Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fe1a5fe2 by Moritz Muehlenhoff at 2020-10-19T15:59:21+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,7 +17,7 @@ CVE-2020-27199
CVE-2020-27198
RESERVED
CVE-2020-27197 (** DISPUTED ** TAXII libtaxii through 1.1.117, as used in
EclecticIQ O ...)
- TODO: check
+ NOT-FOR-US: TAXII libtaxii
CVE-2020-27196
RESERVED
CVE-2020-27195
@@ -637,7 +637,7 @@ CVE-2020-26895
CVE-2020-26894 (Faulkner Wildlife Issues in the New Millennium 18.0.160 on
Windows all ...)
NOT-FOR-US: New Millennium
CVE-2020-26893 (An issue was discovered in ClamXAV 3 before 3.1.1. A malicious
actor c ...)
- TODO: check
+ NOT-FOR-US: ClamXAV
CVE-2020-26892
RESERVED
CVE-2020-26891
@@ -21007,7 +21007,7 @@ CVE-2020-17005
CVE-2020-17004
RESERVED
CVE-2020-17003 (A remote code execution vulnerability exists when the Base3D
rendering ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17002
RESERVED
CVE-2020-17001
@@ -21023,7 +21023,7 @@ CVE-2020-16997
CVE-2020-16996
RESERVED
CVE-2020-16995 (An elevation of privilege vulnerability exists in Network
Watcher Agen ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16994
RESERVED
CVE-2020-16993
@@ -21135,11 +21135,11 @@ CVE-2020-16941 (An information disclosure
vulnerability exists when Microsoft Sh
CVE-2020-16940 (An elevation of privilege vulnerability exists when the
Windows User P ...)
NOT-FOR-US: Microsoft
CVE-2020-16939 (An elevation of privilege vulnerability exists when Group
Policy impro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16938 (An information disclosure vulnerability exists when the
Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2020-16937 (An information disclosure vulnerability exists when the .NET
Framework ...)
- TODO: check
+ - dotnet-core-3.1 <itp> (bug #968921)
CVE-2020-16936 (An elevation of privilege vulnerability exists when the
Windows Backup ...)
NOT-FOR-US: Microsoft
CVE-2020-16935 (An elevation of privilege vulnerability exists when Windows
improperly ...)
@@ -21159,7 +21159,7 @@ CVE-2020-16929 (A remote code execution vulnerability
exists in Microsoft Excel
CVE-2020-16928 (An elevation of privilege vulnerability exists in the way that
Microso ...)
NOT-FOR-US: Microsoft
CVE-2020-16927 (A denial of service vulnerability exists in Remote Desktop
Protocol (R ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16926
RESERVED
CVE-2020-16925
@@ -21169,15 +21169,15 @@ CVE-2020-16924 (A remote code execution vulnerability
exists when the Windows Je
CVE-2020-16923 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-16922 (A spoofing vulnerability exists when Windows incorrectly
validates fil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16921 (An information disclosure vulnerability exists in Text
Services Framew ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16920 (An elevation of privilege vulnerability exists when the
Windows Applic ...)
NOT-FOR-US: Microsoft
CVE-2020-16919 (An information disclosure vulnerability exists when the
Windows Enterp ...)
NOT-FOR-US: Microsoft
CVE-2020-16918 (A remote code execution vulnerability exists when the Base3D
rendering ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16917
RESERVED
CVE-2020-16916 (An elevation of privilege vulnerability exists when Windows
improperly ...)
@@ -21185,13 +21185,13 @@ CVE-2020-16916 (An elevation of privilege
vulnerability exists when Windows impr
CVE-2020-16915 (A memory corruption vulnerability exists when Windows Media
Foundation ...)
NOT-FOR-US: Microsoft
CVE-2020-16914 (An information disclosure vulnerability exists in the way that
the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16913 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-16912 (An elevation of privilege vulnerability exists when the
Windows Backup ...)
NOT-FOR-US: Microsoft
CVE-2020-16911 (A remote code execution vulnerability exists in the way that
the Windo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16910 (A security feature bypass vulnerability exists when Microsoft
Windows ...)
NOT-FOR-US: Microsoft
CVE-2020-16909 (An elevation of privilege vulnerability exists in Windows
Error Report ...)
@@ -21205,7 +21205,7 @@ CVE-2020-16906
CVE-2020-16905 (An elevation of privilege vulnerability exists in Windows
Error Report ...)
NOT-FOR-US: Microsoft
CVE-2020-16904 (An elevation of privilege vulnerability exists in the way
Azure Functi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16903
RESERVED
CVE-2020-16902 (An elevation of privilege vulnerability exists in the Windows
Installe ...)
@@ -21219,9 +21219,9 @@ CVE-2020-16899 (A denial of service vulnerability
exists when the Windows TCP/IP
CVE-2020-16898 (A remote code execution vulnerability exists when the Windows
TCP/IP s ...)
