Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
98d88e88 by Moritz Muehlenhoff at 2020-09-13T22:55:34+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2020-25288
RESERVED
CVE-2020-25287 (Pligg 2.0.3 allows remote authenticated users to execute
arbitrary com ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2020-25286 (In wp-includes/comment-template.php in WordPress before 5.4.2,
comment ...)
TODO: check
CVE-2020-25285 (A race condition between hugetlb sysctl handlers in
mm/hugetlb.c in th ...)
@@ -21020,7 +21020,7 @@ CVE-2020-15173 (In ACCEL-PPP (an implementation of
PPTP/PPPoE/L2TP/SSTP), there
CVE-2020-15172
RESERVED
CVE-2020-15171 (In XWiki before versions 11.10.5 or 12.2.1, any user with
SCRIPT right ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2020-15170 (apollo-adminservice before version 1.7.1 does not implement
access con ...)
NOT-FOR-US: apollo-adminservice
CVE-2020-15169 (In Action View before versions 5.2.4.4 and 6.0.3.3 there is a
potentia ...)
@@ -60667,7 +60667,7 @@ CVE-2020-1287 (An elevation of privilege vulnerability
exists in the way that th
CVE-2020-1286 (A remote code execution vulnerability exists when the Windows
Shell do ...)
NOT-FOR-US: Microsoft
CVE-2020-1285 (A remote code execution vulnerability exists in the way that
the Windo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1284 (A denial of service vulnerability exists in the way that the
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-1283 (A denial of service vulnerability exists when Windows
improperly handl ...)
@@ -60725,7 +60725,7 @@ CVE-2020-1258 (An elevation of privilege vulnerability
exists when DirectX impro
CVE-2020-1257 (An elevation of privilege vulnerability exists when the
Diagnostics Hu ...)
NOT-FOR-US: Microsoft
CVE-2020-1256 (An information disclosure vulnerability exists when the Windows
GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1255 (An elevation of privilege vulnerability exists when the Windows
Backgr ...)
NOT-FOR-US: Microsoft
CVE-2020-1254 (An elevation of privilege vulnerability exists when Windows
Modules In ...)
@@ -60971,13 +60971,13 @@ CVE-2020-1135 (An elevation of privilege
vulnerability exists when the Windows G
CVE-2020-1134 (An elevation of privilege vulnerability exists when the Windows
State ...)
NOT-FOR-US: Microsoft
CVE-2020-1133 (An elevation of privilege vulnerability exists when the
Diagnostics Hu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1132 (An elevation of privilege vulnerability exists when Windows
Error Repo ...)
NOT-FOR-US: Microsoft
CVE-2020-1131 (An elevation of privilege vulnerability exists when the Windows
State ...)
NOT-FOR-US: Microsoft
CVE-2020-1130 (An elevation of privilege vulnerability exists when the
Diagnostics Hu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1129 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-1128
@@ -61043,7 +61043,7 @@ CVE-2020-1099 (A cross-site-scripting (XSS)
vulnerability exists when Microsoft
CVE-2020-1098 (An elevation of privilege vulnerability exists when the Shell
infrastr ...)
NOT-FOR-US: Microsoft
CVE-2020-1097 (An information disclosure vulnerability exists when the Windows
GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1096 (A remote code execution vulnerability exists when Microsoft
Edge PDF R ...)
NOT-FOR-US: Microsoft
CVE-2020-1095
@@ -61055,7 +61055,7 @@ CVE-2020-1093 (A remote code execution vulnerability
exists in the way that the
CVE-2020-1092 (A remote code execution vulnerability exists when Internet
Explorer im ...)
NOT-FOR-US: Microsoft
CVE-2020-1091 (An information disclosure vulnerability exists when the Windows
GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1090 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1089
@@ -61071,7 +61071,7 @@ CVE-2020-1085 (An elevation of privilege vulnerability
exists in the way that th
CVE-2020-1084 (A Denial Of Service vulnerability exists when Connected User
Experienc ...)
