[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
carnil at debian.org
Sat Sep 12 08:03:05 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
394b6f0c by Salvatore Bonaccorso at 2020-09-12T09:02:27+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2020-25277
RESERVED
CVE-2020-25276 (An issue was discovered in PrimeKey EJBCA 6.x and 7.x before 7.4.1. Wh ...)
- TODO: check
+ NOT-FOR-US: PrimeKey
CVE-2020-25275
RESERVED
CVE-2020-25274
@@ -17021,33 +17021,33 @@ CVE-2020-16886
CVE-2020-16885
RESERVED
CVE-2020-16884 (A remote code execution vulnerability exists in the way that the IEToE ...)
- TODO: check
+ NOT-FOR-US: IEToEdge Browser Helper Object (BHO) plugin on Internet Explorer
CVE-2020-16883
RESERVED
CVE-2020-16882
RESERVED
CVE-2020-16881 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16880
RESERVED
CVE-2020-16879 (An information disclosure vulnerability exists when a Windows Projecte ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16878 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16877
RESERVED
CVE-2020-16876
RESERVED
CVE-2020-16875 (A remote code execution vulnerability exists in Microsoft Exchange ser ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16874 (A remote code execution vulnerability exists in Visual Studio when it ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16873 (A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16872 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16871 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16870
RESERVED
CVE-2020-16869
@@ -17061,33 +17061,33 @@ CVE-2020-16866
CVE-2020-16865
RESERVED
CVE-2020-16864 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16863
RESERVED
CVE-2020-16862 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16861 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16860 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16859 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16858 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16857 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16856 (A remote code execution vulnerability exists in Visual Studio when it ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16855 (An information disclosure vulnerability exists when Microsoft Office s ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16854 (An information disclosure vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16853 (An elevation of privilege vulnerability exists when the OneDrive for W ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16852 (An elevation of privilege vulnerability exists when the OneDrive for W ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16851 (An elevation of privilege vulnerability exists when the OneDrive for W ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-16850
RESERVED
CVE-2020-16849
@@ -23904,7 +23904,7 @@ CVE-2020-14102
CVE-2020-14101
RESERVED
CVE-2020-14100 (In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 ...)
- TODO: check
+ NOT-FOR-US: Xiaomi
CVE-2020-14099
RESERVED
CVE-2020-14098
@@ -23912,7 +23912,7 @@ CVE-2020-14098
CVE-2020-14097
RESERVED
CVE-2020-14096 (Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen ...)
- TODO: check
+ NOT-FOR-US: Xiaomi
CVE-2020-14095 (In Xiaomi router R3600, ROM version<1.0.20, a connect service suffe ...)
NOT-FOR-US: Xiaomi
CVE-2020-14094 (In Xiaomi router R3600, ROM version<1.0.20, the connection service ...)
@@ -37868,7 +37868,7 @@ CVE-2020-9241 (Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1
CVE-2020-9240
RESERVED
CVE-2020-9239 (Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier t ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-9238
RESERVED
CVE-2020-9237 (Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126(C ...)
@@ -60003,25 +60003,25 @@ CVE-2020-1600 (In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenari
CVE-2020-1599
RESERVED
CVE-2020-1598 (An elevation of privilege vulnerability exists when the Windows Univer ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1597 (A denial of service vulnerability exists when ASP.NET Core improperly ...)
NOT-FOR-US: Microsoft
CVE-2020-1596 (A information disclosure vulnerability exists when TLS components use ...)
NOT-FOR-US: Microsoft
CVE-2020-1595 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1594 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1593 (A remote code execution vulnerability exists when Windows Media Audio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1592 (An information disclosure vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1591 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
NOT-FOR-US: Microsoft
CVE-2020-1590 (An elevation of privilege vulnerability exists when the Connected User ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1589 (An information disclosure vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1588
RESERVED
CVE-2020-1587 (An elevation of privilege vulnerability exists when the Windows Ancill ...)
@@ -60047,9 +60047,9 @@ CVE-2020-1578 (An information disclosure vulnerability exists in the Windows ker
CVE-2020-1577 (An information disclosure vulnerability exists when DirectWrite improp ...)
NOT-FOR-US: Microsoft
CVE-2020-1576 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1575 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1574 (A remote code execution vulnerability exists in the way that Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-1573 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
@@ -60081,7 +60081,7 @@ CVE-2020-1561 (A remote code execution vulnerability exists in the way that Micr
CVE-2020-1560 (A remote code execution vulnerability exists in the way that Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-1559 (An elevation of privilege vulnerability exists when the Windows Storag ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1558 (A remote code execution vulnerability exists when the Windows Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2020-1557 (A remote code execution vulnerability exists when the Windows Jet Data ...)
