Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3bf5c4ed by Salvatore Bonaccorso at 2021-01-27T21:13:49+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14179,7 +14179,7 @@ CVE-2021-20359
CVE-2021-20358
RESERVED
CVE-2021-20357 (IBM Jazz Foundation products is vulnerable to cross-site
scripting. Th ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-20356
RESERVED
CVE-2021-20355
@@ -81154,7 +81154,7 @@ CVE-2020-4969 (IBM Security Identity Governance and
Intelligence 5.2.6 could all
CVE-2020-4968 (IBM Security Identity Governance and Intelligence 5.2.6 uses
weaker th ...)
NOT-FOR-US: IBM
CVE-2020-4967 (IBM Cloud Pak for Security (CP4S) 1.3.0.1 could disclose
sensitive inf ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4966 (IBM Security Identity Governance and Intelligence 5.2.6 does
not set t ...)
NOT-FOR-US: IBM
CVE-2020-4965
@@ -81184,7 +81184,7 @@ CVE-2020-4954
CVE-2020-4953
RESERVED
CVE-2020-4952 (IBM Security Guardium 11.2 could allow an authenticated user to
gain r ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4951
RESERVED
CVE-2020-4950
@@ -81358,7 +81358,7 @@ CVE-2020-4867
CVE-2020-4866
RESERVED
CVE-2020-4865 (IBM Jazz Foundation products is vulnerable to cross-site
scripting. Th ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4864 (IBM Resilient SOAR V38.0 could allow an attacker on the
internal net w ...)
NOT-FOR-US: IBM
CVE-2020-4863
@@ -81378,7 +81378,7 @@ CVE-2020-4857
CVE-2020-4856
RESERVED
CVE-2020-4855 (IBM Jazz Foundation products is vulnerable to cross-site
scripting. Th ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4854 (IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains
hard-coded cr ...)
NOT-FOR-US: IBM
CVE-2020-4853
@@ -81448,7 +81448,7 @@ CVE-2020-4822
CVE-2020-4821
RESERVED
CVE-2020-4820 (IBM Cloud Pak for Security (CP4S) 1.4.0.0 is vulnerable to
cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4819
RESERVED
CVE-2020-4818
@@ -81456,9 +81456,9 @@ CVE-2020-4818
CVE-2020-4817
RESERVED
CVE-2020-4816 (IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote
attacke ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4815 (IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote
user to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4814
RESERVED
CVE-2020-4813
@@ -81510,16 +81510,16 @@ CVE-2020-4791
CVE-2020-4790
RESERVED
CVE-2020-4789 (IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch
1, and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4788 (IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow
a local ...)
{DLA-2483-1}
- linux 5.9.11-1
[buster] - linux 4.19.160-1
[stretch] - linux <ignored> (powerpc architectures not included in LTS)
CVE-2020-4787 (IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch
1, and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4786 (IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch
1, and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4785 (IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1,
1.0.2, 1. ...)
NOT-FOR-US: IBM
CVE-2020-4784
@@ -81835,7 +81835,7 @@ CVE-2020-4630
CVE-2020-4629 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could
allow a ...)
NOT-FOR-US: IBM
CVE-2020-4628 (IBM Cloud Pak for Security (CP4S) 1.3.0.1 and 1.4.0.0 could
allow a re ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4627 (IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable
to CVS ...)
NOT-FOR-US: IBM
CVE-2020-4626 (IBM Cloud Pak for Security 1.3.0.1 (CP4S) could reveal
sensitive infor ...)
@@ -81997,7 +81997,7 @@ CVE-2020-4549 (IBM i2 Analyst Notebook 9.2.1 could
allow a local attacker to exe
CVE-2020-4548 (IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper
input ...)
NOT-FOR-US: IBM
CVE-2020-4547 (IBM Jazz Foundation products could allow a remote attacker to
hijack t ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4546 (IBM Jazz Team Server based Applications are vulnerable to
cross-site s ...)
NOT-FOR-US: IBM
CVE-2020-4545 (IBM Aspera Connect 3.9.9 could allow a remote attacker to
execute arbi ...)
@@ -82043,7 +82043,7 @@ CVE-2020-4526 (IBM Maximo Asset Management 7.6.0 and
7.6.1 is vulnerable to cros
CVE-2020-4525 (IBM Jazz Foundation and IBM Engineering products are vulnerable
to cro ...)
NOT-FOR-US: IBM
CVE-2020-4524 (IBM Jazz Foundation products is vulnerable to cross-site
scripting. Th ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4523
RESERVED
CVE-2020-4522 (IBM Jazz Team Server based Applications are vulnerable to
cross-site s ...)
@@ -82713,7 +82713,7 @@ CVE-2020-4191 (IBM Security Guardium 11.1 uses weaker
than expected cryptographi
CVE-2020-4190 (IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded
credent ...)
NOT-FOR-US: IBM
CVE-2020-4189 (IBM Security Guardium 11.2 discloses sensitive information in
the resp ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4188 (IBM Security Guardium 10.6 and 11.1 may use insufficiently
random numb ...)
NOT-FOR-US: IBM
CVE-2020-4187 (IBM Security Guardium 11.1 could disclose sensitive information
on the ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3bf5c4edf104e078476f468863787f71689711a7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3bf5c4edf104e078476f468863787f71689711a7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
