Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: c5361c66 by Salvatore Bonaccorso at 2020-03-26T09:16:08+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,11 +1,11 @@ CVE-2020-10966 (In the Password Reset Module in VESTA Control Panel through 0.9.8-25 a ...) - TODO: check + NOT-FOR-US: VESTA Control Panel CVE-2020-10965 (Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to ...) - TODO: check + NOT-FOR-US: Teradici PCoIP Management Console CVE-2020-10964 (Serendipity before 2.3.4 on Windows allows remote attackers to execute ...) TODO: check CVE-2020-10963 (FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted fi ...) - TODO: check + NOT-FOR-US: FrozenNode Laravel-Administrator CVE-2020-10962 RESERVED CVE-2020-10961 @@ -159,21 +159,21 @@ CVE-2020-10890 CVE-2020-10889 RESERVED CVE-2020-10888 (This vulnerability allows remote attackers to bypass authentication on ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2020-10887 (This vulnerability allows a firewall bypass on affected installations ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2020-10886 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2020-10885 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2020-10884 (This vulnerability allows network-adjacent attackers execute arbitrary ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2020-10883 (This vulnerability allows local attackers to escalate privileges on af ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2020-10882 (This vulnerability allows network-adjacent attackers to execute arbitr ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2020-10881 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2019-20632 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...) TODO: check CVE-2019-20631 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...) @@ -1796,7 +1796,7 @@ CVE-2020-10247 (MISP 2.4.122 has Persistent XSS in the sighting popover tool. Th CVE-2020-10246 (MISP 2.4.122 has reflected XSS via unsanitized URL parameters. This is ...) NOT-FOR-US: MISP CVE-2020-10245 (CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control run ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2020-10244 (JPaseto before 0.3.0 generates weak hashes when using v2.local tokens. ...) NOT-FOR-US: JPaseto CVE-2020-10243 (An issue was discovered in Joomla! before 3.9.16. The lack of type cas ...) @@ -3394,7 +3394,7 @@ CVE-2020-9522 CVE-2020-9521 RESERVED CVE-2020-9520 (A stored XSS vulnerability was discovered in Micro Focus Vibe, affecti ...) - TODO: check + NOT-FOR-US: Micro Focus Vibe CVE-2020-9519 (HTTP methods reveled in Web services vulnerability in Micro Focus Serv ...) NOT-FOR-US: Micro Focus CVE-2020-9518 (Login filter can access configuration files vulnerability in Micro Foc ...) @@ -12445,7 +12445,7 @@ CVE-2020-5563 CVE-2020-5562 RESERVED CVE-2020-5561 (Keijiban Tsumiki v1.15 allows remote attackers to execute arbitrary OS ...) - TODO: check + NOT-FOR-US: Keijiban Tsumiki CVE-2020-5560 (WL-Enq 1.11 and 1.12 allows remote attackers to execute arbitrary OS c ...) TODO: check CVE-2020-5559 (Cross-site scripting vulnerability in WL-Enq 1.11 and 1.12 allows remo ...) @@ -12455,11 +12455,11 @@ CVE-2020-5558 (CuteNews 2.0.1 allows remote authenticated attackers to execute a CVE-2020-5557 (Cross-site scripting vulnerability in CuteNews 2.0.1 allows remote att ...) TODO: check CVE-2020-5556 (Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers ...) - TODO: check + NOT-FOR-US: Shihonkanri Plus GOOUT CVE-2020-5555 (Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers ...) - TODO: check + NOT-FOR-US: Shihonkanri Plus GOOUT CVE-2020-5554 (Directory traversal vulnerability in Shihonkanri Plus GOOUT Ver1.5.8 a ...) - TODO: check + NOT-FOR-US: Shihonkanri Plus GOOUT CVE-2020-5553 (mailform version 1.04 allows remote attackers to execute arbitrary PHP ...) TODO: check CVE-2020-5552 (Cross-site scripting vulnerability in mailform version 1.04 allows rem ...) @@ -12970,9 +12970,9 @@ CVE-2020-5342 (Dell Digital Delivery versions prior to 3.5.2015 contain an incor CVE-2020-5341 RESERVED CVE-2020-5340 (RSA Authentication Manager versions prior to 8.4 P10 contain a stored ...) - TODO: check + NOT-FOR-US: RSA Authentication Manager CVE-2020-5339 (RSA Authentication Manager versions prior to 8.4 P10 contain a stored ...) - TODO: check + NOT-FOR-US: RSA Authentication Manager CVE-2020-5338 RESERVED CVE-2020-5337 @@ -13116,7 +13116,7 @@ CVE-2020-5279 CVE-2020-5278 RESERVED CVE-2020-5277 (PrestaShop module ps_facetedsearch versions before 3.5.0 has a reflect ...) - TODO: check + NOT-FOR-US: PrestaShop CVE-2020-5276 RESERVED CVE-2020-5275 @@ -13789,7 +13789,7 @@ CVE-2020-5131 CVE-2020-5130 RESERVED CVE-2020-5129 (A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows a ...) - TODO: check + NOT-FOR-US: SonicWall CVE-2019-20197 (In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary ...) NOT-FOR-US: Nagios XI CVE-2019-20196 @@ -17408,33 +17408,33 @@ CVE-2020-3810 CVE-2020-3809 RESERVED CVE-2020-3808 (Creative Cloud Desktop Application versions 5.0 and earlier have a tim ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3807 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3806 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3805 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3804 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3803 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3802 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3801 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3800 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3799 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3798 RESERVED CVE-2020-3797 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3796 RESERVED CVE-2020-3795 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3794 (ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file i ...) TODO: check CVE-2020-3793 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5361c66995bd58b89c12835231f108e08b3b414 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5361c66995bd58b89c12835231f108e08b3b414 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits