Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f8f3f8f0 by Salvatore Bonaccorso at 2020-07-31T21:29:15+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27642,11 +27642,11 @@ CVE-2020-5616
CVE-2020-5615
RESERVED
CVE-2020-5614 (Directory traversal vulnerability in KonaWiki 3.1.0 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: KonaWiki
CVE-2020-5613 (Cross-site scripting vulnerability in KonaWiki 3.1.0 and
earlier allow ...)
- TODO: check
+ NOT-FOR-US: KonaWiki
CVE-2020-5612 (Cross-site scripting vulnerability in KonaWiki 2.2.0 and
earlier allow ...)
- TODO: check
+ NOT-FOR-US: KonaWiki
CVE-2020-5611 (Cross-site request forgery (CSRF) vulnerability in Social
Sharing Plug ...)
NOT-FOR-US: Social Sharing Plugin for WordPress
CVE-2020-5610 (Global TechStream (GTS) for TOYOTA dealers version 15.10.032
and earli ...)
@@ -31999,23 +31999,23 @@ CVE-2019-20035
CVE-2019-20034
RESERVED
CVE-2019-20033 (On Aspire-derived NEC PBXes, including all versions of SV8100
devices, ...)
- TODO: check
+ NOT-FOR-US: NEC devices
CVE-2019-20032 (An attacker with access to an InMail voicemail box equipped
with the f ...)
- TODO: check
+ NOT-FOR-US: NEC devices
CVE-2019-20031 (NEC UM8000, UM4730 and prior non-InMail voicemail systems with
all kno ...)
- TODO: check
+ NOT-FOR-US: NEC devices
CVE-2019-20030 (An attacker with knowledge of the modem access number on a NEC
UM8000 ...)
- TODO: check
+ NOT-FOR-US: NEC devices
CVE-2019-20029 (An exploitable privilege escalation vulnerability exists in
the WebPro ...)
- TODO: check
+ NOT-FOR-US: NEC devices
CVE-2019-20028 (Aspire-derived NEC PBXes operating InMail software, including
all vers ...)
- TODO: check
+ NOT-FOR-US: NEC devices
CVE-2019-20027 (Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100
and SL2 ...)
- TODO: check
+ NOT-FOR-US: NEC devices
CVE-2019-20026 (The WebPro interface in NEC SV9100 software releases 7.0 or
higher all ...)
- TODO: check
+ NOT-FOR-US: NEC devices
CVE-2019-20025 (Certain builds of NEC SV9100 software could allow an
unauthenticated, ...)
- TODO: check
+ NOT-FOR-US: NEC devices
CVE-2019-20024 (A heap-based buffer overflow was discovered in
image_buffer_resize in ...)
- libsixel 1.8.6-1 (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
@@ -33814,11 +33814,11 @@ CVE-2020-3464
CVE-2020-3463
RESERVED
CVE-2020-3462 (A vulnerability in the web-based management interface of Cisco
Data Ce ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3461 (A vulnerability in the web-based management interface of Cisco
Data Ce ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3460 (A vulnerability in the web-based management interface of Cisco
Data Ce ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3459
RESERVED
CVE-2020-3458
@@ -33966,15 +33966,15 @@ CVE-2020-3388 (A vulnerability in the CLI of Cisco
SD-WAN vManage Software could
CVE-2020-3387 (A vulnerability in Cisco SD-WAN vManage Software could allow an
authen ...)
NOT-FOR-US: Cisco
CVE-2020-3386 (A vulnerability in the REST API endpoint of Cisco Data Center
Network ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3385 (A vulnerability in the deep packet inspection (DPI) engine of
Cisco SD ...)
NOT-FOR-US: Cisco
CVE-2020-3384 (A vulnerability in specific REST API endpoints of Cisco Data
Center Ne ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3383 (A vulnerability in the archive utility of Cisco Data Center
Network Ma ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3382 (A vulnerability in the REST API of Cisco Data Center Network
Manager ( ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3381 (A vulnerability in the web management interface of Cisco SD-WAN
vManag ...)
NOT-FOR-US: Cisco
CVE-2020-3380 (A vulnerability in the CLI of Cisco Data Center Network Manager
(DCNM) ...)
@@ -33984,13 +33984,13 @@ CVE-2020-3379 (A vulnerability in Cisco SD-WAN
Solution Software could allow an
CVE-2020-3378 (A vulnerability in the web-based management interface for Cisco
SD-WAN ...)
NOT-FOR-US: Cisco
CVE-2020-3377 (A vulnerability in the Device Manager application of Cisco Data
Center ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3376 (A vulnerability in the Device Manager application of Cisco Data
Center ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3375 (A vulnerability in Cisco SD-WAN Solution Software could allow
an unaut ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3374 (A vulnerability in the web-based management interface of Cisco
SD-WAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3373
RESERVED
CVE-2020-3372 (A vulnerability in the web-based management interface of Cisco
SD-WAN ...)
