[Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso
carnil at debian.org
Fri Feb 21 09:02:32 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
acf5984e by Salvatore Bonaccorso at 2020-02-21T10:01:51+01:00
Process NFU
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,11 +11,11 @@ CVE-2020-9322
CVE-2020-9321
RESERVED
CVE-2020-9320 (Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a ...)
- TODO: check
+ NOT-FOR-US: Avira
CVE-2020-9319
RESERVED
CVE-2020-9318 (Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative us ...)
- TODO: check
+ NOT-FOR-US: Red Gate SQL Monitor
CVE-2020-9317
RESERVED
CVE-2020-9316
@@ -650,7 +650,7 @@ CVE-2020-9017
CVE-2020-9016 (Dolibarr 11.0 allows XSS via the joinfiles, topic, or code parameter, ...)
- dolibarr <removed>
CVE-2020-9015 (Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7 ...)
- TODO: check
+ NOT-FOR-US: Arista devices
CVE-2020-9014
RESERVED
CVE-2020-9013 (Arvato Skillpipe 3.0 allows attackers to bypass intended print restric ...)
@@ -749,7 +749,7 @@ CVE-2020-8991 (vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanag
NOTE: https://sourceware.org/git/?p=lvm2.git;a=commit;h=bcf9556b8fcd16ad8997f80cc92785f295c66701
NOTE: 2.03.00 upstream removed lvmetad (and the still vulnerable code)
CVE-2020-8990 (Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow ...)
- TODO: check
+ NOT-FOR-US: Western Digital My Cloud Home
CVE-2020-8989 (In the Voatz application 2020-01-01 for Android, the amount of data tr ...)
NOT-FOR-US: Voatz application for Android
CVE-2020-8988 (The Voatz application 2020-01-01 for Android allows only 100 million d ...)
@@ -809,7 +809,7 @@ CVE-2020-8962 (A stack-based buffer overflow was found on the D-Link DIR-842 REV
CVE-2020-8961
RESERVED
CVE-2020-8960 (Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS. ...)
- TODO: check
+ NOT-FOR-US: Western Digital mycloud.com
CVE-2020-8959 (Western Digital WesternDigitalSSDDashboardSetup.exe before 3.0.2.0 all ...)
NOT-FOR-US: Western Digital
CVE-2020-8958
@@ -5227,7 +5227,7 @@ CVE-2020-6979
CVE-2020-6978
RESERVED
CVE-2020-6977 (A restricted desktop environment escape vulnerability exists in the Ki ...)
- TODO: check
+ NOT-FOR-US: GE
CVE-2020-6976
RESERVED
CVE-2020-6975 (Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (820 ...)
@@ -5245,7 +5245,7 @@ CVE-2020-6970 (A Heap-based Buffer Overflow was found in Emerson OpenEnterprise
CVE-2020-6969 (It is possible to unmask credentials and other sensitive information o ...)
NOT-FOR-US: AutomationDirect
CVE-2020-6968 (Honeywell INNCOM INNControl 3 allows workstation users to escalate app ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2020-6967
RESERVED
CVE-2020-6966 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetr ...)
@@ -13260,9 +13260,9 @@ CVE-2020-3767
CVE-2020-3766
RESERVED
CVE-2020-3765 (Adobe After Effects versions 16.1.2 and earlier have an out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3764 (Adobe Media Encoder versions 14.0 and earlier have an out-of-bounds wr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-3763 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
NOT-FOR-US: Adobe
CVE-2020-3762 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
@@ -14922,7 +14922,7 @@ CVE-2019-19743 (On D-Link DIR-615 devices, a normal user is able to create a roo
CVE-2019-19742 (On D-Link DIR-615 devices, the User Account Configuration page is vuln ...)
NOT-FOR-US: D-Link
CVE-2019-19741 (Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege ...)
- TODO: check
+ NOT-FOR-US: Electronic Arts Origin
CVE-2019-19740 (Octeth Oempro 4.7 and 4.8 allow SQL injection. The parameter CampaignI ...)
NOT-FOR-US: Octeth Oempro
CVE-2019-19739 (MFScripts YetiShare 3.5.2 through 4.5.3 does not set the Secure flag o ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/acf5984e2e29b8617b67bb7ab958adace4ec345c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/acf5984e2e29b8617b67bb7ab958adace4ec345c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200221/8aae8d0c/attachment.html>
More information about the debian-security-tracker-commits
mailing list