Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c157626e by Moritz Muehlenhoff at 2021-02-11T10:40:11+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7593,27 +7593,27 @@ CVE-2021-23885
CVE-2021-23884
RESERVED
CVE-2021-23883 (A Null Pointer Dereference vulnerability in McAfee Endpoint
Security ( ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-23882 (Improper Access Control vulnerability in McAfee Endpoint
Security (ENS ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-23881 (A stored cross site scripting vulnerability in ePO extension
of McAfee ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-23880 (Improper Access Control in attribute in McAfee Endpoint
Security (ENS) ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-23879
RESERVED
CVE-2021-23878 (Clear text storage of sensitive Information in memory
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-23877
RESERVED
CVE-2021-23876 (Bypass Remote Procedure call in McAfee Total Protection (MTP)
prior to ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-23875
RESERVED
CVE-2021-23874 (Arbitrary Process Execution vulnerability in McAfee Total
Protection ( ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-23873 (Privilege Escalation vulnerability in McAfee Total Protection
(MTP) pr ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-23872
RESERVED
CVE-2021-23871
@@ -11292,7 +11292,7 @@ CVE-2021-22135
CVE-2021-22134
RESERVED
CVE-2021-22133 (The Elastic APM agent for Go versions before 1.11.0 can leak
sensitive ...)
- TODO: check
+ NOT-FOR-US: Elastic APM agent
CVE-2021-22132 (Elasticsearch versions 7.7.0 to 7.10.1 contain an information
disclosu ...)
- elasticsearch <removed>
CVE-2021-22131
@@ -21985,9 +21985,9 @@ CVE-2020-28873
CVE-2020-28872
RESERVED
CVE-2020-28871 (Remote code execution in Monitorr v1.7.6m in upload.php allows
an unau ...)
- TODO: check
+ NOT-FOR-US: Monitorr
CVE-2020-28870 (In InoERP 0.7.2, an unauthorized attacker can execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: InoERP
CVE-2020-28869
RESERVED
CVE-2020-28868
@@ -24146,11 +24146,11 @@ CVE-2020-28396 (A vulnerability has been identified
in SICAM A8000 CP-8000 (All
CVE-2020-28395 (A vulnerability has been identified in SCALANCE X-300 switch
family (i ...)
NOT-FOR-US: Siemens
CVE-2020-28394 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-28393
RESERVED
CVE-2020-28392 (A vulnerability has been identified in SIMARIS configuration
(All vers ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-28391 (A vulnerability has been identified in SCALANCE X-200 switch
family (i ...)
NOT-FOR-US: Siemens
CVE-2020-28390 (A vulnerability has been identified in Opcenter Execution Core
(V8.2), ...)
@@ -24158,7 +24158,7 @@ CVE-2020-28390 (A vulnerability has been identified in
Opcenter Execution Core (
CVE-2020-28389
RESERVED
CVE-2020-28388 (A vulnerability has been identified in Nucleus NET (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-28387
RESERVED
CVE-2020-28386 (A vulnerability has been identified in Solid Edge SE2020 (All
Versions ...)
@@ -27055,11 +27055,11 @@ CVE-2020-27859 (This vulnerability allows remote
attackers to disclose sensitive
CVE-2020-27858 (This vulnerability allows remote attackers to disclose
sensitive infor ...)
NOT-FOR-US: CA Arcserve
CVE-2020-27857 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2020-27856 (This vulnerability allows remote attackers to disclose
sensitive infor ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2020-27855 (This vulnerability allows remote attackers to disclose
sensitive infor ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2020-27854
RESERVED
CVE-2020-27853 (Wire before 2020-10-16 allows remote attackers to cause a
denial of se ...)
@@ -28996,15 +28996,15 @@ CVE-2020-27263 (KEPServerEX: v6.0 to v6.9, ThingWorx
Kepware Server: v6.8 and v6
CVE-2020-27262 (Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to
Version 1.7. ...)
