Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
27295460 by Salvatore Bonaccorso at 2020-11-18T21:40:46+01:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4626,7 +4626,7 @@ CVE-2020-25692 [vulnerability with slapd normalization
handling with modrdn]
CVE-2020-28006
RESERVED
CVE-2020-28005 (httpd on TP-Link TL-WPA4220 devices (hardware versions 2
through 4) al ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2020-28004
RESERVED
CVE-2020-28003
@@ -7083,7 +7083,7 @@ CVE-2020-27128 (A vulnerability in the application data
endpoints of Cisco SD-WA
CVE-2020-27127
RESERVED
CVE-2020-27126 (A vulnerability in an API of Cisco Webex Meetings could allow
an unaut ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27125 (A vulnerability in Cisco Security Manager could allow an
unauthenticat ...)
NOT-FOR-US: Cisco
CVE-2020-27124
@@ -7668,7 +7668,7 @@ CVE-2020-26886
CVE-2020-26885
RESERVED
CVE-2020-26884 (RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL
injection vulner ...)
- TODO: check
+ NOT-FOR-US: RSA Archer
CVE-2020-26883 (In Play Framework 2.6.0 through 2.8.2, stack consumption can
occur bec ...)
NOT-FOR-US: Play Framework
CVE-2020-26882 (In Play Framework 2.6.0 through 2.8.2, data amplification can
occur wh ...)
@@ -8388,7 +8388,7 @@ CVE-2020-26556
CVE-2020-26555
RESERVED
CVE-2020-26554 (REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an
incoming HTML ...)
- TODO: check
+ NOT-FOR-US: REDDOXX MailDepot
CVE-2020-26553 (An issue was discovered in Aviatrix Controller before
R6.0.2483. Sever ...)
NOT-FOR-US: Aviatrix
CVE-2020-26552 (An issue was discovered in Aviatrix Controller before
R6.0.2483. Multi ...)
@@ -9415,25 +9415,25 @@ CVE-2020-26083 (A vulnerability in the web-based
management interface of Cisco I
CVE-2020-26082
RESERVED
CVE-2020-26081 (Multiple vulnerabilities in the web UI of Cisco IoT Field
Network Dire ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26080 (A vulnerability in the user management functionality of Cisco
IoT Fiel ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26079 (A vulnerability in the web UI of Cisco IoT Field Network
Director (FND ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26078 (A vulnerability in the file system of Cisco IoT Field Network
Director ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26077 (A vulnerability in the access control functionality of Cisco
IoT Field ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26076 (A vulnerability in Cisco IoT Field Network Director (FND)
could allow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26075 (A vulnerability in the REST API of Cisco IoT Field Network
Director (F ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26074
RESERVED
CVE-2020-26073
RESERVED
CVE-2020-26072 (A vulnerability in the SOAP API of Cisco IoT Field Network
Director (F ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26071
RESERVED
CVE-2020-26070 (A vulnerability in the ingress packet processing function of
Cisco IOS ...)
@@ -9441,7 +9441,7 @@ CVE-2020-26070 (A vulnerability in the ingress packet
processing function of Cis
CVE-2020-26069
RESERVED
CVE-2020-26068 (A vulnerability in the xAPI service of Cisco Telepresence CE
Software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26067
RESERVED
CVE-2020-26066
@@ -11038,7 +11038,7 @@ CVE-2020-25408
CVE-2020-25407
RESERVED
CVE-2020-25406 (app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows
users to ...)
- TODO: check
+ NOT-FOR-US: lemocms
CVE-2020-25405
RESERVED
CVE-2020-25404
@@ -12550,7 +12550,7 @@ CVE-2020-24725
CVE-2020-24724
RESERVED
CVE-2020-24723 (Cross Site Scripting (XSS) vulnerability in the Registration
page of t ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2020-24722 (** DISPUTED ** An issue was discovered in the GAEN (aka
Google/Apple E ...)
NOT-FOR-US: GAEN (Google Apple Encounter Notification) protocol
CVE-2020-24721 (An issue was discovered in the GAEN (aka Google/Apple Exposure
Notific ...)
@@ -13512,7 +13512,7 @@ CVE-2020-24299
CVE-2020-24298
RESERVED
CVE-2020-24297 (httpd on TP-Link TL-WPA4220 devices (versions 2 through 4)
allows remo ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2020-24296
RESERVED
CVE-2020-24295
@@ -53837,11 +53837,11 @@ CVE-2020-7566
CVE-2020-7565
RESERVED
CVE-2020-7564 (A CWE-120: Buffer Copy without Checking Size of Input ('Classic
Buffer ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2020-7563 (A CWE-787: Out-of-bounds Write vulnerability exists in the Web
Server ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2020-7562 (A CWE-125: Out-of-Bounds Read vulnerability exists in the Web
Server o ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2020-7561
RESERVED
CVE-2020-7560
@@ -64635,7 +64635,7 @@ CVE-2020-3588 (A vulnerability in virtualization
channel messaging in Cisco Webe
CVE-2020-3587 (A vulnerability in the web-based management interface of the
Cisco SD- ...)
NOT-FOR-US: Cisco
CVE-2020-3586 (A vulnerability in the web-based management interface of Cisco
DNA Spa ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3585 (A vulnerability in the TLS handler of Cisco Adaptive Security
Applianc ...)
NOT-FOR-US: Cisco
CVE-2020-3584
@@ -64745,7 +64745,7 @@ CVE-2020-3533 (A vulnerability in the Simple Network
Management Protocol (SNMP)
CVE-2020-3532
RESERVED
CVE-2020-3531 (A vulnerability in the REST API of Cisco IoT Field Network
Director (F ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3530 (A vulnerability in task group assignment for a specific CLI
command in ...)
NOT-FOR-US: Cisco
CVE-2020-3529 (A vulnerability in the SSL VPN negotiation process for Cisco
Adaptive ...)
@@ -64843,7 +64843,7 @@ CVE-2020-3484 (A vulnerability in the web-based
management interface of Cisco Vi
CVE-2020-3483 (Duo has identified and fixed an issue with the Duo Network
Gateway (DN ...)
NOT-FOR-US: Duo
CVE-2020-3482 (A vulnerability in the Traversal Using Relays around NAT (TURN)
server ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3481 (A vulnerability in the EGG archive parsing module in Clam
AntiVirus (C ...)
{DLA-2314-1}
- clamav 0.102.4+dfsg-1
@@ -64868,9 +64868,9 @@ CVE-2020-3473 (A vulnerability in task group assignment
for a specific CLI comma
CVE-2020-3472 (A vulnerability in the contacts feature of Cisco Webex Meetings
could ...)
NOT-FOR-US: Cisco
CVE-2020-3471 (A vulnerability in Cisco Webex Meetings and Cisco Webex
Meetings Serve ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3470 (Multiple vulnerabilities in the API subsystem of Cisco
Integrated Mana ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3469
RESERVED
CVE-2020-3468 (A vulnerability in the web-based management interface of Cisco
SD-WAN ...)
@@ -64928,7 +64928,7 @@ CVE-2020-3443 (A vulnerability in Cisco Smart Software
Manager On-Prem (SSM On-P
CVE-2020-3442 (The DuoConnect client enables users to establish SSH
connections to ho ...)
NOT-FOR-US: DuoConnect
CVE-2020-3441 (A vulnerability in Cisco Webex Meetings and Cisco Webex
Meetings Serve ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3440 (A vulnerability in Cisco Webex Meetings Desktop App for Windows
could ...)
NOT-FOR-US: Cisco
CVE-2020-3439 (A vulnerability in the web-based management interface of Cisco
Data Ce ...)
@@ -64972,7 +64972,7 @@ CVE-2020-3421 (Multiple vulnerabilities in the
Zone-Based Firewall feature of Ci
CVE-2020-3420
RESERVED
CVE-2020-3419 (A vulnerability in Cisco Webex Meetings and Cisco Webex
Meetings Serve ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3418 (A vulnerability in Cisco IOS XE Wireless Controller Software
for Cisco ...)
NOT-FOR-US: Cisco
CVE-2020-3417 (A vulnerability in Cisco IOS XE Software could allow an
authenticated, ...)
@@ -65026,7 +65026,7 @@ CVE-2020-3394 (A vulnerability in the Enable Secret
feature of Cisco Nexus 3000
CVE-2020-3393 (A vulnerability in the application-hosting subsystem of Cisco
IOS XE S ...)
NOT-FOR-US: Cisco
CVE-2020-3392 (A vulnerability in the API of Cisco IoT Field Network Director
(FND) c ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3391 (A vulnerability in Cisco Digital Network Architecture (DNA)
Center cou ...)
NOT-FOR-US: Cisco
CVE-2020-3390 (A vulnerability in Simple Network Management Protocol (SNMP)
trap gene ...)
@@ -65076,7 +65076,7 @@ CVE-2020-3369 (A vulnerability in the deep packet
inspection (DPI) engine of Cis
CVE-2020-3368 (A vulnerability in the antispam protection mechanisms of Cisco
AsyncOS ...)
NOT-FOR-US: Cisco
CVE-2020-3367 (A vulnerability in the log subscription subsystem of Cisco
AsyncOS for ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3366
RESERVED
CVE-2020-3365 (A vulnerability in the directory permissions of Cisco
Enterprise NFV I ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27295460f5a16add86d634c3a8db09e6a9aeb38b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27295460f5a16add86d634c3a8db09e6a9aeb38b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
