Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2a9862d0 by Moritz Muehlenhoff at 2020-05-23T23:10:59+02:00 NFUs amarok non issue - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,7 +1,7 @@ CVE-2020-13425 (TrackR devices through 2020-05-06 allow attackers to trigger the Beep ...) - TODO: check + NOT-FOR-US: TrackR CVE-2020-13424 (The XCloner component before 3.5.4 for Joomla! allows Authenticated Lo ...) - TODO: check + NOT-FOR-US: Joomla addon CVE-2020-13423 RESERVED CVE-2020-13422 @@ -79,7 +79,7 @@ CVE-2020-13390 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD0 CVE-2020-13389 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...) NOT-FOR-US: Tenda devices CVE-2020-13388 (An exploitable vulnerability exists in the configuration-loading funct ...) - TODO: check + NOT-FOR-US: jw.util CVE-2020-13387 RESERVED CVE-2020-13386 @@ -351,7 +351,7 @@ CVE-2020-13260 CVE-2020-13259 RESERVED CVE-2020-13258 (Contentful through 2020-05-21 for Python allows reflected XSS, as demo ...) - TODO: check + NOT-FOR-US: Contentful CVE-2020-13257 RESERVED CVE-2020-13256 @@ -387,7 +387,7 @@ CVE-2020-13243 CVE-2020-13242 RESERVED CVE-2020-13241 (Microweber 1.1.18 allows Unrestricted File Upload because admin/view:m ...) - TODO: check + NOT-FOR-US: Microweber CVE-2020-13240 (The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup doc ...) - dolibarr <removed> CVE-2020-13239 (The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html file ...) @@ -538,7 +538,7 @@ CVE-2020-13169 CVE-2020-13168 RESERVED CVE-2020-13167 (Netsweeper through 6.4.3 allows unauthenticated remote code execution ...) - TODO: check + NOT-FOR-US: Netsweeper CVE-2020-13166 (The management tool in MyLittleAdmin 3.8 allows remote attackers to ex ...) NOT-FOR-US: MyLittleAdmin CVE-2020-13165 @@ -552,7 +552,7 @@ CVE-2020-13164 (In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.1 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e6e98eab8e5e0bbc982cfdc808f2469d7cab6c5a NOTE: https://www.wireshark.org/security/wnpa-sec-2020-08.html CVE-2020-13163 (em-imap 0.5 uses the library eventmachine in an insecure way that allo ...) - TODO: check + NOT-FOR-US: em-imap CVE-2020-13162 RESERVED CVE-2020-13161 @@ -574,7 +574,8 @@ CVE-2020-13154 (Zoho ManageEngine Service Plus before 11.1 build 11112 allows lo CVE-2020-13153 (app/View/Events/resolved_attributes.ctp in MISP before 2.4.126 has XSS ...) NOT-FOR-US: MISP CVE-2020-13152 (A remote user can create a specially crafted M3U file, media playlist ...) - TODO: check + - amarok <removed> + NOTE: Elevated resource usage in client application, no security impact CVE-2020-13151 RESERVED CVE-2020-13150 @@ -1755,7 +1756,7 @@ CVE-2020-12649 (Gurbalib through 2020-04-30 allows lib/cmds/player/help.c direct CVE-2020-12648 RESERVED CVE-2020-12647 (Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 6 ...) - TODO: check + NOT-FOR-US: Unisys ALGOL Compiler CVE-2020-12646 RESERVED CVE-2020-12645 @@ -4684,7 +4685,7 @@ CVE-2019-20638 (NETGEAR MR1100 devices before 12.06.08.00 are affected by disclo CVE-2020-11767 (Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue. I ...) NOT-FOR-US: itsio CVE-2020-11766 (sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web I ...) - TODO: check + NOT-FOR-US: iFAX AvantFAX CVE-2020-11765 (An issue was discovered in OpenEXR before 2.4.1. There is an off-by-on ...) [experimental] - openexr 2.5.0-1 - openexr <unfixed> (bug #959444) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a9862d0de40c1af252bf3209133e2e1c589a6f5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a9862d0de40c1af252bf3209133e2e1c589a6f5 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits