Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
394b6f0c by Salvatore Bonaccorso at 2020-09-12T09:02:27+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2020-25277
RESERVED
CVE-2020-25276 (An issue was discovered in PrimeKey EJBCA 6.x and 7.x before
7.4.1. Wh ...)
- TODO: check
+ NOT-FOR-US: PrimeKey
CVE-2020-25275
RESERVED
CVE-2020-25274
@@ -17021,33 +17021,33 @@ CVE-2020-16886
CVE-2020-16885
RESERVED
CVE-2020-16884 (A remote code execution vulnerability exists in the way that
the IEToE ...)
- TODO: check
+ NOT-FOR-US: IEToEdge Browser Helper Object (BHO) plugin on Internet
Explorer
CVE-2020-16883
RESERVED
CVE-2020-16882
RESERVED
CVE-2020-16881 (A remote code execution vulnerability exists in Visual Studio
Code whe ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16880
RESERVED
CVE-2020-16879 (An information disclosure vulnerability exists when a Windows
Projecte ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16878 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16877
RESERVED
CVE-2020-16876
RESERVED
CVE-2020-16875 (A remote code execution vulnerability exists in Microsoft
Exchange ser ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16874 (A remote code execution vulnerability exists in Visual Studio
when it ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16873 (A spoofing vulnerability manifests in Microsoft Xamarin.Forms
due to t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16872 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16871 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16870
RESERVED
CVE-2020-16869
@@ -17061,33 +17061,33 @@ CVE-2020-16866
CVE-2020-16865
RESERVED
CVE-2020-16864 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16863
RESERVED
CVE-2020-16862 (A remote code execution vulnerability exists in Microsoft
Dynamics 365 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16861 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16860 (A remote code execution vulnerability exists in Microsoft
Dynamics 365 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16859 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16858 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16857 (A remote code execution vulnerability exists in Microsoft
Dynamics 365 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16856 (A remote code execution vulnerability exists in Visual Studio
when it ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16855 (An information disclosure vulnerability exists when Microsoft
Office s ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16854 (An information disclosure vulnerability exists when the
Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16853 (An elevation of privilege vulnerability exists when the
OneDrive for W ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16852 (An elevation of privilege vulnerability exists when the
OneDrive for W ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16851 (An elevation of privilege vulnerability exists when the
OneDrive for W ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16850
RESERVED
CVE-2020-16849
@@ -23904,7 +23904,7 @@ CVE-2020-14102
CVE-2020-14101
RESERVED
CVE-2020-14100 (In Xiaomi router R3600 ROM version<1.0.66, filters in the
set_WAN6 ...)
- TODO: check
+ NOT-FOR-US: Xiaomi
CVE-2020-14099
RESERVED
CVE-2020-14098
@@ -23912,7 +23912,7 @@ CVE-2020-14098
CVE-2020-14097
RESERVED
CVE-2020-14096 (Memory overflow in Xiaomi AI speaker Rom version <1.59.6
can happen ...)
- TODO: check
+ NOT-FOR-US: Xiaomi
CVE-2020-14095 (In Xiaomi router R3600, ROM version<1.0.20, a connect
service suffe ...)
NOT-FOR-US: Xiaomi
CVE-2020-14094 (In Xiaomi router R3600, ROM version<1.0.20, the connection
service ...)
@@ -37868,7 +37868,7 @@ CVE-2020-9241 (Huawei 5G Mobile WiFi E6878-370 with
versions of 10.0.3.1(H563SP1
CVE-2020-9240
RESERVED
CVE-2020-9239 (Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions
earlier t ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9238
RESERVED
CVE-2020-9237 (Huawei smartphone Taurus-AL00B with versions earlier than
10.1.0.126(C ...)
@@ -60003,25 +60003,25 @@ CVE-2020-1600 (In a Point-to-Multipoint (P2MP) Label
Switched Path (LSP) scenari
CVE-2020-1599
RESERVED
CVE-2020-1598 (An elevation of privilege vulnerability exists when the Windows
Univer ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1597 (A denial of service vulnerability exists when ASP.NET Core
improperly ...)
NOT-FOR-US: Microsoft
CVE-2020-1596 (A information disclosure vulnerability exists when TLS
components use ...)
NOT-FOR-US: Microsoft
CVE-2020-1595 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1594 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1593 (A remote code execution vulnerability exists when Windows Media
Audio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1592 (An information disclosure vulnerability exists when the Windows
kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1591 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
NOT-FOR-US: Microsoft
CVE-2020-1590 (An elevation of privilege vulnerability exists when the
Connected User ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1589 (An information disclosure vulnerability exists when the Windows
kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1588
RESERVED
CVE-2020-1587 (An elevation of privilege vulnerability exists when the Windows
Ancill ...)
