Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 06d38b00 by Salvatore Bonaccorso at 2020-05-15T22:25:40+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,7 +1,7 @@ CVE-2020-13094 RESERVED CVE-2020-13093 (iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. ...) - TODO: check + NOT-FOR-US: iSpyConnect.com Agent DVR CVE-2020-13092 (scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute ...) TODO: check CVE-2020-13091 (pandas through 1.0.3 can unserialize and execute commands from an untr ...) @@ -409,7 +409,7 @@ CVE-2020-12891 CVE-2020-12890 RESERVED CVE-2020-12889 (MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across us ...) - TODO: check + NOT-FOR-US: MISP CVE-2020-12888 (The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles atte ...) - linux <unfixed> NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1836244 @@ -520,7 +520,7 @@ CVE-2020-12836 CVE-2020-12835 RESERVED CVE-2020-12834 (eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 thr ...) - TODO: check + NOT-FOR-US: eQ-3 Homematic Central Control Unit CVE-2020-12833 RESERVED CVE-2020-12832 (The simple-file-list plugin before 4.2.8 for WordPress mishandles a .. ...) @@ -606,7 +606,7 @@ CVE-2020-12800 CVE-2020-12799 RESERVED CVE-2020-12798 (Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system pol ...) - TODO: check + NOT-FOR-US: Cellebrite UFED CVE-2020-12797 RESERVED CVE-2020-12796 @@ -867,7 +867,7 @@ CVE-2020-12687 (An issue was discovered in Serpico before 1.3.3. The /admin/atta CVE-2020-12686 RESERVED CVE-2020-12685 (XSS in the admin help system admin/help.html and admin/quicklinks.html ...) - TODO: check + NOT-FOR-US: Interchange CVE-2020-12684 RESERVED CVE-2020-12683 (Katyshop2 before 2.12 has multiple stored XSS issues. ...) @@ -10819,7 +10819,7 @@ CVE-2020-9075 CVE-2020-9074 RESERVED CVE-2020-9073 (Huawei P20 smartphones with versions earlier than 10.0.0.156(C00E156R1 ...) - TODO: check + NOT-FOR-US: Huawei CVE-2020-9072 (Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a ...) NOT-FOR-US: Huawei CVE-2020-9071 @@ -13064,7 +13064,7 @@ CVE-2020-8102 CVE-2020-8101 RESERVED CVE-2020-8100 (Improper Input Validation vulnerability in the cevakrnl.rv0 module as ...) - TODO: check + NOT-FOR-US: Bitdefender CVE-2020-8099 (A vulnerability in the improper handling of junctions in Bitdefender A ...) NOT-FOR-US: Bitdefender Antivirus Free CVE-2020-8098 @@ -14545,7 +14545,7 @@ CVE-2020-7472 CVE-2019-20390 (A Cross-Site Request Forgery (CSRF) vulnerability was discovered in Su ...) TODO: check CVE-2019-20389 (An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configurat ...) - TODO: check + NOT-FOR-US: Subrion CMS CVE-2019-20388 (xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaV ...) - libxml2 2.9.10+dfsg-2.1 (bug #949583) [buster] - libxml2 <no-dsa> (Minor issue) @@ -29491,7 +29491,7 @@ CVE-2020-1810 (There is a weak algorithm vulnerability in some Huawei products. CVE-2020-1809 RESERVED CVE-2020-1808 (Huawei smartphones Honor View 20;Honor 20;Honor 20 PRO;Honor Magic2 wi ...) - TODO: check + NOT-FOR-US: Huawei CVE-2020-1807 (HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E7 ...) NOT-FOR-US: Huawei CVE-2020-1806 (Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00 ...) @@ -34237,7 +34237,7 @@ CVE-2019-18668 (An issue was discovered in the Currency Switcher addon before 2. CVE-2019-18667 (/usr/local/www/freeradius_view_config.php in the freeradius3 package b ...) NOT-FOR-US: FreeBSD specific freeradius_view_config.php in the freeradius3 package CVE-2019-18666 (An issue was discovered on D-Link DAP-1360 revision F devices. Remote ...) - TODO: check + NOT-FOR-US: D-Link CVE-2019-18665 (The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion ...) NOT-FOR-US: SECUDOS DOMOS CVE-2019-18664 (The Log module in SECUDOS DOMOS before 5.6 allows XSS. ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06d38b00f8bfe43e853582d286d2dfc65776d913 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06d38b00f8bfe43e853582d286d2dfc65776d913 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits