diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-28 22:34:00 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-28 22:36:31 +0100 |
| commit | 256f87210e33f77f606785b2e94dbc69b401a383 (patch) | |
| tree | 91aa3ba0ffab1dbf4a965e65eb2880903e57da9a /data/CVE | |
| parent | de4a9434292f00721442cbca69aa89ae42bfc7b4 (diff) | |
Process NFUs
Diffstat (limited to 'data/CVE')
| -rw-r--r-- | data/CVE/2013.list | 2 | ||||
| -rw-r--r-- | data/CVE/2014.list | 16 | ||||
| -rw-r--r-- | data/CVE/2018.list | 4 | ||||
| -rw-r--r-- | data/CVE/2019.list | 10 | ||||
| -rw-r--r-- | data/CVE/2020.list | 4 |
5 files changed, 18 insertions, 18 deletions
diff --git a/data/CVE/2013.list b/data/CVE/2013.list index ff88d6643c..fb5d32a621 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -380,7 +380,7 @@ CVE-2013-7380 (The Etherpad Lite ep_imageconvert Plugin has a Remote Command Inj CVE-2013-7379 (The admin API in the tomato module before 0.0.6 for Node.js does not p ...) NOT-FOR-US: tomato module for Node.js CVE-2013-7378 (scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node ...) - TODO: check + NOT-FOR-US: Hubot Scripts module for Node.js CVE-2013-7377 (The codem-transcode module before 0.5.0 for Node.js, when ffprobe is e ...) NOT-FOR-US: codem-transcode Node module CVE-2013-7376 (Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2. ...) diff --git a/data/CVE/2014.list b/data/CVE/2014.list index b8607f9b08..140c4d1074 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -10715,7 +10715,7 @@ CVE-2014-6419 CVE-2014-6415 RESERVED CVE-2014-6413 (A Cross-site Scripting (XSS) vulnerability exists in WatchGuard XTM 11 ...) - TODO: check + NOT-FOR-US: WatchGuard CVE-2014-6412 (WordPress before 4.4 makes it easier for remote attackers to predict p ...) - wordpress <not-affected> (Affects only Wordpress on Windows systems) CVE-2014-6411 @@ -12788,7 +12788,7 @@ CVE-2014-5470 CVE-2014-5469 RESERVED CVE-2014-5468 (A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a ...) - TODO: check + NOT-FOR-US: Railo CVE-2014-5467 RESERVED CVE-2014-5466 (Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk We ...) @@ -13806,15 +13806,15 @@ CVE-2014-5089 (SQL injection vulnerability in admin/options/logs.php in Status2k CVE-2014-5088 (Cross-site scripting (XSS) vulnerability in Status2k allows remote att ...) NOT-FOR-US: Status2k CVE-2014-5087 (A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to ...) - TODO: check + NOT-FOR-US: Sphider Search Engine CVE-2014-5086 (A Command Execution vulnerability exists in Sphider Pro, and Sphider P ...) - TODO: check + NOT-FOR-US: Sphider CVE-2014-5085 (A Command Execution vulnerability exists in Sphider Plus 3.2 due to in ...) - TODO: check + NOT-FOR-US: Sphider CVE-2014-5084 (A Command Execution vulnerability exists in Sphider Pro 3.2 due to ins ...) - TODO: check + NOT-FOR-US: Sphider CVE-2014-5083 (A Command Execution vulnerability exists in Sphider before 1.3.6 due t ...) - TODO: check + NOT-FOR-US: Sphider CVE-2014-5082 (Multiple SQL injection vulnerabilities in admin/admin.php in Sphider 1 ...) NOT-FOR-US: Sphider CVE-2014-5081 (sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus pri ...) @@ -16700,7 +16700,7 @@ CVE-2014-3880 (The (1) execve and (2) fexecve system calls in the FreeBSD kernel - kfreebsd-9 <removed> - kfreebsd-10 10.0-6 CVE-2014-3879 (OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error ...) - TODO: check + NOT-FOR-US: OpenPAM CVE-2014-3878 (Multiple cross-site scripting (XSS) vulnerabilities in the web client ...) NOT-FOR-US: IPSwitch IMail