Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9c566ca6 by Salvatore Bonaccorso at 2020-11-06T21:55:34+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4497,7 +4497,7 @@ CVE-2020-27198
CVE-2020-27197 (** DISPUTED ** TAXII libtaxii through 1.1.117, as used in
EclecticIQ O ...)
NOT-FOR-US: TAXII libtaxii
CVE-2020-27196 (An issue was discovered in PlayJava in Play Framework 2.6.0
through 2. ...)
- TODO: check
+ NOT-FOR-US: Play Framework
CVE-2020-27195 (HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to
0.12.5 client ...)
- nomad <unfixed> (bug #972795)
NOTE: https://github.com/hashicorp/nomad/issues/9129
@@ -4651,9 +4651,9 @@ CVE-2020-27131
CVE-2020-27130
RESERVED
CVE-2020-27129 (A vulnerability in the remote management feature of Cisco
SD-WAN vMana ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27128 (A vulnerability in the application data endpoints of Cisco
SD-WAN vMan ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27127
RESERVED
CVE-2020-27126
@@ -4663,11 +4663,11 @@ CVE-2020-27125
CVE-2020-27124
RESERVED
CVE-2020-27123 (A vulnerability in the interprocess communication (IPC)
channel of Cis ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27122 (A vulnerability in the Microsoft Active Directory integration
of Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27121 (A vulnerability in Cisco Unified Communications Manager IM
&amp; P ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27120
RESERVED
CVE-2020-27119
@@ -5152,9 +5152,9 @@ CVE-2020-26885
CVE-2020-26884
RESERVED
CVE-2020-26883 (In Play Framework 2.6.0 through 2.8.2, stack consumption can
occur bec ...)
- TODO: check
+ NOT-FOR-US: Play Framework
CVE-2020-26882 (In Play Framework 2.6.0 through 2.8.2, data amplification can
occur wh ...)
- TODO: check
+ NOT-FOR-US: Play Framework
CVE-2020-26881
RESERVED
CVE-2020-26880 (Sympa through 6.2.57b.2 allows a local privilege escalation
from the s ...)
@@ -6878,13 +6878,13 @@ CVE-2020-26089
CVE-2020-26087
RESERVED
CVE-2020-26086 (A vulnerability in the video endpoint API (xAPI) of Cisco
TelePresence ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26085
RESERVED
CVE-2020-26084 (A vulnerability in the REST API of Cisco Edge Fog Fabric could
allow a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26083 (A vulnerability in the web-based management interface of Cisco
Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26082
RESERVED
CVE-2020-26081
@@ -9001,15 +9001,15 @@ CVE-2020-25176
CVE-2020-25175
RESERVED
CVE-2020-25174 (A DLL hijacking vulnerability in the B. Braun OnlineSuite
Version AP 3 ...)
- TODO: check
+ NOT-FOR-US: B. Braun OnlineSuite Version AP
CVE-2020-25173
RESERVED
CVE-2020-25172 (A relative path traversal attack in the B. Braun OnlineSuite
Version A ...)
- TODO: check
+ NOT-FOR-US: B. Braun OnlineSuite Version AP
CVE-2020-25171
RESERVED
CVE-2020-25170 (An Excel Macro Injection vulnerability exists in the export
feature in ...)
- TODO: check
+ NOT-FOR-US: B. Braun OnlineSuite Version AP
CVE-2020-25169
RESERVED
CVE-2020-25168
@@ -44425,9 +44425,9 @@ CVE-2020-10294
CVE-2020-10293
RESERVED
CVE-2020-10292 (Visual Components (owned by KUKA) is a robotic simulator that
allows s ...)
- TODO: check
+ NOT-FOR-US: Visual Components
CVE-2020-10291 (Visual Components (owned by KUKA) is a robotic simulator that
allows s ...)
- TODO: check
+ NOT-FOR-US: Visual Components
CVE-2020-10290 (Universal Robots controller execute URCaps (zip files
containing Java- ...)
