summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-01-30 21:36:03 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2020-01-30 21:36:03 +0100
commit1d5f383fb16ddb137e8d118d931e482cc205e053 (patch)
treebfeeb85bcc131562e72e2d6301fda16a5e05b699
parent6f71362da8b403e5a91c0f4f3c1cd25f24c9f2c5 (diff)
Process NFUs
-rw-r--r--data/CVE/2013.list22
-rw-r--r--data/CVE/2014.list8
-rw-r--r--data/CVE/2019.list10
-rw-r--r--data/CVE/2020.list2
4 files changed, 21 insertions, 21 deletions
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index 3033d92545..398626fa4c 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -10880,9 +10880,9 @@ CVE-2013-3319 (The GetComputerSystem method in the HostControl service in SAP Ne
CVE-2013-3318
REJECTED
CVE-2013-3317 (Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentica ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2013-3316 (Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentica ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2013-3315 (The server in TIBCO Silver Mobile 1.1.0 does not properly verify acces ...)
NOT-FOR-US: TIBCO
CVE-2013-3314 (The Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) I ...)
@@ -15798,7 +15798,7 @@ CVE-2013-1633 (easy_install in setuptools before 0.7 uses HTTP to retrieve packa
CVE-2013-1632
RESERVED
CVE-2013-1631 (Verax NMS prior to 2.1.0 leaks connection details when any user execut ...)
- TODO: check
+ NOT-FOR-US: Verax NMS
CVE-2013-1630 (pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repos ...)
NOT-FOR-US: pyshop
CVE-2013-1629 (pip before 1.3 uses HTTP to retrieve packages from the PyPI repository ...)
@@ -15869,11 +15869,11 @@ CVE-2013-1605 (Buffer overflow in MayGion IP Cameras with firmware before 2013.0
CVE-2013-1604 (Directory traversal vulnerability in MayGion IP Cameras with firmware ...)
NOT-FOR-US: MayGion IP Cameras
CVE-2013-1603 (An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2013-1602 (An Information Disclosure vulnerability exists due to insufficient val ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2013-1601 (An Information Disclosure vulnerability exists due to a failure to res ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2013-1600 (An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when ...)
NOT-FOR-US: D-Link
CVE-2013-1599 (A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd. ...)
@@ -16613,11 +16613,11 @@ CVE-2013-1354
CVE-2013-1353
RESERVED
CVE-2013-1352 (Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a ...)
- TODO: check
+ NOT-FOR-US: Verax NMS
CVE-2013-1351 (Verax NMS prior to 2.10 allows authentication via the encrypted passwo ...)
- TODO: check
+ NOT-FOR-US: Verax NMS
CVE-2013-1350 (Verax NMS prior to 2.1.0 has multiple security bypass vulnerabilities ...)
- TODO: check
+ NOT-FOR-US: Verax NMS
CVE-2013-1349 (Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 al ...)
NOT-FOR-US: openSIS
CVE-2013-1348 (The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attacke ...)
@@ -18292,7 +18292,7 @@ CVE-2013-0727 (Multiple untrusted search path vulnerabilities in Global Mapper 1
CVE-2013-0726 (Stack-based buffer overflow in the ERM_convert_to_correct_webpath func ...)
NOT-FOR-US: ERDAS ER Viewer
CVE-2013-0725 (ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary c ...)
- TODO: check
+ NOT-FOR-US: ERDAS ER Viewer
CVE-2013-0724 (PHP remote file inclusion vulnerability in includes/generate-pdf.php i ...)
NOT-FOR-US: Wordpress plugin ecommerce Shop Styling
CVE-2013-0723 (Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsh ...)
@@ -19281,7 +19281,7 @@ CVE-2013-0292 (The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-g
- dbus-glib 0.100.1-1 (bug #700638; high)
[squeeze] - dbus-glib 0.88-2.1+squeeze1
CVE-2013-0291 (NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disc ...)
- TODO: check
+ NOT-FOR-US: NextGEN Gallery Plugin for WordPress
CVE-2013-0290 (The __skb_recv_datagram function in net/core/datagram.c in the Linux k ...)
- linux <not-affected> (Introduced in 3.4, fixed in 3.8)
- linux-2.6 <not-affected> (Introduced in 3.4)
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index dd1f2bb90f..31788a25fc 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -8674,11 +8674,11 @@ CVE-2014-7305
CVE-2014-7304
RESERVED
CVE-2014-7303 (SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for cer ...)
- TODO: check
+ NOT-FOR-US: SGI Tempo
CVE-2014-7302 (SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for cer ...)
- TODO: check
+ NOT-FOR-US: SGI Tempo
CVE-2014-7301 (SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for cer ...)
- TODO: check
+ NOT-FOR-US: SGI Tempo
CVE-2014-7299 (Unspecified vulnerability in administrative interfaces in ArubaOS 6.3. ...)
NOT-FOR-US: Aruba ArubaOS
CVE-2014-7298 (adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify ...)
@@ -17070,7 +17070,7 @@ CVE-2014-3721
CVE-2014-3720
RESERVED
CVE-2014-3718 (Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/tag_m.c ...)
- TODO: check
+ NOT-FOR-US: Ex Libris ALEPH 500 (Integrated library management system)
CVE-2014-3713
RESERVED
CVE-2014-3712 (Katello allows remote attackers to cause a denial of service (memory c ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 857a821e73..2abfcd14c2 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -985,7 +985,7 @@ CVE-2019-20051 (A floating-point exception was discovered in PackLinuxElf::elf_h
- upx-ucl <unfixed> (unimportant)
NOTE: https://github.com/upx/upx/issues/313
CVE-2019-20050 (Pandora FMS &#8804; 7.42 suffers from a remote code execution vulnerab ...)
- TODO: check
+ NOT-FOR-US: Pandora FMS
CVE-2019-20054 (In the Linux kernel before 5.0.6, there is a NULL pointer dereference ...)
- linux 5.2.6-1
[buster] - linux 4.19.67-1
@@ -7764,7 +7764,7 @@ CVE-2019-17275
CVE-2019-17274
RESERVED
CVE-2019-17273 (E-Series SANtricity OS Controller Software version 11.60.0 is suscepti ...)
- TODO: check
+ NOT-FOR-US: E-Series SANtricity OS Controller Software
CVE-2019-17272 (All versions of ONTAP Select Deploy administration utility are suscept ...)
NOT-FOR-US: ONTAP
CVE-2019-17271 (vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList ...)
@@ -33940,11 +33940,11 @@ CVE-2019-7658
CVE-2019-7657
RESERVED
CVE-2019-7656 (A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 a ...)
- TODO: check
+ NOT-FOR-US: Wowza Streaming Engine
CVE-2019-7655 (Wowza Streaming Engine 4.7.7 and 4.7.8 suffers from multiple authentic ...)
- TODO: check
+ NOT-FOR-US: Wowza Streaming Engine
CVE-2019-7654 (Wowza Streaming Engine 4.7.7 and 4.7.8 suffers from multiple CSRF vuln ...)
- TODO: check
+ NOT-FOR-US: Wowza Streaming Engine
CVE-2019-7652 (TheHive Project UnshortenLink analyzer before 1.1, included in Cortex- ...)
NOT-FOR-US: TheHive Project UnshortenLink analyzer
CVE-2019-7651 (EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an at ...)
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 8a0980851e..2973c16d23 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -6689,7 +6689,7 @@ CVE-2020-5235
CVE-2020-5234
RESERVED
CVE-2020-5233 (OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentica ...)
- TODO: check
+ NOT-FOR-US: OAuth2 Proxy
CVE-2020-5232
RESERVED
CVE-2020-5231

© 2014-2024 Faster IT GmbH | imprint | privacy policy