Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3b908662 by Salvatore Bonaccorso at 2020-10-28T10:10:10+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2020-27958
CVE-2020-27957 (The RandomGameUnit extension for MediaWiki through 1.35 was
not proper ...)
TODO: check
CVE-2020-27956 (An Arbitrary File Upload in the Upload Image component in
SourceCodest ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Car Rental Management System
CVE-2020-27955
RESERVED
CVE-2020-27954
@@ -151,11 +151,11 @@ CVE-2020-27894
CVE-2020-27893
RESERVED
CVE-2020-27892 (The Zigbee protocol implementation on Texas Instruments CC2538
devices ...)
- TODO: check
+ NOT-FOR-US: Texas Instruments CC2538 devices
CVE-2020-27891 (The Zigbee protocol implementation on Texas Instruments CC2538
devices ...)
- TODO: check
+ NOT-FOR-US: Texas Instruments CC2538 devices
CVE-2020-27890 (The Zigbee protocol implementation on Texas Instruments CC2538
devices ...)
- TODO: check
+ NOT-FOR-US: Texas Instruments CC2538 devices
CVE-2020-27889
RESERVED
CVE-2020-27888 (An issue was discovered on Ubiquiti UniFi Meshing Access Point
UAP-AC- ...)
@@ -2275,11 +2275,11 @@ CVE-2020-27162
CVE-2020-27161
RESERVED
CVE-2020-27160 (Addressed remote code execution vulnerability in
AvailableApps.php tha ...)
- TODO: check
+ NOT-FOR-US: Western Digital My Cloud NAS devices
CVE-2020-27159 (Addressed remote code execution vulnerability in DsdkProxy.php
due to ...)
- TODO: check
+ NOT-FOR-US: Western Digital My Cloud NAS devices
CVE-2020-27158 (Addressed remote code execution vulnerability in cgi_api.php
that allo ...)
- TODO: check
+ NOT-FOR-US: Western Digital My Cloud NAS devices
CVE-2020-27157 (Veritas APTARE versions prior to 10.5 included code that
bypassed the ...)
NOT-FOR-US: Veritas
CVE-2020-27156 (Veritas APTARE versions prior to 10.5 did not perform adequate
authori ...)
@@ -5266,7 +5266,7 @@ CVE-2020-25767
CVE-2020-25766 (An issue was discovered in MISP before 2.4.132. It can perform
an unwa ...)
NOT-FOR-US: MISP
CVE-2020-25765 (Addressed remote code execution vulnerability in
reg_device.php due to ...)
- TODO: check
+ NOT-FOR-US: Western Digital My Cloud Devices
CVE-2020-25764
RESERVED
CVE-2020-25763 (Seat Reservation System version 1.0 suffers from an
Unauthenticated Fi ...)
@@ -33862,7 +33862,7 @@ CVE-2020-12831 (** DISPUTED ** An issue was discovered
in FRRouting FRR (aka Fre
NOTE: https://github.com/FRRouting/frr/pull/6383
NOTE:
https://github.com/FRRouting/frr/commit/7734484a378052a513c9e21165c13bf85f78ad48
CVE-2020-12830 (Addressed multiple stack buffer overflow vulnerabilities that
could al ...)
- TODO: check
+ NOT-FOR-US: Western Digital My Cloud devices
CVE-2020-12829 (In QEMU through 5.0.0, an integer overflow was found in the
SM501 disp ...)
{DSA-4760-1}
- qemu 1:5.0-12 (low; bug #961451)
@@ -42761,7 +42761,7 @@ CVE-2020-9984 (An out-of-bounds read was addressed with
improved input validatio
CVE-2020-9983 (An out-of-bounds write issue was addressed with improved bounds
checki ...)
NOT-FOR-US: Safari
CVE-2020-9982 (This issue was addressed with improved checks to prevent
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9981
RESERVED
CVE-2020-9980 (An out-of-bounds write issue was addressed with improved bounds
checki ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b908662640850e04bdfe4cc8e1927437e236af5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b908662640850e04bdfe4cc8e1927437e236af5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
