Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
257e481f by Salvatore Bonaccorso at 2020-10-15T10:29:10+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,9 +5,9 @@ CVE-2020-27159
CVE-2020-27158
RESERVED
CVE-2020-27157 (Veritas APTARE versions prior to 10.5 included code that
bypassed the ...)
- TODO: check
+ NOT-FOR-US: Veritas
CVE-2020-27156 (Veritas APTARE versions prior to 10.5 did not perform adequate
authori ...)
- TODO: check
+ NOT-FOR-US: Veritas
CVE-2020-27155
RESERVED
CVE-2020-27154
@@ -44310,7 +44310,7 @@ CVE-2020-8352
CVE-2020-8351
RESERVED
CVE-2020-8350 (An authentication bypass vulnerability was reported in Lenovo
ThinkPad ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2020-8349 (An internal security review has identified an unauthenticated
remote c ...)
TODO: check
CVE-2020-8348 (A DOM-based cross-site scripting (XSS) vulnerability was
reported in L ...)
@@ -44320,7 +44320,7 @@ CVE-2020-8347 (A reflective cross-site scripting (XSS)
vulnerability was reporte
CVE-2020-8346 (A denial of service vulnerability was reported in the Lenovo
Vantage c ...)
NOT-FOR-US: Lenovo
CVE-2020-8345 (A DLL search path vulnerability was reported in the Lenovo
HardwareSca ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2020-8344
REJECTED
CVE-2020-8343
@@ -44334,7 +44334,7 @@ CVE-2020-8340 (A cross-site scripting (XSS)
vulnerability was discovered in the
CVE-2020-8339 (A cross-site scripting inclusion (XSSI) vulnerability was
reported in ...)
NOT-FOR-US: IBM
CVE-2020-8338 (A DLL search path vulnerability was reported in Lenovo
Diagnostics pri ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2020-8337 (An unquoted search path vulnerability was reported in versions
prior t ...)
NOT-FOR-US: Synaptics Smart Audio UWP app
CVE-2020-8336 (Lenovo implemented Intel CSME Anti-rollback ARB protections on
some Th ...)
@@ -44346,7 +44346,7 @@ CVE-2020-8334 (The BIOS tamper detection mechanism was
not triggered in Lenovo T
CVE-2020-8333 (A potential vulnerability in the SMI callback function used in
the EEP ...)
NOT-FOR-US: Lenovo
CVE-2020-8332 (A potential vulnerability in the SMI callback function used in
the leg ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2020-8331
REJECTED
CVE-2020-8330 (A denial of service vulnerability was reported in the firmware
prior t ...)
@@ -46700,7 +46700,7 @@ CVE-2020-7385
CVE-2020-7384
RESERVED
CVE-2020-7383 (A SQL Injection issue in Rapid7 Nexpose version prior to 6.6.49
that m ...)
- TODO: check
+ NOT-FOR-US: Rapid7 Nexpose
CVE-2020-7382 (Rapid7 Nexpose installer version prior to 6.6.40 contains an
Unquoted ...)
NOT-FOR-US: Rapid7 Nexpose installer
CVE-2020-7381 (In Rapid7 Nexpose installer versions prior to 6.6.40, the
Nexpose inst ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/257e481f0c712c7fac27631d5a5dc6912dda194b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/257e481f0c712c7fac27631d5a5dc6912dda194b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
