From 29de76087d29084e49d8be408c7b2ac57ad589ee Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Mon, 30 Nov 2020 21:23:38 +0100 Subject: Process more NFUs --- data/CVE/list | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index d4d9439aba..42fc553731 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -5,11 +5,11 @@ CVE-2020-29394 (A buffer overflow in the dlt_filter_load function in dlt_common. CVE-2020-29393 RESERVED CVE-2020-29392 (The Estil Hill Lock Password Manager Safe app 2.3 for iOS has a *#06#* ...) - TODO: check + NOT-FOR-US: Estil Hill Lock Password Manager Safe app for iOS CVE-2020-29391 RESERVED CVE-2020-29390 (Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi ...) - TODO: check + NOT-FOR-US: Zeroshell CVE-2020-29389 RESERVED CVE-2020-29388 @@ -21,7 +21,7 @@ CVE-2020-29386 CVE-2020-29385 RESERVED CVE-2020-29384 (An issue was discovered in PNGOUT 2020-01-15. When compressing a craft ...) - TODO: check + NOT-FOR-US: PNGOUT CVE-2020-29383 (An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1. ...) NOT-FOR-US: V-SOL devices CVE-2020-29382 (An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 ...) @@ -93,7 +93,7 @@ CVE-2020-29366 CVE-2020-29365 RESERVED CVE-2020-29364 (In NetArt News Lister 1.0.0, the news headlines are vulnerable to stor ...) - TODO: check + NOT-FOR-US: NetArt News Lister CVE-2020-29363 RESERVED CVE-2020-29362 @@ -7151,9 +7151,9 @@ CVE-2020-27661 [divide by zero in dwc2_handle_packet() in hw/usb/hcd-dwc2.c] NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=bea2a9e3e00b275dc40cfa09c760c715b8753e03 (v5.2.0-rc0) CVE-2020-27660 (SQL injection vulnerability in request.cgi in Synology SafeAccess befo ...) - TODO: check + NOT-FOR-US: Synology CVE-2020-27659 (Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAc ...) - TODO: check + NOT-FOR-US: Synology CVE-2020-27658 (Synology Router Manager (SRM) before 1.2.4-8081 does not include the H ...) NOT-FOR-US: Synology Router Manager (SRM) CVE-2020-27657 (Cleartext transmission of sensitive information vulnerability in DDNS ...) @@ -12061,7 +12061,7 @@ CVE-2020-25539 CVE-2020-25538 (An authenticated attacker can inject malicious code into "lang" parame ...) NOT-FOR-US: CMSuno CVE-2020-25537 (File upload vulnerability exists in UCMS 1.5.0, and the attacker can t ...) - TODO: check + NOT-FOR-US: UCMS CVE-2020-25536 RESERVED CVE-2020-25535 @@ -27630,7 +27630,7 @@ CVE-2020-17903 CVE-2020-17902 RESERVED CVE-2020-17901 (Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers t ...) - TODO: check + NOT-FOR-US: PbootCMS CVE-2020-17900 RESERVED CVE-2020-17899 @@ -53165,7 +53165,7 @@ CVE-2020-8353 (Prior to August 10, 2020, some Lenovo Desktop and Workstation sys CVE-2020-8352 (In some Lenovo Desktop models, the Configuration Change Detection BIOS ...) NOT-FOR-US: Lenovo CVE-2020-8351 (A privilege escalation vulnerability was reported in Lenovo PCManager ...) - TODO: check + NOT-FOR-US: Lenovo PCManager CVE-2020-8350 (An authentication bypass vulnerability was reported in Lenovo ThinkPad ...) NOT-FOR-US: Lenovo CVE-2020-8349 (An internal security review has identified an unauthenticated remote c ...) -- cgit v1.2.3