NOT-FOR-US: Microsoft
CVE-2020-16897 (An information disclosure vulnerability exists when NetBIOS
over TCP ( ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16896 (An information disclosure vulnerability exists in Remote
Desktop Proto ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16895 (An elevation of privilege vulnerability exists when Windows
Error Repo ...)
NOT-FOR-US: Microsoft
CVE-2020-16894 (A remote code execution vulnerability exists when Windows
Network Addr ...)
@@ -21231,7 +21231,7 @@ CVE-2020-16893
CVE-2020-16892 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-16891 (A remote code execution vulnerability exists when Windows
Hyper-V on a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16890 (An elevation of privilege vulnerability exists when the
Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2020-16889 (An information disclosure vulnerability exists when the
Windows Kernel ...)
@@ -21241,7 +21241,7 @@ CVE-2020-16888
CVE-2020-16887 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-16886 (A security feature bypass vulnerability exists in the
PowerShellGet V2 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16885 (An elevation of privilege vulnerability exists when the
Windows Storag ...)
NOT-FOR-US: Microsoft
CVE-2020-16884 (A remote code execution vulnerability exists in the way that
the IEToE ...)
@@ -21287,7 +21287,7 @@ CVE-2020-16865
CVE-2020-16864 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
NOT-FOR-US: Microsoft
CVE-2020-16863 (A denial of service vulnerability exists in Windows Remote
Desktop Ser ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16862 (A remote code execution vulnerability exists in Microsoft
Dynamics 365 ...)
NOT-FOR-US: Microsoft
CVE-2020-16861 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
@@ -25145,13 +25145,13 @@ CVE-2020-15260
CVE-2020-15259
RESERVED
CVE-2020-15258 (In Wire before 3.20.x, `shell.openExternal` was used without
checking ...)
- TODO: check
+ NOT-FOR-US: Wire app
CVE-2020-15257
RESERVED
CVE-2020-15256
RESERVED
CVE-2020-15255 (In Anuko Time Tracker before verion 1.19.23.5325, due to not
properly ...)
- TODO: check
+ NOT-FOR-US: Anuko Time Tracker
CVE-2020-15254 (Crossbeam is a set of tools for concurrent programming. In
crossbeam-c ...)
TODO: check
CVE-2020-15253 (Versions of Grocy <= 2.7.1 are vulnerable to Cross-Site
Scripting v ...)
@@ -28880,7 +28880,7 @@ CVE-2020-13896 (The web interface of Maipu MP1800X-50
7.5.3.14(R) devices allows
CVE-2020-13894 (handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961
allows ...)
NOT-FOR-US: DEXT5 Editor
CVE-2020-13893 (Multiple stored cross-site scripting (XSS) vulnerabilities in
Sage Eas ...)
- TODO: check
+ NOT-FOR-US: Sage EasyPay
CVE-2020-13892 (The SportsPress plugin before 2.7.2 for WordPress allows XSS.
...)
NOT-FOR-US: SportsPress plugin for WordPress
CVE-2020-13891 (An issue was discovered in Mattermost Mobile Apps before
1.31.2 on iOS ...)
@@ -40428,7 +40428,7 @@ CVE-2020-9994
CVE-2020-9993
RESERVED
CVE-2020-9992 (This issue was addressed by encrypting communications over the
network ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9991
RESERVED
CVE-2020-9990
@@ -40446,7 +40446,7 @@ CVE-2020-9985
CVE-2020-9984
RESERVED
CVE-2020-9983 (An out-of-bounds write issue was addressed with improved bounds
checki ...)
- TODO: check
+ NOT-FOR-US: Safari
CVE-2020-9982
RESERVED
CVE-2020-9981
@@ -40460,7 +40460,7 @@ CVE-2020-9978
CVE-2020-9977
RESERVED
CVE-2020-9976 (A logic issue was addressed with improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9975
RESERVED
CVE-2020-9974
@@ -40476,7 +40476,7 @@ CVE-2020-9970
CVE-2020-9969
RESERVED
CVE-2020-9968 (A logic issue was addressed with improved restrictions. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9967
RESERVED
CVE-2020-9966
@@ -40484,7 +40484,7 @@ CVE-2020-9966
CVE-2020-9965
RESERVED
CVE-2020-9964 (A memory initialization issue was addressed with improved
memory handl ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9963
RESERVED
CVE-2020-9962
@@ -40494,9 +40494,9 @@ CVE-2020-9961
CVE-2020-9960
RESERVED
CVE-2020-9959 (A lock screen issue allowed access to messages on a locked
device. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9958 (An out-of-bounds write issue was addressed with improved bounds
checki ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9957
RESERVED
CVE-2020-9956
@@ -40508,19 +40508,19 @@ CVE-2020-9954
CVE-2020-9953
RESERVED
CVE-2020-9952 (An input validation issue was addressed with improved input
validation ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9951 (A use after free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Safari
CVE-2020-9950
RESERVED
CVE-2020-9949
RESERVED
CVE-2020-9948 (A type confusion issue was addressed with improved memory
handling. Th ...)
- TODO: check
+ NOT-FOR-US: Safari
CVE-2020-9947
RESERVED
CVE-2020-9946 (This issue was addressed with improved checks. This issue is
fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9945
RESERVED
CVE-2020-9944
@@ -40540,17 +40540,17 @@ CVE-2020-9938
CVE-2020-9937
RESERVED
CVE-2020-9936 (An out-of-bounds write issue was addressed with improved bounds
checki ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9935
RESERVED
CVE-2020-9934 (An issue existed in the handling of environment variables. This
issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9933 (An authorization issue was addressed with improved state
management. T ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9932
RESERVED
CVE-2020-9931 (A denial of service issue was addressed with improved input
validation ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9930
RESERVED
CVE-2020-9929
@@ -40571,7 +40571,7 @@ CVE-2020-9925 (A logic issue was addressed with
improved state management. This
CVE-2020-9924
RESERVED
CVE-2020-9923 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9922
RESERVED
CVE-2020-9921
@@ -40581,11 +40581,11 @@ CVE-2020-9920
CVE-2020-9919
RESERVED
CVE-2020-9918 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9917 (This issue was addressed with improved checks. This issue is
fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9916 (A URL Unicode encoding issue was addressed with improved state
managem ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9915 (An access issue existed in Content Security Policy. This issue
was add ...)
{DSA-4739-1}
- webkit2gtk 2.28.4-1
@@ -40594,21 +40594,21 @@ CVE-2020-9915 (An access issue existed in Content
Security Policy. This issue wa
- wpewebkit 2.28.4-1
NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
CVE-2020-9914 (An input validation issue existed in Bluetooth. This issue was
address ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9913 (This issue was addressed with improved data protection. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9912 (A logic issue was addressed with improved restrictions. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Safari
CVE-2020-9911 (A logic issue was addressed with improved restrictions. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Safari
CVE-2020-9910 (Multiple issues were addressed with improved logic. This issue
is fixe ...)
- TODO: check
+ NOT-FOR-US: Safari
CVE-2020-9909 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9908
RESERVED
CVE-2020-9907 (A memory corruption issue was addressed by removing the
vulnerable cod ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9906
RESERVED
CVE-2020-9905
@@ -40616,7 +40616,7 @@ CVE-2020-9905
CVE-2020-9904
RESERVED
CVE-2020-9903 (A logic issue was addressed with improved restrictions. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Safari
CVE-2020-9902
RESERVED
CVE-2020-9901
@@ -40655,21 +40655,21 @@ CVE-2020-9893 (A use after free issue was addressed
with improved memory managem
CVE-2020-9892
RESERVED
CVE-2020-9891 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9890 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9889 (An out-of-bounds write issue was addressed with improved bounds
checki ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9888 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9887
RESERVED
CVE-2020-9886
RESERVED
CVE-2020-9885 (An issue existed in the handling of iMessage tapbacks. The
issue was r ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9884 (An out-of-bounds write issue was addressed with improved bounds
checki ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9883
RESERVED
CVE-2020-9882
@@ -40681,7 +40681,7 @@ CVE-2020-9880
CVE-2020-9879
RESERVED
CVE-2020-9878 (A buffer overflow issue was addressed with improved memory
handling. T ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9877
RESERVED
CVE-2020-9876
@@ -40697,7 +40697,7 @@ CVE-2020-9872
CVE-2020-9871
RESERVED
CVE-2020-9870 (A logic issue was addressed with improved validation. This
issue is fi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9869
RESERVED
CVE-2020-9868
@@ -40707,9 +40707,9 @@ CVE-2020-9867
CVE-2020-9866
RESERVED
CVE-2020-9865 (A memory corruption issue was addressed by removing the
vulnerable cod ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9864 (A logic issue was addressed with improved restrictions. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9863
RESERVED
CVE-2020-9862 (A command injection issue existed in Web Inspector. This issue
was add ...)
@@ -40879,7 +40879,7 @@ CVE-2020-9801 (A logic issue was addressed with
improved restrictions. This issu
CVE-2020-9800 (A type confusion issue was addressed with improved memory
handling. Th ...)
NOT-FOR-US: Apple
CVE-2020-9799 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9798
RESERVED
CVE-2020-9797 (An information disclosure issue was addressed by removing the
vulnerab ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe1a5fe2ce1c2d18833a4d1a1fa5f51fc3fca5c7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe1a5fe2ce1c2d18833a4d1a1fa5f51fc3fca5c7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
