Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c5361c66 by Salvatore Bonaccorso at 2020-03-26T09:16:08+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2020-10966 (In the Password Reset Module in VESTA Control Panel through
0.9.8-25 a ...)
- TODO: check
+ NOT-FOR-US: VESTA Control Panel
CVE-2020-10965 (Teradici PCoIP Management Console 20.01.0 and 19.11.1 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: Teradici PCoIP Management Console
CVE-2020-10964 (Serendipity before 2.3.4 on Windows allows remote attackers to
execute ...)
TODO: check
CVE-2020-10963 (FrozenNode Laravel-Administrator through 5.0.12 allows
unrestricted fi ...)
- TODO: check
+ NOT-FOR-US: FrozenNode Laravel-Administrator
CVE-2020-10962
RESERVED
CVE-2020-10961
@@ -159,21 +159,21 @@ CVE-2020-10890
CVE-2020-10889
RESERVED
CVE-2020-10888 (This vulnerability allows remote attackers to bypass
authentication on ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2020-10887 (This vulnerability allows a firewall bypass on affected
installations ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2020-10886 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2020-10885 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2020-10884 (This vulnerability allows network-adjacent attackers execute
arbitrary ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2020-10883 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2020-10882 (This vulnerability allows network-adjacent attackers to
execute arbitr ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2020-10881 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2019-20632 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as
demonstr ...)
TODO: check
CVE-2019-20631 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as
demonstr ...)
@@ -1796,7 +1796,7 @@ CVE-2020-10247 (MISP 2.4.122 has Persistent XSS in the
sighting popover tool. Th
CVE-2020-10246 (MISP 2.4.122 has reflected XSS via unsanitized URL parameters.
This is ...)
NOT-FOR-US: MISP
CVE-2020-10245 (CODESYS V3 web server before 3.5.15.40, as used in CODESYS
Control run ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2020-10244 (JPaseto before 0.3.0 generates weak hashes when using v2.local
tokens. ...)
NOT-FOR-US: JPaseto
CVE-2020-10243 (An issue was discovered in Joomla! before 3.9.16. The lack of
type cas ...)
@@ -3394,7 +3394,7 @@ CVE-2020-9522
CVE-2020-9521
RESERVED
CVE-2020-9520 (A stored XSS vulnerability was discovered in Micro Focus Vibe,
affecti ...)
- TODO: check
+ NOT-FOR-US: Micro Focus Vibe
CVE-2020-9519 (HTTP methods reveled in Web services vulnerability in Micro
Focus Serv ...)
NOT-FOR-US: Micro Focus
CVE-2020-9518 (Login filter can access configuration files vulnerability in
Micro Foc ...)
@@ -12445,7 +12445,7 @@ CVE-2020-5563
CVE-2020-5562
RESERVED
CVE-2020-5561 (Keijiban Tsumiki v1.15 allows remote attackers to execute
arbitrary OS ...)
- TODO: check
+ NOT-FOR-US: Keijiban Tsumiki
CVE-2020-5560 (WL-Enq 1.11 and 1.12 allows remote attackers to execute
arbitrary OS c ...)
TODO: check
CVE-2020-5559 (Cross-site scripting vulnerability in WL-Enq 1.11 and 1.12
allows remo ...)
@@ -12455,11 +12455,11 @@ CVE-2020-5558 (CuteNews 2.0.1 allows remote
authenticated attackers to execute a
CVE-2020-5557 (Cross-site scripting vulnerability in CuteNews 2.0.1 allows
remote att ...)
TODO: check
CVE-2020-5556 (Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: Shihonkanri Plus GOOUT
CVE-2020-5555 (Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: Shihonkanri Plus GOOUT
CVE-2020-5554 (Directory traversal vulnerability in Shihonkanri Plus GOOUT
Ver1.5.8 a ...)
- TODO: check
+ NOT-FOR-US: Shihonkanri Plus GOOUT
CVE-2020-5553 (mailform version 1.04 allows remote attackers to execute
arbitrary PHP ...)
TODO: check
CVE-2020-5552 (Cross-site scripting vulnerability in mailform version 1.04
allows rem ...)
@@ -12970,9 +12970,9 @@ CVE-2020-5342 (Dell Digital Delivery versions prior to
3.5.2015 contain an incor
CVE-2020-5341
RESERVED
CVE-2020-5340 (RSA Authentication Manager versions prior to 8.4 P10 contain a
stored ...)
- TODO: check
+ NOT-FOR-US: RSA Authentication Manager
CVE-2020-5339 (RSA Authentication Manager versions prior to 8.4 P10 contain a
stored ...)
- TODO: check
+ NOT-FOR-US: RSA Authentication Manager
CVE-2020-5338
RESERVED
CVE-2020-5337
@@ -13116,7 +13116,7 @@ CVE-2020-5279
CVE-2020-5278
RESERVED
CVE-2020-5277 (PrestaShop module ps_facetedsearch versions before 3.5.0 has a
reflect ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2020-5276
RESERVED
CVE-2020-5275
@@ -13789,7 +13789,7 @@ CVE-2020-5131
CVE-2020-5130
RESERVED
CVE-2020-5129 (A vulnerability in the SonicWall SMA1000 HTTP Extraweb server
allows a ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2019-20197 (In Nagios XI 5.6.9, an authenticated user is able to execute
arbitrary ...)
NOT-FOR-US: Nagios XI
CVE-2019-20196
@@ -17408,33 +17408,33 @@ CVE-2020-3810
CVE-2020-3809
RESERVED
CVE-2020-3808 (Creative Cloud Desktop Application versions 5.0 and earlier
have a tim ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3807 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3806 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3805 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3804 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3803 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3802 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3801 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3800 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3799 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3798
RESERVED
CVE-2020-3797 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3796
RESERVED
CVE-2020-3795 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3794 (ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a
file i ...)
TODO: check
CVE-2020-3793 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier,
2017.011 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5361c66995bd58b89c12835231f108e08b3b414
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5361c66995bd58b89c12835231f108e08b3b414
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
