diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-06 10:15:24 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-06 10:15:24 +0100 |
commit | cd906e8c3c1e4e6f26194e59640b3355b720a16f (patch) | |
tree | 03959b88ad40460d45377403d814a9e7b2daad1b /data | |
parent | 3707994c0d3c333bca680c11d6064afef0b04b27 (diff) |
Process NFUs
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/2011.list | 2 | ||||
-rw-r--r-- | data/CVE/2019.list | 4 | ||||
-rw-r--r-- | data/CVE/2020.list | 6 |
3 files changed, 6 insertions, 6 deletions
diff --git a/data/CVE/2011.list b/data/CVE/2011.list index 38c0c8f49d..0defff4ebd 100644 --- a/data/CVE/2011.list +++ b/data/CVE/2011.list @@ -10037,7 +10037,7 @@ CVE-2011-XXXX [htmlpurifier various] NOTE: htmlpurifier only provides library functions, it's not vulnerable by itself NOTE: If apps are vulnerable, this must be addressed there (as done for Mahara) CVE-2011-1517 (SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service c ...) - TODO: check + NOT-FOR-US: SAP CVE-2011-1516 (The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in ...) NOT-FOR-US: Apple Mac OS X CVE-2011-1515 (The inet service in HP OpenView Storage Data Protector 6.00 through 6. ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 0dd6ec26f9..3c6c925b3b 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -1,5 +1,5 @@ CVE-2019-20447 (Jobberbase 2.0 has SQL injection via the PATH_INFO to the jobs-in endp ...) - TODO: check + NOT-FOR-US: Jobberbase CMS CVE-2019-20446 (In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nest ...) - librsvg 2.46.4-1 NOTE: https://gitlab.gnome.org/GNOME/librsvg/issues/515 @@ -649,7 +649,7 @@ CVE-2019-20175 (** DISPUTED ** An issue was discovered in ide_dma_cb() in hw/ide CVE-2019-20174 (Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is us ...) TODO: check CVE-2019-20173 (The Auth0 wp-auth0 plugin 3.11.x before 3.11.3 for WordPress allows XS ...) - TODO: check + NOT-FOR-US: Auth0 wp-auth0 plugin for WordPress CVE-2019-20172 (Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not r ...) NOT-FOR-US: SerenityOS CVE-2019-20171 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index cb1f29e375..60c75fbad0 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -17,7 +17,7 @@ CVE-2020-8660 CVE-2020-8659 RESERVED CVE-2020-8658 (The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp- ...) - TODO: check + NOT-FOR-US: BestWebSoft Htaccess plugin for WordPress CVE-2020-8657 RESERVED CVE-2020-8656 @@ -39,13 +39,13 @@ CVE-2020-8646 CVE-2020-8645 RESERVED CVE-2020-8644 (PlaySMS before 1.4.3 does not sanitize inputs from a malicious string. ...) - TODO: check + NOT-FOR-US: PlaySMS CVE-2020-8643 RESERVED CVE-2020-8642 RESERVED CVE-2020-8641 (Lotus Core CMS 1.0.1 allows authenticated Local File Inclusion of .php ...) - TODO: check + NOT-FOR-US: Lotus Core CMS CVE-2020-8649 (There is a use-after-free vulnerability in the Linux kernel through 5. ...) - linux <unfixed> CVE-2020-8648 (There is a use-after-free vulnerability in the Linux kernel through 5. ...) |