CVE-2014-3877 (Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, ...) diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 2d10742d3e..9975b80c60 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -32217,9 +32217,9 @@ CVE-2018-8880 (Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't CVE-2018-8879 (Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS device ...) NOT-FOR-US: ASUS CVE-2018-8878 (Information disclosure in Asuswrt-Merlin firmware for ASUS devices old ...) - TODO: check + NOT-FOR-US: ASUS CVE-2018-8877 (Information disclosure in Asuswrt-Merlin firmware for ASUS devices old ...) - TODO: check + NOT-FOR-US: ASUS CVE-2018-8876 (In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows loc ...) NOT-FOR-US: 2345 Security Guard CVE-2018-8875 (In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows loc ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 9649822e97..8dca72d2b1 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -25273,9 +25273,9 @@ CVE-2019-10790 (taffy through 2.6.2 allows attackers to forge adding additional CVE-2019-10789 (All versions of curling.js are vulnerable to Command Injection via the ...) NOT-FOR-US: curling.js CVE-2019-10788 (im-metadata through 3.0.1 allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: im-metadata node module CVE-2019-10787 (im-resize through 2.3.2 allows remote attackers to execute arbitrary c ...) - TODO: check + NOT-FOR-US: im-resize node module CVE-2019-10786 (network-manager through 1.0.2 allows remote attackers to execute arbit ...) NOT-FOR-US: network-manager node module CVE-2019-10785 (dojox is vulnerable to Cross-site Scripting in all versions before ver ...) @@ -25285,9 +25285,9 @@ CVE-2019-10784 (phppgadmin through 7.12.1 allows sensitive actions to be perform NOTE: https://snyk.io/vuln/SNYK-PHP-PHPPGADMINPHPPGADMIN-543885 NOTE: https://github.com/phppgadmin/phppgadmin/issues/94 CVE-2019-10783 (All versions including 0.0.4 of lsof npm module are vulnerable to Comm ...) - TODO: check + NOT-FOR-US: lsof node module CVE-2019-10781 (In schema-inspector before 1.6.9, a maliciously crafted JavaScript obj ...) - TODO: check + NOT-FOR-US: schema-inspector node module CVE-2019-10780 (BibTeX-ruby before 5.1.0 allows shell command injection due to unsanit ...) NOT-FOR-US: BibTeX-ruby CVE-2019-10779 (All versions of stroom:stroom-app before 5.5.12 and all versions of th ...) @@ -31923,7 +31923,7 @@ CVE-2019-8743 (Multiple memory corruption issues were addressed with improved me CVE-2019-8742 (The issue was addressed by restricting options offered on a locked dev ...) NOT-FOR-US: Apple CVE-2019-8741 (A denial of service issue was addressed with improved input validation ...) - TODO: check + NOT-FOR-US: Apple CVE-2019-8740 RESERVED CVE-2019-8739 (A memory corruption issue was addressed with improved state management ...) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index b7619dd17b..5fb27ec78a 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -33,7 +33,7 @@ CVE-2020-9449 CVE-2020-9448 RESERVED CVE-2020-9447 (The file-upload feature in GwtUpload 1.0.3 allows XSS via a crafted fi ...) - TODO: check + NOT-FOR-US: GwtUpload CVE-2020-9446 RESERVED CVE-2020-9445 @@ -15985,7 +15985,7 @@ CVE-2020-1846 CVE-2020-1845 RESERVED CVE-2020-1844 (PCManager with versions earlier than 10.0.5.51 have a privilege escala ...) - TODO: check + NOT-FOR-US: Huawei CVE-2020-1843 (Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), ...) NOT-FOR-US: Huawei CVE-2020-1842 (Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version ...) |