Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
426dfc1b by Salvatore Bonaccorso at 2020-02-27T09:12:13+01:00
Process NFUs
- - - - -
a3043933 by Salvatore Bonaccorso at 2020-02-27T09:19:46+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -187,7 +187,7 @@ CVE-2020-9339 (SOPlanning 1.45 allows XSS via the Name or
Comment to status.php.
CVE-2020-9338 (SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.
...)
NOT-FOR-US: SOPlanning
CVE-2020-9337 (In GolfBuddy Course Manager 1.1, passwords are sent (with
base64 encod ...)
- TODO: check
+ NOT-FOR-US: GolfBuddy Course Manager
CVE-2020-9336 (fauzantrif eLection 2.0 has XSS via the Admin Dashboard ->
Settings ...)
NOT-FOR-US: fauzantrif eLection
CVE-2020-6802 [mutation XSS vulnerability]
@@ -1074,9 +1074,9 @@ CVE-2020-8954
CVE-2020-8953 (OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP
authentication by ...)
NOT-FOR-US: OpenVPN Access Server
CVE-2020-8952 (Fiserv Accurate Reconciliation 2.19.0 allows XSS via the
logout.jsp ti ...)
- TODO: check
+ NOT-FOR-US: Fiserv Accurate Reconciliation
CVE-2020-8951 (Fiserv Accurate Reconciliation 2.19.0 allows XSS via the Source
or Des ...)
- TODO: check
+ NOT-FOR-US: Fiserv Accurate Reconciliation
CVE-2020-8950 (The AUEPLauncher service in Radeon AMD User Experience Program
Launche ...)
NOT-FOR-US: Radeon AMD User Experience Program Launcher
CVE-2020-8949 (Gocloud S2A_WL 4.2.7.16471, S2A 4.2.7.17278, S2A 4.3.0.15815,
S2A 4.3. ...)
@@ -12823,23 +12823,23 @@ CVE-2019-19996 (An issue was discovered on Intelbras
IWR 3000N 1.8.7 devices. A
CVE-2019-19995 (A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7
devices, lead ...)
NOT-FOR-US: Intelbras IWR 3000N devices
CVE-2019-19994 (An issue was discovered in Selesta Visual Access Manager (VAM)
4.15.0 ...)
- TODO: check
+ NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19993 (An issue was discovered in Selesta Visual Access Manager (VAM)
4.15.0 ...)
- TODO: check
+ NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19992 (An issue was discovered in Selesta Visual Access Manager (VAM)
4.15.0 ...)
- TODO: check
+ NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19991 (An issue was discovered in Selesta Visual Access Manager (VAM)
4.15.0 ...)
- TODO: check
+ NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19990 (An issue was discovered in Selesta Visual Access Manager (VAM)
4.15.0 ...)
- TODO: check
+ NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19989 (An issue was discovered in Selesta Visual Access Manager (VAM)
4.15.0 ...)
- TODO: check
+ NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19988 (An issue was discovered in Selesta Visual Access Manager (VAM)
4.15.0 ...)
- TODO: check
+ NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19987 (An issue was discovered in Selesta Visual Access Manager (VAM)
4.15.0 ...)
- TODO: check
+ NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19986 (An issue was discovered in Selesta Visual Access Manager (VAM)
4.15.0 ...)
- TODO: check
+ NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19985 (The WordPress plugin, Email Subscribers & Newsletters,
before 4.2. ...)
NOT-FOR-US: WordPress plugin
CVE-2019-19984 (The WordPress plugin, Email Subscribers & Newsletters,
before 4.2. ...)
@@ -13102,9 +13102,9 @@ CVE-2020-3926 (An arbitrary-file-access vulnerability
exists in ServiSign securi
CVE-2020-3925 (A Remote Code Execution(RCE) vulnerability exists in some
designated a ...)
NOT-FOR-US: ServiSign security plugin
CVE-2020-3924 (DVR firmware in TAT-76 and TAT-77 series of products, provided
by TONN ...)
- TODO: check
+ NOT-FOR-US: DVR firmware in TAT-76 and TAT-77 series
CVE-2020-3923 (DVR firmware in TAT-76 and TAT-77 series of products, provided
by TONN ...)
- TODO: check
+ NOT-FOR-US: DVR firmware in TAT-76 and TAT-77 series
CVE-2020-3922
RESERVED
CVE-2020-3921
@@ -15042,27 +15042,27 @@ CVE-2020-3177
CVE-2020-3176
RESERVED
CVE-2020-3175 (A vulnerability in the resource handling system of Cisco NX-OS
Softwar ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3174 (A vulnerability in the anycast gateway feature of Cisco NX-OS
Software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3173 (A vulnerability in the local management (local-mgmt) CLI of
Cisco UCS ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3172 (A vulnerability in the Cisco Discovery Protocol feature of
Cisco FXOS ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3171 (A vulnerability in the local management (local-mgmt) CLI of
Cisco FXOS ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3170 (A vulnerability in the NX-API feature of Cisco NX-OS Software
could al ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3169 (A vulnerability in the CLI of Cisco FXOS Software could allow
an authe ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3168 (A vulnerability in the Secure Login Enhancements capability of
Cisco N ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3167 (A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS
Manage ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3166 (A vulnerability in the CLI of Cisco FXOS Software could allow
an authe ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3165 (A vulnerability in the implementation of Border Gateway
Protocol (BGP) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3164
RESERVED
CVE-2020-3163 (A vulnerability in the Live Data server of Cisco Unified
Contact Cente ...)
@@ -19899,7 +19899,7 @@ CVE-2019-19136
CVE-2019-19135
RESERVED
CVE-2019-19134 (The Hero Maps Premium plugin 2.2.1 and prior for WordPress is
prone to ...)
- TODO: check
+ NOT-FOR-US: Hero Maps Premium plugin for WordPress
CVE-2019-19133 (The CSS Hero plugin through 4.0.3 for WordPress is prone to
reflected ...)
NOT-FOR-US: CSS Hero plugin for WordPress
CVE-2019-19132
@@ -24590,7 +24590,7 @@ CVE-2019-18240 (In Fuji Electric V-Server 4.0.6 and
prior, several heap-based bu
CVE-2019-18239
RESERVED
CVE-2019-18238 (Moxa ioLogik 2542-HSPA Series Controllers and IOs, and
IOxpress Config ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2019-18237
RESERVED
CVE-2019-18236 (Multiple buffer overflow vulnerabilities exist when the PLC
Editor Ver ...)
@@ -27961,9 +27961,9 @@ CVE-2019-17277
CVE-2019-17276
RESERVED
CVE-2019-17275 (OnCommand Cloud Manager versions prior to 3.8.0 are
susceptible to arb ...)
- TODO: check
+ NOT-FOR-US: OnCommand Cloud Manager
CVE-2019-17274 (NetApp FAS 8300/8700 and AFF A400 Baseboard Management
Controller (BMC ...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2019-17273 (E-Series SANtricity OS Controller Software version 11.60.0 is
suscepti ...)
NOT-FOR-US: E-Series SANtricity OS Controller Software
CVE-2019-17272 (All versions of ONTAP Select Deploy administration utility are
suscept ...)
@@ -65211,7 +65211,7 @@ CVE-2019-4728
CVE-2019-4727
RESERVED
CVE-2019-4726 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through
5.2.6.5 i ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4725
RESERVED
CVE-2019-4724
@@ -65467,11 +65467,11 @@ CVE-2019-4600 (IBM API Connect version V5.0.0.0
through 5.0.8.7 could reveal sen
CVE-2019-4599
RESERVED
CVE-2019-4598 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through
5.2.6.5 i ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4597 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through
5.2.6.5 i ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4596 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through
5.2.6.5 i ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4595 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through
5.2.6.5 c ...)
NOT-FOR-US: IBM
CVE-2019-4594
@@ -65589,7 +65589,7 @@ CVE-2019-4539 (IBM Security Directory Server 6.4.0 does
not properly neutralize
CVE-2019-4538 (IBM Security Directory Server 6.4.0 could allow a remote
attacker to c ...)
NOT-FOR-US: IBM
CVE-2019-4537 (IBM WebSphere Service Registry and Repository 8.5 could allow a
user t ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4536 (IBM i 7.4 users who have done a Restore User Profile
(RSTUSRPRF) on a ...)
NOT-FOR-US: IBM
CVE-2019-4535
@@ -166621,7 +166621,7 @@ CVE-2017-6373
CVE-2017-6372
RESERVED
CVE-2017-6371 (Synchronet BBS 3.16c for Windows allows remote attackers to
cause a de ...)
- TODO: check
+ NOT-FOR-US: Synchronet BBS
CVE-2017-6370 (TYPO3 7.6.15 sends an http request to an
index.php?loginProvider URI i ...)
NOT-FOR-US: TYPO3
CVE-2017-6369 (Insufficient checks in the UDF subsystem in Firebird 2.5.x
before 2.5. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9c6503ba71a46edbc0a04a29bcc4dc095dca1ff3...a3043933c91fdd48888c48fad4be76f9e704117c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9c6503ba71a46edbc0a04a29bcc4dc095dca1ff3...a3043933c91fdd48888c48fad4be76f9e704117c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
