Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2faea283 by Salvatore Bonaccorso at 2020-09-23T22:17:34+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2666,11 +2666,11 @@ CVE-2020-24628
CVE-2020-24627
RESERVED
CVE-2020-24626 (Unathenticated directory traversal in the ReceiverServlet
class doPost ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2020-24625 (Unathenticated directory traversal in the ReceiverServlet
class doGet( ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2020-24624 (Unathenticated directory traversal in the DownloadServlet
class execut ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2020-24623 (A potential security vulnerability has been identified in
Hewlett Pack ...)
NOT-FOR-US: Hewlett Packard Enterprise Universal API Framework
CVE-2020-24622 (In Sonatype Nexus Repository 3.26.1, an S3 secret key can be
exposed b ...)
@@ -19664,7 +19664,7 @@ CVE-2020-16246
CVE-2020-16245 (Advantech iView, Versions 5.7 and prior. The affected product
is vulne ...)
NOT-FOR-US: Advantech
CVE-2020-16244 (GE Digital APM Classic, Versions 4.4 and prior. Salt is not
used for h ...)
- TODO: check
+ NOT-FOR-US: GE Digital APM Classic
CVE-2020-16243
RESERVED
CVE-2020-16242
@@ -19672,7 +19672,7 @@ CVE-2020-16242
CVE-2020-16241 (Philips SureSigns VS4, A.07.107 and prior. The software does
not restr ...)
NOT-FOR-US: Philips SureSigns
CVE-2020-16240 (GE Digital APM Classic, Versions 4.4 and prior. An insecure
direct obj ...)
- TODO: check
+ NOT-FOR-US: GE Digital APM Classic
CVE-2020-16239 (Philips SureSigns VS4, A.07.107 and prior. When an actor
claims to hav ...)
NOT-FOR-US: Philips SureSigns
CVE-2020-16238
@@ -44213,9 +44213,9 @@ CVE-2020-7124
CVE-2020-7123
RESERVED
CVE-2020-7122 (Two memory corruption vulnerabilities in the Aruba CX Switches
Series ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2020-7121 (Two memory corruption vulnerabilities in the Aruba CX Switches
Series ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2020-7120
RESERVED
CVE-2020-7119 (A vulnerability exists in the Aruba Analytics and Location
Engine (ALE ...)
@@ -51308,7 +51308,7 @@ CVE-2020-4342 (IBM Security Secret Server 10.7 could
disclose sensitive informat
CVE-2020-4341 (IBM Security Secret Server 10.7 could allow a remote attacker
to obtai ...)
NOT-FOR-US: IBM
CVE-2020-4340 (IBM Security Secret Server prior to 10.9 could allow an
attacker to by ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4339
RESERVED
CVE-2020-4338 (IBM MQ 9.1.4 could allow a local attacker to obtain sensitive
informat ...)
@@ -51340,7 +51340,7 @@ CVE-2020-4326
CVE-2020-4325 (The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1,
19.0.0 ...)
NOT-FOR-US: IBM
CVE-2020-4324 (IBM Security Secret Server proir to 10.9 could allow a remote
attacker ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4323 (IBM Security Secret Server 10.7 is vulnerable to cross-site
scripting. ...)
NOT-FOR-US: IBM
CVE-2020-4322 (IBM Security Secret Server 10.7 could allow a remote attacker
to hijac ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2faea2839cd837d5a2f2ebde434c061bbac5b26c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2faea2839cd837d5a2f2ebde434c061bbac5b26c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