NOT-FOR-US: Innokas Yhtyma Oy
CVE-2020-27261 (The Omron CX-One Version 4.60 and prior is vulnerable to a
stack-based ...)
- TODO: check
+ NOT-FOR-US: Omron CX-One
CVE-2020-27260 (Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to
Version 1.7. ...)
NOT-FOR-US: Innokas Yhtyma Oy
CVE-2020-27259 (The Omron CX-One Version 4.60 and prior may allow an attacker
to suppl ...)
- TODO: check
+ NOT-FOR-US: Omron CX-One
CVE-2020-27258 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and
AnyDana-A, ...)
NOT-FOR-US: SOOIL Developments Co., Ltd.
CVE-2020-27257 (This vulnerability allows local attackers to execute arbitrary
code du ...)
- TODO: check
+ NOT-FOR-US: Omron CX-One
CVE-2020-27256 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and
AnyDana-A, ...)
NOT-FOR-US: SOOIL Developments Co., Ltd.
CVE-2020-27255 (A heap overflow vulnerability exists within FactoryTalk Linx
Version 6 ...)
@@ -29018,7 +29018,7 @@ CVE-2020-27252 (Medtronic MyCareLink Smart 25000 all
versions are vulnerable to
CVE-2020-27251 (A heap overflow vulnerability exists within FactoryTalk Linx
Version 6 ...)
NOT-FOR-US: FactoryTalk
CVE-2020-27250 (In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021
(Revision 1 ...)
- TODO: check
+ NOT-FOR-US: SoftMaker
CVE-2020-27249 (A specially crafted document can cause the document parser to
copy dat ...)
NOT-FOR-US: SoftMaker
CVE-2020-27248 (A specially crafted document can cause the document parser to
copy dat ...)
@@ -29537,27 +29537,27 @@ CVE-2020-27010 (A cross-site scripting (XSS)
vulnerability in Trend Micro InterS
CVE-2020-27009
RESERVED
CVE-2020-27008 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: JT2Go
CVE-2020-27007 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: JT2Go
CVE-2020-27006 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: JT2Go
CVE-2020-27005 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: JT2Go
CVE-2020-27004 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: JT2Go
CVE-2020-27003 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: JT2Go
CVE-2020-27002 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: JT2Go
CVE-2020-27001 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: JT2Go
CVE-2020-27000 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: JT2Go
CVE-2020-26999 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: JT2Go
CVE-2020-26998 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
- TODO: check
+ NOT-FOR-US: JT2Go
CVE-2020-26997
RESERVED
CVE-2020-26996 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
@@ -31816,9 +31816,9 @@ CVE-2020-26054
CVE-2020-26053
REJECTED
CVE-2020-26052 (Online Marriage Registration System 1.0 is affected by stored
cross-si ...)
- TODO: check
+ NOT-FOR-US: Online Marriage Registration System
CVE-2020-26051 (College Management System Php 1.0 suffers from SQL injection
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: College Management System Php
CVE-2020-26050 (SaferVPN for Windows Ver 5.0.3.3 through 5.0.4.15 could allow
local pr ...)
NOT-FOR-US: SaferVPN for Windows
CVE-2020-26049 (Nifty-PM CPE 2.3 is affected by stored HTML injection. The
impact is r ...)
@@ -33807,7 +33807,7 @@ CVE-2020-25247 (An issue was discovered in Hyland
OnBase through 18.0.0.32 and 1
CVE-2020-25246
RESERVED
CVE-2020-25245 (A vulnerability has been identified in DIGSI 4 (All versions
< V4.9 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-25244
RESERVED
CVE-2020-25243
@@ -33821,9 +33821,9 @@ CVE-2020-25240
CVE-2020-25239
RESERVED
CVE-2020-25238 (A vulnerability has been identified in PCS neo (Administration
Console ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-25237 (A vulnerability has been identified in SINEC NMS (All versions
< V1 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-25236
RESERVED
CVE-2020-25235 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
@@ -33911,7 +33911,7 @@ CVE-2020-25210 (In JetBrains YouTrack before
2020.3.7955, an attacker could acce
CVE-2020-25209 (In JetBrains YouTrack before 2020.3.6638, improper access
control for ...)
NOT-FOR-US: JetBrains
CVE-2020-25208 (In JetBrains YouTrack before 2020.4.4701, an attacker could
enumerate ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2020-25207 (JetBrains ToolBox before version 1.18 is vulnerable to Remote
Code Exe ...)
NOT-FOR-US: JetBrains
CVE-2020-25206
@@ -35060,7 +35060,7 @@ CVE-2020-24687
CVE-2020-24686
RESERVED
CVE-2020-24685 (An unauthenticated specially crafted packet sent by an
attacker over t ...)
- TODO: check
+ NOT-FOR-US: ABB
CVE-2020-24684
RESERVED
CVE-2020-24683 (The affected versions of S+ Operations (version 2.1 SP1 and
earlier) u ...)
@@ -35875,7 +35875,7 @@ CVE-2020-24337 (An issue was discovered in picoTCP and
picoTCP-NG through 1.7.0.
CVE-2020-24336 (An issue was discovered in Contiki through 3.0 and Contiki-NG
through ...)
NOT-FOR-US: Contiki
CVE-2020-24335 (An issue was discovered in uIP through 1.0, as used in Contiki
and Con ...)
- TODO: check
+ NOT-FOR-US: Contiki
CVE-2020-24334 (The code that processes DNS responses in uIP through 1.0, as
used in C ...)
NOT-FOR-US: uIP
CVE-2020-24333 (A vulnerability in Arista’s CloudVision Portal (CVP)
prior to 20 ...)
@@ -37682,11 +37682,11 @@ CVE-2020-23451 (Spiceworks Version <= 7.5.00107 is
affected by CSRF which can
CVE-2020-23450 (Spiceworks Version <= 7.5.00107 is affected by XSS. Any
name typed ...)
NOT-FOR-US: Spiceworks
CVE-2020-23449 (newbee-mall all versions are affected by incorrect access
control to r ...)
- TODO: check
+ NOT-FOR-US: newbee-mall
CVE-2020-23448 (newbee-mall all versions are affected by incorrect access
control to r ...)
- TODO: check
+ NOT-FOR-US: newbee-mall
CVE-2020-23447 (newbee-mall 1.0 is affected by cross-site scripting in
shop-cart/settl ...)
- TODO: check
+ NOT-FOR-US: newbee-mall
CVE-2020-23446 (Verint Workforce Optimization suite 15.1 (15.1.0.37634) has
Unauthenti ...)
NOT-FOR-US: Verint Workforce Optimization suite
CVE-2020-23445
@@ -38898,11 +38898,11 @@ CVE-2020-22843
CVE-2020-22842 (CMS Made Simple before 2.2.15 allows XSS via the m1_mod
parameter in a ...)
NOT-FOR-US: CMS Made Simple
CVE-2020-22841 (Stored XSS in b2evolution CMS version 6.11.6 and prior allows
an attac ...)
- TODO: check
+ NOT-FOR-US: b2evolution CMS
CVE-2020-22840 (Open redirect vulnerability in b2evolution CMS version prior
to 6.11.6 ...)
- TODO: check
+ NOT-FOR-US: b2evolution CMS
CVE-2020-22839 (Reflected cross-site scripting vulnerability (XSS) in the
evoadm.php f ...)
- TODO: check
+ NOT-FOR-US: b2evolution CMS
CVE-2020-22838
RESERVED
CVE-2020-22837
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c157626ec93b32057827b49301a36eb93bbb76e0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c157626ec93b32057827b49301a36eb93bbb76e0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
