Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cb06a587 by Salvatore Bonaccorso at 2020-10-12T22:19:42+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -307,11 +307,11 @@ CVE-2020-26870 (Cure53 DOMPurify before 2.0.17 allows
mutation XSS. This occurs
- dompurify.js <removed>
NOTE:
https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/
CVE-2020-26869 (An information exposure vulnerability exists in PcVue 12,
allowing a n ...)
- TODO: check
+ NOT-FOR-US: PcVue
CVE-2020-26868 (A Denial Of Service vulnerability exists in PcVue from version
8.10 on ...)
- TODO: check
+ NOT-FOR-US: PcVue
CVE-2020-26867 (A Remote Code Execution vulnerability exists in PcVue from
version 8.1 ...)
- TODO: check
+ NOT-FOR-US: PcVue
CVE-2020-26866
RESERVED
CVE-2020-26865
@@ -994,7 +994,7 @@ CVE-2020-26548
CVE-2020-26547
RESERVED
CVE-2020-26546 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in
HelpDeskZ 1 ...)
- TODO: check
+ NOT-FOR-US: HelpDeskZ
CVE-2020-26545
RESERVED
CVE-2020-26544
@@ -2530,7 +2530,7 @@ CVE-2020-25827 (An issue was discovered in the OATHAuth
extension in MediaWiki b
CVE-2020-25826 (PingID Integration for Windows Login before 2.4.2 allows local
users t ...)
NOT-FOR-US: PingID Integration for Windows Login
CVE-2020-25825 (In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can
reveal sensit ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2020-25824
RESERVED
CVE-2020-25823
@@ -41878,11 +41878,11 @@ CVE-2020-9242 (FusionCompute 8.0.0 have a command
injection vulnerability. The s
CVE-2020-9241 (Huawei 5G Mobile WiFi E6878-370 with versions of
10.0.3.1(H563SP1C00), ...)
NOT-FOR-US: Huawei
CVE-2020-9240 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have
a buff ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9239 (Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions
earlier t ...)
NOT-FOR-US: Huawei
CVE-2020-9238 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have
a buff ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9237 (Huawei smartphone Taurus-AL00B with versions earlier than
10.1.0.126(C ...)
NOT-FOR-US: Huawei
CVE-2020-9236
@@ -41898,7 +41898,7 @@ CVE-2020-9232
CVE-2020-9231
RESERVED
CVE-2020-9230 (WS5800-10 version 10.0.3.25 has a denial of service
vulnerability. Due ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9229 (FusionCompute 8.0.0 has an information disclosure
vulnerability. Due t ...)
NOT-FOR-US: Huawei
CVE-2020-9228 (FusionCompute 8.0.0 has an information disclosure
vulnerability. Due t ...)
@@ -42112,9 +42112,9 @@ CVE-2020-9125
CVE-2020-9124
RESERVED
CVE-2020-9123 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8)
and versi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9122 (Some Huawei products have an insufficient input verification
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9121
RESERVED
CVE-2020-9120
@@ -42138,15 +42138,15 @@ CVE-2020-9112
CVE-2020-9111
RESERVED
CVE-2020-9110 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have
an inf ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9109 (There is an information disclosure vulnerability in several
smartphone ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9108 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8)
have an o ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9107 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8)
have an o ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9106 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8)
have a pa ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9105 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have
an ins ...)
NOT-FOR-US: Huawei
CVE-2020-9104 (HUAWEI P30 smartphones with Versions earlier than
10.1.0.123(C431E22R2 ...)
@@ -42176,7 +42176,7 @@ CVE-2020-9093
CVE-2020-9092
RESERVED
CVE-2020-9091 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have
an out ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9090 (FusionAccess version 6.5.1 has an improper authorization
vulnerability ...)
TODO: check
CVE-2020-9089
@@ -42184,7 +42184,7 @@ CVE-2020-9089
CVE-2020-9088
RESERVED
CVE-2020-9087 (Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds
read vul ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9086
RESERVED
CVE-2020-9085
@@ -45442,7 +45442,7 @@ CVE-2020-7813 (Ezhttptrans.ocx ActiveX Control in Kaoni
ezHTTPTrans 1.0.0.70 and
CVE-2020-7812 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70
and prio ...)
NOT-FOR-US: Kaoni ezHTTPTrans
CVE-2020-7811 (Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that
allows priv ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2020-7810 (hslogin2.dll ActiveX Control in Groupware contains a
vulnerability tha ...)
NOT-FOR-US: hslogin2.dll ActiveX Control in Groupware
CVE-2020-7809 (ALSong 3.46 and earlier version contain a Document Object Model
(DOM) ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb06a5876ad0c7a468f8b4ab2bb7c6d34fe2728f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb06a5876ad0c7a468f8b4ab2bb7c6d34fe2728f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