NOT-FOR-US: Microsoft
CVE-2020-1083 (An information disclosure vulnerability exists when the
Microsoft Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1082 (An elevation of privilege vulnerability exists in Windows Error
Report ...)
NOT-FOR-US: Microsoft
CVE-2020-1081 (An elevation of privilege vulnerability exists when the Windows
Printe ...)
@@ -61149,7 +61149,7 @@ CVE-2020-1046 (A remote code execution vulnerability
exists when Microsoft .NET
CVE-2020-1045 (A security feature bypass vulnerability exists in the way
Microsoft AS ...)
- dotnet-core-3.1 <itp> (bug #968921)
CVE-2020-1044 (A security feature bypass vulnerability exists in SQL Server
Reporting ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1043 (A remote code execution vulnerability exists when Hyper-V
RemoteFX vGP ...)
NOT-FOR-US: Microsoft
CVE-2020-1042 (A remote code execution vulnerability exists when Hyper-V
RemoteFX vGP ...)
@@ -61213,7 +61213,7 @@ CVE-2020-1014 (An elevation of privilege vulnerability
exists in the Microsoft W
CVE-2020-1013 (An elevation of privilege vulnerability exists when Microsoft
Windows ...)
NOT-FOR-US: Microsoft
CVE-2020-1012 (An elevation of privilege vulnerability exists in the way that
the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1011 (An elevation of privilege vulnerability exists when the Windows
System ...)
NOT-FOR-US: Microsoft
CVE-2020-1010 (An elevation of privilege vulnerability exists in Windows Block
Level ...)
@@ -61241,7 +61241,7 @@ CVE-2020-1000 (An elevation of privilege vulnerability
exists when the Windows k
CVE-2020-0999 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2020-0998 (An elevation of privilege vulnerability exists when the Windows
Graphi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0997 (A remote code execution vulnerability exists when the Windows
Camera C ...)
NOT-FOR-US: Microsoft
CVE-2020-0996 (An elevation of privilege vulnerability exists when the Windows
Update ...)
@@ -61561,7 +61561,7 @@ CVE-2020-0840 (An elevation of privilege vulnerability
exists when Windows impro
CVE-2020-0839 (An elevation of privilege vulnerability exists in the way that
the dns ...)
NOT-FOR-US: Microsoft
CVE-2020-0838 (An elevation of privilege vulnerability exists when NTFS
improperly ch ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0837 (A spoofing vulnerability exists when Active Directory
Federation Servi ...)
NOT-FOR-US: Microsoft
CVE-2020-0836 (A denial of service vulnerability exists in Windows DNS when it
fails ...)
@@ -113070,11 +113070,11 @@ CVE-2018-19950
CVE-2018-19949
RESERVED
CVE-2018-19948 (The vulnerability have been reported to affect earlier
versions of Hel ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2018-19947 (The vulnerability have been reported to affect earlier
versions of Hel ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2018-19946 (The vulnerability have been reported to affect earlier
versions of Hel ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2018-19945
RESERVED
CVE-2018-19944
@@ -301753,7 +301753,7 @@ CVE-2014-1421 (mountall 1.54, as used in Ubuntu
14.10, does not properly handle
NOTE: See
https://bugs.launchpad.net/ubuntu/+source/partman-efi/+bug/1390183
NOTE: and http://www.ubuntu.com/usn/usn-2411-1
CVE-2014-1420 (On desktop, Ubuntu UI Toolkit's StateSaver would serialise data
on tmp ...)
- TODO: check
+ NOT-FOR-US: ubuntu-ui-toolkit
CVE-2014-1419 (Race condition in the power policy functions in policy-funcs in
acpi-s ...)
{DSA-2984-1 DLA-30-1}
- acpi-support 0.142-2
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d88e88b6443a2aecccb9e40a6442332b8f384e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d88e88b6443a2aecccb9e40a6442332b8f384e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
