[Git][security-tracker-team/security-tracker][master] 2 commits: Add reference for CVE-2020-1472
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 16 09:20:08 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bb3b5c76 by Salvatore Bonaccorso at 2020-09-16T10:14:45+02:00
Add reference for CVE-2020-1472
- - - - -
9f3db85e by Salvatore Bonaccorso at 2020-09-16T10:19:46+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -311,7 +311,7 @@ CVE-2020-25455
CVE-2020-25454
RESERVED
CVE-2020-25453 (An issue was discovered in BlackCat CMS v.1.3.6. There is a CSRF vulne ...)
- TODO: check
+ NOT-FOR-US: BlackCat CMS
CVE-2020-25452
RESERVED
CVE-2020-25451
@@ -2218,7 +2218,7 @@ CVE-2020-24563
CVE-2020-24562
RESERVED
CVE-2020-24561 (A command injection vulnerability in Trend Micro ServerProtect for Lin ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2020-24560
RESERVED
CVE-2020-24559 (A vulnerability in Trend Micro Apex One on macOS may allow an attacker ...)
@@ -3744,7 +3744,7 @@ CVE-2020-23835 (A Reflected Cross-Site Scripting (XSS) vulnerability in the inde
CVE-2020-23834 (Insecure Service File Permissions in the bd service in Real Time Logic ...)
NOT-FOR-US: Real Time Logic BarracudaDrive
CVE-2020-23833 (Projectworlds House Rental v1.0 suffers from an unauthenticated SQL In ...)
- TODO: check
+ NOT-FOR-US: Projectworlds House Rental
CVE-2020-23832
RESERVED
CVE-2020-23831 (A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php ...)
@@ -3754,7 +3754,7 @@ CVE-2020-23830 (A Cross-Site Request Forgery (CSRF) vulnerability in changeUsern
CVE-2020-23829 (interface/new/new_comprehensive_save.php in LibreHealth EHR 2.0.0 suff ...)
NOT-FOR-US: LibreHealth EHR
CVE-2020-23828 (A File Upload vulnerability in SourceCodester Online Course Registrati ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Course Registration
CVE-2020-23827
RESERVED
CVE-2020-23826
@@ -43169,15 +43169,15 @@ CVE-2020-7299 (Cleartext Storage of Sensitive Information in Memory vulnerabilit
CVE-2020-7298 (Unexpected behavior violation in McAfee Total Protection (MTP) prior t ...)
NOT-FOR-US: McAfee
CVE-2020-7297 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7296 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7295 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7294 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7293 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7292 (Inappropriate Encoding for output context vulnerability in McAfee Web ...)
NOT-FOR-US: McAfee
CVE-2020-7291 (Privilege Escalation vulnerability in McAfee Active Response (MAR) for ...)
@@ -43227,7 +43227,7 @@ CVE-2020-7270
CVE-2020-7269
RESERVED
CVE-2020-7268 (Path Traversal vulnerability in McAfee McAfee Email Gateway (MEG) prio ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2020-7267 (Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE ...)
NOT-FOR-US: McAfee
CVE-2020-7266 (Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE ...)
@@ -60917,6 +60917,7 @@ CVE-2020-1473 (A remote code execution vulnerability exists when the Windows Jet
NOT-FOR-US: Microsoft
CVE-2020-1472 (An elevation of privilege vulnerability exists when an attacker establ ...)
NOT-FOR-US: Microsoft
+ NOTE: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
CVE-2020-1471 (An elevation of privilege vulnerability exists when Microsoft Windows ...)
NOT-FOR-US: Microsoft
CVE-2020-1470 (An elevation of privilege vulnerability exists when the Windows Work F ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8a05731a832366539ecd864052a1f7a816b7813a...9f3db85e815881b7e9c176043a3d1c2729245a02
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8a05731a832366539ecd864052a1f7a816b7813a...9f3db85e815881b7e9c176043a3d1c2729245a02
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200916/060da7f0/attachment.html>
More information about the debian-security-tracker-commits
mailing list