[Git][security-tracker-team/security-tracker][master] Process more NFUs

Wed, 18 Nov 2020 12:41:22 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
27295460 by Salvatore Bonaccorso at 2020-11-18T21:40:46+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4626,7 +4626,7 @@ CVE-2020-25692 [vulnerability with slapd normalization 
handling with modrdn]
 CVE-2020-28006
        RESERVED
 CVE-2020-28005 (httpd on TP-Link TL-WPA4220 devices (hardware versions 2 
through 4) al ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2020-28004
        RESERVED
 CVE-2020-28003
@@ -7083,7 +7083,7 @@ CVE-2020-27128 (A vulnerability in the application data 
endpoints of Cisco SD-WA
 CVE-2020-27127
        RESERVED
 CVE-2020-27126 (A vulnerability in an API of Cisco Webex Meetings could allow 
an unaut ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-27125 (A vulnerability in Cisco Security Manager could allow an 
unauthenticat ...)
        NOT-FOR-US: Cisco
 CVE-2020-27124
@@ -7668,7 +7668,7 @@ CVE-2020-26886
 CVE-2020-26885
        RESERVED
 CVE-2020-26884 (RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL 
injection vulner ...)
-       TODO: check
+       NOT-FOR-US: RSA Archer
 CVE-2020-26883 (In Play Framework 2.6.0 through 2.8.2, stack consumption can 
occur bec ...)
        NOT-FOR-US: Play Framework
 CVE-2020-26882 (In Play Framework 2.6.0 through 2.8.2, data amplification can 
occur wh ...)
@@ -8388,7 +8388,7 @@ CVE-2020-26556
 CVE-2020-26555
        RESERVED
 CVE-2020-26554 (REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an 
incoming HTML  ...)
-       TODO: check
+       NOT-FOR-US: REDDOXX MailDepot
 CVE-2020-26553 (An issue was discovered in Aviatrix Controller before 
R6.0.2483. Sever ...)
        NOT-FOR-US: Aviatrix
 CVE-2020-26552 (An issue was discovered in Aviatrix Controller before 
R6.0.2483. Multi ...)
@@ -9415,25 +9415,25 @@ CVE-2020-26083 (A vulnerability in the web-based 
management interface of Cisco I
 CVE-2020-26082
        RESERVED
 CVE-2020-26081 (Multiple vulnerabilities in the web UI of Cisco IoT Field 
Network Dire ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-26080 (A vulnerability in the user management functionality of Cisco 
IoT Fiel ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-26079 (A vulnerability in the web UI of Cisco IoT Field Network 
Director (FND ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-26078 (A vulnerability in the file system of Cisco IoT Field Network 
Director ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-26077 (A vulnerability in the access control functionality of Cisco 
IoT Field ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-26076 (A vulnerability in Cisco IoT Field Network Director (FND) 
could allow  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-26075 (A vulnerability in the REST API of Cisco IoT Field Network 
Director (F ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-26074
        RESERVED
 CVE-2020-26073
        RESERVED
 CVE-2020-26072 (A vulnerability in the SOAP API of Cisco IoT Field Network 
Director (F ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-26071
        RESERVED
 CVE-2020-26070 (A vulnerability in the ingress packet processing function of 
Cisco IOS ...)
@@ -9441,7 +9441,7 @@ CVE-2020-26070 (A vulnerability in the ingress packet 
processing function of Cis
 CVE-2020-26069
        RESERVED
 CVE-2020-26068 (A vulnerability in the xAPI service of Cisco Telepresence CE 
Software  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-26067
        RESERVED
 CVE-2020-26066
@@ -11038,7 +11038,7 @@ CVE-2020-25408
 CVE-2020-25407
        RESERVED
 CVE-2020-25406 (app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows 
users to  ...)
-       TODO: check
+       NOT-FOR-US: lemocms
 CVE-2020-25405
        RESERVED
 CVE-2020-25404
@@ -12550,7 +12550,7 @@ CVE-2020-24725
 CVE-2020-24724
        RESERVED
 CVE-2020-24723 (Cross Site Scripting (XSS) vulnerability in the Registration 
page of t ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2020-24722 (** DISPUTED ** An issue was discovered in the GAEN (aka 
Google/Apple E ...)
        NOT-FOR-US: GAEN (Google Apple Encounter Notification) protocol
 CVE-2020-24721 (An issue was discovered in the GAEN (aka Google/Apple Exposure 
Notific ...)
@@ -13512,7 +13512,7 @@ CVE-2020-24299
 CVE-2020-24298
        RESERVED
 CVE-2020-24297 (httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) 
allows remo ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2020-24296
        RESERVED
 CVE-2020-24295
@@ -53837,11 +53837,11 @@ CVE-2020-7566
 CVE-2020-7565
        RESERVED
 CVE-2020-7564 (A CWE-120: Buffer Copy without Checking Size of Input ('Classic 
Buffer ...)
-       TODO: check
+       NOT-FOR-US: Modicon
 CVE-2020-7563 (A CWE-787: Out-of-bounds Write vulnerability exists in the Web 
Server  ...)
-       TODO: check
+       NOT-FOR-US: Modicon
 CVE-2020-7562 (A CWE-125: Out-of-Bounds Read vulnerability exists in the Web 
Server o ...)
-       TODO: check
+       NOT-FOR-US: Modicon
 CVE-2020-7561
        RESERVED
 CVE-2020-7560
@@ -64635,7 +64635,7 @@ CVE-2020-3588 (A vulnerability in virtualization 
channel messaging in Cisco Webe
 CVE-2020-3587 (A vulnerability in the web-based management interface of the 
Cisco SD- ...)
        NOT-FOR-US: Cisco
 CVE-2020-3586 (A vulnerability in the web-based management interface of Cisco 
DNA Spa ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-3585 (A vulnerability in the TLS handler of Cisco Adaptive Security 
Applianc ...)
        NOT-FOR-US: Cisco
 CVE-2020-3584
@@ -64745,7 +64745,7 @@ CVE-2020-3533 (A vulnerability in the Simple Network 
Management Protocol (SNMP)
 CVE-2020-3532
        RESERVED
 CVE-2020-3531 (A vulnerability in the REST API of Cisco IoT Field Network 
Director (F ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-3530 (A vulnerability in task group assignment for a specific CLI 
command in ...)
        NOT-FOR-US: Cisco
 CVE-2020-3529 (A vulnerability in the SSL VPN negotiation process for Cisco 
Adaptive  ...)
@@ -64843,7 +64843,7 @@ CVE-2020-3484 (A vulnerability in the web-based 
management interface of Cisco Vi
 CVE-2020-3483 (Duo has identified and fixed an issue with the Duo Network 
Gateway (DN ...)
        NOT-FOR-US: Duo
 CVE-2020-3482 (A vulnerability in the Traversal Using Relays around NAT (TURN) 
server ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-3481 (A vulnerability in the EGG archive parsing module in Clam 
AntiVirus (C ...)
        {DLA-2314-1}
        - clamav 0.102.4+dfsg-1
@@ -64868,9 +64868,9 @@ CVE-2020-3473 (A vulnerability in task group assignment 
for a specific CLI comma
 CVE-2020-3472 (A vulnerability in the contacts feature of Cisco Webex Meetings 
could  ...)
        NOT-FOR-US: Cisco
 CVE-2020-3471 (A vulnerability in Cisco Webex Meetings and Cisco Webex 
Meetings Serve ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-3470 (Multiple vulnerabilities in the API subsystem of Cisco 
Integrated Mana ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-3469
        RESERVED
 CVE-2020-3468 (A vulnerability in the web-based management interface of Cisco 
SD-WAN  ...)
@@ -64928,7 +64928,7 @@ CVE-2020-3443 (A vulnerability in Cisco Smart Software 
Manager On-Prem (SSM On-P
 CVE-2020-3442 (The DuoConnect client enables users to establish SSH 
connections to ho ...)
        NOT-FOR-US: DuoConnect
 CVE-2020-3441 (A vulnerability in Cisco Webex Meetings and Cisco Webex 
Meetings Serve ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-3440 (A vulnerability in Cisco Webex Meetings Desktop App for Windows 
could  ...)
        NOT-FOR-US: Cisco
 CVE-2020-3439 (A vulnerability in the web-based management interface of Cisco 
Data Ce ...)
@@ -64972,7 +64972,7 @@ CVE-2020-3421 (Multiple vulnerabilities in the 
Zone-Based Firewall feature of Ci
 CVE-2020-3420
        RESERVED
 CVE-2020-3419 (A vulnerability in Cisco Webex Meetings and Cisco Webex 
Meetings Serve ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-3418 (A vulnerability in Cisco IOS XE Wireless Controller Software 
for Cisco ...)
        NOT-FOR-US: Cisco
 CVE-2020-3417 (A vulnerability in Cisco IOS XE Software could allow an 
authenticated, ...)
@@ -65026,7 +65026,7 @@ CVE-2020-3394 (A vulnerability in the Enable Secret 
feature of Cisco Nexus 3000
 CVE-2020-3393 (A vulnerability in the application-hosting subsystem of Cisco 
IOS XE S ...)
        NOT-FOR-US: Cisco
 CVE-2020-3392 (A vulnerability in the API of Cisco IoT Field Network Director 
(FND) c ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-3391 (A vulnerability in Cisco Digital Network Architecture (DNA) 
Center cou ...)
        NOT-FOR-US: Cisco
 CVE-2020-3390 (A vulnerability in Simple Network Management Protocol (SNMP) 
trap gene ...)
@@ -65076,7 +65076,7 @@ CVE-2020-3369 (A vulnerability in the deep packet 
inspection (DPI) engine of Cis
 CVE-2020-3368 (A vulnerability in the antispam protection mechanisms of Cisco 
AsyncOS ...)
        NOT-FOR-US: Cisco
 CVE-2020-3367 (A vulnerability in the log subscription subsystem of Cisco 
AsyncOS for ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2020-3366
        RESERVED
 CVE-2020-3365 (A vulnerability in the directory permissions of Cisco 
Enterprise NFV I ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27295460f5a16add86d634c3a8db09e6a9aeb38b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27295460f5a16add86d634c3a8db09e6a9aeb38b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to