From 73442ed2f16316975811ebc8daa03f410ed53fe0 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Tue, 27 Oct 2020 09:44:40 +0100 Subject: Process some NFUs --- data/CVE/list | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 0f493747ca..b47c2ee483 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1577,15 +1577,15 @@ CVE-2020-27185 CVE-2020-27184 RESERVED CVE-2020-27183 (A RemoteFunctions endpoint with missing access control in konzept-ix p ...) - TODO: check + NOT-FOR-US: konzept-ix publiXone CVE-2020-27182 (Multiple cross-site scripting (XSS) vulnerabilities in konzept-ix publ ...) - TODO: check + NOT-FOR-US: konzept-ix publiXone CVE-2020-27181 (A hardcoded AES key in CipherUtils.java in the Java applet of konzept- ...) - TODO: check + NOT-FOR-US: konzept-ix publiXone CVE-2020-27180 (konzept-ix publiXone before 2020.015 allows attackers to download file ...) - TODO: check + NOT-FOR-US: konzept-ix publiXone CVE-2020-27179 (konzept-ix publiXone before 2020.015 allows attackers to take over arb ...) - TODO: check + NOT-FOR-US: konzept-ix publiXone CVE-2020-27178 (Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4 ...) NOT-FOR-US: Apereo CAS CVE-2020-27177 @@ -2202,9 +2202,9 @@ CVE-2020-26880 (Sympa through 6.2.57b.2 allows a local privilege escalation from NOTE: https://github.com/sympa-community/sympa/issues/943#issuecomment-704779420 NOTE: https://github.com/sympa-community/sympa/issues/943#issuecomment-704842235 CVE-2020-26879 (Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded ...) - TODO: check + NOT-FOR-US: Ruckus CVE-2020-26878 (Ruckus through 1.5.1.0.21 is affected by remote command injection. An ...) - TODO: check + NOT-FOR-US: Ruckus CVE-2020-26877 RESERVED CVE-2020-26876 (The wp-courses plugin through 2.0.27 for WordPress allows remote attac ...) @@ -7153,9 +7153,9 @@ CVE-2020-24634 CVE-2020-24633 RESERVED CVE-2020-24632 (A remote execution of arbitrary commandss vulnerability was discovered ...) - TODO: check + NOT-FOR-US: Aruba CVE-2020-24631 (A remote execution of arbitrary commands vulnerability was discovered ...) - TODO: check + NOT-FOR-US: Aruba CVE-2020-24630 (A remote operatoronlinelist_content privilege escalation vulnerability ...) NOT-FOR-US: HPE Intelligent Management Center (iMC) CVE-2020-24629 (A remote urlaccesscontroller authentication bypass vulnerability was d ...) -- cgit v1.2.3