Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9b43b5f2 by Salvatore Bonaccorso at 2020-06-30T21:22:17+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -55,7 +55,7 @@ CVE-2020-15370
CVE-2020-15369
RESERVED
CVE-2020-15368 (AsrDrv103.sys in the ASRock RGB Driver does not properly
restrict acce ...)
- TODO: check
+ NOT-FOR-US: ASRock RGB Driver
CVE-2020-15367
RESERVED
CVE-2020-15366
@@ -69,11 +69,11 @@ CVE-2020-15364 (The Nexos theme through 1.7 for WordPress
allows top-map/?search
CVE-2020-15363 (The Nexos theme through 1.7 for WordPress allows
side-map/?search_orde ...)
NOT-FOR-US: Wordpress theme
CVE-2020-15362 (wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code
Injection b ...)
- TODO: check
+ NOT-FOR-US: thingsSDK WiFi Scanner
CVE-2020-15361
RESERVED
CVE-2020-15360 (com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege
escalatio ...)
- TODO: check
+ NOT-FOR-US: Docker Desktop on Windows
CVE-2020-15359
RESERVED
CVE-2020-15357
@@ -8137,7 +8137,7 @@ CVE-2020-12041 (The Baxter Spectrum WBM (v17, v20D29,
v20D30, v20D31, and v22D24
CVE-2020-12040 (Sigma Spectrum Infusion System v's6.x (model 35700BAX) and
Baxter Spec ...)
NOT-FOR-US: Sigma Spectrum Infusion System
CVE-2020-12039 (Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion
System v' ...)
- TODO: check
+ NOT-FOR-US: Baxter
CVE-2020-12038 (Products that use EDS Subsystem: Version 28.0.1 and prior
(FactoryTalk ...)
NOT-FOR-US: Rockwell Automation
CVE-2020-12037 (Baxter PrismaFlex all versions, PrisMax all versions prior to
3.x, The ...)
@@ -25191,7 +25191,7 @@ CVE-2020-5592 (Cross-site scripting vulnerability in
Zenphoto versions prior to
CVE-2020-5591 (XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23,
1.7.0 to ...)
NOT-FOR-US: XACK DNS
CVE-2020-5590 (Directory traversal vulnerability in EC-CUBE 3.0.0 to 3.0.18
and 4.0.0 ...)
- TODO: check
+ NOT-FOR-US: EC-CUBE
CVE-2020-5589 (SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2,
WH-1000XM3, ...)
NOT-FOR-US: SONY
CVE-2020-5588
@@ -28868,7 +28868,7 @@ CVE-2020-4091
CVE-2020-4090
RESERVED
CVE-2020-4089 (HCL Notes is vulnerable to an information leakage vulnerability
throug ...)
- TODO: check
+ NOT-FOR-US: HCL Notes
CVE-2020-4088
RESERVED
CVE-2020-4087
@@ -28910,7 +28910,7 @@ CVE-2020-4070 (In CSS Validator less than or equal to
commit 54d68a1, there is a
CVE-2020-4069
RESERVED
CVE-2020-4068 (In APNSwift 1.0.0, calling APNSwiftSigner.sign(digest:) is
likely to r ...)
- TODO: check
+ NOT-FOR-US: APNSwift
CVE-2020-4067 (In coturn before version 4.5.1.3, there is an issue whereby
STUN/TURN ...)
{DSA-4711-1}
- coturn 4.5.1.3-1
@@ -29003,7 +29003,7 @@ CVE-2020-4030 (In FreeRDP before version 2.1.2, there
is an out of bounds read i
CVE-2020-4029
RESERVED
CVE-2020-4028 (Versions before 8.9.1, Various resources in Jira responded with
a 404 ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-4027
RESERVED
CVE-2020-4026 (The CustomAppsRestResource list resource in Atlassian Navigator
Links ...)
@@ -34850,7 +34850,7 @@ CVE-2020-2023 (Kata Containers doesn't restrict
containers from accessing the gu
CVE-2020-2022
RESERVED
CVE-2020-2021 (When Security Assertion Markup Language (SAML) authentication
is enabl ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2020-2020
RESERVED
CVE-2020-2019
@@ -36993,7 +36993,7 @@ CVE-2019-19162 (A use-after-free vulnerability in the
TOBESOFT XPLATFORM version
CVE-2019-19161
RESERVED
CVE-2019-19160 (Reportexpress ProPlus contains a vulnerability that could
allow an arb ...)
- TODO: check
+ NOT-FOR-US: Reportexpress ProPlus
CVE-2019-19159
RESERVED
CVE-2019-19158
@@ -41761,15 +41761,15 @@ CVE-2019-18258
CVE-2019-18257 (In Advantech DiagAnywhere Server, Versions 3.07.11 and prior,
multiple ...)
NOT-FOR-US: Advantech
CVE-2019-18256 (BIOTRONIK CardioMessenger II, The affected products use
individual per ...)
- TODO: check
+ NOT-FOR-US: BIOTRONIK CardioMessenge
CVE-2019-18255
RESERVED
CVE-2019-18254 (BIOTRONIK CardioMessenger II, The affected products do not
encrypt sen ...)
- TODO: check
+ NOT-FOR-US: BIOTRONIK CardioMessenge
CVE-2019-18253 (An attacker could use specially crafted paths in a specific
request to ...)
NOT-FOR-US: Relion
CVE-2019-18252 (BIOTRONIK CardioMessenger II, The affected products allow
credential r ...)
- TODO: check
+ NOT-FOR-US: BIOTRONIK CardioMessenge
CVE-2019-18251 (In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron
CX-Supervis ...)
NOT-FOR-US: Omron
CVE-2019-18250 (In all versions of ABB Power Generation Information Manager
(PGIM) and ...)
@@ -41777,11 +41777,11 @@ CVE-2019-18250 (In all versions of ABB Power
Generation Information Manager (PGI
CVE-2019-18249 (Reliable Controls MACH-ProWebCom/Sys, all versions prior to
2.15 (Firm ...)
NOT-FOR-US: Reliable Controls
CVE-2019-18248 (BIOTRONIK CardioMessenger II, The affected products transmit
credentia ...)
- TODO: check
+ NOT-FOR-US: BIOTRONIK CardioMessenge
CVE-2019-18247 (An attacker may use a specially crafted message to force
Relion 650 se ...)
NOT-FOR-US: Relion
CVE-2019-18246 (BIOTRONIK CardioMessenger II, The affected products do not
properly en ...)
- TODO: check
+ NOT-FOR-US: BIOTRONIK CardioMessenge
CVE-2019-18245 (Reliable Controls LicenseManager versions 3.4 and prior may
allow an a ...)
NOT-FOR-US: Reliable Controls LicenseManager
CVE-2019-18244 (OSIsoft PI Vision, PI Vision 2017 R2, PI Vision 2017 R2 SP1,
PI Vision ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b43b5f22fff025307b6454a2732e8c3b4400f0f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b43b5f22fff025307b6454a2732e8c3b4400f0f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
