Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1babc0a8 by Moritz Muehlenhoff at 2020-11-25T09:34:09+01:00
NFUs
- - - - -
b2204944 by Moritz Muehlenhoff at 2020-11-25T09:34:45+01:00
Merge branch 'master' of
salsa.debian.org:security-tracker-team/security-tracker
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2020-29073
RESERVED
CVE-2020-29072 (A Cross-Site Script Inclusion vulnerability was found on
LiquidFiles b ...)
- TODO: check
+ NOT-FOR-US: LiquidFiles
CVE-2020-29071 (An XSS issue was found in the Shares feature of LiquidFiles
before 3.3 ...)
- TODO: check
+ NOT-FOR-US: LiquidFiles
CVE-2020-29070
RESERVED
CVE-2020-29069 (_get_flag_ip_localdb in server/mhn/ui/utils.py in Modern Honey
Network ...)
- TODO: check
+ NOT-FOR-US: Modern Honey Network
CVE-2020-29068
RESERVED
CVE-2020-29067
@@ -19,27 +19,27 @@ CVE-2020-29065
CVE-2020-29064
RESERVED
CVE-2020-29063 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A,
92416A, ...)
- TODO: check
+ NOT-FOR-US: CDATA
CVE-2020-29062 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A,
92416A, ...)
- TODO: check
+ NOT-FOR-US: CDATA
CVE-2020-29061 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A,
92416A, ...)
- TODO: check
+ NOT-FOR-US: CDATA
CVE-2020-29060 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A,
92416A, ...)
- TODO: check
+ NOT-FOR-US: CDATA
CVE-2020-29059 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A,
92416A, ...)
- TODO: check
+ NOT-FOR-US: CDATA
CVE-2020-29058 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A,
92416A, ...)
- TODO: check
+ NOT-FOR-US: CDATA
CVE-2020-29057 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A,
92416A, ...)
- TODO: check
+ NOT-FOR-US: CDATA
CVE-2020-29056 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A,
92416A, ...)
- TODO: check
+ NOT-FOR-US: CDATA
CVE-2020-29055 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A,
92416A, ...)
- TODO: check
+ NOT-FOR-US: CDATA
CVE-2020-29054 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A,
92416A, ...)
- TODO: check
+ NOT-FOR-US: CDATA
CVE-2020-29053 (HRSALE 2.0.0 allows XSS via the
admin/project/projects_calendar set_da ...)
- TODO: check
+ NOT-FOR-US: HRSALE
CVE-2020-29052
RESERVED
CVE-2020-29051
@@ -47,9 +47,9 @@ CVE-2020-29051
CVE-2020-29050
RESERVED
CVE-2015-9551 (An issue was discovered on TOTOLINK A850R-V1 through
1.0.1-B20150707.1 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2015-9550 (An issue was discovered on TOTOLINK A850R-V1 through
1.0.1-B20150707.1 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2020-29049
RESERVED
CVE-2020-29048
@@ -147,9 +147,9 @@ CVE-2020-29005
CVE-2020-29004
RESERVED
CVE-2020-29003 (The PollNY extension for MediaWiki through 1.35 allows XSS via
an answ ...)
- TODO: check
+ NOT-FOR-US: PollNY MediaWiki extension
CVE-2020-29002 (includes/CologneBlueTemplate.php in the CologneBlue skin for
MediaWiki ...)
- TODO: check
+ NOT-FOR-US: CologneBlue MediaWiki skin
CVE-2020-29001
RESERVED
CVE-2020-29000
@@ -4241,7 +4241,7 @@ CVE-2020-28331 (Barco wePresent WiPG-1600W devices have
Improper Access Control.
CVE-2020-28330 (Barco wePresent WiPG-1600W devices have Unprotected Transport
of Crede ...)
NOT-FOR-US: Barco wePresent WiPG-1600W devices
CVE-2020-28329 (Barco wePresent WiPG-1600W firmware includes a hardcoded API
account a ...)
- TODO: check
+ NOT-FOR-US: Barco wePresent WiPG-1600W devices
CVE-2020-28328 (SuiteCRM before 7.11.17 is vulnerable to remote code execution
via the ...)
NOT-FOR-US: SuiteCRM
CVE-2020-28327 (A res_pjsip_session crash was discovered in Asterisk Open
Source 13.x ...)
@@ -9443,11 +9443,11 @@ CVE-2020-26231 (October is a free, open-source,
self-hosted CMS platform based o
CVE-2020-26230 (Radar COVID is the official COVID-19 exposure notification app
for Spa ...)
NOT-FOR-US: Radar COVID
CVE-2020-26229 (TYPO3 is an open source PHP based web content management
system. In TY ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2020-26228 (TYPO3 is an open source PHP based web content management
system. In TY ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2020-26227 (TYPO3 is an open source PHP based web content management
system. In TY ...)
- TODO: check
+ NOT-FOR-US: TYPO3
CVE-2020-26226 (In the npm package semantic-release before version 17.2.3,
secrets tha ...)
NOT-FOR-US: semantic-release nodejs module
CVE-2020-26225 (In PrestaShop Product Comments before version 4.2.0, an
attacker could ...)
@@ -58316,7 +58316,7 @@ CVE-2020-6018
CVE-2020-6017
RESERVED
CVE-2020-6016 (Valve's Game Networking Sockets prior to version v1.2.0
improperly han ...)
- TODO: check
+ NOT-FOR-US: Valve's Game Networking Sockets
CVE-2020-6015 (Check Point Endpoint Security for Windows before E84.10 can
reach deni ...)
NOT-FOR-US: Check Point Endpoint Security Client
CVE-2020-6014 (Check Point Endpoint Security Client for Windows, with Anti-Bot
or Thr ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2142476e694c753d624d061a4ff008a0b3ca6dbc...b220494487b3b2a688b607428a1de524edcbfc16
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2142476e694c753d624d061a4ff008a0b3ca6dbc...b220494487b3b2a688b607428a1de524edcbfc16
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
