[Git][security-tracker-team/security-tracker][master] new qemu, tinymce, netxcloud-desktop, chromium, edk2 issues
Moritz Muehlenhoff
jmm at debian.org
Fri Aug 21 19:24:55 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9cb40725 by Moritz Muehlenhoff at 2020-08-21T20:24:25+02:00
new qemu, tinymce, netxcloud-desktop, chromium, edk2 issues
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -471,6 +471,9 @@ CVE-2020-24353
RESERVED
CVE-2020-24352
RESERVED
+ - qemu <unfixed> (bug #968820)
+ [buster] - qemu <postponed> (Can be fixed along in later DSA)
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1847584
CVE-2020-24351
RESERVED
CVE-2020-24350
@@ -14246,7 +14249,8 @@ CVE-2020-17482
CVE-2020-17481
RESERVED
CVE-2020-17480 (TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parse ...)
- TODO: check
+ - tinymce <unfixed>
+ NOTE: https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95
CVE-2020-17479 (jpv (aka Json Pattern Validator) before 2.2.2 does not properly valida ...)
TODO: check
CVE-2020-17478 (ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly conside ...)
@@ -38343,9 +38347,10 @@ CVE-2020-8232 (An information disclosure vulnerability exists in EdgeMax EdgeSwi
CVE-2020-8231
RESERVED
CVE-2020-8230 (A memory corruption vulnerability exists in NextCloud Desktop Client v ...)
- TODO: check
+ - netxcloud-desktop <not-affected> (Windows-specific)
CVE-2020-8229 (A memory leak in the OCUtil.dll library used by Nextcloud Desktop Clie ...)
- TODO: check
+ - netxcloud-desktop <unfixed> (bug #968822)
+ NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2020-034
CVE-2020-8228
RESERVED
CVE-2020-8227
@@ -38355,7 +38360,8 @@ CVE-2020-8226 (A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which
CVE-2020-8225
RESERVED
CVE-2020-8224 (A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arb ...)
- TODO: check
+ - netxcloud-desktop <unfixed> (bug #968822)
+ NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2020-030
CVE-2020-8223
RESERVED
CVE-2020-8222 (A path traversal vulnerability exists in Pulse Connect Secure <9.1R ...)
@@ -42481,6 +42487,8 @@ CVE-2020-6557
RESERVED
CVE-2020-6556
RESERVED
+ - chromium <unfixed>
+ [stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6555
RESERVED
- chromium <unfixed>
@@ -58029,7 +58037,7 @@ CVE-2020-1599
CVE-2020-1598
RESERVED
CVE-2020-1597 (A denial of service vulnerability exists when ASP.NET Core improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1596
RESERVED
CVE-2020-1595
@@ -58041,7 +58049,7 @@ CVE-2020-1593
CVE-2020-1592
RESERVED
CVE-2020-1591 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1590
RESERVED
CVE-2020-1589
@@ -58049,163 +58057,163 @@ CVE-2020-1589
CVE-2020-1588
RESERVED
CVE-2020-1587 (An elevation of privilege vulnerability exists when the Windows Ancill ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1586
RESERVED
CVE-2020-1585 (A remote code execution vulnerability exists in the way that Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1584 (An elevation of privilege vulnerability exists in the way that the dns ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1583 (An information disclosure vulnerability exists when Microsoft Word imp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1582 (A remote code execution vulnerability exists in Microsoft Access softw ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1581 (An elevation of privilege vulnerability exists in the way that Microso ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1580 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1579 (An elevation of privilege vulnerability exists when the Windows Functi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1578 (An information disclosure vulnerability exists in the Windows kernel t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1577 (An information disclosure vulnerability exists when DirectWrite improp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1576
RESERVED
CVE-2020-1575
RESERVED
CVE-2020-1574 (A remote code execution vulnerability exists in the way that Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1573 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1572
RESERVED
CVE-2020-1571 (An elevation of privilege vulnerability exists in Windows Setup in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1570 (A remote code execution vulnerability exists in the way that the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1569 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1568 (A remote code execution vulnerability exists when Microsoft Edge PDF R ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1567 (A remote code execution vulnerability exists in the way that the MSHTM ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1566 (An elevation of privilege vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1565 (An elevation of privilege vulnerability exists when the "Publ ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1564 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1563 (A remote code execution vulnerability exists in Microsoft Office softw ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1562 (A remote code execution vulnerability exists in the way that Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1561 (A remote code execution vulnerability exists in the way that Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1560 (A remote code execution vulnerability exists in the way that Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1559
RESERVED
CVE-2020-1558 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1557 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1556 (An elevation of privilege vulnerability exists in the way that the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1555 (A remote code execution vulnerability exists in the way that the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1554 (A memory corruption vulnerability exists when Windows Media Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1553 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1552 (An elevation of privilege vulnerability exists when the Windows Work F ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1551 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1550 (An elevation of privilege vulnerability exists when the Windows CDP Us ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1549 (An elevation of privilege vulnerability exists when the Windows CDP Us ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1548 (An information disclosure vulnerability exists when the Windows WaasMe ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1547 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1546 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1545 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1544 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1543 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1542 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1541 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1540 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1539 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1538 (An elevation of privilege vulnerability exists when the Windows UPnP D ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1537 (An elevation of privilege vulnerability exists when the Windows Remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1536 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1535 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1534 (An elevation of privilege vulnerability exists when the Windows Backup ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1533 (An elevation of privilege vulnerability exists in the way that the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1532
