[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
carnil at debian.org
Thu Apr 16 20:47:16 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6e92363c by Salvatore Bonaccorso at 2020-04-16T21:46:43+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22598,36 +22598,36 @@ CVE-2020-2798 (Vulnerability in the Oracle WebLogic Server product of Oracle Fus
CVE-2020-2797 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
NOT-FOR-US: Oracle
CVE-2020-2796 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2795 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2794 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2793 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2792
RESERVED
CVE-2020-2791 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2790 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2789 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2788
RESERVED
CVE-2020-2787 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2786 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2785 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2784 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2783 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2782 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2781 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
@@ -22643,11 +22643,11 @@ CVE-2020-2778 (Vulnerability in the Java SE product of Oracle Java SE (component
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
CVE-2020-2777 (Vulnerability in the Hyperion Financial Management product of Oracle H ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2776 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2775 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2774 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
@@ -22657,14 +22657,14 @@ CVE-2020-2773 (Vulnerability in the Java SE, Java SE Embedded product of Oracle
- openjdk-8 8u252-b09-1
- openjdk-7 <removed>
CVE-2020-2772 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2771 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
NOT-FOR-US: Oracle Solaris
CVE-2020-2770 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2769 (Vulnerability in the Hyperion Financial Reporting product of Oracle Hy ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2768 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
- mysql-cluster <itp> (bug #833356)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
@@ -22672,7 +22672,7 @@ CVE-2020-2767 (Vulnerability in the Java SE product of Oracle Java SE (component
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
CVE-2020-2766 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2765 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
@@ -22715,27 +22715,27 @@ CVE-2020-2754 (Vulnerability in the Java SE, Java SE Embedded product of Oracle
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
CVE-2020-2753 (Vulnerability in the Oracle Workflow product of Oracle E-Business Suit ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2752 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2751 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2750 (Vulnerability in the Oracle General Ledger product of Oracle E-Busines ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2749 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2748 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2747 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2746 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2745 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2744 (Vulnerability in the Oracle Transportation Management product of Oracl ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2743 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
@@ -22746,21 +22746,21 @@ CVE-2020-2741 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtu
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2740 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2739 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2738 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2737 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2736
RESERVED
CVE-2020-2735 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2734 (Vulnerability in the RDBMS/Optimizer component of Oracle Database Serv ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2733 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2732 (A flaw was discovered in the way that the KVM hypervisor handled instr ...)
- linux 5.5.13-1
NOTE: https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ec
@@ -22820,7 +22820,7 @@ CVE-2020-2708
CVE-2020-2707 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
NOT-FOR-US: Oracle
CVE-2020-2706 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2705 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
@@ -23080,7 +23080,7 @@ CVE-2020-2596 (Vulnerability in the Oracle CRM Technical Foundation product of O
CVE-2020-2595 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
NOT-FOR-US: Oracle
CVE-2020-2594 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2593 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
{DSA-4621-1 DSA-4605-1 DLA-2128-1}
- openjdk-13 13.0.2+8-1
@@ -23191,7 +23191,7 @@ CVE-2020-2555 (Vulnerability in the Oracle Coherence product of Oracle Fusion Mi
CVE-2020-2554
RESERVED
CVE-2020-2553 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2552 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2020-2551 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
@@ -23249,11 +23249,11 @@ CVE-2020-2526
CVE-2020-2525
RESERVED
CVE-2020-2524 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2523
RESERVED
CVE-2020-2522 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2521
RESERVED
CVE-2020-2520
@@ -23269,7 +23269,7 @@ CVE-2020-2516 (Vulnerability in the Core RDBMS component of Oracle Database Serv
CVE-2020-2515 (Vulnerability in the Database Gateway for ODBC component of Oracle Dat ...)
NOT-FOR-US: Oracle
CVE-2020-2514 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2020-2513
RESERVED
CVE-2020-2512 (Vulnerability in the Database Gateway for ODBC component of Oracle Dat ...)
@@ -25217,7 +25217,7 @@ CVE-2019-19502 (Code injection in pluginconfig.php in Image Uploader and Browser
CVE-2019-19501 (VeraCrypt 1.24 allows Local Privilege Escalation during execution of V ...)
