Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 8e393d30 by Salvatore Bonaccorso at 2020-10-06T22:28:14+02:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -17,9 +17,9 @@ CVE-2020-26600 (An issue was discovered on Samsung mobile devices with Q(10.0) s CVE-2020-26599 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...) NOT-FOR-US: Samsung mobile devices CVE-2020-26598 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...) - TODO: check + NOT-FOR-US: LG mobile devices CVE-2020-26597 (An issue was discovered on LG mobile devices with Android OS 9.0 and 1 ...) - TODO: check + NOT-FOR-US: LG mobile devices CVE-2020-26596 RESERVED CVE-2020-26595 @@ -49,7 +49,7 @@ CVE-2020-26584 CVE-2020-26583 RESERVED CVE-2020-26582 (D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users ...) - TODO: check + NOT-FOR-US: D-Link CVE-2020-26581 RESERVED CVE-2020-26580 @@ -65,7 +65,7 @@ CVE-2020-26576 CVE-2020-26575 (In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) di ...) TODO: check CVE-2020-26574 (** UNSUPPORTED WHEN ASSIGNED ** Leostream Connection Broker 8.2.x is a ...) - TODO: check + NOT-FOR-US: Leostream CVE-2020-26573 RESERVED CVE-2019-20932 @@ -1336,9 +1336,9 @@ CVE-2020-25989 CVE-2020-25988 RESERVED CVE-2020-25987 (MonoCMS Blog version as of 29-09-2020 stores hard-coded admin hashes i ...) - TODO: check + NOT-FOR-US: MonoCMS Blog CVE-2020-25986 (Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog versio ...) - TODO: check + NOT-FOR-US: MonoCMS Blog CVE-2020-25985 RESERVED CVE-2020-25984 @@ -1740,9 +1740,9 @@ CVE-2020-25805 CVE-2020-25804 RESERVED CVE-2020-25803 (Improper Control of Dynamically-Managed Code Resources vulnerability i ...) - TODO: check + NOT-FOR-US: Crafter Studio of Crafter CMS CVE-2020-25802 (Improper Control of Dynamically-Managed Code Resources vulnerability i ...) - TODO: check + NOT-FOR-US: Crafter Studio of Crafter CMS CVE-2020-25801 RESERVED CVE-2020-25800 @@ -5268,17 +5268,17 @@ CVE-2020-24221 CVE-2020-24220 (ShopXO v1.8.1 has a command execution vulnerability. Attackers can use ...) NOT-FOR-US: ShopXO CVE-2020-24219 (An issue was discovered on URayTech IPTV/H.264/H.265 video encoders th ...) - TODO: check + NOT-FOR-US: URayTech IPTV/H.264/H.265 video encoders CVE-2020-24218 (An issue was discovered on URayTech IPTV/H.264/H.265 video encoders th ...) - TODO: check + NOT-FOR-US: URayTech IPTV/H.264/H.265 video encoders CVE-2020-24217 (An issue was discovered in the box application on HiSilicon based IPTV ...) - TODO: check + NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders CVE-2020-24216 (An issue was discovered in the box application on HiSilicon based IPTV ...) - TODO: check + NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders CVE-2020-24215 (An issue was discovered in the box application on HiSilicon based IPTV ...) - TODO: check + NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders CVE-2020-24214 (An issue was discovered in the box application on HiSilicon based IPTV ...) - TODO: check + NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders CVE-2020-24213 (An integer overflow was discovered in YGOPro ygocore v13.51. Attackers ...) NOT-FOR-US: ygocore CVE-2020-24212 @@ -6042,7 +6042,7 @@ CVE-2020-23834 (Insecure Service File Permissions in the bd service in Real Time CVE-2020-23833 (Projectworlds House Rental v1.0 suffers from an unauthenticated SQL In ...) NOT-FOR-US: Projectworlds House Rental CVE-2020-23832 (A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin ...) - TODO: check + NOT-FOR-US: Projectworlds Car Rental Management System CVE-2020-23831 (A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php ...) NOT-FOR-US: SourceCodester Stock Management System CVE-2020-23830 (A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.ph ...) @@ -21312,7 +21312,7 @@ CVE-2020-16269 (radare2 4.5.0 misparses DWARF information in executable files, c CVE-2020-16268 RESERVED CVE-2020-16267 (Zoho ManageEngine Applications Manager version 14740 and prior allows ...) - TODO: check + NOT-FOR-US: Zoho ManageEngine Applications Manager CVE-2020-16266 (An XSS issue was discovered in MantisBT before 2.24.2. Improper escapi ...) - mantis <removed> CVE-2015-9549 (A reflected Cross-site Scripting (XSS) vulnerability exists in OcPorta ...) @@ -22072,7 +22072,7 @@ CVE-2020-15929 CVE-2020-15928 RESERVED CVE-2020-15927 (Zoho ManageEngine Applications Manager version 14740 and prior allows ...) - TODO: check + NOT-FOR-US: Zoho ManageEngine Applications Manager CVE-2020-15926 (Rocket.Chat through 3.4.2 allows XSS where an attacker can send a spec ...) NOT-FOR-US: Rocket.Chat CVE-2020-15925 (A SQL injection vulnerability at a tpf URI in Loway QueueMetrics befor ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e393d301104f98feac0e5640268e1bba6ce509c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e393d301104f98feac0e5640268e1bba6ce509c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits