-FOR-US: Xiaomi
 CVE-2020-14100 (In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6  ...)
 	NOT-FOR-US: Xiaomi
 CVE-2020-14099
 	RESERVED
 CVE-2020-14098 (The login verification can be bypassed by using the problem that the t ...)
-	TODO: check
+	NOT-FOR-US: Xiaomi
 CVE-2020-14097 (Wrong nginx configuration, causing specific paths to be downloaded wit ...)
 	TODO: check
 CVE-2020-14096 (Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen ...)
@@ -64929,7 +64929,7 @@ CVE-2020-9205
 CVE-2020-9204
 	RESERVED
 CVE-2020-9203 (There is a resource management errors vulnerability in Huawei P30. Loc ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9202 (There is an information disclosure vulnerability in TE Mobile software ...)
 	NOT-FOR-US: TE Mobile
 CVE-2020-9201 (There is an out-of-bounds read vulnerability in some versions of NIP68 ...)
@@ -65045,21 +65045,21 @@ CVE-2020-9147
 CVE-2020-9146
 	RESERVED
 CVE-2020-9145 (There is an Out-of-bounds Write vulnerability in some Huawei smartphon ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9144 (There is a heap overflow vulnerability in some Huawei smartphone, atta ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9143 (There is a missing authentication vulnerability in some Huawei smartph ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9142 (There is a heap base buffer overflow vulnerability in some Huawei smar ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9141 (There is a improper privilege management vulnerability in some Huawei  ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9140 (There is a vulnerability with buffer access with incorrect length valu ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9139 (There is a improper input validation vulnerability in some Huawei Smar ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9138 (There is a heap-based buffer overflow vulnerability in some Huawei Sma ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9137 (There is a privilege escalation vulnerability in some versions of Clou ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9136
@@ -84575,9 +84575,9 @@ CVE-2020-1868
 CVE-2020-1867
 	RESERVED
 CVE-2020-1866 (There is an out-of-bounds read vulnerability in several products. The  ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-1865 (There is an out-of-bounds read vulnerability in Huawei CloudEngine pro ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-1864 (Some Huawei products have a security vulnerability due to improper aut ...)
 	NOT-FOR-US: Huawei
 CVE-2020-1863 (Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, an ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/112ec5b5a4a2b4172015f235f1c43d62ae5dc214

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/112ec5b5a4a2b4172015f235f1c43d62ae5dc214
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210114/e3cbb96e/attachment.html>

More information about the debian-security-tracker-commits mailing list