Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3b03ca54 by Moritz Muehlenhoff at 2020-08-28T23:26:43+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -597,13 +597,13 @@ CVE-2020-24719
CVE-2020-24718
RESERVED
CVE-2020-24717 (OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets
group pe ...)
- TODO: check
+ NOT-FOR-US: OpenZFS
CVE-2020-24716 (OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute
permiss ...)
- TODO: check
+ NOT-FOR-US: OpenZFS
CVE-2020-24715 (The Scalyr Agent before 2.1.10 has Missing SSL Certificate
Validation ...)
- TODO: check
+ NOT-FOR-US: Scalyr
CVE-2020-24714 (The Scalyr Agent before 2.1.10 has Missing SSL Certificate
Validation ...)
- TODO: check
+ NOT-FOR-US: Scalyr
CVE-2020-24713
RESERVED
CVE-2020-24712
@@ -797,7 +797,7 @@ CVE-2020-24620
CVE-2020-24619
RESERVED
CVE-2020-24618 (In JetBrains YouTrack versions before 2020.3.4313,
2020.2.11008, 2020. ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2020-24617
RESERVED
CVE-2020-24616 (FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the
interact ...)
@@ -2775,7 +2775,7 @@ CVE-2020-23662
CVE-2020-23661
RESERVED
CVE-2020-23660 (webTareas v2.1 is affected by Cross Site Scripting (XSS) on
"Search." ...)
- TODO: check
+ NOT-FOR-US: webTareas
CVE-2020-23659 (WebPort-v1.19.17121 is affected by Cross Site Scripting (XSS)
on the " ...)
NOT-FOR-US: WebPort
CVE-2020-23658 (PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS)
via infus ...)
@@ -12081,7 +12081,7 @@ CVE-2020-19009
CVE-2020-19008
RESERVED
CVE-2020-19007 (Halo blog 1.2.0 allows users to submit comments on blog posts
via /api ...)
- TODO: check
+ NOT-FOR-US: Halo blog
CVE-2020-19006
RESERVED
CVE-2020-19005 (zrlog v2.1.0 has a vulnerability with the permission check. If
admin a ...)
@@ -15318,31 +15318,31 @@ CVE-2020-17404 (This vulnerability allows remote
attackers to execute arbitrary
CVE-2020-17403 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
NOT-FOR-US: Foxit
CVE-2020-17402 (This vulnerability allows local attackers to disclose
sensitive inform ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17401 (This vulnerability allows local attackers to disclose
sensitive inform ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17400 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17399 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17398 (This vulnerability allows local attackers to disclose
information on a ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17397 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17396 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17395 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17394 (This vulnerability allows local attackers to disclose
sensitive inform ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17393 (This vulnerability allows local attackers to disclose
information on a ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17392 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17391 (This vulnerability allows local attackers to disclose
information on a ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17390 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2020-17389 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
NOT-FOR-US: Marvell QConvergeConsole
CVE-2020-17388 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
@@ -16926,7 +16926,7 @@ CVE-2020-16612
CVE-2020-16611
RESERVED
CVE-2020-16610 (Hoosk Codeigniter CMS before 1.7.2 is affected by a Cross Site
Request ...)
- TODO: check
+ NOT-FOR-US: Hoosk Codeigniter CMS
CVE-2020-16609
RESERVED
CVE-2020-16608
@@ -17723,9 +17723,9 @@ CVE-2020-16253 (The PgHero gem through 2.6.0 for Ruby
allows CSRF. ...)
CVE-2020-16252 (The Field Test gem 0.2.0 through 0.3.2 for Ruby allows CSRF.
...)
NOT-FOR-US: Field Test gem
CVE-2020-16251 (HashiCorp Vault and Vault Enterprise versions 0.8.3 and newer,
when co ...)
- TODO: check
+ NOT-FOR-US: HashiCorp Vault
CVE-2020-16250 (HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer,
when co ...)
- TODO: check
+ NOT-FOR-US: HashiCorp Vault
CVE-2020-16249
RESERVED
CVE-2020-16248 (** DISPUTED ** Prometheus Blackbox Exporter through 0.17.0
allows /pro ...)
@@ -20348,9 +20348,9 @@ CVE-2020-15167
CVE-2020-15166
RESERVED
CVE-2020-15165 (Version 1.1.6-free of Chameleon Mini Live Debugger on Google
Play Stor ...)
- TODO: check
+ NOT-FOR-US: Chameleon Mini Live Debugger
CVE-2020-15164 (in Scratch Login (MediaWiki extension) before version 1.1, any
account ...)
- TODO: check
+ NOT-FOR-US: Scrach Login MediaWiki extension
CVE-2020-15163
RESERVED
CVE-2020-15162
@@ -20366,7 +20366,7 @@ CVE-2020-15158 (In libIEC61850 before version 1.4.3,
when a message with COTP me
CVE-2020-15157
RESERVED
CVE-2020-15156 (In nodebb-plugin-blog-comments before version 0.7.0, a logged
in user ...)
- TODO: check
+ NOT-FOR-US: nodebb-plugin-blog-comments
CVE-2020-15155
RESERVED
CVE-2020-15154
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b03ca54554e56a1016f1e58007230fe539c8238
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b03ca54554e56a1016f1e58007230fe539c8238
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
