[Git][security-tracker-team/security-tracker][master] Processing NFUs
Salvatore Bonaccorso
carnil at debian.org
Sat Dec 12 08:58:08 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dbdad1f6 by Salvatore Bonaccorso at 2020-12-12T09:55:54+01:00
Processing NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2710,7 +2710,7 @@ CVE-2020-29313
CVE-2020-29312
RESERVED
CVE-2020-29311 (Ubilling v1.0.9 allows Remote Command Execution as Root user by execut ...)
- TODO: check
+ NOT-FOR-US: Ubilling
CVE-2020-29310
RESERVED
CVE-2020-29309
@@ -10075,7 +10075,7 @@ CVE-2020-27510
CVE-2020-27509
RESERVED
CVE-2020-27508 (In two-factor authentication, the system also sending 2fa secret key i ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2020-27507
RESERVED
CVE-2020-27506
@@ -12924,7 +12924,7 @@ CVE-2020-26203
CVE-2020-26202
RESERVED
CVE-2020-26201 (Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak pass ...)
- TODO: check
+ NOT-FOR-US: Askey
CVE-2020-26200
RESERVED
CVE-2020-26199
@@ -15427,7 +15427,7 @@ CVE-2020-25193
CVE-2020-25192
RESERVED
CVE-2020-25191 (Incorrect permissions are set by default for an API entry-point of a s ...)
- TODO: check
+ NOT-FOR-US: National Instruments Corp. (NI)
CVE-2020-25190
RESERVED
CVE-2020-25189 (The affected product is vulnerable to three stack-based buffer overflo ...)
@@ -15583,9 +15583,9 @@ CVE-2020-25114
CVE-2020-25113
RESERVED
CVE-2020-25112 (An issue was discovered in the IPv6 stack in Contiki through 3.0. Ther ...)
- TODO: check
+ NOT-FOR-US: Contiki
CVE-2020-25111 (An issue was discovered in the IPv6 stack in Contiki through 3.0. Ther ...)
- TODO: check
+ NOT-FOR-US: Contiki
CVE-2020-25110 (An issue was discovered in the DNS implementation in Ethernut in Nut/O ...)
TODO: check
CVE-2020-25109 (An issue was discovered in the DNS implementation in Ethernut in Nut/O ...)
@@ -16621,15 +16621,15 @@ CVE-2020-24639
CVE-2020-24638
RESERVED
CVE-2020-24637 (Two vulnerabilities in ArubaOS GRUB2 implementation allows for an atta ...)
- TODO: check
+ NOT-FOR-US: ArubaOS GRUB2 implementation (CVE specific to ArubaOS)
CVE-2020-24636
RESERVED
CVE-2020-24635
RESERVED
CVE-2020-24634 (An attacker is able to remotely inject arbitrary commands by sending e ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2020-24633 (There are multiple buffer overflow vulnerabilities that could lead to ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2020-24632 (A remote execution of arbitrary commandss vulnerability was discovered ...)
NOT-FOR-US: Aruba
CVE-2020-24631 (A remote execution of arbitrary commands vulnerability was discovered ...)
@@ -17044,7 +17044,7 @@ CVE-2020-24449
CVE-2020-24448
RESERVED
CVE-2020-24447 (Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affe ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-24446
RESERVED
CVE-2020-24445 (AEM's Cloud Service offering, as well as versions 6.5.6.0 (and below), ...)
@@ -17058,7 +17058,7 @@ CVE-2020-24442 (Adobe Connect version 11.0 (and earlier) is affected by a reflec
CVE-2020-24441 (Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not ...)
NOT-FOR-US: Adobe
CVE-2020-24440 (Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontroll ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-24439 (Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 202 ...)
NOT-FOR-US: Adobe
CVE-2020-24438 (Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.3000 ...)
@@ -17175,7 +17175,7 @@ CVE-2020-24385 (In MidnightBSD before 1.2.6 and 1.3 before August 2020, and Free
CVE-2020-24384 (A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GU ...)
NOT-FOR-US: A10 Networks
CVE-2020-24383 (An issue was discovered in FNET through 4.6.4. The code for processing ...)
