Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8e393d30 by Salvatore Bonaccorso at 2020-10-06T22:28:14+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,9 +17,9 @@ CVE-2020-26600 (An issue was discovered on Samsung mobile
devices with Q(10.0) s
CVE-2020-26599 (An issue was discovered on Samsung mobile devices with Q(10.0)
softwar ...)
NOT-FOR-US: Samsung mobile devices
CVE-2020-26598 (An issue was discovered on LG mobile devices with Android OS
8.0, 8.1, ...)
- TODO: check
+ NOT-FOR-US: LG mobile devices
CVE-2020-26597 (An issue was discovered on LG mobile devices with Android OS
9.0 and 1 ...)
- TODO: check
+ NOT-FOR-US: LG mobile devices
CVE-2020-26596
RESERVED
CVE-2020-26595
@@ -49,7 +49,7 @@ CVE-2020-26584
CVE-2020-26583
RESERVED
CVE-2020-26582 (D-Link DAP-1360U before 3.0.1 devices allow remote
authenticated users ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2020-26581
RESERVED
CVE-2020-26580
@@ -65,7 +65,7 @@ CVE-2020-26576
CVE-2020-26575 (In Wireshark through 3.2.7, the Facebook Zero Protocol (aka
FBZERO) di ...)
TODO: check
CVE-2020-26574 (** UNSUPPORTED WHEN ASSIGNED ** Leostream Connection Broker
8.2.x is a ...)
- TODO: check
+ NOT-FOR-US: Leostream
CVE-2020-26573
RESERVED
CVE-2019-20932
@@ -1336,9 +1336,9 @@ CVE-2020-25989
CVE-2020-25988
RESERVED
CVE-2020-25987 (MonoCMS Blog version as of 29-09-2020 stores hard-coded admin
hashes i ...)
- TODO: check
+ NOT-FOR-US: MonoCMS Blog
CVE-2020-25986 (Cross Site Request Forgery (CSRF) vulnerability in MonoCMS
Blog versio ...)
- TODO: check
+ NOT-FOR-US: MonoCMS Blog
CVE-2020-25985
RESERVED
CVE-2020-25984
@@ -1740,9 +1740,9 @@ CVE-2020-25805
CVE-2020-25804
RESERVED
CVE-2020-25803 (Improper Control of Dynamically-Managed Code Resources
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: Crafter Studio of Crafter CMS
CVE-2020-25802 (Improper Control of Dynamically-Managed Code Resources
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: Crafter Studio of Crafter CMS
CVE-2020-25801
RESERVED
CVE-2020-25800
@@ -5268,17 +5268,17 @@ CVE-2020-24221
CVE-2020-24220 (ShopXO v1.8.1 has a command execution vulnerability. Attackers
can use ...)
NOT-FOR-US: ShopXO
CVE-2020-24219 (An issue was discovered on URayTech IPTV/H.264/H.265 video
encoders th ...)
- TODO: check
+ NOT-FOR-US: URayTech IPTV/H.264/H.265 video encoders
CVE-2020-24218 (An issue was discovered on URayTech IPTV/H.264/H.265 video
encoders th ...)
- TODO: check
+ NOT-FOR-US: URayTech IPTV/H.264/H.265 video encoders
CVE-2020-24217 (An issue was discovered in the box application on HiSilicon
based IPTV ...)
- TODO: check
+ NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders
CVE-2020-24216 (An issue was discovered in the box application on HiSilicon
based IPTV ...)
- TODO: check
+ NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders
CVE-2020-24215 (An issue was discovered in the box application on HiSilicon
based IPTV ...)
- TODO: check
+ NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders
CVE-2020-24214 (An issue was discovered in the box application on HiSilicon
based IPTV ...)
- TODO: check
+ NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders
CVE-2020-24213 (An integer overflow was discovered in YGOPro ygocore v13.51.
Attackers ...)
NOT-FOR-US: ygocore
CVE-2020-24212
@@ -6042,7 +6042,7 @@ CVE-2020-23834 (Insecure Service File Permissions in the
bd service in Real Time
CVE-2020-23833 (Projectworlds House Rental v1.0 suffers from an
unauthenticated SQL In ...)
NOT-FOR-US: Projectworlds House Rental
CVE-2020-23832 (A Persistent Cross-Site Scripting (XSS) vulnerability in
message_admin ...)
- TODO: check
+ NOT-FOR-US: Projectworlds Car Rental Management System
CVE-2020-23831 (A Reflected Cross-Site Scripting (XSS) vulnerability in the
index.php ...)
NOT-FOR-US: SourceCodester Stock Management System
CVE-2020-23830 (A Cross-Site Request Forgery (CSRF) vulnerability in
changeUsername.ph ...)
@@ -21312,7 +21312,7 @@ CVE-2020-16269 (radare2 4.5.0 misparses DWARF
information in executable files, c
CVE-2020-16268
RESERVED
CVE-2020-16267 (Zoho ManageEngine Applications Manager version 14740 and prior
allows ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2020-16266 (An XSS issue was discovered in MantisBT before 2.24.2.
Improper escapi ...)
- mantis <removed>
CVE-2015-9549 (A reflected Cross-site Scripting (XSS) vulnerability exists in
OcPorta ...)
@@ -22072,7 +22072,7 @@ CVE-2020-15929
CVE-2020-15928
RESERVED
CVE-2020-15927 (Zoho ManageEngine Applications Manager version 14740 and prior
allows ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2020-15926 (Rocket.Chat through 3.4.2 allows XSS where an attacker can
send a spec ...)
NOT-FOR-US: Rocket.Chat
CVE-2020-15925 (A SQL injection vulnerability at a tpf URI in Loway
QueueMetrics befor ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e393d301104f98feac0e5640268e1bba6ce509c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e393d301104f98feac0e5640268e1bba6ce509c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