@@ -60047,9 +60047,9 @@ CVE-2020-1578 (An information disclosure vulnerability
exists in the Windows ker
CVE-2020-1577 (An information disclosure vulnerability exists when DirectWrite
improp ...)
NOT-FOR-US: Microsoft
CVE-2020-1576 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1575 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1574 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-1573 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
@@ -60081,7 +60081,7 @@ CVE-2020-1561 (A remote code execution vulnerability
exists in the way that Micr
CVE-2020-1560 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-1559 (An elevation of privilege vulnerability exists when the Windows
Storag ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1558 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2020-1557 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
@@ -60135,7 +60135,7 @@ CVE-2020-1534 (An elevation of privilege vulnerability
exists when the Windows B
CVE-2020-1533 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1532 (An elevation of privilege vulnerability exists when the Windows
Instal ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1531 (An elevation of privilege vulnerability exists when the Windows
Accoun ...)
NOT-FOR-US: Microsoft
CVE-2020-1530 (An elevation of privilege vulnerability exists when Windows
Remote Acc ...)
@@ -60153,7 +60153,7 @@ CVE-2020-1525 (A memory corruption vulnerability exists
when Windows Media Found
CVE-2020-1524 (An elevation of privilege vulnerability exists when the Windows
Speech ...)
NOT-FOR-US: Microsoft
CVE-2020-1523 (A tampering vulnerability exists when Microsoft SharePoint
Server fail ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1522 (An elevation of privilege vulnerability exists when the Windows
Speech ...)
NOT-FOR-US: Microsoft
CVE-2020-1521 (An elevation of privilege vulnerability exists when the Windows
Speech ...)
@@ -60171,7 +60171,7 @@ CVE-2020-1516 (An elevation of privilege vulnerability
exists when the Windows W
CVE-2020-1515 (An elevation of privilege vulnerability exists when the Windows
Teleph ...)
NOT-FOR-US: Microsoft
CVE-2020-1514 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1513 (An elevation of privilege vulnerability exists when the Windows
CSC Se ...)
NOT-FOR-US: Microsoft
CVE-2020-1512 (An information disclosure vulnerability exists when the Windows
State ...)
@@ -60183,11 +60183,11 @@ CVE-2020-1510 (An information disclosure
vulnerability exists when the win32k co
CVE-2020-1509 (An elevation of privilege vulnerability exists in the Local
Security A ...)
NOT-FOR-US: Microsoft
CVE-2020-1508 (A remote code execution vulnerability exists when Windows Media
Audio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1507 (An elevation of privilege vulnerability exists in the way that
Microso ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1506 (An elevation of privilege vulnerability exists in the way that
the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1505 (An information disclosure vulnerability exists when Microsoft
SharePoi ...)
NOT-FOR-US: Microsoft
CVE-2020-1504 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
@@ -60217,7 +60217,7 @@ CVE-2020-1493 (An information disclosure vulnerability
exists when attaching fil
CVE-2020-1492 (A memory corruption vulnerability exists when Windows Media
Foundation ...)
NOT-FOR-US: Microsoft
CVE-2020-1491 (An elevation of privilege vulnerability exists in the way that
the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1490 (An elevation of privilege vulnerability exists when the Storage
Servic ...)
NOT-FOR-US: Microsoft
CVE-2020-1489 (An elevation of privilege vulnerability exists when the Windows
CSC Se ...)
@@ -60235,7 +60235,7 @@ CVE-2020-1484 (An elevation of privilege vulnerability
exists when the Windows W
CVE-2020-1483 (A remote code execution vulnerability exists in Microsoft
Outlook when ...)
NOT-FOR-US: Microsoft
CVE-2020-1482 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1481 (A remote code execution vulnerability exists in the ESLint
extension f ...)
NOT-FOR-US: Microsoft
CVE-2020-1480 (An elevation of privilege vulnerability exists in the way that
the Win ...)
@@ -60257,7 +60257,7 @@ CVE-2020-1473 (A remote code execution vulnerability
exists when the Windows Jet
CVE-2020-1472 (An elevation of privilege vulnerability exists when an attacker
establ ...)
NOT-FOR-US: Microsoft
CVE-2020-1471 (An elevation of privilege vulnerability exists when Microsoft
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1470 (An elevation of privilege vulnerability exists when the Windows
Work F ...)
NOT-FOR-US: Microsoft
CVE-2020-1469 (A denial of service vulnerability exists when the .NET
implementation ...)
@@ -60279,7 +60279,7 @@ CVE-2020-1462 (An information disclosure vulnerability
exists when Skype for Bus
CVE-2020-1461 (An elevation of privilege vulnerability exists when the
MpSigStub.exe ...)
