[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue, 05 May 2020 13:18:54 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7adeb266 by Salvatore Bonaccorso at 2020-05-05T22:17:51+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2017-18867 (Certain NETGEAR devices are affected by incorrect 
configuration of sec ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2017-18866 (Certain NETGEAR devices are affected by stored XSS. This 
affects R9000 ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2017-18865 (Certain NETGEAR devices are affected by a stack-based buffer 
overflow  ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2017-18864 (Certain NETGEAR devices are affected by a buffer overflow by 
an unauth ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2020-12661
        RESERVED
 CVE-2020-12660
@@ -1263,7 +1263,7 @@ CVE-2020-12105 (OpenConnect through 8.08 mishandles 
negative return values from
        NOTE: Only an issue if building with OpenSSL, where Debian binary 
packages use
        NOTE: GnuTLS.
 CVE-2020-12104 (The Import feature in the wp-advanced-search plugin 3.3.6 for 
WordPres ...)
-       TODO: check
+       NOT-FOR-US: Import feature in the wp-advanced-search plugin for 
WordPress
 CVE-2020-12103 (In Tiny File Manager 2.4.1 there is a vulnerability in the 
ajax file b ...)
        NOT-FOR-US: Tiny File Manager
 CVE-2020-12102 (In Tiny File Manager 2.4.1, there is a Path Traversal 
vulnerability in ...)
@@ -10416,7 +10416,7 @@ CVE-2020-8801 (SuiteCRM through 7.11.11 allows PHAR 
Deserialization. ...)
 CVE-2020-8800 (SuiteCRM through 7.11.11 allows 
EmailsControllerActionGetFromFields PH ...)
        NOT-FOR-US: SuiteCRM
 CVE-2020-8799 (A Stored XSS vulnerability has been found in the administration 
page o ...)
-       TODO: check
+       NOT-FOR-US: administration page of the WTI Like Post plugin for 
WordPress
 CVE-2020-8798 (httpd in Juplink RX4-1500 v1.0.3-v1.0.5 allows remote attackers 
to cha ...)
        NOT-FOR-US: Juplink
 CVE-2020-8797 (Juplink RX4-1500 v1.0.3 allows remote attackers to gain root 
access to ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7adeb2665decdb9c6b39e0ff6fe4386fcb5f3bb7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7adeb2665decdb9c6b39e0ff6fe4386fcb5f3bb7
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to