NOT-FOR-US: VeraCrypt
CVE-2019-19500 (Matrix42 Workspace Management 9.1.2.2765 and below allows stored XSS v ...)
- TODO: check
+ NOT-FOR-US: Matrix42 Workspace Management
CVE-2019-19499
RESERVED
CVE-2019-19498
@@ -25767,7 +25767,7 @@ CVE-2019-19391 (** DISPUTED ** In LuaJIT through 2.0.5, as used in Moonjit befor
NOTE: Negligible security impact. The debug library is unsafe per se and one is
NOTE: not supposed to release an application with the debug library.
CVE-2019-19390 (The Search parameter of the Software Catalogue section of Matrix42 Wor ...)
- TODO: check
+ NOT-FOR-US: Matrix42 Workspace Management
CVE-2019-19389 (JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP R ...)
NOT-FOR-US: JetBrains Ktor framework
CVE-2019-19388 (A cross-site scripting (XSS) vulnerability in app/dialplans/dialplan_d ...)
@@ -26274,9 +26274,9 @@ CVE-2019-19303
CVE-2019-19302
RESERVED
CVE-2019-19301 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-19300 (A vulnerability has been identified in KTK ATE530S (All versions), SID ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-19299 (A vulnerability has been identified in SiNVR 3 Central Control Server ...)
NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19298 (A vulnerability has been identified in SiNVR 3 Central Control Server ...)
@@ -27584,7 +27584,7 @@ CVE-2019-18824 (Barco ClickShare Button R9861500D01 devices before 1.9.0 have Mi
CVE-2019-18823
RESERVED
CVE-2019-18822 (A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allo ...)
- TODO: check
+ NOT-FOR-US: ZOOM Call Recording
CVE-2019-18821 (Eximious Logo Designer 3.82 has a User Mode Write AV starting at ExiCu ...)
NOT-FOR-US: Eximious Logo Designer
CVE-2019-18820 (Eximious Logo Designer 3.82 has Heap Corruption starting at ntdll!Rtlp ...)
@@ -28930,7 +28930,7 @@ CVE-2020-1096
CVE-2020-1095
RESERVED
CVE-2020-1094 (An elevation of privilege vulnerability exists when the Windows Work F ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1093
RESERVED
CVE-2020-1092
@@ -29018,9 +29018,9 @@ CVE-2020-1052
CVE-2020-1051
RESERVED
CVE-2020-1050 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1049 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1048
RESERVED
CVE-2020-1047
@@ -29060,13 +29060,13 @@ CVE-2020-1031
CVE-2020-1030
RESERVED
CVE-2020-1029 (An elevation of privilege vulnerability exists when Connected User Exp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1028
RESERVED
CVE-2020-1027 (An elevation of privilege vulnerability exists in the way that the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1026 (A Security Feature Bypass vulnerability exists in the MSR JavaScript C ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1025
RESERVED
CVE-2020-1024
@@ -29074,217 +29074,217 @@ CVE-2020-1024
CVE-2020-1023
RESERVED
CVE-2020-1022 (A remote code execution vulnerability exists in Microsoft Dynamics Bus ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1021
RESERVED
CVE-2020-1020 (A remote code execution vulnerability exists in Microsoft Windows when ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1019 (An elevation of privilege vulnerability exists in RMS Sharing App for ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1018 (An information disclosure vulnerability exists when Microsoft Dynamics ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1017 (An elevation of privilege vulnerability exists in the way the Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1016 (An information disclosure vulnerability exists when the Windows Push N ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1015 (An elevation of privilege vulnerability exists in the way that the Use ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1014 (An elevation of privilege vulnerability exists in the Microsoft Window ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1013
RESERVED
CVE-2020-1012
RESERVED
CVE-2020-1011 (An elevation of privilege vulnerability exists when the Windows System ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1010
RESERVED
CVE-2020-1009 (An elevation of privilege vulnerability exists in the way that the Mic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1008 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1007 (An information disclosure vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1006 (An elevation of privilege vulnerability exists in the way the Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1005 (An information disclosure vulnerability exists when the Microsoft Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1004 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1003 (An elevation of privilege vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1002 (An elevation of privilege vulnerability exists when the MpSigStub.exe ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1001 (An elevation of privilege vulnerability exists in the way the Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1000 (An elevation of privilege vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0999 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0998
RESERVED
CVE-2020-0997
RESERVED
CVE-2020-0996 (An elevation of privilege vulnerability exists when the Windows Update ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0995 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0994 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0993 (A denial of service vulnerability exists in Windows DNS when it fails ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0992 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0991 (A remote code execution vulnerability exists in Microsoft Office softw ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0990
RESERVED
CVE-2020-0989
RESERVED
CVE-2020-0988 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0987 (An information disclosure vulnerability exists when the Microsoft Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0986
RESERVED
