[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Thu Oct 15 09:29:33 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
257e481f by Salvatore Bonaccorso at 2020-10-15T10:29:10+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,9 +5,9 @@ CVE-2020-27159
CVE-2020-27158
RESERVED
CVE-2020-27157 (Veritas APTARE versions prior to 10.5 included code that bypassed the ...)
- TODO: check
+ NOT-FOR-US: Veritas
CVE-2020-27156 (Veritas APTARE versions prior to 10.5 did not perform adequate authori ...)
- TODO: check
+ NOT-FOR-US: Veritas
CVE-2020-27155
RESERVED
CVE-2020-27154
@@ -44310,7 +44310,7 @@ CVE-2020-8352
CVE-2020-8351
RESERVED
CVE-2020-8350 (An authentication bypass vulnerability was reported in Lenovo ThinkPad ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2020-8349 (An internal security review has identified an unauthenticated remote c ...)
TODO: check
CVE-2020-8348 (A DOM-based cross-site scripting (XSS) vulnerability was reported in L ...)
@@ -44320,7 +44320,7 @@ CVE-2020-8347 (A reflective cross-site scripting (XSS) vulnerability was reporte
CVE-2020-8346 (A denial of service vulnerability was reported in the Lenovo Vantage c ...)
NOT-FOR-US: Lenovo
CVE-2020-8345 (A DLL search path vulnerability was reported in the Lenovo HardwareSca ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2020-8344
REJECTED
CVE-2020-8343
@@ -44334,7 +44334,7 @@ CVE-2020-8340 (A cross-site scripting (XSS) vulnerability was discovered in the
CVE-2020-8339 (A cross-site scripting inclusion (XSSI) vulnerability was reported in ...)
NOT-FOR-US: IBM
CVE-2020-8338 (A DLL search path vulnerability was reported in Lenovo Diagnostics pri ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2020-8337 (An unquoted search path vulnerability was reported in versions prior t ...)
NOT-FOR-US: Synaptics Smart Audio UWP app
CVE-2020-8336 (Lenovo implemented Intel CSME Anti-rollback ARB protections on some Th ...)
@@ -44346,7 +44346,7 @@ CVE-2020-8334 (The BIOS tamper detection mechanism was not triggered in Lenovo T
CVE-2020-8333 (A potential vulnerability in the SMI callback function used in the EEP ...)
NOT-FOR-US: Lenovo
CVE-2020-8332 (A potential vulnerability in the SMI callback function used in the leg ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2020-8331
REJECTED
CVE-2020-8330 (A denial of service vulnerability was reported in the firmware prior t ...)
@@ -46700,7 +46700,7 @@ CVE-2020-7385
CVE-2020-7384
RESERVED
CVE-2020-7383 (A SQL Injection issue in Rapid7 Nexpose version prior to 6.6.49 that m ...)
- TODO: check
+ NOT-FOR-US: Rapid7 Nexpose
CVE-2020-7382 (Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted ...)
NOT-FOR-US: Rapid7 Nexpose installer
CVE-2020-7381 (In Rapid7 Nexpose installer versions prior to 6.6.40, the Nexpose inst ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/257e481f0c712c7fac27631d5a5dc6912dda194b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/257e481f0c712c7fac27631d5a5dc6912dda194b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201015/1e85a1ea/attachment.html>
More information about the debian-security-tracker-commits
mailing list