Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d2f0f05c by Salvatore Bonaccorso at 2020-12-03T21:19:09+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1478,11 +1478,11 @@ CVE-2020-28941 (An issue was discovered in drivers/accessibility/speakup/spk_tty CVE-2020-28940 (On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admi ...) NOT-FOR-US: Western Digital My Cloud OS 5 devices CVE-2020-28939 (OpenClinic version 0.8.2 is affected by a medical/test_new.php insecur ...) - TODO: check + NOT-FOR-US: OpenClinic CVE-2020-28938 (OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in ...) - TODO: check + NOT-FOR-US: OpenClinic CVE-2020-28937 (OpenClinic version 0.8.2 is affected by a missing authentication vulne ...) - TODO: check + NOT-FOR-US: OpenClinic CVE-2020-28936 RESERVED CVE-2020-28935 @@ -1532,7 +1532,7 @@ CVE-2020-28924 (An issue was discovered in Rclone before 1.53.3. Due to the use NOTE: Fixed by: https://github.com/rclone/rclone/commit/4c215cc81ec6143ae3c64633700cb341ca28df2d (v1.53.3) NOTE: Fixed by: https://github.com/rclone/rclone/commit/c8b11d27e1fe261fdfba6b8910fda69356c9c777 (v1.53.3) CVE-2020-28923 (An issue was discovered in Play Framework 2.8.0 through 2.8.4. Careful ...) - TODO: check + NOT-FOR-US: Play Framework CVE-2020-28922 (An issue was discovered in Devid Espenschied PC Analyser through 4.10. ...) NOT-FOR-US: Devid Espenschied PC Analyser CVE-2020-28921 (An issue was discovered in Devid Espenschied PC Analyser through 4.10. ...) @@ -5608,7 +5608,7 @@ CVE-2020-28253 CVE-2020-28252 RESERVED CVE-2020-28251 (NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sen ...) - TODO: check + NOT-FOR-US: NETSCOUT AirMagnet Enterprise CVE-2020-28250 (Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user ...) NOT-FOR-US: Cellinx NVT Web Server CVE-2020-28249 (Joplin 1.2.6 for Desktop allows XSS via a LINK element in a note. ...) @@ -5771,7 +5771,7 @@ CVE-2020-28177 CVE-2020-28176 RESERVED CVE-2020-28175 (There is a local privilege escalation vulnerability in Alfredo Milani ...) - TODO: check + NOT-FOR-US: Alfredo Milani Comparetti SpeedFan CVE-2020-28174 RESERVED CVE-2020-28173 @@ -10758,7 +10758,7 @@ CVE-2020-26248 CVE-2020-26247 RESERVED CVE-2020-26246 (Pimcore is an open source digital experience platform. In Pimcore befo ...) - TODO: check + NOT-FOR-US: Pimcore CVE-2020-26245 (npm package systeminformation before version 4.30.5 is vulnerable to P ...) NOT-FOR-US: Node systeminformation CVE-2020-26244 (Python oic is a Python OpenID Connect implementation. In Python oic be ...) @@ -16449,19 +16449,19 @@ CVE-2020-23743 CVE-2020-23742 RESERVED CVE-2020-23741 (In AnyView (network police) network monitoring software 4.6.0.1, there ...) - TODO: check + NOT-FOR-US: AnyView (network police) network monitoring software CVE-2020-23740 (In DriverGenius 9.61.5480.28 there is a local privilege escalation vul ...) - TODO: check + NOT-FOR-US: DriverGenius CVE-2020-23739 RESERVED CVE-2020-23738 (There is a local denial of service vulnerability in Advanced SystemCar ...) - TODO: check + NOT-FOR-US: Advanced SystemCare CVE-2020-23737 RESERVED CVE-2020-23736 (There is a local denial of service vulnerability in DaDa accelerator 5 ...) - TODO: check + NOT-FOR-US: DaDa accelerator CVE-2020-23735 (In Saibo Cyber Game Accelerator 3.7.9 there is a local privilege escal ...) - TODO: check + NOT-FOR-US: Saibo Cyber Game Accelerator CVE-2020-23734 RESERVED CVE-2020-23733 @@ -16477,9 +16477,9 @@ CVE-2020-23729 CVE-2020-23728 RESERVED CVE-2020-23727 (There is a local denial of service vulnerability in the Antiy Zhijia T ...) - TODO: check + NOT-FOR-US: Antiy Zhijia Terminal Defense System CVE-2020-23726 (There is a local denial of service