NOT-FOR-US: Microsoft
CVE-2020-1460 (A remote code execution vulnerability exists in Microsoft
SharePoint S ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1459 (An information disclosure vulnerability exists on ARM
implementations ...)
NOT-FOR-US: Microsoft
CVE-2020-1458 (A remote code execution vulnerability exists when Microsoft
Office imp ...)
@@ -60293,9 +60293,9 @@ CVE-2020-1455 (A denial of service vulnerability exists
when Microsoft SQL Serve
CVE-2020-1454 (This vulnerability is caused when SharePoint Server does not
properly ...)
NOT-FOR-US: Microsoft
CVE-2020-1453 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1452 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1451 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-1450 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
@@ -60319,7 +60319,7 @@ CVE-2020-1442 (A spoofing vulnerability exists when an
Office Web Apps server do
CVE-2020-1441
RESERVED
CVE-2020-1440 (A tampering vulnerability exists when Microsoft SharePoint
Server fail ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1439 (A remote code execution vulnerability exists in
PerformancePoint Servi ...)
NOT-FOR-US: Microsoft
CVE-2020-1438 (An elevation of privilege vulnerability exists in the way that
the Win ...)
@@ -60447,7 +60447,7 @@ CVE-2020-1378 (An elevation of privilege vulnerability
exists when the Windows K
CVE-2020-1377 (An elevation of privilege vulnerability exists when the Windows
Kernel ...)
NOT-FOR-US: Microsoft
CVE-2020-1376 (An elevation of privilege vulnerability exists in the way that
fdSSDP. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1375 (An elevation of privilege vulnerability exists when Windows
improperly ...)
NOT-FOR-US: Microsoft
CVE-2020-1374 (A remote code execution vulnerability exists in the Windows
Remote Des ...)
@@ -60509,7 +60509,7 @@ CVE-2020-1347 (An elevation of privilege vulnerability
exists when the Windows S
CVE-2020-1346 (An elevation of privilege vulnerability exists when the Windows
Module ...)
NOT-FOR-US: Microsoft
CVE-2020-1345 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1344 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1343 (An information disclosure vulnerability exists in Visual Studio
Code L ...)
@@ -60523,19 +60523,19 @@ CVE-2020-1340 (A spoofing vulnerability exists when
the NuGetGallery does not pr
CVE-2020-1339 (A remote code execution vulnerability exists when Windows Media
Audio ...)
NOT-FOR-US: Microsoft
CVE-2020-1338 (A remote code execution vulnerability exists in Microsoft Word
softwar ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1337 (An elevation of privilege vulnerability exists when the Windows
Print ...)
NOT-FOR-US: Microsoft
CVE-2020-1336 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1335 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1334 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1333 (An elevation of privilege vulnerability exists when Group
Policy Servi ...)
NOT-FOR-US: Microsoft
CVE-2020-1332 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1331 (A spoofing vulnerability exists when System Center Operations
Manager ...)
NOT-FOR-US: Microsoft
CVE-2020-1330 (An information disclosure vulnerability exists when Windows
Mobile Dev ...)
@@ -60561,7 +60561,7 @@ CVE-2020-1321 (A remote code execution vulnerability
exists in Microsoft Office
CVE-2020-1320 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-1319 (A remote code execution vulnerability exists in the way that
Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1318 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-1317 (An elevation of privilege vulnerability exists when Group
Policy impro ...)
@@ -60583,7 +60583,7 @@ CVE-2020-1310 (An elevation of privilege vulnerability
exists in Windows when th
CVE-2020-1309 (An elevation of privilege vulnerability exists when the
Microsoft Stor ...)
NOT-FOR-US: Microsoft
CVE-2020-1308 (An elevation of privilege vulnerability exists when DirectX
improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1307 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2020-1306 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
@@ -60593,7 +60593,7 @@ CVE-2020-1305 (An elevation of privilege vulnerability
exists when the Windows S
CVE-2020-1304 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1303 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1302 (An elevation of privilege vulnerability exists in Windows
Installer be ...)
NOT-FOR-US: Microsoft
CVE-2020-1301 (A remote code execution vulnerability exists in the way that
the Micro ...)
@@ -60695,11 +60695,11 @@ CVE-2020-1254 (An elevation of privilege
vulnerability exists when Windows Modul
CVE-2020-1253 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1252 (A remote code execution vulnerability exists when Windows
improperly h ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1251 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1250 (An information disclosure vulnerability exists when the win32k
compone ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1249 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1248 (A remote code execution vulnerability exists in the way that
the Windo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/394b6f0ce27546051985795a94bb1a4214566553
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/394b6f0ce27546051985795a94bb1a4214566553
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