CVE-2020-0985 (An elevation of privilege vulnerability exists when the Windows Update ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0984 (An elevation of privilege vulnerability exists when the Microsoft Auto ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0983 (An elevation of privilege vulnerability exists when the Windows Delive ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0982 (An information disclosure vulnerability exists when the Microsoft Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0981 (A security feature bypass vulnerability exists when Windows fails to p ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0980 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0979 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0978 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0977 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0976 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0975 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0974 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0973 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0972 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0971 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0970 (A remote code execution vulnerability exists in the way that the Chakr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0969 (A remote code execution vulnerability exists in the way that the Chakr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0968 (A remote code execution vulnerability exists in the way that the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0967 (A remote code execution vulnerability exists in the way that the VBScr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0966 (A remote code execution vulnerability exists in the way that the VBScr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0965 (A remoted code execution vulnerability exists in the way that Microsof ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0964 (A remote code execution vulnerability exists in the way that the Windo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0963
RESERVED
CVE-2020-0962 (An information disclosure vulnerability exists when the win32k compone ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0961 (A remote code execution vulnerability exists when the Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0960 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0959 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0958 (An elevation of privilege vulnerability exists in Windows when the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0957 (An elevation of privilege vulnerability exists in Windows when the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0956 (An elevation of privilege vulnerability exists in Windows when the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0955 (An information disclosure vulnerability exists when certain central pr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0954 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0953 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0952 (An information disclosure vulnerability exists when the Windows GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0951
RESERVED
CVE-2020-0950 (A memory corruption vulnerability exists when Windows Media Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0949 (A memory corruption vulnerability exists when Windows Media Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0948 (A memory corruption vulnerability exists when Windows Media Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0947 (An information disclosure vulnerability exists when Media Foundation i ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0946 (An information disclosure vulnerability exists when Media Foundation i ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0945 (An information disclosure vulnerability exists when Media Foundation i ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0944 (An elevation of privilege vulnerability exists when Connected User Exp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0943 (An authentication bypass vulnerability exists in Microsoft YourPhoneCo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0942 (An elevation of privilege vulnerability exists when Connected User Exp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0941
RESERVED
CVE-2020-0940 (An elevation of privilege vulnerability exists in the way the Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0939 (An information disclosure vulnerability exists when Media Foundation i ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0938 (A remote code execution vulnerability exists in Microsoft Windows when ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0937 (An information disclosure vulnerability exists when Media Foundation i ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0936 (An elevation of privilege vulnerability exists when a Windows schedule ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0935 (An elevation of privilege vulnerability exists when the OneDrive for W ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0934 (An elevation of privilege vulnerability exists when the Windows WpcDes ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0933 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0932 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0931 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0930 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0929 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0928
RESERVED
CVE-2020-0927 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0926 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0925 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0924 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0923 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0922
RESERVED
CVE-2020-0921
RESERVED
CVE-2020-0920 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0919 (An elevation of privilege vulnerability exists in Remote Desktop App f ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0918 (An elevation of privilege vulnerability exists when Windows Hyper-V on ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0917 (An elevation of privilege vulnerability exists when Windows Hyper-V on ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0916
RESERVED
CVE-2020-0915
@@ -29292,21 +29292,21 @@ CVE-2020-0915
CVE-2020-0914
RESERVED
CVE-2020-0913 (An elevation of privilege vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0912
RESERVED
CVE-2020-0911
RESERVED
CVE-2020-0910 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0909
RESERVED
CVE-2020-0908
RESERVED
CVE-2020-0907 (A remote code execution vulnerability exists in the way that Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0906 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0905 (An remote code execution vulnerability exists in Microsoft Dynamics Bu ...)