RESERVED
CVE-2020-1531 (An elevation of privilege vulnerability exists when the Windows Accoun ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1530 (An elevation of privilege vulnerability exists when Windows Remote Acc ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1529 (An elevation of privilege vulnerability exists in the way that the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1528 (An elevation of privilege vulnerability exists when the Windows Radio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1527 (An elevation of privilege vulnerability exists when the Windows Custom ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1526 (An elevation of privilege vulnerability exists when the Windows Networ ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1525 (A memory corruption vulnerability exists when Windows Media Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1524 (An elevation of privilege vulnerability exists when the Windows Speech ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1523
RESERVED
CVE-2020-1522 (An elevation of privilege vulnerability exists when the Windows Speech ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1521 (An elevation of privilege vulnerability exists when the Windows Speech ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1520 (A remote code execution vulnerability exists when the Windows Font Dri ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1519 (An elevation of privilege vulnerability exists when the Windows UPnP D ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1518 (An elevation of privilege vulnerability exists when the Windows File S ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1517 (An elevation of privilege vulnerability exists when the Windows File S ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1516 (An elevation of privilege vulnerability exists when the Windows Work F ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1515 (An elevation of privilege vulnerability exists when the Windows Teleph ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1514
RESERVED
CVE-2020-1513 (An elevation of privilege vulnerability exists when the Windows CSC Se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1512 (An information disclosure vulnerability exists when the Windows State ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1511 (An elevation of privilege vulnerability exists when Connected User Exp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1510 (An information disclosure vulnerability exists when the win32k compone ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1509 (An elevation of privilege vulnerability exists in the Local Security A ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1508
RESERVED
CVE-2020-1507
@@ -58213,89 +58221,89 @@ CVE-2020-1507
CVE-2020-1506
RESERVED
CVE-2020-1505 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1504 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1503 (An information disclosure vulnerability exists when Microsoft Word imp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1502 (An information disclosure vulnerability exists when Microsoft Word imp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1501 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1500 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1499 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1498 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1497 (An information disclosure vulnerability exists when Microsoft Excel im ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1496 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1495 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1494 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1493 (An information disclosure vulnerability exists when attaching files to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1492 (A memory corruption vulnerability exists when Windows Media Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1491
RESERVED
CVE-2020-1490 (An elevation of privilege vulnerability exists when the Storage Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1489 (An elevation of privilege vulnerability exists when the Windows CSC Se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1488 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1487 (An information disclosure vulnerability exists when Media Foundation i ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1486 (An elevation of privilege vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1485 (An information disclosure vulnerability exists when the Windows Image ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1484 (An elevation of privilege vulnerability exists when the Windows Work F ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1483 (A remote code execution vulnerability exists in Microsoft Outlook when ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1482
RESERVED
CVE-2020-1481 (A remote code execution vulnerability exists in the ESLint extension f ...)
NOT-FOR-US: Microsoft
CVE-2020-1480 (An elevation of privilege vulnerability exists in the way that the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1479 (An elevation of privilege vulnerability exists when DirectX improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1478 (A memory corruption vulnerability exists when Windows Media Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1477 (A memory corruption vulnerability exists when Windows Media Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1476 (An elevation of privilege vulnerability exists when ASP.NET or .NET we ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1475 (An elevation of privilege vulnerability exists in the way that the srm ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1474 (An information disclosure vulnerability exists when the Windows Image ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1473 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1472 (An elevation of privilege vulnerability exists when an attacker establ ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1471
RESERVED
CVE-2020-1470 (An elevation of privilege vulnerability exists when the Windows Work F ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1469 (A denial of service vulnerability exists when the .NET implementation ...)
NOT-FOR-US: Microsoft
CVE-2020-1468 (An information disclosure vulnerability exists when the Windows GDI co ...)
NOT-FOR-US: Microsoft
CVE-2020-1467 (An elevation of privilege vulnerability exists when Windows improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1466 (A denial of service vulnerability exists in Windows Remote Desktop Gat ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1465 (An elevation of privilege vulnerability exists in Microsoft OneDrive t ...)
