Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2a5a9894 by Salvatore Bonaccorso at 2020-12-01T21:29:14+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -307,7 +307,7 @@ CVE-2020-29317 CVE-2020-29316 RESERVED CVE-2020-29315 (ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows r ...) - TODO: check + NOT-FOR-US: ThinkAdmin CVE-2020-29314 RESERVED CVE-2020-29313 @@ -969,7 +969,7 @@ CVE-2020-28995 CVE-2020-28994 (A SQL injection vulnerability was discovered in Karenderia Multiple Re ...) NOT-FOR-US: Karenderia Multiple Restaurant System CVE-2020-28993 (A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadba ...) - TODO: check + NOT-FOR-US: ATX miniCMTS200a Broadband Gateway CVE-2020-28992 RESERVED CVE-2020-28991 (Gitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a git proto ...) @@ -1024,9 +1024,9 @@ CVE-2020-XXXX [RUSTSEC-2020-0070: lock_api: Some lock_api lock guard objects can NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0070.html NOTE: https://github.com/Amanieu/parking_lot/pull/262 CVE-2020-28971 (An issue was discovered on Western Digital My Cloud OS 5 devices befor ...) - TODO: check + NOT-FOR-US: Western Digital My Cloud OS 5 devices CVE-2020-28970 (An issue was discovered on Western Digital My Cloud OS 5 devices befor ...) - TODO: check + NOT-FOR-US: Western Digital My Cloud OS 5 devices CVE-2020-28969 RESERVED CVE-2020-28968 @@ -1098,7 +1098,7 @@ CVE-2020-28941 (An issue was discovered in drivers/accessibility/speakup/spk_tty [stretch] - linux <not-affected> (Vulnerable code not present) NOTE: https://www.openwall.com/lists/oss-security/2020/11/19/3 CVE-2020-28940 (On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admi ...) - TODO: check + NOT-FOR-US: Western Digital My Cloud OS 5 devices CVE-2020-28939 RESERVED CVE-2020-28938 @@ -9259,7 +9259,7 @@ CVE-2020-26764 CVE-2020-26763 RESERVED CVE-2020-26762 (A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3. ...) - TODO: check + NOT-FOR-US: Edimax IP-Camera CVE-2020-26761 RESERVED CVE-2020-26760 @@ -12983,7 +12983,7 @@ CVE-2020-25183 CVE-2020-25182 RESERVED CVE-2020-25181 (WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer over ...) - TODO: check + NOT-FOR-US: WECON PLC Editor CVE-2020-25180 RESERVED CVE-2020-25179 @@ -12991,7 +12991,7 @@ CVE-2020-25179 CVE-2020-25178 RESERVED CVE-2020-25177 (WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer ove ...) - TODO: check + NOT-FOR-US: WECON PLC Editor CVE-2020-25176 RESERVED CVE-2020-25175 @@ -52857,7 +52857,7 @@ CVE-2020-8541 (OX App Suite through 7.10.3 allows XXE attacks. ...) CVE-2020-8540 (An XML external entity (XXE) vulnerability in Zoho ManageEngine Deskto ...) NOT-FOR-US: Zoho ManageEngine Desktop Central CVE-2020-8539 (Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.00 ...) - TODO: check + NOT-FOR-US: Kia Motors Head Unit with Software CVE-2020-8538 RESERVED CVE-2020-8537 @@ -55819,7 +55819,7 @@ CVE-2020-7337 CVE-2020-7336 RESERVED CVE-2020-7335 (Privilege Escalation vulnerability in Microsoft Windows client McAfee ...) - TODO: check + NOT-FOR-US: McAfee CVE-2020-7334 (Improper privilege assignment vulnerability in the installer McAfee Ap ...) NOT-FOR-US: McAfee CVE-2020-7333 (Cross site scripting vulnerability in the firewall ePO extension of Mc ...) @@ -56927,7 +56927,7 @@ CVE-2020-6882 CVE-2020-6881 RESERVED CVE-2020-6880 (A ZXELINK wireless controller has a SQL injection vulnerability. A rem ...) - TODO: check + NOT-FOR-US: ZXELINK CVE-2020-6879 (Some ZTE devices have input verification vulnerabilities. The devices ...) NOT-FOR-US: ZTE CVE-2020-6878 @@ -63856,7 +63856,7 @@ CVE-2020-4130 CVE-2020-4129 (HCL Domino is susceptible to a lockout policy bypass vulnerability in ...) NOT-FOR-US: HCL Domino CVE-2020-4128 (HCL Domino is susceptible to a lockout policy bypass vulnerability in ...) - TODO: check + NOT-FOR-US: HCL Domino CVE-2020-4127 (HCL Domino is susceptible to a Login CSRF vulnerability. With a valid ...) NOT-FOR-US: HCL Domino CVE-2020-4126 (HCL iNotes is susceptible to a sensitive cookie exposure vulnerability ...) @@ -81277,7 +81277,7 @@ CVE-2019-16960 CVE-2019-16959 RESERVED CVE-2019-16958 (Cross-site Scripting (XSS) vulnerability in SolarWinds Web Help Desk 1 ...) - TODO: check + NOT-FOR-US: SolarWinds Web Help Desk CVE-2019-16957 RESERVED CVE-2019-16956 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a5a9894d663998ea7e9a25b64e9908a109717d4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a5a9894d663998ea7e9a25b64e9908a109717d4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits