Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
29de7608 by Salvatore Bonaccorso at 2020-11-30T21:23:38+01:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,11 +5,11 @@ CVE-2020-29394 (A buffer overflow in the dlt_filter_load
function in dlt_common.
CVE-2020-29393
RESERVED
CVE-2020-29392 (The Estil Hill Lock Password Manager Safe app 2.3 for iOS has
a *#06#* ...)
- TODO: check
+ NOT-FOR-US: Estil Hill Lock Password Manager Safe app for iOS
CVE-2020-29391
RESERVED
CVE-2020-29390 (Zeroshell 3.9.3 contains a command injection vulnerability in
the /cgi ...)
- TODO: check
+ NOT-FOR-US: Zeroshell
CVE-2020-29389
RESERVED
CVE-2020-29388
@@ -21,7 +21,7 @@ CVE-2020-29386
CVE-2020-29385
RESERVED
CVE-2020-29384 (An issue was discovered in PNGOUT 2020-01-15. When compressing
a craft ...)
- TODO: check
+ NOT-FOR-US: PNGOUT
CVE-2020-29383 (An issue was discovered on V-SOL V1600D4L V1.01.49 and
V1600D-MINI V1. ...)
NOT-FOR-US: V-SOL devices
CVE-2020-29382 (An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57,
V1600G1 ...)
@@ -93,7 +93,7 @@ CVE-2020-29366
CVE-2020-29365
RESERVED
CVE-2020-29364 (In NetArt News Lister 1.0.0, the news headlines are vulnerable
to stor ...)
- TODO: check
+ NOT-FOR-US: NetArt News Lister
CVE-2020-29363
RESERVED
CVE-2020-29362
@@ -7151,9 +7151,9 @@ CVE-2020-27661 [divide by zero in dwc2_handle_packet() in
hw/usb/hcd-dwc2.c]
NOTE:
https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html
NOTE: Fixed by:
https://git.qemu.org/?p=qemu.git;a=commit;h=bea2a9e3e00b275dc40cfa09c760c715b8753e03
(v5.2.0-rc0)
CVE-2020-27660 (SQL injection vulnerability in request.cgi in Synology
SafeAccess befo ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2020-27659 (Multiple cross-site scripting (XSS) vulnerabilities in
Synology SafeAc ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2020-27658 (Synology Router Manager (SRM) before 1.2.4-8081 does not
include the H ...)
NOT-FOR-US: Synology Router Manager (SRM)
CVE-2020-27657 (Cleartext transmission of sensitive information vulnerability
in DDNS ...)
@@ -12061,7 +12061,7 @@ CVE-2020-25539
CVE-2020-25538 (An authenticated attacker can inject malicious code into
"lang" parame ...)
NOT-FOR-US: CMSuno
CVE-2020-25537 (File upload vulnerability exists in UCMS 1.5.0, and the
attacker can t ...)
- TODO: check
+ NOT-FOR-US: UCMS
CVE-2020-25536
RESERVED
CVE-2020-25535
@@ -27630,7 +27630,7 @@ CVE-2020-17903
CVE-2020-17902
RESERVED
CVE-2020-17901 (Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows
attackers t ...)
- TODO: check
+ NOT-FOR-US: PbootCMS
CVE-2020-17900
RESERVED
CVE-2020-17899
@@ -53165,7 +53165,7 @@ CVE-2020-8353 (Prior to August 10, 2020, some Lenovo
Desktop and Workstation sys
CVE-2020-8352 (In some Lenovo Desktop models, the Configuration Change
Detection BIOS ...)
NOT-FOR-US: Lenovo
CVE-2020-8351 (A privilege escalation vulnerability was reported in Lenovo
PCManager ...)
- TODO: check
+ NOT-FOR-US: Lenovo PCManager
CVE-2020-8350 (An authentication bypass vulnerability was reported in Lenovo
ThinkPad ...)
NOT-FOR-US: Lenovo
CVE-2020-8349 (An internal security review has identified an unauthenticated
remote c ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29de76087d29084e49d8be408c7b2ac57ad589ee
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29de76087d29084e49d8be408c7b2ac57ad589ee
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