NOT-FOR-US: Microsoft
CVE-2020-1464 (A spoofing vulnerability exists when Windows incorrectly validates fil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1463 (An elevation of privilege vulnerability exists in the way that the Sha ...)
NOT-FOR-US: Microsoft
CVE-2020-1462 (An information disclosure vulnerability exists when Skype for Business ...)
@@ -58305,7 +58313,7 @@ CVE-2020-1461 (An elevation of privilege vulnerability exists when the MpSigStub
CVE-2020-1460
RESERVED
CVE-2020-1459 (An information disclosure vulnerability exists on ARM implementations ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1458 (A remote code execution vulnerability exists when Microsoft Office imp ...)
NOT-FOR-US: Microsoft
CVE-2020-1457 (A remote code execution vulnerability exists in the way that Microsoft ...)
@@ -58313,7 +58321,7 @@ CVE-2020-1457 (A remote code execution vulnerability exists in the way that Micr
CVE-2020-1456 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-1455 (A denial of service vulnerability exists when Microsoft SQL Server Man ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1454 (This vulnerability is caused when SharePoint Server does not properly ...)
NOT-FOR-US: Microsoft
CVE-2020-1453
@@ -58389,7 +58397,7 @@ CVE-2020-1419 (An information disclosure vulnerability exists when the Windows k
CVE-2020-1418 (An elevation of privilege vulnerability exists when the Windows Diagno ...)
NOT-FOR-US: Microsoft
CVE-2020-1417 (An elevation of privilege vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1416 (An elevation of privilege vulnerability exists in Visual Studio and Vi ...)
NOT-FOR-US: Microsoft
CVE-2020-1415 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
@@ -58457,19 +58465,19 @@ CVE-2020-1385 (An elevation of privilege vulnerability exists in the way that th
CVE-2020-1384 (An elevation of privilege vulnerability exists when the Windows Crypto ...)
NOT-FOR-US: Microsoft
CVE-2020-1383 (An information disclosure vulnerability exists in RPC if the server ha ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1382 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
NOT-FOR-US: Microsoft
CVE-2020-1381 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
NOT-FOR-US: Microsoft
CVE-2020-1380 (A remote code execution vulnerability exists in the way that the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1379 (A memory corruption vulnerability exists when Windows Media Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1378 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1377 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1376
RESERVED
CVE-2020-1375 (An elevation of privilege vulnerability exists when Windows improperly ...)
@@ -58545,11 +58553,11 @@ CVE-2020-1341
CVE-2020-1340 (A spoofing vulnerability exists when the NuGetGallery does not properl ...)
NOT-FOR-US: Microsoft
CVE-2020-1339 (A remote code execution vulnerability exists when Windows Media Audio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1338
RESERVED
CVE-2020-1337 (An elevation of privilege vulnerability exists when the Windows Print ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1336 (An elevation of privilege vulnerability exists in the way that the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1335
@@ -58859,7 +58867,7 @@ CVE-2020-1184 (An elevation of privilege vulnerability exists when the Windows S
CVE-2020-1183 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-1182 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1181 (A remote code execution vulnerability exists in Microsoft SharePoint S ...)
NOT-FOR-US: Microsoft
CVE-2020-1180
@@ -59131,7 +59139,7 @@ CVE-2020-1048 (An elevation of privilege vulnerability exists when the Windows P
CVE-2020-1047
RESERVED
CVE-2020-1046 (A remote code execution vulnerability exists when Microsoft .NET Frame ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1045
RESERVED
CVE-2020-1044
@@ -60015,7 +60023,7 @@ CVE-2020-0606 (A remote code execution vulnerability exists in .NET software whe
CVE-2020-0605 (A remote code execution vulnerability exists in .NET software when the ...)
NOT-FOR-US: Microsoft
CVE-2020-0604 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0603 (A remote code execution vulnerability exists in ASP.NET Core software ...)
NOT-FOR-US: Microsoft
CVE-2020-0602 (A denial of service vulnerability exists when ASP.NET Core improperly ...)
@@ -73328,6 +73336,10 @@ CVE-2019-14563 [numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib]
NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=2001
CVE-2019-14562
RESERVED
+ - edk2 <unfixed> (bug #968819)
+ [buster] - edk2 <no-dsa> (Minor issue)
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1869245
+ NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=2215
CVE-2019-14561
RESERVED
CVE-2019-14560 [GetEfiGlobalVariable2() return value not checked]
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cb4072589e05645e505ff478104b6a3467ff3c0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cb4072589e05645e505ff478104b6a3467ff3c0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200821/e4243345/attachment.html>
More information about the debian-security-tracker-commits
mailing list