@@ -35973,7 +35973,7 @@ CVE-2020-2564 (Vulnerability in the Siebel UI Framework
product of Oracle Siebel
CVE-2020-2563 (Vulnerability in the Hyperion Financial Close Management
product of Or ...)
NOT-FOR-US: Oracle
CVE-2020-2562 (Vulnerability in the Primavera Portfolio Management product of
Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2561 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources
product ...)
NOT-FOR-US: Oracle
CVE-2020-2560 (Vulnerability in the Siebel UI Framework product of Oracle
Siebel CRM ...)
@@ -36071,7 +36071,7 @@ CVE-2020-2515 (Vulnerability in the Database Gateway
for ODBC component of Oracl
CVE-2020-2514 (Vulnerability in the Oracle Application Express component of
Oracle Da ...)
NOT-FOR-US: Oracle
CVE-2020-2513 (Vulnerability in the Oracle Application Express component of
Oracle Da ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2512 (Vulnerability in the Database Gateway for ODBC component of
Oracle Dat ...)
NOT-FOR-US: Oracle
CVE-2020-2511 (Vulnerability in the Core RDBMS component of Oracle Database
Server. S ...)
@@ -40695,7 +40695,7 @@ CVE-2020-1654 (On Juniper Networks SRX Series with ICAP
(Internet Content Adapta
CVE-2020-1653 (On Juniper Networks Junos OS devices, a stream of TCP packets
sent to ...)
NOT-FOR-US: Juniper
CVE-2020-1652 (OpenNMS is accessible via port 9443 ...)
- TODO: check
+ NOT-FOR-US: OpenNMS
CVE-2020-1651 (On Juniper Networks MX series, receipt of a stream of specific
Layer 2 ...)
NOT-FOR-US: Juniper
CVE-2020-1650 (On Juniper Networks Junos MX Series with service card
configured, rece ...)
@@ -40719,7 +40719,7 @@ CVE-2020-1642
CVE-2020-1641 (A Race Condition vulnerability in Juniper Networks Junos OS
LLDP imple ...)
NOT-FOR-US: Juniper
CVE-2020-1640 (An improper use of a validation framework when processing
incoming gen ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2020-1639 (When an attacker sends a specific crafted Ethernet Operation,
Administ ...)
NOT-FOR-US: Juniper
CVE-2020-1638 (The FPC (Flexible PIC Concentrator) of Juniper Networks Junos
OS and J ...)
@@ -41085,7 +41085,7 @@ CVE-2020-1459
CVE-2020-1458 (A remote code execution vulnerability exists when Microsoft
Office imp ...)
NOT-FOR-US: Microsoft
CVE-2020-1457 (A remote code execution vulnerability exists in the way that
Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1456 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-1455
@@ -41149,7 +41149,7 @@ CVE-2020-1427 (An elevation of privilege vulnerability
exists in the way that th
CVE-2020-1426 (An information disclosure vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2020-1425 (A remoted code execution vulnerability exists in the way that
Microsof ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1424 (An elevation of privilege vulnerability exists when the Windows
Update ...)
NOT-FOR-US: Microsoft
CVE-2020-1423 (An elevation of privilege vulnerability exists in the way that
the Win ...)
@@ -58087,7 +58087,7 @@ CVE-2019-14101 (Out of bounds read can happen in diag
event set mask command han
CVE-2019-14100 (Register write via debugfs is disabled by default to prevent
register ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14099 (Device misbehavior may be observed when incorrect offset,
length or nu ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2019-14098 (Possible buffer overflow in data offload handler due to lack
of check ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14097 (Possible buffer overflow in WLAN Parser due to lack of length
check wh ...)
@@ -64804,7 +64804,7 @@ CVE-2019-12002 (A remote session reuse vulnerability
leading to access restricti
CVE-2019-12001 (A remote session reuse vulnerability leading to access
restriction byp ...)
NOT-FOR-US: HPE
CVE-2019-12000 (HPE has found a potential Remote Access Restriction Bypass in
HPE MSE ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2019-11999 (Potential security vulnerabilities have been identified in HPE
OpenCal ...)
NOT-FOR-US: HPE
CVE-2019-11998 (HPE Superdome Flex Server is vulnerable to multiple remote
vulnerabili ...)
@@ -86586,9 +86586,9 @@ CVE-2019-4093 (IBM Tivoli Storage Manager (IBM Spectrum
Protect 8.1.7) could all
CVE-2019-4092 (IBM Content Navigator 2.0.3 and 3.0CD could allow a remote
attacker to ...)
NOT-FOR-US: IBM
CVE-2019-4091 ("HCL Marketing Platform is vulnerable to cross-site scripting
during a ...)
- TODO: check
+ NOT-FOR-US: HCL Marketing Platform
CVE-2019-4090 ("HCL Campaign is vulnerable to cross-site scripting when a user
provid ...)
- TODO: check
+ NOT-FOR-US: HCL Campaign
CVE-2019-4089
RESERVED
CVE-2019-4088 (IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents
could allo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8f3f8f0483f02e6892d6fcc06b36a67b09f533e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8f3f8f0483f02e6892d6fcc06b36a67b09f533e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
