Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3d0da7e0 by Moritz Muehlenhoff at 2020-10-12T16:07:53+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2020-26949
CVE-2020-26948 (Emby Server before 4.5.0 allows SSRF via the
Items/RemoteSearch/Image ...)
NOT-FOR-US: Emby Server
CVE-2020-26947 (monero-wallet-gui in Monero GUI 0.17.0.1 includes the .
directory in a ...)
- TODO: check
+ NOT-FOR-US: monero-wallet-gui
CVE-2020-26946
RESERVED
CVE-2020-26945 (MyBatis before 3.5.6 mishandles deserialization of object
streams. ...)
@@ -111,7 +111,7 @@ CVE-2020-26896
CVE-2020-26895
RESERVED
CVE-2020-26894 (Faulkner Wildlife Issues in the New Millennium 18.0.160 on
Windows all ...)
- TODO: check
+ NOT-FOR-US: New Millennium
CVE-2020-26893
RESERVED
CVE-2020-26892
@@ -31394,7 +31394,7 @@ CVE-2020-12678
CVE-2020-12677 (An issue was discovered in Progress MOVEit Automation Web
Admin. A Web ...)
NOT-FOR-US: Progress MOVEit Automation Web Admin
CVE-2020-12676 (FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to
forge me ...)
- TODO: check
+ NOT-FOR-US: FusionAuth
CVE-2020-12675 (The mappress-google-maps-for-wordpress plugin before 2.54.6
for WordPr ...)
NOT-FOR-US: mappress-google-maps-for-wordpress plugin for WordPress
CVE-2020-12692 (An issue was discovered in OpenStack Keystone before 15.0.1,
and 16.0. ...)
@@ -42112,7 +42112,7 @@ CVE-2020-9050
CVE-2020-9049
RESERVED
CVE-2020-9048 (A vulnerability in victor Web Client versions up to and
including v5.4 ...)
- TODO: check
+ NOT-FOR-US: Johnson Controls
CVE-2020-9047 (A vulnerability exists that could allow the execution of
unauthorized ...)
NOT-FOR-US: exacqVision Web Service
CVE-2020-9046 (A vulnerability in all versions of Kantech EntraPass Editions
could po ...)
@@ -45430,15 +45430,15 @@ CVE-2020-7744
CVE-2020-7743
RESERVED
CVE-2020-7742 (This affects the package simpl-schema before 1.10.2. ...)
- TODO: check
+ NOT-FOR-US: Node simpl-schema
CVE-2020-7741 (This affects the package hellojs before 1.18.6. The code get
the param ...)
- TODO: check
+ NOT-FOR-US: hello.js
CVE-2020-7740 (This affects all versions of package node-pdf-generator. Due to
lack o ...)
- TODO: check
+ NOT-FOR-US: Node pdf-generator
CVE-2020-7739 (This affects all versions of package phantomjs-seo. It is
possible for ...)
- TODO: check
+ NOT-FOR-US: Node phantomjs-seo
CVE-2020-7738 (All versions of package shiba are vulnerable to Arbitrary Code
Executi ...)
- TODO: check
+ NOT-FOR-US: Node shiba
CVE-2020-7737 (All versions of package safetydance are vulnerable to Prototype
Pollut ...)
TODO: check
CVE-2020-7736 (The package bmoor before 0.8.12 are vulnerable to Prototype
Pollution ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d0da7e0e64247878593215592ae69f10023b8f6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d0da7e0e64247878593215592ae69f10023b8f6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
