Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 9b43b5f2 by Salvatore Bonaccorso at 2020-06-30T21:22:17+02:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -55,7 +55,7 @@ CVE-2020-15370 CVE-2020-15369 RESERVED CVE-2020-15368 (AsrDrv103.sys in the ASRock RGB Driver does not properly restrict acce ...) - TODO: check + NOT-FOR-US: ASRock RGB Driver CVE-2020-15367 RESERVED CVE-2020-15366 @@ -69,11 +69,11 @@ CVE-2020-15364 (The Nexos theme through 1.7 for WordPress allows top-map/?search CVE-2020-15363 (The Nexos theme through 1.7 for WordPress allows side-map/?search_orde ...) NOT-FOR-US: Wordpress theme CVE-2020-15362 (wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection b ...) - TODO: check + NOT-FOR-US: thingsSDK WiFi Scanner CVE-2020-15361 RESERVED CVE-2020-15360 (com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalatio ...) - TODO: check + NOT-FOR-US: Docker Desktop on Windows CVE-2020-15359 RESERVED CVE-2020-15357 @@ -8137,7 +8137,7 @@ CVE-2020-12041 (The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24 CVE-2020-12040 (Sigma Spectrum Infusion System v's6.x (model 35700BAX) and Baxter Spec ...) NOT-FOR-US: Sigma Spectrum Infusion System CVE-2020-12039 (Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v' ...) - TODO: check + NOT-FOR-US: Baxter CVE-2020-12038 (Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk ...) NOT-FOR-US: Rockwell Automation CVE-2020-12037 (Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The ...) @@ -25191,7 +25191,7 @@ CVE-2020-5592 (Cross-site scripting vulnerability in Zenphoto versions prior to CVE-2020-5591 (XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to ...) NOT-FOR-US: XACK DNS CVE-2020-5590 (Directory traversal vulnerability in EC-CUBE 3.0.0 to 3.0.18 and 4.0.0 ...) - TODO: check + NOT-FOR-US: EC-CUBE CVE-2020-5589 (SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, ...) NOT-FOR-US: SONY CVE-2020-5588 @@ -28868,7 +28868,7 @@ CVE-2020-4091 CVE-2020-4090 RESERVED CVE-2020-4089 (HCL Notes is vulnerable to an information leakage vulnerability throug ...) - TODO: check + NOT-FOR-US: HCL Notes CVE-2020-4088 RESERVED CVE-2020-4087 @@ -28910,7 +28910,7 @@ CVE-2020-4070 (In CSS Validator less than or equal to commit 54d68a1, there is a CVE-2020-4069 RESERVED CVE-2020-4068 (In APNSwift 1.0.0, calling APNSwiftSigner.sign(digest:) is likely to r ...) - TODO: check + NOT-FOR-US: APNSwift CVE-2020-4067 (In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN ...) {DSA-4711-1} - coturn 4.5.1.3-1 @@ -29003,7 +29003,7 @@ CVE-2020-4030 (In FreeRDP before version 2.1.2, there is an out of bounds read i CVE-2020-4029 RESERVED CVE-2020-4028 (Versions before 8.9.1, Various resources in Jira responded with a 404 ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-4027 RESERVED CVE-2020-4026 (The CustomAppsRestResource list resource in Atlassian Navigator Links ...) @@ -34850,7 +34850,7 @@ CVE-2020-2023 (Kata Containers doesn't restrict containers from accessing the gu CVE-2020-2022 RESERVED CVE-2020-2021 (When Security Assertion Markup Language (SAML) authentication is enabl ...) - TODO: check + NOT-FOR-US: Palo Alto Networks CVE-2020-2020 RESERVED CVE-2020-2019 @@ -36993,7 +36993,7 @@ CVE-2019-19162 (A use-after-free vulnerability in the TOBESOFT XPLATFORM version CVE-2019-19161 RESERVED CVE-2019-19160 (Reportexpress ProPlus contains a vulnerability that could allow an arb ...) - TODO: check + NOT-FOR-US: Reportexpress ProPlus CVE-2019-19159 RESERVED CVE-2019-19158 @@ -41761,15 +41761,15 @@ CVE-2019-18258 CVE-2019-18257 (In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple ...) NOT-FOR-US: Advantech CVE-2019-18256 (BIOTRONIK CardioMessenger II, The affected products use individual per ...) - TODO: check + NOT-FOR-US: BIOTRONIK CardioMessenge CVE-2019-18255 RESERVED CVE-2019-18254 (BIOTRONIK CardioMessenger II, The affected products do not encrypt sen ...) - TODO: check + NOT-FOR-US: BIOTRONIK CardioMessenge CVE-2019-18253 (An attacker could use specially crafted paths in a specific request to ...) NOT-FOR-US: Relion CVE-2019-18252 (BIOTRONIK CardioMessenger II, The affected products allow credential r ...) - TODO: check + NOT-FOR-US: BIOTRONIK CardioMessenge CVE-2019-18251 (In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervis ...) NOT-FOR-US: Omron CVE-2019-18250 (In all versions of ABB Power Generation Information Manager (PGIM) and ...) @@ -41777,11 +41777,11 @@ CVE-2019-18250 (In all versions of ABB Power Generation Information Manager (PGI CVE-2019-18249 (Reliable Controls MACH-ProWebCom/Sys, all versions prior to 2.15 (Firm ...) NOT-FOR-US: Reliable Controls CVE-2019-18248 (BIOTRONIK CardioMessenger II, The affected products transmit credentia ...) - TODO: check + NOT-FOR-US: BIOTRONIK CardioMessenge CVE-2019-18247 (An attacker may use a specially crafted message to force Relion 650 se ...) NOT-FOR-US: Relion CVE-2019-18246 (BIOTRONIK CardioMessenger II, The affected products do not properly en ...) - TODO: check + NOT-FOR-US: BIOTRONIK CardioMessenge CVE-2019-18245 (Reliable Controls LicenseManager versions 3.4 and prior may allow an a ...) NOT-FOR-US: Reliable Controls LicenseManager CVE-2019-18244 (OSIsoft PI Vision, PI Vision 2017 R2, PI Vision 2017 R2 SP1, PI Vision ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b43b5f22fff025307b6454a2732e8c3b4400f0f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b43b5f22fff025307b6454a2732e8c3b4400f0f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits