[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Thu Dec 10 20:29:26 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ff93ccf2 by Salvatore Bonaccorso at 2020-12-10T21:29:05+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1007,9 +1007,9 @@ CVE-2021-1987
CVE-2021-1986
RESERVED
CVE-2020-29667 (In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker ab ...)
- TODO: check
+ NOT-FOR-US: Lan ATMService M3 ATM Monitoring System
CVE-2020-29666 (In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-l ...)
- TODO: check
+ NOT-FOR-US: Lan ATMService M3 ATM Monitoring System
CVE-2020-29665
RESERVED
CVE-2020-29664
@@ -8183,7 +8183,7 @@ CVE-2020-27928
CVE-2020-27927 (An out-of-bounds write issue was addressed with improved bounds checki ...)
NOT-FOR-US: Apple
CVE-2020-27926 (A use after free issue was addressed with improved memory management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27925 (An issue existed in the handling of incoming calls. The issue was addr ...)
NOT-FOR-US: Apple
CVE-2020-27924
@@ -8199,11 +8199,11 @@ CVE-2020-27920
CVE-2020-27919
RESERVED
CVE-2020-27918 (A use after free issue was addressed with improved memory management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27917 (A use after free issue was addressed with improved memory management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27916 (An out-of-bounds write was addressed with improved input validation. T ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27915
RESERVED
CVE-2020-27914
@@ -8211,43 +8211,43 @@ CVE-2020-27914
CVE-2020-27913
RESERVED
CVE-2020-27912 (An out-of-bounds write was addressed with improved input validation. T ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27911 (An integer overflow was addressed through improved input validation. T ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27910 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27909 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27908
RESERVED
CVE-2020-27907
RESERVED
CVE-2020-27906 (Multiple integer overflows were addressed with improved input validati ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27905 (A memory corruption issue was addressed with improved state management ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27904 (A logic issue existed resulting in memory corruption. This was address ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27903 (This issue was addressed by removing the vulnerable code. This issue i ...)
NOT-FOR-US: Apple
CVE-2020-27902 (An authentication issue was addressed with improved state management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27901
RESERVED
CVE-2020-27900 (An issue existed in the handling of snapshots. The issue was resolved ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27899
RESERVED
CVE-2020-27898 (A denial of service issue was addressed with improved state handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27897
RESERVED
CVE-2020-27896 (A path handling issue was addressed with improved validation. This iss ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27895 (An information disclosure issue existed in the transition of program s ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27894 (The issue was addressed with additional user controls. This issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-27893
RESERVED
CVE-2020-27892 (The Zigbee protocol implementation on Texas Instruments CC2538 devices ...)
@@ -15227,7 +15227,7 @@ CVE-2019-20916 (The pip package before 19.2 for Python allows Directory Traversa
NOTE: https://github.com/pypa/pip/issues/6413
NOTE: https://github.com/pypa/pip/commit/a4c735b14a62f9cb864533808ac63936704f2ace (19.2)
CVE-2020-25199 (A heap-based buffer overflow vulnerability exists within the WECON Lev ...)
- TODO: check
+ NOT-FOR-US: WECON LeviStudioU
CVE-2020-25198
RESERVED
CVE-2020-25197
@@ -18777,7 +18777,7 @@ CVE-2020-23522
CVE-2020-23521
RESERVED
CVE-2020-23520 (imcat 5.2 allows an authenticated file upload and consequently remote ...)
- TODO: check
+ NOT-FOR-US: imcat
CVE-2020-23519
RESERVED
CVE-2020-23518
@@ -30783,7 +30783,7 @@ CVE-2020-17533
CVE-2020-17532
RESERVED
CVE-2020-17531 (A Java Serialization vulnerability was found in Apache Tapestry 4. Apa ...)
- TODO: check
+ NOT-FOR-US: Apache Tapestry
CVE-2020-17530
RESERVED
- libstruts1.2-java <not-affected> (Specific to 2.x)
@@ -31622,11 +31622,11 @@ CVE-2020-17149
CVE-2020-17148 (, aka 'Visual Studio Code Remote Development Extension Remote Code Exe ...)
NOT-FOR-US: Microsoft
CVE-2020-17147 (, aka 'Dynamics CRM Webclient Cross-site Scripting Vulnerability'. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17146
RESERVED
CVE-2020-17145 (, aka 'Azure DevOps Server and Team Foundation Services Spoofing Vulne ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17144 (, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. This C ...)
NOT-FOR-US: Microsoft
CVE-2020-17143 (, aka 'Microsoft Exchange Information Disclosure Vulnerability'. ...)
@@ -31638,15 +31638,15 @@ CVE-2020-17141 (, aka 'Microsoft Exchange Remote Code Execution Vulnerability'.
CVE-2020-17140 (, aka 'Windows SMB Information Disclosure Vulnerability'. ...)
TODO: check
CVE-2020-17139 (, aka 'Windows Overlay Filter Security Feature Bypass Vulnerability'. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17138 (, aka 'Windows Error Reporting Information Disclosure Vulnerability'. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17137 (, aka 'DirectX Graphics Kernel Elevation of Privilege Vulnerability'. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17136 (, aka 'Windows Cloud Files Mini Filter Driver Elevation of Privilege V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17135 (, aka 'Azure DevOps Server Spoofing Vulnerability'. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17134 (, aka 'Windows Cloud Files Mini Filter Driver Elevation of Privilege V ...)
NOT-FOR-US: Microsoft
CVE-2020-17133 (, aka 'Microsoft Dynamics Business Central/NAV Information Disclosure' ...)
@@ -31728,7 +31728,7 @@ CVE-2020-17096 (, aka 'Windows NTFS Remote Code Execution Vulnerability'. ...)
CVE-2020-17095 (, aka 'Hyper-V Remote Code Execution Vulnerability'. ...)
TODO: check
CVE-2020-17094 (, aka 'Windows Error Reporting Information Disclosure Vulnerability'. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17093
RESERVED
CVE-2020-17092 (, aka 'Windows Network Connections Service Elevation of Privilege Vuln ...)
@@ -31912,7 +31912,7 @@ CVE-2020-17004 (Windows Graphics Component Information Disclosure Vulnerability
CVE-2020-17003 (A remote code execution vulnerability exists when the Base3D rendering ...)
NOT-FOR-US: Microsoft
CVE-2020-17002 (, aka 'Azure SDK for C Security Feature Bypass Vulnerability'. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-17001 (Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID ...)
NOT-FOR-US: Microsoft
CVE-2020-17000 (Remote Desktop Protocol Client Information Disclosure Vulnerability ...)
@@ -31974,7 +31974,7 @@ CVE-2020-16973 (An elevation of privilege vulnerability exists when the Windows
CVE-2020-16972 (An elevation of privilege vulnerability exists when the Windows Backup ...)
NOT-FOR-US: Microsoft
CVE-2020-16971 (, aka 'Azure SDK for Java Security Feature Bypass Vulnerability'. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16970 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
NOT-FOR-US: Microsoft
CVE-2020-16969 (An information disclosure vulnerability exists in how Microsoft Exchan ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff93ccf22f3e52002c51cda5f03b0a5f8b14e11d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff93ccf22f3e52002c51cda5f03b0a5f8b14e11d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201210/2ffec55f/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list