@@ -60135,7 +60135,7 @@ CVE-2020-1534 (An elevation of privilege vulnerability exists when the Windows B
CVE-2020-1533 (An elevation of privilege vulnerability exists in the way that the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1532 (An elevation of privilege vulnerability exists when the Windows Instal ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1531 (An elevation of privilege vulnerability exists when the Windows Accoun ...)
NOT-FOR-US: Microsoft
CVE-2020-1530 (An elevation of privilege vulnerability exists when Windows Remote Acc ...)
@@ -60153,7 +60153,7 @@ CVE-2020-1525 (A memory corruption vulnerability exists when Windows Media Found
CVE-2020-1524 (An elevation of privilege vulnerability exists when the Windows Speech ...)
NOT-FOR-US: Microsoft
CVE-2020-1523 (A tampering vulnerability exists when Microsoft SharePoint Server fail ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1522 (An elevation of privilege vulnerability exists when the Windows Speech ...)
NOT-FOR-US: Microsoft
CVE-2020-1521 (An elevation of privilege vulnerability exists when the Windows Speech ...)
@@ -60171,7 +60171,7 @@ CVE-2020-1516 (An elevation of privilege vulnerability exists when the Windows W
CVE-2020-1515 (An elevation of privilege vulnerability exists when the Windows Teleph ...)
NOT-FOR-US: Microsoft
CVE-2020-1514 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1513 (An elevation of privilege vulnerability exists when the Windows CSC Se ...)
NOT-FOR-US: Microsoft
CVE-2020-1512 (An information disclosure vulnerability exists when the Windows State ...)
@@ -60183,11 +60183,11 @@ CVE-2020-1510 (An information disclosure vulnerability exists when the win32k co
CVE-2020-1509 (An elevation of privilege vulnerability exists in the Local Security A ...)
NOT-FOR-US: Microsoft
CVE-2020-1508 (A remote code execution vulnerability exists when Windows Media Audio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1507 (An elevation of privilege vulnerability exists in the way that Microso ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1506 (An elevation of privilege vulnerability exists in the way that the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1505 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
NOT-FOR-US: Microsoft
CVE-2020-1504 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
@@ -60217,7 +60217,7 @@ CVE-2020-1493 (An information disclosure vulnerability exists when attaching fil
CVE-2020-1492 (A memory corruption vulnerability exists when Windows Media Foundation ...)
NOT-FOR-US: Microsoft
CVE-2020-1491 (An elevation of privilege vulnerability exists in the way that the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1490 (An elevation of privilege vulnerability exists when the Storage Servic ...)
NOT-FOR-US: Microsoft
CVE-2020-1489 (An elevation of privilege vulnerability exists when the Windows CSC Se ...)
@@ -60235,7 +60235,7 @@ CVE-2020-1484 (An elevation of privilege vulnerability exists when the Windows W
CVE-2020-1483 (A remote code execution vulnerability exists in Microsoft Outlook when ...)
NOT-FOR-US: Microsoft
CVE-2020-1482 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1481 (A remote code execution vulnerability exists in the ESLint extension f ...)
NOT-FOR-US: Microsoft
CVE-2020-1480 (An elevation of privilege vulnerability exists in the way that the Win ...)
@@ -60257,7 +60257,7 @@ CVE-2020-1473 (A remote code execution vulnerability exists when the Windows Jet
CVE-2020-1472 (An elevation of privilege vulnerability exists when an attacker establ ...)
NOT-FOR-US: Microsoft
CVE-2020-1471 (An elevation of privilege vulnerability exists when Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1470 (An elevation of privilege vulnerability exists when the Windows Work F ...)
NOT-FOR-US: Microsoft
CVE-2020-1469 (A denial of service vulnerability exists when the .NET implementation ...)
@@ -60279,7 +60279,7 @@ CVE-2020-1462 (An information disclosure vulnerability exists when Skype for Bus
CVE-2020-1461 (An elevation of privilege vulnerability exists when the MpSigStub.exe ...)
NOT-FOR-US: Microsoft
CVE-2020-1460 (A remote code execution vulnerability exists in Microsoft SharePoint S ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1459 (An information disclosure vulnerability exists on ARM implementations ...)
