summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-01-30 21:36:03 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2020-01-30 21:36:03 +0100
commitf97c382316af31dcf4e721f326ebf1b1fb3a4d3c (patch)
tree3c8419d84811a395cac3ac23b31f44ec4f40ccf0
parentc5b0ccf0d64c99201e3a8f31c8a5ad9c55c19ae6 (diff)
Process NFUs
-rw-r--r--data/CVE/list42
1 files changed, 21 insertions, 21 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 0d87f68..af0f98c 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -6995,7 +6995,7 @@ CVE-2020-5235
CVE-2020-5234
RESERVED
CVE-2020-5233 (OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentica ...)
- TODO: check
+ NOT-FOR-US: OAuth2 Proxy
CVE-2020-5232
RESERVED
CVE-2020-5231
@@ -10311,7 +10311,7 @@ CVE-2019-20051 (A floating-point exception was discovered in PackLinuxElf::elf_h
- upx-ucl <unfixed> (unimportant)
NOTE: https://github.com/upx/upx/issues/313
CVE-2019-20050 (Pandora FMS &#8804; 7.42 suffers from a remote code execution vulnerab ...)
- TODO: check
+ NOT-FOR-US: Pandora FMS
CVE-2019-20054 (In the Linux kernel before 5.0.6, there is a NULL pointer dereference ...)
- linux 5.2.6-1
[buster] - linux 4.19.67-1
@@ -25320,7 +25320,7 @@ CVE-2019-17275
CVE-2019-17274
RESERVED
CVE-2019-17273 (E-Series SANtricity OS Controller Software version 11.60.0 is suscepti ...)
- TODO: check
+ NOT-FOR-US: E-Series SANtricity OS Controller Software
CVE-2019-17272 (All versions of ONTAP Select Deploy administration utility are suscept ...)
NOT-FOR-US: ONTAP
CVE-2019-17271 (vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList ...)
@@ -54854,11 +54854,11 @@ CVE-2019-7658
CVE-2019-7657
RESERVED
CVE-2019-7656 (A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 a ...)
- TODO: check
+ NOT-FOR-US: Wowza Streaming Engine
CVE-2019-7655 (Wowza Streaming Engine 4.7.7 and 4.7.8 suffers from multiple authentic ...)
- TODO: check
+ NOT-FOR-US: Wowza Streaming Engine
CVE-2019-7654 (Wowza Streaming Engine 4.7.7 and 4.7.8 suffers from multiple CSRF vuln ...)
- TODO: check
+ NOT-FOR-US: Wowza Streaming Engine
CVE-2019-7652 (TheHive Project UnshortenLink analyzer before 1.1, included in Cortex- ...)
NOT-FOR-US: TheHive Project UnshortenLink analyzer
CVE-2019-7651 (EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an at ...)
@@ -244001,11 +244001,11 @@ CVE-2014-7305
CVE-2014-7304
RESERVED
CVE-2014-7303 (SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for cer ...)
- TODO: check
+ NOT-FOR-US: SGI Tempo
CVE-2014-7302 (SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for cer ...)
- TODO: check
+ NOT-FOR-US: SGI Tempo
CVE-2014-7301 (SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for cer ...)
- TODO: check
+ NOT-FOR-US: SGI Tempo
CVE-2014-7299 (Unspecified vulnerability in administrative interfaces in ArubaOS 6.3. ...)
NOT-FOR-US: Aruba ArubaOS
CVE-2014-7298 (adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify ...)
@@ -252562,7 +252562,7 @@ CVE-2014-3721
CVE-2014-3720
RESERVED
CVE-2014-3718 (Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/tag_m.c ...)
- TODO: check
+ NOT-FOR-US: Ex Libris ALEPH 500 (Integrated library management system)
CVE-2014-3713
RESERVED
CVE-2014-3712 (Katello allows remote attackers to cause a denial of service (memory c ...)
@@ -273140,9 +273140,9 @@ CVE-2013-3319 (The GetComputerSystem method in the HostControl service in SAP Ne
CVE-2013-3318
REJECTED
CVE-2013-3317 (Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentica ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2013-3316 (Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentica ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2013-3315 (The server in TIBCO Silver Mobile 1.1.0 does not properly verify acces ...)
NOT-FOR-US: TIBCO
CVE-2013-3314 (The Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) I ...)
@@ -278171,7 +278171,7 @@ CVE-2013-1633 (easy_install in setuptools before 0.7 uses HTTP to retrieve packa
CVE-2013-1632
RESERVED
CVE-2013-1631 (Verax NMS prior to 2.1.0 leaks connection details when any user execut ...)
- TODO: check
+ NOT-FOR-US: Verax NMS
CVE-2013-1630 (pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repos ...)
NOT-FOR-US: pyshop
CVE-2013-1629 (pip before 1.3 uses HTTP to retrieve packages from the PyPI repository ...)
@@ -278242,11 +278242,11 @@ CVE-2013-1605 (Buffer overflow in MayGion IP Cameras with firmware before 2013.0
CVE-2013-1604 (Directory traversal vulnerability in MayGion IP Cameras with firmware ...)
NOT-FOR-US: MayGion IP Cameras
CVE-2013-1603 (An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2013-1602 (An Information Disclosure vulnerability exists due to insufficient val ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2013-1601 (An Information Disclosure vulnerability exists due to a failure to res ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2013-1600 (An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when ...)
NOT-FOR-US: D-Link
CVE-2013-1599 (A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd. ...)
@@ -279063,11 +279063,11 @@ CVE-2013-1354
CVE-2013-1353
RESERVED
CVE-2013-1352 (Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a ...)
- TODO: check
+ NOT-FOR-US: Verax NMS
CVE-2013-1351 (Verax NMS prior to 2.10 allows authentication via the encrypted passwo ...)
- TODO: check
+ NOT-FOR-US: Verax NMS
CVE-2013-1350 (Verax NMS prior to 2.1.0 has multiple security bypass vulnerabilities ...)
- TODO: check
+ NOT-FOR-US: Verax NMS
CVE-2013-1349 (Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 al ...)
NOT-FOR-US: openSIS
CVE-2013-1348 (The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attacke ...)
@@ -280770,7 +280770,7 @@ CVE-2013-0727 (Multiple untrusted search path vulnerabilities in Global Mapper 1
CVE-2013-0726 (Stack-based buffer overflow in the ERM_convert_to_correct_webpath func ...)
NOT-FOR-US: ERDAS ER Viewer
CVE-2013-0725 (ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary c ...)
- TODO: check
+ NOT-FOR-US: ERDAS ER Viewer
CVE-2013-0724 (PHP remote file inclusion vulnerability in includes/generate-pdf.php i ...)
NOT-FOR-US: Wordpress plugin ecommerce Shop Styling
CVE-2013-0723 (Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsh ...)
@@ -282115,7 +282115,7 @@ CVE-2013-0292 (The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-g
- dbus-glib 0.100.1-1 (bug #700638; high)
[squeeze] - dbus-glib 0.88-2.1+squeeze1
CVE-2013-0291 (NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disc ...)
- TODO: check
+ NOT-FOR-US: NextGEN Gallery Plugin for WordPress
CVE-2013-0290 (The __skb_recv_datagram function in net/core/datagram.c in the Linux k ...)
- linux <not-affected> (Introduced in 3.4, fixed in 3.8)
- linux-2.6 <not-affected> (Introduced in 3.4)

© 2014-2020 Faster IT GmbH | imprint | privacy policy