[Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
carnil at debian.org
Mon Feb 17 20:27:56 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b32eac53 by Salvatore Bonaccorso at 2020-02-17T21:27:30+01:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2020-9040
CVE-2020-9039
RESERVED
CVE-2020-9038 (Joplin through 1.0.184 allows Arbitrary File Read via XSS. ...)
- TODO: check
+ NOT-FOR-US: Joplin
CVE-2020-9037
RESERVED
CVE-2020-9036
@@ -17,7 +17,7 @@ CVE-2020-9036
CVE-2020-9035
RESERVED
CVE-2019-20474 (An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.4 ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine Remote Access Plus
CVE-2016-11019
RESERVED
CVE-2020-XXXX [privilege escalation vulnerablility]
@@ -68,9 +68,9 @@ CVE-2020-9015
CVE-2020-9014
RESERVED
CVE-2020-9013 (Arvato Skillpipe 3.0 allows attackers to bypass intended print restric ...)
- TODO: check
+ NOT-FOR-US: Arvato Skillpipe
CVE-2020-9012 (A cross-site scripting (XSS) vulnerability in the Import People functi ...)
- TODO: check
+ NOT-FOR-US: Gluu Identity Configuration
CVE-2020-9011
RESERVED
CVE-2020-9010
@@ -118,7 +118,7 @@ CVE-2020-9007 (Codoforum 4.8.8 allows self-XSS via the title of a new topic. ...
CVE-2020-9006 (The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulner ...)
NOT-FOR-US: Popup Builder plugin for WordPress
CVE-2020-9005 (meshsystem.dll in Valve Dota 2 through 2020-02-17 allows remote attack ...)
- TODO: check
+ NOT-FOR-US: Dota 2
CVE-2020-9004
RESERVED
CVE-2020-9003
@@ -244,7 +244,7 @@ CVE-2020-8952
CVE-2020-8951
RESERVED
CVE-2020-8950 (The AUEPLauncher service in Radeon AMD User Experience Program Launche ...)
- TODO: check
+ NOT-FOR-US: Radeon AMD User Experience Program Launcher
CVE-2020-8949 (Gocloud S2A_WL 4.2.7.16471, S2A 4.2.7.17278, S2A 4.3.0.15815, S2A 4.3. ...)
NOT-FOR-US: Gocloud devices
CVE-2020-8948
@@ -381,7 +381,7 @@ CVE-2019-20453
CVE-2019-20452
RESERVED
CVE-2012-6721 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) ...)
- TODO: check
+ NOT-FOR-US: SocialEngine
CVE-2012-6720 (Multiple cross-site scripting (XSS) vulnerabilities in SocialEngine be ...)
NOT-FOR-US: SocialEngine
CVE-2020-8884
@@ -1408,9 +1408,9 @@ CVE-2020-8431
CVE-2020-8430
RESERVED
CVE-2020-8429 (The Admin web application in Kinetica 7.0.9.2.20191118151947 does not ...)
- TODO: check
+ NOT-FOR-US: Kinetica
CVE-2020-8427 (Kaseya Traverse before 9.5.20 allows OS command injection attacks agai ...)
- TODO: check
+ NOT-FOR-US: Kaseya Traverse
CVE-2020-8426 (The Elementor plugin before 2.8.5 for WordPress suffers from a reflect ...)
NOT-FOR-US: Elementor plugin for WordPress
CVE-2020-8425 (Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that le ...)
@@ -3979,7 +3979,7 @@ CVE-2020-7254
CVE-2020-7253
RESERVED
CVE-2020-7252 (Unquoted service executable path in DXL Broker in McAfee Data eXchange ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7251 (Improper access control vulnerability in Configuration Tool in McAfee ...)
NOT-FOR-US: McAfee
CVE-2020-7250
@@ -7726,7 +7726,7 @@ CVE-2020-5533
CVE-2020-5532 (ilbo App (ilbo App for Android prior to version 1.1.8 and ilbo App for ...)
NOT-FOR-US: ilbo App
CVE-2020-5531 (Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI500 ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2020-5530
RESERVED
CVE-2020-5529 (HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. Html ...)
@@ -18776,7 +18776,7 @@ CVE-2019-19197 (IOCTL Handling in the kyrld.sys driver in Kyrol Internet Securit
CVE-2019-19196 (The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation ...)
TODO: check
CVE-2019-19195 (The Bluetooth Low Energy implementation on Microchip Technology BluSDK ...)
- TODO: check
+ NOT-FOR-US: Microchip
CVE-2019-19194 (The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation ...)
TODO: check
CVE-2019-19193 (The Bluetooth Low Energy peripheral implementation on Texas Instrument ...)
@@ -19335,7 +19335,7 @@ CVE-2019-19000
CVE-2019-18999
RESERVED
CVE-2019-18998 (Insufficient access control in the web interface of ABB Asset Suite ve ...)
- TODO: check
+ NOT-FOR-US: ABB Asset Suite
CVE-2019-18997 (The HMISimulator component of ABB PB610 Panel Builder 600 uses the rea ...)
NOT-FOR-US: ABB PB610 Panel Builder
CVE-2019-18996 (Path settings in HMIStudio component of ABB PB610 Panel Builder 600 ve ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b32eac534eae830dceef743c810b61126d466930
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b32eac534eae830dceef743c810b61126d466930
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200217/bc9eb200/attachment.html>
More information about the debian-security-tracker-commits
mailing list