[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 9 21:33:24 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b9726287 by Salvatore Bonaccorso at 2020-09-09T22:31:45+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -891,7 +891,7 @@ CVE-2020-24796
CVE-2020-24795
RESERVED
CVE-2020-24794 (Cross Site Scripting (XSS) vulnerability in Kentico before 12.0.75. ...)
- TODO: check
+ NOT-FOR-US: Kentico
CVE-2020-24793
RESERVED
CVE-2020-24792
@@ -1375,7 +1375,7 @@ CVE-2020-24568
CVE-2020-24567 (** DISPUTED ** voidtools Everything before 1.4.1 Beta Nightly 2020-08- ...)
NOT-FOR-US: voidtools
CVE-2020-24566 (In Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4. ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2020-24565
RESERVED
CVE-2020-24564
@@ -2178,17 +2178,17 @@ CVE-2020-24201
CVE-2020-24200
REJECTED
CVE-2020-24199 (Arbitrary File Upload in the Vehicle Image Upload component in Project ...)
- TODO: check
+ NOT-FOR-US: Vehicle Image Upload component in Project Worlds Car Rental Management System
CVE-2020-24198 (A persistent cross-site scripting vulnerability in Sourcecodester Stoc ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Stock Management System
CVE-2020-24197 (A SQL injection vulnerability in the login component in Stock Manageme ...)
- TODO: check
+ NOT-FOR-US: Stock Management System
CVE-2020-24196 (An Arbitrary File Upload in Vehicle Image Upload in Online Bike Rental ...)
NOT-FOR-US: Online Bike Rental
CVE-2020-24195 (An Arbitrary File Upload in the Upload Image component in Sourcecodest ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Online Bike Rental
CVE-2020-24194 (A Cross-site scripting (XSS) vulnerability in 'user-profile.php' in So ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Daily Tracker System
CVE-2020-24193 (A SQL injection vulnerability in login in Sourcecodetester Daily Track ...)
NOT-FOR-US: Sourcecodetester Daily Tracker System
CVE-2020-24192
@@ -19279,21 +19279,21 @@ CVE-2020-15793
CVE-2020-15792
RESERVED
CVE-2020-15791 (A vulnerability has been identified in SIMATIC S7-300 CPU family (incl ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-15790 (A vulnerability has been identified in Spectrum Power 4 (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-15789 (A vulnerability has been identified in Polarion Subversion Webclient ( ...)
TODO: check
CVE-2020-15788 (A vulnerability has been identified in Polarion Subversion Webclient ( ...)
TODO: check
CVE-2020-15787 (A vulnerability has been identified in SIMATIC HMI United Comfort Pane ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-15786 (A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Ge ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-15785 (A vulnerability has been identified in Siveillance Video Client (All v ...)
- TODO: check
+ NOT-FOR-US: Siveillance Video Client
CVE-2020-15784 (A vulnerability has been identified in Spectrum Power 4 (All versions ...)
- TODO: check
+ NOT-FOR-US: Spectrum Power 4
CVE-2020-15783
RESERVED
CVE-2020-15782
@@ -23270,7 +23270,7 @@ CVE-2020-14294
CVE-2020-14293
RESERVED
CVE-2020-14292 (In the COVIDSafe application through 1.0.21 for Android, unsafe use of ...)
- TODO: check
+ NOT-FOR-US: COVIDSafe application for Android
CVE-2020-14291
RESERVED
CVE-2020-14290
@@ -26300,7 +26300,7 @@ CVE-2019-20797 (An issue was discovered in e6y prboom-plus 2.5.1.5. There is a b
NOTE: https://sourceforge.net/p/prboom-plus/bugs/252/
NOTE: https://sourceforge.net/p/prboom-plus/bugs/253/
CVE-2020-13127 (A SQL injection vulnerability at a tpf URI in Loway QueueMetrics befor ...)
- TODO: check
+ NOT-FOR-US: Loway QueueMetrics
CVE-2020-13126 (An issue was discovered in the Elementor Pro plugin before 2.9.4 for W ...)
NOT-FOR-US: Elementor Pro plugin for WordPress
CVE-2020-13125 (An issue was discovered in the "Ultimate Addons for Elementor" plugin ...)
@@ -35725,11 +35725,11 @@ CVE-2020-10053
CVE-2020-10052
RESERVED
CVE-2020-10051 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-10050 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-10049 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2020-10048
RESERVED
CVE-2020-10047
@@ -42265,19 +42265,19 @@ CVE-2020-7327
CVE-2020-7326
RESERVED
CVE-2020-7325 (Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7324 (Improper Access Control vulnerability in McAfee MVISION Endpoint prior ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7323 (Authentication Protection Bypass vulnerability in McAfee Endpoint Secu ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7322 (Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7321
RESERVED
CVE-2020-7320 (Protection Mechanism Failure vulnerability in McAfee Endpoint Security ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7319 (Improper Access Control vulnerability in McAfee Endpoint Security (ENS ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7318
RESERVED
CVE-2020-7317
@@ -46597,7 +46597,7 @@ CVE-2020-5629
CVE-2020-5628
RESERVED
CVE-2020-5627 (Yodobashi App for Android versions 1.8.7 and earlier allows remote att ...)
- TODO: check
+ NOT-FOR-US: Yodobashi App for Android
CVE-2020-5626
RESERVED
CVE-2020-5625 (Cross-site scripting vulnerability in XooNIps 3.48 and earlier allows ...)
@@ -56330,23 +56330,23 @@ CVE-2020-2046
CVE-2020-2045
RESERVED
CVE-2020-2044 (An information exposure through log file vulnerability where an admini ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2043 (An information exposure through log file vulnerability where sensitive ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2042 (A buffer overflow vulnerability in the PAN-OS management web interface ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2041 (An insecure configuration of the appweb daemon of Palo Alto Networks P ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2040 (A buffer overflow vulnerability in PAN-OS allows an unauthenticated at ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2039 (An uncontrolled resource consumption vulnerability in Palo Alto Networ ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2038 (An OS Command Injection vulnerability in the PAN-OS management interfa ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2037 (An OS Command Injection vulnerability in the PAN-OS management interfa ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2036 (A reflected cross-site scripting (XSS) vulnerability exists in the PAN ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2035 (When SSL/TLS Forward Proxy Decryption mode has been configured to decr ...)
NOT-FOR-US: Palo Alto Networks
CVE-2020-2034 (An OS Command Injection vulnerability in the PAN-OS GlobalProtect port ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b972628770e1075a6dcf5156d80980ea8028e8b1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b972628770e1075a6dcf5156d80980ea8028e8b1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200909/69ee13fc/attachment.html>
More information about the debian-security-tracker-commits
mailing list