From 1f5729ee5389eaa65e5bd62b70ae23393634cf2c Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sun, 9 Aug 2020 10:30:39 +0200 Subject: Process some NFUs --- data/CVE/list | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index af50dfef14..7509955160 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -192,7 +192,7 @@ CVE-2020-17353 (scm/define-stencil-commands.scm in LilyPond through 2.20.0, and - lilypond NOTE: http://git.savannah.gnu.org/gitweb/?p=lilypond.git;a=commit;h=b84ea4740f3279516905c5db05f4074e777c16ff CVE-2020-17352 (Two OS command injection vulnerabilities in the User Portal of Sophos ...) - TODO: check + NOT-FOR-US: Sophos CVE-2020-17351 RESERVED CVE-2020-17350 @@ -3333,35 +3333,35 @@ CVE-2020-15833 CVE-2020-15832 RESERVED CVE-2020-15831 (JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in t ...) - TODO: check + NOT-FOR-US: JetBrains TeamCity CVE-2020-15830 (JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the ...) - TODO: check + NOT-FOR-US: JetBrains TeamCity CVE-2020-15829 (In JetBrains TeamCity before 2019.2.3, password parameters could be di ...) - TODO: check + NOT-FOR-US: JetBrains TeamCity CVE-2020-15828 (In JetBrains TeamCity before 2020.1.1, project parameter values can be ...) - TODO: check + NOT-FOR-US: JetBrains TeamCity CVE-2020-15827 (In JetBrains ToolBox version 1.17 before 1.17.6856, the set of signatu ...) - TODO: check + NOT-FOR-US: JetBrains ToolBox CVE-2020-15826 (In JetBrains TeamCity before 2020.1, users are able to assign more per ...) - TODO: check + NOT-FOR-US: JetBrains TeamCity CVE-2020-15825 (In JetBrains TeamCity before 2020.1, users with the Modify Group permi ...) - TODO: check + NOT-FOR-US: JetBrains TeamCity CVE-2020-15824 (In JetBrains Kotlin before 1.4.0, there is a script-cache privilege es ...) - TODO: check + NOT-FOR-US: JetBrains Kotlin CVE-2020-15823 (JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Wor ...) - TODO: check + NOT-FOR-US: JetBrains YouTrack CVE-2020-15822 RESERVED CVE-2020-15821 (In JetBrains YouTrack before 2020.2.6881, a user without permission is ...) - TODO: check + NOT-FOR-US: JetBrains YouTrack CVE-2020-15820 (In JetBrains YouTrack before 2020.2.6881, the markdown parser could di ...) - TODO: check + NOT-FOR-US: JetBrains YouTrack CVE-2020-15819 (JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that all ...) - TODO: check + NOT-FOR-US: JetBrains YouTrack CVE-2020-15818 (In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could ...) - TODO: check + NOT-FOR-US: JetBrains YouTrack CVE-2020-15817 (In JetBrains YouTrack before 2020.1.1331, an external user could execu ...) - TODO: check + NOT-FOR-US: JetBrains YouTrack CVE-2020-15862 [privilege escalation] RESERVED {DLA-2299-1} @@ -38805,7 +38805,7 @@ CVE-2019-19706 CVE-2019-19705 RESERVED CVE-2019-19704 (In JetBrains Upsource before 2020.1, information disclosure is possibl ...) - TODO: check + NOT-FOR-US: JetBrains Upsource CVE-2019-19703 (In Ktor through 1.2.6, the client resends data from the HTTP Authoriza ...) NOT-FOR-US: Ktor CVE-2019-19702 (The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an XML Ext ...) @@ -82325,7 +82325,7 @@ CVE-2019-7007 (A directory traversal vulnerability has been found in the Avaya E CVE-2019-7006 (Avaya one-X Communicator uses weak cryptographic algorithms in the cli ...) NOT-FOR-US: Avaya CVE-2019-7005 (A vulnerability was discovered in the web interface component of IP Of ...) - TODO: check + NOT-FOR-US: IP Office CVE-2019-7004 (A Cross-Site Scripting (XSS) vulnerability in the WebUI component of I ...) NOT-FOR-US: Avaya CVE-2019-7003 (A SQL injection vulnerability in the reporting component of Avaya Cont ...) -- cgit v1.2.3