Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1c4852ef by Salvatore Bonaccorso at 2020-10-19T22:22:00+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5818,19 +5818,19 @@ CVE-2020-24654 (In KDE Ark before 20.08.1, a crafted
TAR archive with symlinks c
CVE-2020-24653 (secure-store in Expo through 2.16.1 on iOS provides the
insecure kSecA ...)
NOT-FOR-US: secure-store in Expo on iOS
CVE-2020-24652 (A addvsiinterfaceinfo expression language injection remote
code execut ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24651 (A syslogtempletselectwin expression language injection remote
code exe ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24650 (A legend expression language injection remote code execution
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24649 (A remote bytemessageresource transformentity" input validation
code ex ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24648 (A accessmgrservlet classname deserialization of untrusted data
remote ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24647 (A remote accessmgrservlet classname input validation code
execution vu ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24646 (A tftpserver stack-based buffer overflow remote code execution
vulnera ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24645
RESERVED
CVE-2020-24644
@@ -5862,9 +5862,9 @@ CVE-2020-24632
CVE-2020-24631
RESERVED
CVE-2020-24630 (A remote operatoronlinelist_content privilege escalation
vulnerability ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24629 (A remote urlaccesscontroller authentication bypass
vulnerability was d ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24628 (A remote code injection vulnerability was discovered in HPE
KVM IP Con ...)
NOT-FOR-US: HPE
CVE-2020-24627 (A remote stored xss vulnerability was discovered in HPE KVM IP
Console ...)
@@ -23690,9 +23690,9 @@ CVE-2020-15912 (** DISPUTED ** Tesla Model 3 vehicles
allow attackers to open a
CVE-2020-15911
RESERVED
CVE-2020-15910 (SolarWinds N-Central version 12.3 GA and lower does not set
the JSESSI ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2020-15909 (SolarWinds N-central through 2020.1 allows session hijacking
and requi ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2020-15908 (tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!)
before 1.6. ...)
NOT-FOR-US: Cauldron cbang
CVE-2020-15907 (In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and
20.04 before ...)
@@ -29521,7 +29521,7 @@ CVE-2020-13780
CVE-2020-13779
RESERVED
CVE-2020-13778 (rConfig 3.9.4 and earlier allows authenticated code execution
(of syst ...)
- TODO: check
+ NOT-FOR-US: rConfig
CVE-2020-13777 (GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for
encrypting ...)
{DSA-4697-1}
- gnutls28 3.6.14-1 (bug #962289)
@@ -36551,7 +36551,7 @@ CVE-2020-11498 (Slack Nebula through 1.1.0 contains a
relative path vulnerabilit
CVE-2020-11497 (An issue was discovered in the NAB Transact extension 2.1.0
for the Wo ...)
NOT-FOR-US: NAB Transact extension 2.1.0 for the WooCommerce plugin for
WordPress
CVE-2020-11496 (Sprecher SPRECON-E firmware prior to 8.64b might allow local
attackers ...)
- TODO: check
+ NOT-FOR-US: Sprecher SPRECON-E firmware
CVE-2020-11495
REJECTED
CVE-2020-11494 (An issue was discovered in slc_bump in drivers/net/can/slcan.c
in the ...)
@@ -47530,115 +47530,115 @@ CVE-2020-7197
CVE-2020-7196
RESERVED
CVE-2020-7195 (A iccselectrules expression language injection remote code
execution v ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7194 (A perfaddormoddevicemonitor expression language injection
remote code ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7193 (A ictexpertcsvdownload expression language injection remote
code execu ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7192 (A devicethresholdconfig expression language injection remote
code exec ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7191 (A devsoftsel expression language injection remote code
execution vulne ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7190 (A deviceselect expression language injection remote code
execution vul ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7189 (A faultflasheventselectfact expression language injectionremote
code e ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7188 (A userselectpagingcontent expression language injection remote
code ex ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7187 (A reportpage index expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7186 (A powershellconfigcontent expression language injection remote
code ex ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7185 (A tvxlanlegend expression language injection remote code
execution vul ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7184 (A viewbatchtaskresultdetailfact expression language injection
remote c ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7183 (A forwardredirect expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7182 (A sshconfig expression language injection remote code execution
vulner ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7181 (A smsrulesdownload expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7180 (A ictexpertdownload expression language injection remote code
executio ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7179 (A thirdpartyperfselecttask expression language injection remote
code e ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7178 (A mediaforaction expression language injection remote code
execution v ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7177 (A wmiconfigcontent expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7176 (A viewtaskresultdetailfact expression language injection remote
code e ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7175 (A iccselectdymicparam expression language injection remote code
execut ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7174 (A soapconfigcontent expression language injection remote code
executio ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7173 (A actionselectcontent expression language injection remote code
execut ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7172 (A templateselect expression language injection remote code
execution v ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7171 (A guidatadetail expression language injection remote code
execution vu ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7170 (A select expression language injection remote code execution
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7169 (A ictexpertcsvdownload expression language injection remote
code execu ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7168 (A selectusergroup expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7167 (A quicktemplateselect expression language injection remote code
execut ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7166 (A operatorgrouptreeselectcontent expression language injection
remote ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7165 (A iccselectcommand expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7164 (A operationselect expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7163 (A navigationto expression language injection remote code
execution vul ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7162 (A operatorgroupselectcontent expression language injection
remote code ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7161 (A reporttaskselect expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7160 (A iccselectdeviceseries expression language injection remote
code exec ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7159 (A customtemplateselect expression language injection remote
code execu ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7158 (A perfselecttask expression language injection remote code
execution v ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7157 (A selviewnavcontent expression language injection remote code
executio ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7156 (A faultinfo_content expression language injection remote code
executio ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7155 (A select expression language injection remote code execution
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7154 (A ifviewselectpage expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7153 (A iccselectdevtype expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7152 (A faultparasset expression language injection remote code
execution vu ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7151 (A faulttrapgroupselect expression language injection remote
code execu ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7150 (A faultstatchoosefaulttype expression language injection remote
code e ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7149 (A ictexpertcsvdownload expression language injection remote
code execu ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7148 (A deployselectsoftware expression language injection remote
code execu ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7147 (A deployselectbootrom expression language injection remote code
execut ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7146 (A devgroupselect expression language injection remote code
execution v ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7145 (A chooseperfview expression language injection remote code
execution v ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7144 (A comparefilesresult expression language injection remote code
executi ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7143 (A faultdevparasset expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7142 (A eventinfo_content expression language injection remote code
executio ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7141 (A adddevicetoview expression language injection remote code
execution ...)
- TODO: check
+ NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7140 (A security vulnerability in HPE IceWall SSO Dfw and Dgfw
(Domain Gatew ...)
NOT-FOR-US: HPE
CVE-2020-7139 (Potential remote access security vulnerabilities have been
identified ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c4852efeaefb58486962c1467a6b673256a6f3c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c4852efeaefb58486962c1467a6b673256a6f3c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