NOT-FOR-US: Microsoft
CVE-2020-0904
@@ -29318,9 +29318,9 @@ CVE-2020-0902 (An elevation of privilege vulnerability exists in Service Fabric
CVE-2020-0901
RESERVED
CVE-2020-0900 (An elevation of privilege vulnerability exists when the Visual Studio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0899 (An elevation of privilege vulnerability exists when Microsoft Visual S ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0898 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
NOT-FOR-US: Microsoft
CVE-2020-0897 (An elevation of privilege vulnerability exists when the Windows Work F ...)
@@ -29328,7 +29328,7 @@ CVE-2020-0897 (An elevation of privilege vulnerability exists when the Windows W
CVE-2020-0896 (An elevation of privilege vulnerability exists when Windows improperly ...)
NOT-FOR-US: Microsoft
CVE-2020-0895 (A remote code execution vulnerability exists in the way that the VBScr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0894 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-0893 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
@@ -29340,9 +29340,9 @@ CVE-2020-0891 (This vulnerability is caused when SharePoint Server does not prop
CVE-2020-0890
RESERVED
CVE-2020-0889 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0888 (An elevation of privilege vulnerability exists when DirectX improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0887 (An elevation of privilege vulnerability exists in Windows when the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-0886
@@ -29448,7 +29448,7 @@ CVE-2020-0837
CVE-2020-0836
RESERVED
CVE-2020-0835 (An elevation of privilege vulnerability exists when Windows Defender a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0834 (An elevation of privilege vulnerability exists when Windows improperly ...)
NOT-FOR-US: Microsoft
CVE-2020-0833 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -29476,7 +29476,7 @@ CVE-2020-0823 (A remote code execution vulnerability exists in the way that the
CVE-2020-0822 (An elevation of privilege vulnerability exists when the Windows Langua ...)
NOT-FOR-US: Microsoft
CVE-2020-0821 (An information disclosure vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0820 (An information disclosure vulnerability exists when Media Foundation i ...)
NOT-FOR-US: Microsoft
CVE-2020-0819 (An elevation of privilege vulnerability exists when the Windows Device ...)
@@ -29530,7 +29530,7 @@ CVE-2020-0796 (A remote code execution vulnerability exists in the way that the
CVE-2020-0795 (This vulnerability is caused when SharePoint Server does not properly ...)
NOT-FOR-US: Microsoft
CVE-2020-0794 (A denial of service vulnerability exists when Windows improperly handl ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0793 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
NOT-FOR-US: Microsoft
CVE-2020-0792 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
@@ -29550,7 +29550,7 @@ CVE-2020-0786 (A denial of service vulnerability exists when the Windows Tile Ob
CVE-2020-0785 (An elevation of privilege vulnerability exists when the Windows User P ...)
NOT-FOR-US: Microsoft
CVE-2020-0784 (An elevation of privilege vulnerability exists when DirectX improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0783 (An elevation of privilege vulnerability exists when the Windows Univer ...)
NOT-FOR-US: Microsoft
CVE-2020-0782
@@ -29598,7 +29598,7 @@ CVE-2020-0762 (An elevation of privilege vulnerability exists when Windows Defen
CVE-2020-0761
RESERVED
CVE-2020-0760 (A remote code execution vulnerability exists when Microsoft Office imp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0759 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
NOT-FOR-US: Microsoft
CVE-2020-0758 (An elevation of privilege vulnerability exists when Azure DevOps Serve ...)
@@ -29720,7 +29720,7 @@ CVE-2020-0701 (An elevation of privilege vulnerability exists in the way that th
CVE-2020-0700 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
NOT-FOR-US: Microsoft
CVE-2020-0699 (An information disclosure vulnerability exists when the win32k compone ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0698 (An information disclosure vulnerability exists when the Telephony Serv ...)
NOT-FOR-US: Microsoft
CVE-2020-0697 (An elevation of privilege vulnerability exists in Microsoft Office OLi ...)
@@ -29744,7 +29744,7 @@ CVE-2020-0689 (A security feature bypass vulnerability exists in secure boot, ak
CVE-2020-0688 (A remote code execution vulnerability exists in Microsoft Exchange sof ...)
NOT-FOR-US: Microsoft
CVE-2020-0687 (A remote code execution vulnerability exists when the Windows font lib ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0686 (An elevation of privilege vulnerability exists in the Windows Installe ...)
NOT-FOR-US: Microsoft
CVE-2020-0685 (An elevation of privilege vulnerability exists when Windows improperly ...)
@@ -35927,7 +35927,7 @@ CVE-2019-16881 (An issue was discovered in the portaudio-rs crate through 0.3.1
CVE-2019-16880 (An issue was discovered in the linea crate through 0.9.4 for Rust. The ...)
NOT-FOR-US: Rust linea crate
CVE-2019-16879 (The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with fir ...)
- TODO: check
+ NOT-FOR-US: Synergy Systems & Solutions (SSS)
CVE-2019-16878 (Portainer before 1.22.1 has XSS (issue 2 of 2). ...)
NOT-FOR-US: Portainer
CVE-2019-16877 (Portainer before 1.22.1 has Incorrect Access Control (issue 4 of 4). ...)
@@ -44422,7 +44422,7 @@ CVE-2019-14328 (The Simple Membership plugin before 3.8.5 for WordPress has CSRF
CVE-2019-14327 (A CSRF vulnerability in Settings form in the Custom Simple Rss plugin ...)
NOT-FOR-US: Custom Simple Rss plugin for WordPress
CVE-2019-14326 (An issue was discovered in AndyOS Andy versions up to 46.11.113. By de ...)
- TODO: check
+ NOT-FOR-US: AndyOS Andy
CVE-2019-14325
RESERVED
CVE-2019-14324
@@ -54899,7 +54899,7 @@ CVE-2019-10941
CVE-2019-10940 (A vulnerability has been identified in SINEMA Server (All versions < ...)
NOT-FOR-US: Siemens
CVE-2019-10939 (A vulnerability has been identified in TIM 3V-IE (incl. SIPLUS NET var ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-10938 (A vulnerability has been identified in SIPROTEC 5 devices with CPU var ...)
NOT-FOR-US: Ethernet plug-in communication modules for SIPROTEC 5 devices
CVE-2019-10937 (A vulnerability has been identified in SIMATIC TDC CP51M1 (All version ...)
@@ -78019,7 +78019,7 @@ CVE-2019-2882
CVE-2019-2881
RESERVED
CVE-2019-2880 (Vulnerability in the Oracle Retail Store Inventory Management product ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2019-2879 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2878 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
@@ -80944,7 +80944,7 @@ CVE-2019-1868 (A vulnerability in the web-based management interface of Cisco We
CVE-2019-1867 (A vulnerability in the REST API of Cisco Elastic Services Controller ( ...)
NOT-FOR-US: Cisco
CVE-2019-1866 (Cisco Webex Business Suite before 39.1.0 contains a vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1865 (A vulnerability in the web-based management interface of Cisco Integra ...)
NOT-FOR-US: Cisco
CVE-2019-1864 (A vulnerability in the web-based management interface of Cisco Integra ...)
@@ -121582,7 +121582,7 @@ CVE-2018-6404
CVE-2018-6403
RESERVED
CVE-2018-6402 (Ecobee Ecobee4 4.2.0.171 devices can be forced to deauthenticate and c ...)
- TODO: check
+ NOT-FOR-US: Ecobee Ecobee4 4.2.0.171 devices
CVE-2018-6401 (Meross MSS110 devices before 1.1.24 contain a TELNET listener providin ...)
NOT-FOR-US: Meross
CVE-2018-6400 (Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privil ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e92363ce1baf536db07160a36ef64f3a45afc03
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e92363ce1baf536db07160a36ef64f3a45afc03
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200416/4ee4f812/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list