- TODO: check
+ NOT-FOR-US: FNET
CVE-2020-24382
RESERVED
CVE-2020-24381 (** DISPUTED ** GUnet Open eClass Platform (aka openeclass) through 3.9 ...)
@@ -17300,11 +17300,11 @@ CVE-2020-24338 (An issue was discovered in picoTCP through 1.7.0. The DNS domain
CVE-2020-24337 (An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When ...)
TODO: check
CVE-2020-24336 (An issue was discovered in Contiki through 3.0 and Contiki-NG through ...)
- TODO: check
+ NOT-FOR-US: Contiki
CVE-2020-24335
RESERVED
CVE-2020-24334 (The code that processes DNS responses in uIP through 1.0, as used in C ...)
- TODO: check
+ NOT-FOR-US: Contiki
CVE-2020-24333 (A vulnerability in Arista’s CloudVision Portal (CVP) prior to 20 ...)
NOT-FOR-US: Arista
CVE-2020-24332 (An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...)
@@ -26969,7 +26969,7 @@ CVE-2020-19529
CVE-2020-19528
RESERVED
CVE-2020-19527 (iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metac ...)
- TODO: check
+ NOT-FOR-US: idreamsoft iCMS
CVE-2020-19526
RESERVED
CVE-2020-19525
@@ -27739,7 +27739,7 @@ CVE-2020-19144
CVE-2020-19143
RESERVED
CVE-2020-19142 (iCMS 7 attackers to execute arbitrary OS commands via shell metacharac ...)
- TODO: check
+ NOT-FOR-US: idreamsoft iCMS
CVE-2020-19141
RESERVED
CVE-2020-19140
@@ -31140,13 +31140,13 @@ CVE-2020-17472
CVE-2020-17471
RESERVED
CVE-2020-17470 (An issue was discovered in FNET through 4.6.4. The code that initializ ...)
- TODO: check
+ NOT-FOR-US: FNET
CVE-2020-17469 (An issue was discovered in FNET through 4.6.4. The code for IPv6 fragm ...)
- TODO: check
+ NOT-FOR-US: FNET
CVE-2020-17468 (An issue was discovered in FNET through 4.6.4. The code for processing ...)
- TODO: check
+ NOT-FOR-US: FNET
CVE-2020-17467 (An issue was discovered in FNET through 4.6.4. The code for processing ...)
- TODO: check
+ NOT-FOR-US: FNET
CVE-2020-17466 (Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by ...)
NOT-FOR-US: Turcom TRCwifiZone
CVE-2020-17465 (Dashboards and progressiveProfileForms in ForgeRock Identity Manager b ...)
@@ -31193,15 +31193,15 @@ CVE-2020-17446 (asyncpg before 0.21.0 allows a malicious PostgreSQL server to tr
- asyncpg 0.21.0-1
NOTE: https://github.com/MagicStack/asyncpg/commit/69bcdf5bf7696b98ee708be5408fd7d854e910d0
CVE-2020-17445 (An issue was discovered in picoTCP 1.7.0. The code for processing the ...)
- TODO: check
+ NOT-FOR-US: picoTCP
CVE-2020-17444 (An issue was discovered in picoTCP 1.7.0. The routine for processing t ...)
- TODO: check
+ NOT-FOR-US: picoTCP
CVE-2020-17443 (An issue was discovered in picoTCP 1.7.0. The code for creating an ICM ...)
- TODO: check
+ NOT-FOR-US: picoTCP
CVE-2020-17442 (An issue was discovered in picoTCP 1.7.0. The code for parsing the hop ...)
- TODO: check
+ NOT-FOR-US: picoTCP
CVE-2020-17441 (An issue was discovered in picoTCP 1.7.0. The code for processing the ...)
- TODO: check
+ NOT-FOR-US: picoTCP
CVE-2020-17440 (An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other p ...)
TODO: check
CVE-2020-17439 (An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other p ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbdad1f6511cfcd5e744e6760ed98b85319cca97
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbdad1f6511cfcd5e744e6760ed98b85319cca97
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201212/35b92906/attachment.html>
More information about the debian-security-tracker-commits
mailing list