Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d2f0f05c by Salvatore Bonaccorso at 2020-12-03T21:19:09+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1478,11 +1478,11 @@ CVE-2020-28941 (An issue was discovered in
drivers/accessibility/speakup/spk_tty
CVE-2020-28940 (On Western Digital My Cloud OS 5 devices before 5.06.115, the
NAS Admi ...)
NOT-FOR-US: Western Digital My Cloud OS 5 devices
CVE-2020-28939 (OpenClinic version 0.8.2 is affected by a medical/test_new.php
insecur ...)
- TODO: check
+ NOT-FOR-US: OpenClinic
CVE-2020-28938 (OpenClinic version 0.8.2 is affected by a stored XSS
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: OpenClinic
CVE-2020-28937 (OpenClinic version 0.8.2 is affected by a missing
authentication vulne ...)
- TODO: check
+ NOT-FOR-US: OpenClinic
CVE-2020-28936
RESERVED
CVE-2020-28935
@@ -1532,7 +1532,7 @@ CVE-2020-28924 (An issue was discovered in Rclone before
1.53.3. Due to the use
NOTE: Fixed by:
https://github.com/rclone/rclone/commit/4c215cc81ec6143ae3c64633700cb341ca28df2d
(v1.53.3)
NOTE: Fixed by:
https://github.com/rclone/rclone/commit/c8b11d27e1fe261fdfba6b8910fda69356c9c777
(v1.53.3)
CVE-2020-28923 (An issue was discovered in Play Framework 2.8.0 through 2.8.4.
Careful ...)
- TODO: check
+ NOT-FOR-US: Play Framework
CVE-2020-28922 (An issue was discovered in Devid Espenschied PC Analyser
through 4.10. ...)
NOT-FOR-US: Devid Espenschied PC Analyser
CVE-2020-28921 (An issue was discovered in Devid Espenschied PC Analyser
through 4.10. ...)
@@ -5608,7 +5608,7 @@ CVE-2020-28253
CVE-2020-28252
RESERVED
CVE-2020-28251 (NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier
has a sen ...)
- TODO: check
+ NOT-FOR-US: NETSCOUT AirMagnet Enterprise
CVE-2020-28250 (Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a
remote user ...)
NOT-FOR-US: Cellinx NVT Web Server
CVE-2020-28249 (Joplin 1.2.6 for Desktop allows XSS via a LINK element in a
note. ...)
@@ -5771,7 +5771,7 @@ CVE-2020-28177
CVE-2020-28176
RESERVED
CVE-2020-28175 (There is a local privilege escalation vulnerability in Alfredo
Milani ...)
- TODO: check
+ NOT-FOR-US: Alfredo Milani Comparetti SpeedFan
CVE-2020-28174
RESERVED
CVE-2020-28173
@@ -10758,7 +10758,7 @@ CVE-2020-26248
CVE-2020-26247
RESERVED
CVE-2020-26246 (Pimcore is an open source digital experience platform. In
Pimcore befo ...)
- TODO: check
+ NOT-FOR-US: Pimcore
CVE-2020-26245 (npm package systeminformation before version 4.30.5 is
vulnerable to P ...)
NOT-FOR-US: Node systeminformation
CVE-2020-26244 (Python oic is a Python OpenID Connect implementation. In
Python oic be ...)
@@ -16449,19 +16449,19 @@ CVE-2020-23743
CVE-2020-23742
RESERVED
CVE-2020-23741 (In AnyView (network police) network monitoring software
4.6.0.1, there ...)
- TODO: check
+ NOT-FOR-US: AnyView (network police) network monitoring software
CVE-2020-23740 (In DriverGenius 9.61.5480.28 there is a local privilege
escalation vul ...)
- TODO: check
+ NOT-FOR-US: DriverGenius
CVE-2020-23739
RESERVED
CVE-2020-23738 (There is a local denial of service vulnerability in Advanced
SystemCar ...)
- TODO: check
+ NOT-FOR-US: Advanced SystemCare
CVE-2020-23737
RESERVED
CVE-2020-23736 (There is a local denial of service vulnerability in DaDa
accelerator 5 ...)
- TODO: check
+ NOT-FOR-US: DaDa accelerator
CVE-2020-23735 (In Saibo Cyber Game Accelerator 3.7.9 there is a local
privilege escal ...)
- TODO: check
+ NOT-FOR-US: Saibo Cyber Game Accelerator
CVE-2020-23734
RESERVED
CVE-2020-23733
@@ -16477,9 +16477,9 @@ CVE-2020-23729
CVE-2020-23728
RESERVED
CVE-2020-23727 (There is a local denial of service vulnerability in the Antiy
Zhijia T ...)
- TODO: check
+ NOT-FOR-US: Antiy Zhijia Terminal Defense System
CVE-2020-23726 (There is a local denial of service vulnerability in Wise Care
365 5.5. ...)
- TODO: check
+ NOT-FOR-US: Wise Care 365
CVE-2020-23725
RESERVED
CVE-2020-23724
@@ -39052,7 +39052,7 @@ CVE-2020-13543 (A code execution vulnerability exists
in the WebSocket functiona
- wpewebkit 2.30.3-1
NOTE: https://webkitgtk.org/security/WSA-2020-0009.html
CVE-2020-13542 (A local privilege elevation vulnerability exists in the file
system pe ...)
- TODO: check
+ NOT-FOR-US: LogicalDoc
CVE-2020-13541
RESERVED
CVE-2020-13540
@@ -39074,7 +39074,7 @@ CVE-2020-13533
CVE-2020-13532
RESERVED
CVE-2020-13531 (A use-after-free vulnerability exists in a way Pixar OpenUSD
20.08 pro ...)
- TODO: check
+ NOT-FOR-US: Pixar OpenUSD
CVE-2020-13530
RESERVED
CVE-2020-13529
@@ -39088,7 +39088,7 @@ CVE-2020-13526
CVE-2020-13525 (The sort parameter in the download page
/sysworkflow/en/neoclassic/rep ...)
TODO: check
CVE-2020-13524 (An out-of-bounds memory corruption vulnerability exists in the
way Pix ...)
- TODO: check
+ NOT-FOR-US: Pixar OpenUSD
CVE-2020-13523 (An exploitable information disclosure vulnerability exists in
SoftPerf ...)
NOT-FOR-US: SoftPerfect
CVE-2020-13522 (An exploitable arbitrary file delete vulnerability exists in
SoftPerfe ...)
@@ -59485,7 +59485,7 @@ CVE-2020-6113 (An exploitable vulnerability exists in
the object stream parsing
CVE-2020-6112 (An exploitable code execution vulnerability exists in the
JPEG2000 Str ...)
NOT-FOR-US: Nitro Pro
CVE-2020-6111 (An exploitable denial-of-service vulnerability exists in the
IPv4 func ...)
- TODO: check
+ NOT-FOR-US: Allen-Bradley MicroLogix 1100 Programmable Logic Controller
Systems
CVE-2020-6110 (An exploitable partial path traversal vulnerability exists in
the way ...)
NOT-FOR-US: Zoom
CVE-2020-6109 (An exploitable path traversal vulnerability exists in the Zoom
client, ...)
@@ -59731,7 +59731,7 @@ CVE-2020-6023 (Check Point ZoneAlarm before version
15.8.139.18543 allows a loca
CVE-2020-6022 (Check Point ZoneAlarm before version 15.8.139.18543 allows a
local act ...)
NOT-FOR-US: Check Point ZoneAlarm
CVE-2020-6021 (Check Point Endpoint Security Client for Windows before version
E84.20 ...)
- TODO: check
+ NOT-FOR-US: Check Point Endpoint Security Client for Windows
CVE-2020-6020 (Check Point Security Management's Internal CA web management
before Ju ...)
NOT-FOR-US: Check Point
CVE-2020-6019 (Valve's Game Networking Sockets prior to version v1.2.0
improperly han ...)
@@ -60449,15 +60449,15 @@ CVE-2020-5682
CVE-2020-5681
RESERVED
CVE-2020-5680 (Improper input validation vulnerability in EC-CUBE versions
from 3.0.5 ...)
- TODO: check
+ NOT-FOR-US: EC-CUBE
CVE-2020-5679 (Improper restriction of rendered UI layers or frames in EC-CUBE
versio ...)
- TODO: check
+ NOT-FOR-US: EC-CUBE
CVE-2020-5678 (Stored cross-site scripting vulnerability in GROWI v3.8.1 and
earlier ...)
- TODO: check
+ NOT-FOR-US: GROWI
CVE-2020-5677 (Reflected cross-site scripting vulnerability in GROWI v4.0.0
and earli ...)
- TODO: check
+ NOT-FOR-US: GROWI
CVE-2020-5676 (GROWI v4.1.3 and earlier allow remote attackers to obtain
information ...)
- TODO: check
+ NOT-FOR-US: GROWI
CVE-2020-5675
RESERVED
CVE-2020-5674 (Untrusted search path vulnerability in the installers of
multiple SEIK ...)
@@ -60533,7 +60533,7 @@ CVE-2020-5640 (Local file inclusion vulnerability in
OneThird CMS v1.96c and ear
CVE-2020-5639
RESERVED
CVE-2020-5638 (Cross-site scripting vulnerability in desknet's NEO (desknet's
NEO Sma ...)
- TODO: check
+ NOT-FOR-US: desknet's NEO
CVE-2020-5637
RESERVED
CVE-2020-5636
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2f0f05c6a4bd8482f1d01c1a219fa4e462960d2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2f0f05c6a4bd8482f1d01c1a219fa4e462960d2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