NOT-FOR-US: Universal Robots controller
CVE-2020-10289 (Use of unsafe yaml load. Allows instantiation of arbitrary
objects. Th ...)
@@ -48575,13 +48575,13 @@ CVE-2020-8582
CVE-2020-8581
RESERVED
CVE-2020-8580 (SANtricity OS Controller Software versions 11.30 and higher are
suscep ...)
- TODO: check
+ NOT-FOR-US: SANtricity OS Controller Software
CVE-2020-8579 (Clustered Data ONTAP versions 9.7 through 9.7P7 are susceptible
to a v ...)
NOT-FOR-US: Clustered Data ONTAP
CVE-2020-8578
RESERVED
CVE-2020-8577 (SANtricity OS Controller Software versions 11.50.1 and higher
are susc ...)
- TODO: check
+ NOT-FOR-US: SANtricity OS Controller Software
CVE-2020-8576 (Clustered Data ONTAP versions prior to 9.3P19, 9.5P14, 9.6P9
and 9.7 a ...)
NOT-FOR-US: ONTAP
CVE-2020-8575 (Active IQ Unified Manager for VMware vSphere and Windows
versions prio ...)
@@ -55625,7 +55625,7 @@ CVE-2020-5797
CVE-2020-5796
RESERVED
CVE-2020-5795 (UNIX Symbolic Link (Symlink) Following in TP-Link Archer
A7(US)_V5_200 ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2020-5794 (A vulnerability in Nessus Network Monitor versions 5.11.0,
5.11.1, and ...)
TODO: check
CVE-2020-5793 (A vulnerability in Nessus versions 8.9.0 through 8.12.0 for
Windows &a ...)
@@ -61901,15 +61901,15 @@ CVE-2020-3606
CVE-2020-3605
RESERVED
CVE-2020-3604 (Multiple vulnerabilities in Cisco Webex Network Recording
Player for W ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3603 (Multiple vulnerabilities in Cisco Webex Network Recording
Player for W ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3602 (A vulnerability in the CLI of Cisco StarOS operating system for
Cisco ...)
NOT-FOR-US: Cisco
CVE-2020-3601 (A vulnerability in the CLI of Cisco StarOS operating system for
Cisco ...)
NOT-FOR-US: Cisco
CVE-2020-3600 (A vulnerability in Cisco SD-WAN Software could allow an
authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3599 (A vulnerability in the web-based management interface of Cisco
Adaptiv ...)
NOT-FOR-US: Cisco
CVE-2020-3598 (A vulnerability in the web-based management interface of Cisco
Vision ...)
@@ -61919,23 +61919,23 @@ CVE-2020-3597 (A vulnerability in the configuration
restore feature of Cisco Nex
CVE-2020-3596 (A vulnerability in the Session Initiation Protocol (SIP) of
Cisco Expr ...)
NOT-FOR-US: Cisco
CVE-2020-3595 (A vulnerability in Cisco SD-WAN Software could allow an
authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3594 (A vulnerability in Cisco SD-WAN Software could allow an
authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3593 (A vulnerability in Cisco SD-WAN Software could allow an
authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3592 (A vulnerability in the web-based management interface of Cisco
SD-WAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3591 (A vulnerability in the web-based management interface of the
Cisco SD- ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3590 (A vulnerability in the web-based management interface of the
Cisco SD- ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3589 (A vulnerability in the web-based management interface of Cisco
Identit ...)
NOT-FOR-US: Cisco
CVE-2020-3588 (A vulnerability in virtualization channel messaging in Cisco
Webex Mee ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3587 (A vulnerability in the web-based management interface of the
Cisco SD- ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3586
RESERVED
CVE-2020-3585 (A vulnerability in the TLS handler of Cisco Adaptive Security
Applianc ...)
@@ -61951,7 +61951,7 @@ CVE-2020-3581 (Multiple vulnerabilities in the web
services interface of Cisco A
CVE-2020-3580 (Multiple vulnerabilities in the web services interface of Cisco
Adapti ...)
NOT-FOR-US: Cisco
CVE-2020-3579 (A vulnerability in the web-based management interface of Cisco
SD-WAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3578 (A vulnerability in the web services interface of Cisco Adaptive
Securi ...)
NOT-FOR-US: Cisco
CVE-2020-3577 (A vulnerability in the ingress packet processing path of Cisco
Firepow ...)
@@ -61961,9 +61961,9 @@ CVE-2020-3576
CVE-2020-3575
RESERVED
CVE-2020-3574 (A vulnerability in the TCP packet processing functionality of
Cisco IP ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3573 (Multiple vulnerabilities in Cisco Webex Network Recording
Player for W ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3572 (A vulnerability in the SSL/TLS session handler of Cisco
Adaptive Secur ...)
NOT-FOR-US: Cisco
CVE-2020-3571 (A vulnerability in the ICMP ingress packet processing of Cisco
Firepow ...)
@@ -61997,7 +61997,7 @@ CVE-2020-3558 (A vulnerability in the web-based
management interface of Cisco Fi
CVE-2020-3557 (A vulnerability in the host input API daemon of Cisco Firepower
Manage ...)
NOT-FOR-US: Cisco
CVE-2020-3556 (A vulnerability in the interprocess communication (IPC) channel
of Cis ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3555 (A vulnerability in the SIP inspection process of Cisco Adaptive
Securi ...)
NOT-FOR-US: Cisco
CVE-2020-3554 (A vulnerability in the TCP packet processing of Cisco Adaptive
Securit ...)
@@ -62007,7 +62007,7 @@ CVE-2020-3553 (Multiple vulnerabilities in the
web-based management interface of
CVE-2020-3552 (A vulnerability in the Ethernet packet handling of Cisco
Aironet Acces ...)
NOT-FOR-US: Cisco
CVE-2020-3551 (A vulnerability in the web-based management interface of Cisco
Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3550 (A vulnerability in the sfmgr daemon of Cisco Firepower
Management Cent ...)
NOT-FOR-US: Cisco
CVE-2020-3549 (A vulnerability in the sftunnel functionality of Cisco
Firepower Manag ...)
@@ -62224,7 +62224,7 @@ CVE-2020-3446 (A vulnerability in Cisco Virtual Wide
Area Application Services (
CVE-2020-3445
RESERVED
CVE-2020-3444 (A vulnerability in the packet filtering features of Cisco
SD-WAN Softw ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3443 (A vulnerability in Cisco Smart Software Manager On-Prem (SSM
On-Prem) ...)
NOT-FOR-US: Cisco
CVE-2020-3442 (The DuoConnect client enables users to establish SSH
connections to ho ...)
@@ -62370,7 +62370,7 @@ CVE-2020-3373 (A vulnerability in the IP
fragment-handling implementation of Cis
CVE-2020-3372 (A vulnerability in the web-based management interface of Cisco
SD-WAN ...)
NOT-FOR-US: Cisco
CVE-2020-3371 (A vulnerability in the web UI of Cisco Integrated Management
Controlle ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3370 (A vulnerability in URL filtering of Cisco Content Security
Management ...)
NOT-FOR-US: Cisco
CVE-2020-3369 (A vulnerability in the deep packet inspection (DPI) engine of
Cisco SD ...)
@@ -62556,7 +62556,7 @@ CVE-2020-3286 (Multiple vulnerabilities in the
web-based management interface of
CVE-2020-3285 (A vulnerability in the Transport Layer Security version 1.3
(TLS 1.3) ...)
NOT-FOR-US: Cisco
CVE-2020-3284 (A vulnerability in the enhanced Preboot eXecution Environment
(PXE) bo ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3283 (A vulnerability in the Secure Sockets Layer (SSL)/Transport
Layer Secu ...)
NOT-FOR-US: Cisco
CVE-2020-3282 (A vulnerability in the web-based management interface of Cisco
Unified ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c566ca64e4ca63891ebce28bfaface337e923e3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c566ca64e4ca63891ebce28bfaface337e923e3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
