[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Sun Sep 13 21:55:58 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
98d88e88 by Moritz Muehlenhoff at 2020-09-13T22:55:34+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2020-25288
RESERVED
CVE-2020-25287 (Pligg 2.0.3 allows remote authenticated users to execute arbitrary com ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2020-25286 (In wp-includes/comment-template.php in WordPress before 5.4.2, comment ...)
TODO: check
CVE-2020-25285 (A race condition between hugetlb sysctl handlers in mm/hugetlb.c in th ...)
@@ -21020,7 +21020,7 @@ CVE-2020-15173 (In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there
CVE-2020-15172
RESERVED
CVE-2020-15171 (In XWiki before versions 11.10.5 or 12.2.1, any user with SCRIPT right ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2020-15170 (apollo-adminservice before version 1.7.1 does not implement access con ...)
NOT-FOR-US: apollo-adminservice
CVE-2020-15169 (In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potentia ...)
@@ -60667,7 +60667,7 @@ CVE-2020-1287 (An elevation of privilege vulnerability exists in the way that th
CVE-2020-1286 (A remote code execution vulnerability exists when the Windows Shell do ...)
NOT-FOR-US: Microsoft
CVE-2020-1285 (A remote code execution vulnerability exists in the way that the Windo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1284 (A denial of service vulnerability exists in the way that the Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-1283 (A denial of service vulnerability exists when Windows improperly handl ...)
@@ -60725,7 +60725,7 @@ CVE-2020-1258 (An elevation of privilege vulnerability exists when DirectX impro
CVE-2020-1257 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
NOT-FOR-US: Microsoft
CVE-2020-1256 (An information disclosure vulnerability exists when the Windows GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1255 (An elevation of privilege vulnerability exists when the Windows Backgr ...)
NOT-FOR-US: Microsoft
CVE-2020-1254 (An elevation of privilege vulnerability exists when Windows Modules In ...)
@@ -60971,13 +60971,13 @@ CVE-2020-1135 (An elevation of privilege vulnerability exists when the Windows G
CVE-2020-1134 (An elevation of privilege vulnerability exists when the Windows State ...)
NOT-FOR-US: Microsoft
CVE-2020-1133 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1132 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
NOT-FOR-US: Microsoft
CVE-2020-1131 (An elevation of privilege vulnerability exists when the Windows State ...)
NOT-FOR-US: Microsoft
CVE-2020-1130 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1129 (A remote code execution vulnerability exists in the way that Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-1128
@@ -61043,7 +61043,7 @@ CVE-2020-1099 (A cross-site-scripting (XSS) vulnerability exists when Microsoft
CVE-2020-1098 (An elevation of privilege vulnerability exists when the Shell infrastr ...)
NOT-FOR-US: Microsoft
CVE-2020-1097 (An information disclosure vulnerability exists when the Windows GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1096 (A remote code execution vulnerability exists when Microsoft Edge PDF R ...)
NOT-FOR-US: Microsoft
CVE-2020-1095
@@ -61055,7 +61055,7 @@ CVE-2020-1093 (A remote code execution vulnerability exists in the way that the
CVE-2020-1092 (A remote code execution vulnerability exists when Internet Explorer im ...)
NOT-FOR-US: Microsoft
CVE-2020-1091 (An information disclosure vulnerability exists when the Windows GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1090 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1089
@@ -61071,7 +61071,7 @@ CVE-2020-1085 (An elevation of privilege vulnerability exists in the way that th
CVE-2020-1084 (A Denial Of Service vulnerability exists when Connected User Experienc ...)
NOT-FOR-US: Microsoft
CVE-2020-1083 (An information disclosure vulnerability exists when the Microsoft Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1082 (An elevation of privilege vulnerability exists in Windows Error Report ...)
NOT-FOR-US: Microsoft
CVE-2020-1081 (An elevation of privilege vulnerability exists when the Windows Printe ...)
@@ -61149,7 +61149,7 @@ CVE-2020-1046 (A remote code execution vulnerability exists when Microsoft .NET
CVE-2020-1045 (A security feature bypass vulnerability exists in the way Microsoft AS ...)
- dotnet-core-3.1 <itp> (bug #968921)
CVE-2020-1044 (A security feature bypass vulnerability exists in SQL Server Reporting ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1043 (A remote code execution vulnerability exists when Hyper-V RemoteFX vGP ...)
NOT-FOR-US: Microsoft
CVE-2020-1042 (A remote code execution vulnerability exists when Hyper-V RemoteFX vGP ...)
@@ -61213,7 +61213,7 @@ CVE-2020-1014 (An elevation of privilege vulnerability exists in the Microsoft W
CVE-2020-1013 (An elevation of privilege vulnerability exists when Microsoft Windows ...)
NOT-FOR-US: Microsoft
CVE-2020-1012 (An elevation of privilege vulnerability exists in the way that the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-1011 (An elevation of privilege vulnerability exists when the Windows System ...)
NOT-FOR-US: Microsoft
CVE-2020-1010 (An elevation of privilege vulnerability exists in Windows Block Level ...)
@@ -61241,7 +61241,7 @@ CVE-2020-1000 (An elevation of privilege vulnerability exists when the Windows k
CVE-2020-0999 (A remote code execution vulnerability exists when the Windows Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2020-0998 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0997 (A remote code execution vulnerability exists when the Windows Camera C ...)
NOT-FOR-US: Microsoft
CVE-2020-0996 (An elevation of privilege vulnerability exists when the Windows Update ...)
@@ -61561,7 +61561,7 @@ CVE-2020-0840 (An elevation of privilege vulnerability exists when Windows impro
CVE-2020-0839 (An elevation of privilege vulnerability exists in the way that the dns ...)
NOT-FOR-US: Microsoft
CVE-2020-0838 (An elevation of privilege vulnerability exists when NTFS improperly ch ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2020-0837 (A spoofing vulnerability exists when Active Directory Federation Servi ...)
NOT-FOR-US: Microsoft
CVE-2020-0836 (A denial of service vulnerability exists in Windows DNS when it fails ...)
@@ -113070,11 +113070,11 @@ CVE-2018-19950
CVE-2018-19949
RESERVED
CVE-2018-19948 (The vulnerability have been reported to affect earlier versions of Hel ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2018-19947 (The vulnerability have been reported to affect earlier versions of Hel ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2018-19946 (The vulnerability have been reported to affect earlier versions of Hel ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2018-19945
RESERVED
CVE-2018-19944
@@ -301753,7 +301753,7 @@ CVE-2014-1421 (mountall 1.54, as used in Ubuntu 14.10, does not properly handle
NOTE: See https://bugs.launchpad.net/ubuntu/+source/partman-efi/+bug/1390183
NOTE: and http://www.ubuntu.com/usn/usn-2411-1
CVE-2014-1420 (On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp ...)
- TODO: check
+ NOT-FOR-US: ubuntu-ui-toolkit
CVE-2014-1419 (Race condition in the power policy functions in policy-funcs in acpi-s ...)
{DSA-2984-1 DLA-30-1}
- acpi-support 0.142-2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d88e88b6443a2aecccb9e40a6442332b8f384e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d88e88b6443a2aecccb9e40a6442332b8f384e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200913/bcbcb9ac/attachment.html>
More information about the debian-security-tracker-commits
mailing list