NOT-FOR-US: Microsoft
CVE-2020-1458 (A remote code execution vulnerability exists when Microsoft Office imp ...)
@@ -60293,9 +60293,9 @@ CVE-2020-1455 (A denial of service vulnerability exists when Microsoft SQL Serve
CVE-2020-1454 (This vulnerability is caused when SharePoint Server does not properly ...)
NOT-FOR-US: Microsoft
CVE-2020-1453 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1452 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1451 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-1450 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
@@ -60319,7 +60319,7 @@ CVE-2020-1442 (A spoofing vulnerability exists when an Office Web Apps server do
CVE-2020-1441
RESERVED
CVE-2020-1440 (A tampering vulnerability exists when Microsoft SharePoint Server fail ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1439 (A remote code execution vulnerability exists in PerformancePoint Servi ...)
NOT-FOR-US: Microsoft
CVE-2020-1438 (An elevation of privilege vulnerability exists in the way that the Win ...)
@@ -60447,7 +60447,7 @@ CVE-2020-1378 (An elevation of privilege vulnerability exists when the Windows K
CVE-2020-1377 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
NOT-FOR-US: Microsoft
CVE-2020-1376 (An elevation of privilege vulnerability exists in the way that fdSSDP. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1375 (An elevation of privilege vulnerability exists when Windows improperly ...)
NOT-FOR-US: Microsoft
CVE-2020-1374 (A remote code execution vulnerability exists in the Windows Remote Des ...)
@@ -60509,7 +60509,7 @@ CVE-2020-1347 (An elevation of privilege vulnerability exists when the Windows S
CVE-2020-1346 (An elevation of privilege vulnerability exists when the Windows Module ...)
NOT-FOR-US: Microsoft
CVE-2020-1345 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1344 (An elevation of privilege vulnerability exists in the way that the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1343 (An information disclosure vulnerability exists in Visual Studio Code L ...)
@@ -60523,19 +60523,19 @@ CVE-2020-1340 (A spoofing vulnerability exists when the NuGetGallery does not pr
CVE-2020-1339 (A remote code execution vulnerability exists when Windows Media Audio ...)
NOT-FOR-US: Microsoft
CVE-2020-1338 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1337 (An elevation of privilege vulnerability exists when the Windows Print ...)
NOT-FOR-US: Microsoft
CVE-2020-1336 (An elevation of privilege vulnerability exists in the way that the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1335 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1334 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1333 (An elevation of privilege vulnerability exists when Group Policy Servi ...)
NOT-FOR-US: Microsoft
CVE-2020-1332 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1331 (A spoofing vulnerability exists when System Center Operations Manager ...)
NOT-FOR-US: Microsoft
CVE-2020-1330 (An information disclosure vulnerability exists when Windows Mobile Dev ...)
@@ -60561,7 +60561,7 @@ CVE-2020-1321 (A remote code execution vulnerability exists in Microsoft Office
CVE-2020-1320 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-1319 (A remote code execution vulnerability exists in the way that Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1318 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-1317 (An elevation of privilege vulnerability exists when Group Policy impro ...)
@@ -60583,7 +60583,7 @@ CVE-2020-1310 (An elevation of privilege vulnerability exists in Windows when th
CVE-2020-1309 (An elevation of privilege vulnerability exists when the Microsoft Stor ...)
NOT-FOR-US: Microsoft
CVE-2020-1308 (An elevation of privilege vulnerability exists when DirectX improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1307 (An elevation of privilege vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2020-1306 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
@@ -60593,7 +60593,7 @@ CVE-2020-1305 (An elevation of privilege vulnerability exists when the Windows S
CVE-2020-1304 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1303 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1302 (An elevation of privilege vulnerability exists in Windows Installer be ...)
NOT-FOR-US: Microsoft
CVE-2020-1301 (A remote code execution vulnerability exists in the way that the Micro ...)
@@ -60695,11 +60695,11 @@ CVE-2020-1254 (An elevation of privilege vulnerability exists when Windows Modul
CVE-2020-1253 (An elevation of privilege vulnerability exists in Windows when the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1252 (A remote code execution vulnerability exists when Windows improperly h ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1251 (An elevation of privilege vulnerability exists in Windows when the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1250 (An information disclosure vulnerability exists when the win32k compone ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1249 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1248 (A remote code execution vulnerability exists in the way that the Windo ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/394b6f0ce27546051985795a94bb1a4214566553
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/394b6f0ce27546051985795a94bb1a4214566553
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200912/22240a3c/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list