Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
16912135 by Salvatore Bonaccorso at 2020-01-14T19:05:15+01:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2020-6958 (An XXE vulnerability in JnlpSupport in Yet Another Java Service
Wrappe ...)
- TODO: check
+ NOT-FOR-US: Yet Another Java Service Wrapper (YAJSW)
CVE-2020-6957
RESERVED
CVE-2020-6956
RESERVED
CVE-2020-6955 (An issue was discovered on Cayin SMP-PRO4 devices. They allow
image_pr ...)
- TODO: check
+ NOT-FOR-US: Cayin SMP-PRO4 devices
CVE-2020-6954 (An issue was discovered on Cayin SMP-PRO4 devices. A user can
discover ...)
- TODO: check
+ NOT-FOR-US: Cayin SMP-PRO4 devices
CVE-2020-6953
RESERVED
CVE-2020-6952
@@ -10821,7 +10821,7 @@ CVE-2019-19682 (nopCommerce through 4.20 allows XSS in
the SaveStoreMappings of
CVE-2019-19681 (Pandora FMS 7.x suffers from remote code execution
vulnerability. With ...)
NOT-FOR-US: Pandora FMS
CVE-2019-19680 (A file-extension filtering vulnerability in ProofPoint
Protection Serv ...)
- TODO: check
+ NOT-FOR-US: ProofPoint Protection Server Email Firewall
CVE-2019-19679 (In "Xray Test Management for Jira" prior to version 3.5.5,
remote auth ...)
NOT-FOR-US: Xray Test Management for Jira
CVE-2019-19678 (In "Xray Test Management for Jira" prior to version 3.5.5,
remote auth ...)
@@ -40899,7 +40899,7 @@ CVE-2019-11098
CVE-2019-11097 (Improper directory permissions in the installer for Intel(R)
Managemen ...)
NOT-FOR-US: Intel
CVE-2019-11096 (Insufficient memory protection for Intel(R) Ethernet I218
Adapter driv ...)
- TODO: check
+ NOT-FOR-US: Intel(R) Ethernet I218 Adapter driver for Windows
CVE-2019-11095 (Insufficient access control in Intel(R) Driver & Support
Assistant ...)
NOT-FOR-US: Intel(R) Driver & Support Assistant
CVE-2019-11094 (Insufficient input validation in system firmware for Intel (R)
NUC Kit ...)
@@ -233949,7 +233949,7 @@ CVE-2014-9384
CVE-2014-9383
RESERVED
CVE-2014-9382 (Freebox OS Web interface 3.0.2 has CSRF which can allow VPN
user accou ...)
- TODO: check
+ NOT-FOR-US: Freebox OS
CVE-2014-9375 (Directory traversal vulnerability in the
LibraryFileUploadServlet serv ...)
NOT-FOR-US: Lexmark
CVE-2014-9373 (Directory traversal vulnerability in the
CollectorConfInfoServlet serv ...)
@@ -283345,9 +283345,9 @@ CVE-2012-4763
CVE-2012-4762
RESERVED
CVE-2012-4761 (A Privilege Escalation vulnerability exists in the unquoted
Service Bi ...)
- TODO: check
+ NOT-FOR-US: Safend
CVE-2012-4760 (A Privilege Escalation vulnerability exists in the SDBagent
service in ...)
- TODO: check
+ NOT-FOR-US: Safend
CVE-2011-5158 (Multiple untrusted search path vulnerabilities in the
DMTGUI2.EXE and ...)
NOT-FOR-US: DATEV Grundpaket Basis
CVE-2010-5274 (Untrusted search path vulnerability in PKZIP before 12.50.0014
allows ...)
@@ -283550,7 +283550,7 @@ CVE-2012-4751 (Cross-site scripting (XSS)
vulnerability in Open Ticket Request S
[squeeze] - otrs2 2.4.9+dfsg1-3+squeeze4
NOTE: DSA-2733-1
CVE-2012-4750 (A Code Execution vulnerability exists in the memcpy function
when proc ...)
- TODO: check
+ NOT-FOR-US: Ezhometech EzServer
CVE-2012-4749
RESERVED
CVE-2012-4748
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/16912135db2f450fec1edc3927e433c71d9cf9db
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/16912135db2f450fec1edc3927e433c71d9cf9db
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
