Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6c4fa2bc by Salvatore Bonaccorso at 2020-10-11T10:07:53+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -42785,9 +42785,9 @@ CVE-2019-20449
CVE-2019-20448
RESERVED
CVE-2020-8782 (Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and
4.14.0 al ...)
- TODO: check
+ NOT-FOR-US: ALEOS
CVE-2020-8781 (Lack of input sanitization in UpdateRebootMgr service of ALEOS
4.11 an ...)
- TODO: check
+ NOT-FOR-US: ALEOS
CVE-2020-8780
RESERVED
CVE-2020-8779
@@ -62698,7 +62698,7 @@ CVE-2019-19117
(/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2
CVE-2019-19116
RESERVED
CVE-2019-19115 (An escalation of privilege vulnerability in Nahimic APO
Software Compo ...)
- TODO: check
+ NOT-FOR-US: Nahimic APO Software Component Driver
CVE-2019-19114
RESERVED
CVE-2019-19113 (main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall
(aka Ne ...)
@@ -63109,7 +63109,7 @@ CVE-2019-18991 (A partial authentication bypass
vulnerability exists on Atheros
CVE-2019-18990 (A partial authentication bypass vulnerability exists on
Realtek RTL881 ...)
TODO: check
CVE-2019-18989 (A partial authentication bypass vulnerability exists on
Mediatek MT762 ...)
- TODO: check
+ NOT-FOR-US: Mediatek devices
CVE-2019-18988 (TeamViewer Desktop through 14.7.1965 allows a bypass of
remote-login a ...)
NOT-FOR-US: TeamViewer
CVE-2019-18987 (An issue was discovered in the AbuseFilter extension through
1.34 for ...)
@@ -66431,7 +66431,7 @@ CVE-2020-0573
CVE-2020-0572
RESERVED
CVE-2020-0571 (Improper conditions check in BIOS firmware for 8th Generation
Intel(R) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-0570 (Uncontrolled search path in the QT Library before 5.14.0,
5.12.7 and 5 ...)
- qtbase-opensource-src 5.12.5+dfsg-8
[buster] - qtbase-opensource-src 5.11.3+dfsg1-1+deb10u3
@@ -74143,7 +74143,7 @@ CVE-2019-16162 (Onigmo through 6.2.0 has an
out-of-bounds read in parse_char_cla
CVE-2019-16161 (Onigmo through 6.2.0 has a NULL pointer dereference in
onig_error_code ...)
NOT-FOR-US: Onigmo (fork of Oniguruma)
CVE-2019-16160 (An integer underflow in the SMB server of MikroTik RouterOS
before 6.4 ...)
- TODO: check
+ NOT-FOR-US: MikroTik RouterOS
CVE-2019-16159 (BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x
through 2.0.5 ...)
- bird 1.6.8-1 (bug #939990)
[buster] - bird 1.6.6-1+deb10u1
@@ -79274,9 +79274,9 @@ CVE-2019-14558 (Insufficient control flow management in
BIOS firmware for 8th, 9
NOTE:
https://github.com/tianocore/edk2/commit/764e8ba1389a617639d79d2c4f0d53f4ea4a7387
NOTE:
https://github.com/tianocore/edk2/commit/f1d78c489a39971b5aac5d2fc8a39bfa925c3c5d
CVE-2019-14557 (Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation
Intel(R ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-14556 (Improper initialization in BIOS firmware for 8th, 9th, 10th
Generation ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-14555
RESERVED
CVE-2019-14554
@@ -109255,9 +109255,9 @@ CVE-2019-4328
CVE-2019-4327 ("HCL AppScan Enterprise uses hard-coded credentials which can
be explo ...)
NOT-FOR-US: HCL AppScan Enterprise
CVE-2019-4326 ("HCL AppScan Enterprise security rules update administration
section o ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2019-4325 ("HCL AppScan Enterprise makes use of broken or risky
cryptographic alg ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2019-4324 ("HCL AppScan Enterprise is susceptible to Cross-Site Scripting
while i ...)
NOT-FOR-US: HCL
CVE-2019-4323 ("HCL AppScan Enterprise advisory API documentation is
susceptible to c ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c4fa2bcb2dcfb5835fb810df9d2edb203b24873
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c4fa2bcb2dcfb5835fb810df9d2edb203b24873
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