vulnerability in Wise Care 365 5.5. ...) - TODO: check + NOT-FOR-US: Wise Care 365 CVE-2020-23725 RESERVED CVE-2020-23724 @@ -39052,7 +39052,7 @@ CVE-2020-13543 (A code execution vulnerability exists in the WebSocket functiona - wpewebkit 2.30.3-1 NOTE: https://webkitgtk.org/security/WSA-2020-0009.html CVE-2020-13542 (A local privilege elevation vulnerability exists in the file system pe ...) - TODO: check + NOT-FOR-US: LogicalDoc CVE-2020-13541 RESERVED CVE-2020-13540 @@ -39074,7 +39074,7 @@ CVE-2020-13533 CVE-2020-13532 RESERVED CVE-2020-13531 (A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08 pro ...) - TODO: check + NOT-FOR-US: Pixar OpenUSD CVE-2020-13530 RESERVED CVE-2020-13529 @@ -39088,7 +39088,7 @@ CVE-2020-13526 CVE-2020-13525 (The sort parameter in the download page /sysworkflow/en/neoclassic/rep ...) TODO: check CVE-2020-13524 (An out-of-bounds memory corruption vulnerability exists in the way Pix ...) - TODO: check + NOT-FOR-US: Pixar OpenUSD CVE-2020-13523 (An exploitable information disclosure vulnerability exists in SoftPerf ...) NOT-FOR-US: SoftPerfect CVE-2020-13522 (An exploitable arbitrary file delete vulnerability exists in SoftPerfe ...) @@ -59485,7 +59485,7 @@ CVE-2020-6113 (An exploitable vulnerability exists in the object stream parsing CVE-2020-6112 (An exploitable code execution vulnerability exists in the JPEG2000 Str ...) NOT-FOR-US: Nitro Pro CVE-2020-6111 (An exploitable denial-of-service vulnerability exists in the IPv4 func ...) - TODO: check + NOT-FOR-US: Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems CVE-2020-6110 (An exploitable partial path traversal vulnerability exists in the way ...) NOT-FOR-US: Zoom CVE-2020-6109 (An exploitable path traversal vulnerability exists in the Zoom client, ...) @@ -59731,7 +59731,7 @@ CVE-2020-6023 (Check Point ZoneAlarm before version 15.8.139.18543 allows a loca CVE-2020-6022 (Check Point ZoneAlarm before version 15.8.139.18543 allows a local act ...) NOT-FOR-US: Check Point ZoneAlarm CVE-2020-6021 (Check Point Endpoint Security Client for Windows before version E84.20 ...) - TODO: check + NOT-FOR-US: Check Point Endpoint Security Client for Windows CVE-2020-6020 (Check Point Security Management's Internal CA web management before Ju ...) NOT-FOR-US: Check Point CVE-2020-6019 (Valve's Game Networking Sockets prior to version v1.2.0 improperly han ...) @@ -60449,15 +60449,15 @@ CVE-2020-5682 CVE-2020-5681 RESERVED CVE-2020-5680 (Improper input validation vulnerability in EC-CUBE versions from 3.0.5 ...) - TODO: check + NOT-FOR-US: EC-CUBE CVE-2020-5679 (Improper restriction of rendered UI layers or frames in EC-CUBE versio ...) - TODO: check + NOT-FOR-US: EC-CUBE CVE-2020-5678 (Stored cross-site scripting vulnerability in GROWI v3.8.1 and earlier ...) - TODO: check + NOT-FOR-US: GROWI CVE-2020-5677 (Reflected cross-site scripting vulnerability in GROWI v4.0.0 and earli ...) - TODO: check + NOT-FOR-US: GROWI CVE-2020-5676 (GROWI v4.1.3 and earlier allow remote attackers to obtain information ...) - TODO: check + NOT-FOR-US: GROWI CVE-2020-5675 RESERVED CVE-2020-5674 (Untrusted search path vulnerability in the installers of multiple SEIK ...) @@ -60533,7 +60533,7 @@ CVE-2020-5640 (Local file inclusion vulnerability in OneThird CMS v1.96c and ear CVE-2020-5639 RESERVED CVE-2020-5638 (Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Sma ...) - TODO: check + NOT-FOR-US: desknet's NEO CVE-2020-5637 RESERVED CVE-2020-5636 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2f0f05c6a4bd8482f1d01c1a219fa4e462960d2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2f0f05c6a4bd8482f1d01c1a219fa4e462960d2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits