Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b6573669 by Salvatore Bonaccorso at 2020-04-16T14:50:21+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2333,11 +2333,11 @@ CVE-2020-11005 (The WindowsHello open source library
(NuGet HaemmerElectronics.S
CVE-2020-11004
RESERVED
CVE-2020-11003 (Oasis before version 2.15.0 has a potential DNS rebinding or
CSRF vuln ...)
- TODO: check
+ NOT-FOR-US: Oasis (not the same as src:oasis)
CVE-2020-11002 (dropwizard-validation before versions 2.0.3 and 1.3.21 has a
remote co ...)
TODO: check
CVE-2020-11001 (In Wagtail before versions 2.8.1 and 2.7.2, a cross-site
scripting (XS ...)
- TODO: check
+ NOT-FOR-US: Wagtail
CVE-2020-11000 (GreenBrowser before version 1.2 has a vulnerability where apps
that re ...)
NOT-FOR-US: GreenBrowser
CVE-2020-10999
@@ -6051,9 +6051,9 @@ CVE-2020-9463 (Centreon 19.10 allows remote authenticated
users to execute arbit
CVE-2020-9462
RESERVED
CVE-2020-9461 (Octech Oempro 4.7 through 4.11 allow stored XSS by an
authenticated us ...)
- TODO: check
+ NOT-FOR-US: Octech Oempro
CVE-2020-9460 (Octech Oempro 4.7 through 4.11 allow XSS by an authenticated
user. The ...)
- TODO: check
+ NOT-FOR-US: Octech Oempro
CVE-2020-9459 (Multiple Stored Cross-site scripting (XSS) vulnerabilities in
the Webn ...)
NOT-FOR-US: Webnus Modern Events Calendar Lite plugin for WordPress
CVE-2020-9458 (In the RegistrationMagic plugin through 4.6.0.3 for WordPress,
the exp ...)
@@ -6525,7 +6525,7 @@ CVE-2020-9282 (In Mahara 18.10 before 18.10.5, 19.04
before 19.04.4, and 19.10 b
CVE-2020-9281 (A cross-site scripting (XSS) vulnerability in the HTML Data
Processor ...)
NOT-FOR-US: CKEditor plugin
CVE-2020-9280 (In SilverStripe through 4.5, files uploaded via Forms to
folders migra ...)
- TODO: check
+ NOT-FOR-US: SilverStripe
CVE-2020-9279
RESERVED
CVE-2020-9278
@@ -7165,7 +7165,7 @@ CVE-2020-9006 (The Popup Builder plugin 2.2.8 through
2.6.7.6 for WordPress is v
CVE-2020-9005 (meshsystem.dll in Valve Dota 2 through 2020-02-17 allows remote
attack ...)
NOT-FOR-US: Dota 2
CVE-2020-9004 (A remote authenticated authorization-bypass vulnerability in
Wowza Str ...)
- TODO: check
+ NOT-FOR-US: Wowza Streaming Engine
CVE-2020-9003 (A stored XSS vulnerability exists in the Modula Image Gallery
plugin b ...)
NOT-FOR-US: Modula Image Gallery plugin for WordPress
CVE-2020-9002
@@ -8527,7 +8527,7 @@ CVE-2020-8432 (In Das U-Boot through 2020.01, a double
free has been found in th
CVE-2020-8431
RESERVED
CVE-2020-8430 (Stormshield Network Security 310 3.7.10 devices have an
auth/lang.html ...)
- TODO: check
+ NOT-FOR-US: Stormshield Network Security 310
CVE-2020-8429 (The Admin web application in Kinetica 7.0.9.2.20191118151947
does not ...)
NOT-FOR-US: Kinetica
CVE-2020-8427 (Kaseya Traverse before 9.5.20 allows OS command injection
attacks agai ...)
@@ -9095,7 +9095,7 @@ CVE-2020-8150
CVE-2020-8149
RESERVED
CVE-2020-8148 (UniFi Cloud Key firmware < 1.1.6 contains a vulnerability
that enab ...)
- TODO: check
+ NOT-FOR-US: UniFi Cloud Key firmware
CVE-2020-8147 (Flaw in input validation in npm package utils-extend version
1.0.8 and ...)
NOT-FOR-US: Node utils-extend
CVE-2020-8146 (In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a
Local Privi ...)
@@ -10011,11 +10011,11 @@ CVE-2020-7804
CVE-2020-7803
RESERVED
CVE-2020-7802 (The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70,
with fir ...)
- TODO: check
+ NOT-FOR-US: Synergy Systems & Solutions (SSS)
CVE-2020-7801 (The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70,
with fir ...)
- TODO: check
+ NOT-FOR-US: Synergy Systems & Solutions (SSS)
CVE-2020-7800 (The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70,
with fir ...)
- TODO: check
+ NOT-FOR-US: Synergy Systems & Solutions (SSS)
CVE-2020-7799 (An issue was discovered in FusionAuth before 1.11.0. An
authenticated ...)
NOT-FOR-US: FusionAuth
CVE-2020-7798
@@ -10657,13 +10657,13 @@ CVE-2020-7488
CVE-2020-7487
RESERVED
CVE-2020-7486 (**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could
cause TC ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2020-7485 (**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support
account in th ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2020-7484 (**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with
the forme ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2020-7483 (**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could
cause ce ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2020-7482 (A CWE-79:Improper Neutralization of Input During Web Page
Generation ( ...)
NOT-FOR-US: Andover Continuum
CVE-2020-7481 (A CWE-79:Improper Neutralization of Input During Web Page
Generation ( ...)
@@ -11824,7 +11824,7 @@ CVE-2020-6998
CVE-2020-6997 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower,
sensitive inf ...)
NOT-FOR-US: Moxa
CVE-2020-6996 (Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation
.NET Prot ...)
- TODO: check
+ NOT-FOR-US: Triangle MicroWorks
CVE-2020-6995 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and
PT-7828 ser ...)
NOT-FOR-US: Moxa
CVE-2020-6994 (A buffer overflow vulnerability was found in some devices of
Hirschman ...)
@@ -11832,7 +11832,7 @@ CVE-2020-6994 (A buffer overflow vulnerability was
found in some devices of Hirs
CVE-2020-6993 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and
PT-7828 ser ...)
NOT-FOR-US: Moxa
CVE-2020-6992 (A local privilege escalation vulnerability has been identified
in the ...)
- TODO: check
+ NOT-FOR-US: GE Digital
CVE-2020-6991 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak
password ...)
NOT-FOR-US: Moxa
CVE-2020-6990 (Rockwell Automation MicroLogix 1400 Controllers Series B
v21.001 and p ...)
@@ -19685,7 +19685,7 @@ CVE-2020-3934 (Secom Co. Dr.ID, a Door Access Control
and Personnel Attendance M
CVE-2020-3933 (Secom Co. Dr.ID, a Door Access Control and Personnel Attendance
Manage ...)
NOT-FOR-US: Secom Co. Dr.ID
CVE-2020-3932 (A vulnerable SNMP in Draytek VigorAP910C cannot be disabled,
which may ...)
- TODO: check
+ NOT-FOR-US: Draytek VigorAP910C
CVE-2020-3931
RESERVED
CVE-2020-3930
@@ -22214,7 +22214,7 @@ CVE-2020-2963 (Vulnerability in the Oracle WebLogic
Server product of Oracle Fus
CVE-2020-2962
RESERVED
CVE-2020-2961 (Vulnerability in the Enterprise Manager Base Platform product
of Oracl ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2960
RESERVED
CVE-2020-2959 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
@@ -22226,50 +22226,50 @@ CVE-2020-2958 (Vulnerability in the Oracle VM
VirtualBox product of Oracle Virtu
CVE-2020-2957
RESERVED
CVE-2020-2956 (Vulnerability in the Oracle Human Resources product of Oracle
E-Busine ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2955 (Vulnerability in the Oracle FLEXCUBE Core Banking product of
Oracle Fi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2954 (Vulnerability in the PeopleSoft Enterprise HRMS product of
Oracle Peop ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2953 (Vulnerability in the Oracle Retail Customer Management and
Segmentatio ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2952 (Vulnerability in the Oracle HTTP Server product of Oracle
Fusion Middl ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2951 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2950 (Vulnerability in the Oracle Business Intelligence Enterprise
Edition p ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2949 (Vulnerability in the Oracle Coherence product of Oracle Fusion
Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2948
RESERVED
CVE-2020-2947 (Vulnerability in the PeopleSoft Enterprise HCM Absence
Management prod ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2946 (Vulnerability in the Application Performance Management product
of Ora ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2945 (Vulnerability in the Oracle Financial Services Deposit
Insurance Calcu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2944 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
NOT-FOR-US: Oracle Solaris
CVE-2020-2943 (Vulnerability in the Oracle Financial Services Liquidity Risk
Measurem ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2942 (Vulnerability in the Oracle Financial Services Price Creation
and Disc ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2941 (Vulnerability in the Oracle Financial Services Funds Transfer
Pricing ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2940 (Vulnerability in the Oracle Financial Services Profitability
Managemen ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2939 (Vulnerability in the Oracle Financial Services Asset Liability
Managem ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2938 (Vulnerability in the Oracle Financial Services Loan Loss
Forecasting a ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2937 (Vulnerability in the Oracle Insurance Accounting Analyzer
product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2936 (Vulnerability in the Oracle Financial Services Balance Sheet
Planning ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2935 (Vulnerability in the Oracle Financial Services Hedge Management
and IF ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2934 (Vulnerability in the MySQL Connectors product of Oracle MySQL
(compone ...)
- mysql-connector-java <removed>
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
@@ -22278,9 +22278,9 @@ CVE-2020-2933 (Vulnerability in the MySQL Connectors
product of Oracle MySQL (co
[stretch] - mysql-connector-java <ignored> (Oracle doesn't disclose
details, but CVSS score is marginal, so seems fine to ignore for Stretch)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2932 (Vulnerability in the Oracle Knowledge product of Oracle
Knowledge (com ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2931 (Vulnerability in the Oracle Knowledge product of Oracle
Knowledge (com ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2930 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
@@ -22291,7 +22291,7 @@ CVE-2020-2928 (Vulnerability in the MySQL Server
product of Oracle MySQL (compon
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2927 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2926 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
@@ -22311,7 +22311,7 @@ CVE-2020-2921 (Vulnerability in the MySQL Server
product of Oracle MySQL (compon
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2920 (Vulnerability in the Oracle Agile PLM product of Oracle Supply
Chain ( ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2919
RESERVED
CVE-2020-2918
@@ -22321,7 +22321,7 @@ CVE-2020-2917
CVE-2020-2916
RESERVED
CVE-2020-2915 (Vulnerability in the Oracle Coherence product of Oracle Fusion
Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2914 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
@@ -22329,7 +22329,7 @@ CVE-2020-2913 (Vulnerability in the Oracle VM
VirtualBox product of Oracle Virtu
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2912 (Vulnerability in the PeopleSoft Enterprise CS Campus Community
product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2911 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
@@ -22346,7 +22346,7 @@ CVE-2020-2907 (Vulnerability in the Oracle VM
VirtualBox product of Oracle Virtu
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2906 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing
product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2905 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
@@ -22363,9 +22363,9 @@ CVE-2020-2901 (Vulnerability in the MySQL Server
product of Oracle MySQL (compon
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2900 (Vulnerability in the Oracle GraalVM Enterprise Edition product
of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2899 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing
product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2898 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
@@ -22388,183 +22388,183 @@ CVE-2020-2892 (Vulnerability in the MySQL Server
product of Oracle MySQL (compon
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2891 (Vulnerability in the Oracle Financial Services Liquidity Risk
Manageme ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2890 (Vulnerability in the Oracle Applications Framework product of
Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2889 (Vulnerability in the Oracle CRM Technical Foundation product of
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2888 (Vulnerability in the Oracle Marketing product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2887 (Vulnerability in the Oracle Customer Interaction History
product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2886 (Vulnerability in the Oracle CRM Technical Foundation product of
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2885 (Vulnerability in the Oracle Document Management and
Collaboration prod ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2884 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2883 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2882 (Vulnerability in the Oracle Human Resources product of Oracle
E-Busine ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2881 (Vulnerability in the Oracle CRM Technical Foundation product of
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2880 (Vulnerability in the Oracle Learning Management product of
Oracle E-Bu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2879 (Vulnerability in the Oracle Scripting product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2878 (Vulnerability in the Oracle iSupport product of Oracle
E-Business Suit ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2877 (Vulnerability in the Oracle Partner Management product of
Oracle E-Bus ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2876 (Vulnerability in the Oracle Marketing product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2875 (Vulnerability in the MySQL Connectors product of Oracle MySQL
(compone ...)
- mysql-connector-java <removed>
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2874 (Vulnerability in the Oracle Email Center product of Oracle
E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2873 (Vulnerability in the Oracle Customer Interaction History
product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2872 (Vulnerability in the Oracle iSupport product of Oracle
E-Business Suit ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2871 (Vulnerability in the Oracle Advanced Outbound Telephony product
of Ora ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2870 (Vulnerability in the Oracle One-to-One Fulfillment product of
Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2869 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2868 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2867 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2866 (Vulnerability in the Oracle Applications Framework product of
Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2865 (Vulnerability in the Oracle Configurator product of Oracle
Supply Chai ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2864 (Vulnerability in the Oracle iSupplier Portal product of Oracle
E-Busin ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2863 (Vulnerability in the Oracle Advanced Outbound Telephony product
of Ora ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2862 (Vulnerability in the Oracle One-to-One Fulfillment product of
Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2861 (Vulnerability in the Oracle Marketing product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2860 (Vulnerability in the Oracle Marketing product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2859 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2858 (Vulnerability in the Oracle Marketing product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2857 (Vulnerability in the Oracle Advanced Outbound Telephony product
of Ora ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2856 (Vulnerability in the Oracle Advanced Outbound Telephony product
of Ora ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2855 (Vulnerability in the Oracle iSupport product of Oracle
E-Business Suit ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2854 (Vulnerability in the Oracle Advanced Outbound Telephony product
of Ora ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2853 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2852 (Vulnerability in the Oracle Advanced Outbound Telephony product
of Ora ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2851 (Vulnerability in the Oracle Solaris product of Oracle Systems
(compone ...)
NOT-FOR-US: Oracle Solaris
CVE-2020-2850 (Vulnerability in the Oracle Depot Repair product of Oracle
E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2849 (Vulnerability in the Oracle Depot Repair product of Oracle
E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2848 (Vulnerability in the Oracle Depot Repair product of Oracle
E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2847 (Vulnerability in the Oracle Depot Repair product of Oracle
E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2846 (Vulnerability in the Oracle Depot Repair product of Oracle
E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2845 (Vulnerability in the Oracle Depot Repair product of Oracle
E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2844 (Vulnerability in the Oracle Depot Repair product of Oracle
E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2843 (Vulnerability in the Oracle iSupport product of Oracle
E-Business Suit ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2842 (Vulnerability in the Oracle Depot Repair product of Oracle
E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2841 (Vulnerability in the Oracle Knowledge Management product of
Oracle E-B ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2840 (Vulnerability in the Oracle E-Business Intelligence product of
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2839 (Vulnerability in the Oracle Service Intelligence product of
Oracle E-B ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2838 (Vulnerability in the Oracle CRM Gateway for Mobile Devices
product of ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2837 (Vulnerability in the Oracle Marketing product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2836 (Vulnerability in the Oracle Marketing product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2835 (Vulnerability in the Oracle Marketing product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2834 (Vulnerability in the Oracle Marketing product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2833 (Vulnerability in the Oracle Quoting product of Oracle
E-Business Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2832 (Vulnerability in the Oracle One-to-One Fulfillment product of
Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2831 (Vulnerability in the Oracle Marketing product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2830 (Vulnerability in the Java SE, Java SE Embedded product of
Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
- openjdk-7 <removed>
CVE-2020-2829 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2828 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2827 (Vulnerability in the Oracle One-to-One Fulfillment product of
Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2826 (Vulnerability in the Oracle One-to-One Fulfillment product of
Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2825 (Vulnerability in the Oracle One-to-One Fulfillment product of
Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2824 (Vulnerability in the Oracle One-to-One Fulfillment product of
Oracle E ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2823 (Vulnerability in the Oracle Common Applications Calendar
product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2822 (Vulnerability in the Oracle Trade Management product of Oracle
E-Busin ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2821 (Vulnerability in the Oracle Trade Management product of Oracle
E-Busin ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2820 (Vulnerability in the Oracle Common Applications Calendar
product of Or ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2819 (Vulnerability in the Oracle Universal Work Queue product of
Oracle E-B ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2818 (Vulnerability in the Oracle Universal Work Queue product of
Oracle E-B ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2817 (Vulnerability in the Oracle Scripting product of Oracle
E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2816 (Vulnerability in the Java SE product of Oracle Java SE
(component: JSS ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
CVE-2020-2815 (Vulnerability in the Oracle iSupport product of Oracle
E-Business Suit ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2814 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2813 (Vulnerability in the Oracle Email Center product of Oracle
E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2812 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2811 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2810 (Vulnerability in the Oracle iStore product of Oracle E-Business
Suite ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2809 (Vulnerability in the Oracle E-Business Intelligence product of
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2808 (Vulnerability in the Oracle E-Business Intelligence product of
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2807 (Vulnerability in the Oracle Marketing Encyclopedia System
product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2806 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE:
https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
@@ -22582,20 +22582,20 @@ CVE-2020-2803 (Vulnerability in the Java SE, Java SE
Embedded product of Oracle
- openjdk-8 8u252-b09-1
- openjdk-7 <removed>
CVE-2020-2802 (Vulnerability in the Oracle GraalVM Enterprise Edition product
of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2801 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2800 (Vulnerability in the Java SE, Java SE Embedded product of
Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
- openjdk-7 <removed>
CVE-2020-2799 (Vulnerability in the Oracle GraalVM Enterprise Edition product
of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2798 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2797 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2796 (Vulnerability in the Oracle Email Center product of Oracle
E-Business ...)
TODO: check
CVE-2020-2795 (Vulnerability in the Oracle Knowledge product of Oracle
Knowledge (com ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b65736693daee5761e212c8293a82b4fee254c31
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b65736693daee5761e212c8293a82b4fee254c31
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
