Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2d1452e9 by Salvatore Bonaccorso at 2020-11-30T21:14:42+01:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2020-29395 (The EventON plugin through 3.0.5 for WordPress allows
addons/?q= XSS v ...)
- TODO: check
+ NOT-FOR-US: EventON plugin for WordPress
CVE-2020-29394 (A buffer overflow in the dlt_filter_load function in
dlt_common.c in d ...)
TODO: check
CVE-2020-29393
@@ -881,11 +881,11 @@ CVE-2020-28980
CVE-2020-28979
RESERVED
CVE-2020-28978 (The Canto plugin 1.3.0 for WordPress contains blind SSRF
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Canto plugin for WordPress
CVE-2020-28977 (The Canto plugin 1.3.0 for WordPress contains blind SSRF
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Canto plugin for WordPress
CVE-2020-28976 (The Canto plugin 1.3.0 for WordPress contains a blind SSRF
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Canto plugin for WordPress
CVE-2020-28984 (prive/formulaires/configurer_preferences.php in SPIP before
3.2.8 does ...)
{DSA-4798-1}
- spip 3.2.8-1
@@ -58519,7 +58519,7 @@ CVE-2020-6319 (SAP NetWeaver Application Server Java,
versions - 7.10, 7.11, 7.2
CVE-2020-6318 (A Remote Code Execution vulnerability exists in the SAP
NetWeaver (ABA ...)
NOT-FOR-US: SAP
CVE-2020-6317 (In certain situations, an attacker with regular user
credentials and l ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2020-6316 (SAP ERP and SAP S/4 HANA allows an authenticated user to see
cost reco ...)
NOT-FOR-US: SAP
CVE-2020-6315 (SAP 3D Visual Enterprise Viewer, version 9, allows an attacker
to send ...)
@@ -62176,7 +62176,7 @@ CVE-2020-4902
CVE-2020-4901
RESERVED
CVE-2020-4900 (IBM Business Automation Workflow 19.0.0.3 stores potentially
sensitive ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4899
RESERVED
CVE-2020-4898
@@ -62585,7 +62585,7 @@ CVE-2020-4698 (IBM Business Process Manager 8.5, 8.6
and IBM Business Automation
CVE-2020-4697
RESERVED
CVE-2020-4696 (IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate
session a ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4695
RESERVED
CVE-2020-4694
@@ -62723,13 +62723,13 @@ CVE-2020-4629 (IBM WebSphere Application Server 7.0,
8.0, 8.5, and 9.0 could all
CVE-2020-4628
RESERVED
CVE-2020-4627 (IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable
to CVS ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4626 (IBM Cloud Pak for Security 1.3.0.1 (CP4S) could reveal
sensitive infor ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4625 (IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote
attacker ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4624 (IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than
expected cr ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4623
RESERVED
CVE-2020-4622 (IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded
credentials, su ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d1452e920cb843e72ceeee514c01f8677e02a8f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d1452e920cb843e72ceeee514c01f8677e02a8f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
