[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Wed Sep 23 15:55:26 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ea51679c by Moritz Muehlenhoff at 2020-09-23T16:55:08+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2020-25826 (PingID Integration for Windows Login before 2.4.2 allows local users t ...)
- TODO: check
+ NOT-FOR-US: PingID Integration for Windows Login
CVE-2020-25825
RESERVED
CVE-2020-25824
@@ -9,7 +9,7 @@ CVE-2020-25823
CVE-2020-25822
RESERVED
CVE-2020-25821 (** UNSUPPORTED WHEN ASSIGNED ** peg-markdown 0.4.14 has a NULL pointer ...)
- TODO: check
+ NOT-FOR-US: peg-markdown
CVE-2020-25820
RESERVED
CVE-2020-25819
@@ -2632,7 +2632,7 @@ CVE-2020-24621
CVE-2020-24620
RESERVED
CVE-2020-24619 (In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuse ...)
- TODO: check
+ NOT-FOR-US: Shotcut
CVE-2020-24618 (In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020. ...)
NOT-FOR-US: JetBrains
CVE-2020-24617
@@ -39875,7 +39875,7 @@ CVE-2020-8889
CVE-2020-8888
RESERVED
CVE-2020-8887 (Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 hav ...)
- TODO: check
+ NOT-FOR-US: Telestream Tektronix Medius
CVE-2020-8886
RESERVED
CVE-2020-8885
@@ -42801,7 +42801,7 @@ CVE-2020-7736
CVE-2020-7735
RESERVED
CVE-2020-7734 (All versions of package cabot are vulnerable to Cross-site Scripting ( ...)
- TODO: check
+ NOT-FOR-US: cabot
CVE-2020-7733 (The package ua-parser-js before 0.7.22 are vulnerable to Regular Expre ...)
- node-ua-parser-js <not-affected> (No affected version present in the archive, introduced after 0.7.14 and fixed in 0.7.22)
NOTE: https://github.com/faisalman/ua-parser-js/commit/233d3bae22a795153a7e6638887ce159c63e557d
@@ -53989,7 +53989,7 @@ CVE-2020-3571
CVE-2020-3570
RESERVED
CVE-2020-3569 (Multiple vulnerabilities in the Distance Vector Multicast Routing Prot ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3568
RESERVED
CVE-2020-3567
@@ -54856,7 +54856,7 @@ CVE-2020-3145 (Multiple vulnerabilities in the web-based management interface of
CVE-2020-3144 (A vulnerability in the web-based management interface of the Cisco RV1 ...)
NOT-FOR-US: Cisco
CVE-2020-3143 (A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3142 (A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Me ...)
NOT-FOR-US: Cisco
CVE-2020-3141
@@ -54868,21 +54868,21 @@ CVE-2020-3139 (A vulnerability in the out of band (OOB) management interface IP
CVE-2020-3138 (A vulnerability in the upgrade component of Cisco Enterprise NFV Infra ...)
NOT-FOR-US: Cisco
CVE-2020-3137 (A vulnerability in the web-based management interface of Cisco Email S ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3136 (A vulnerability in the web-based management interface of Cisco Jabber ...)
NOT-FOR-US: Cisco
CVE-2020-3135 (A vulnerability in the web-based management interface of Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3134 (A vulnerability in the zip decompression engine of Cisco AsyncOS Softw ...)
NOT-FOR-US: Cisco
CVE-2020-3133 (A vulnerability in the email message scanning of Cisco AsyncOS Softwar ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3132 (A vulnerability in the email message scanning feature of Cisco AsyncOS ...)
NOT-FOR-US: Cisco
CVE-2020-3131 (A vulnerability in the Cisco Webex Teams client for Windows could allo ...)
NOT-FOR-US: Cisco
CVE-2020-3130 (A vulnerability in the web management interface of Cisco Unity Connect ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3129 (A vulnerability in the web-based management interface of Cisco Unity C ...)
NOT-FOR-US: Cisco
CVE-2020-3128 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
@@ -54894,7 +54894,7 @@ CVE-2020-3126 (vulnerability within the Multimedia Viewer feature of Cisco Webex
CVE-2020-3125 (A vulnerability in the Kerberos authentication feature of Cisco Adapti ...)
NOT-FOR-US: Cisco
CVE-2020-3124 (A vulnerability in the web-based interface of Cisco Hosted Collaborati ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3123 (A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiV ...)
- clamav 0.102.2+dfsg-1 (bug #950944)
[buster] - clamav 0.102.2+dfsg-0+deb10u1
@@ -54912,9 +54912,9 @@ CVE-2020-3119 (A vulnerability in the Cisco Discovery Protocol implementation fo
CVE-2020-3118 (A vulnerability in the Cisco Discovery Protocol implementation for Cis ...)
NOT-FOR-US: Cisco
CVE-2020-3117 (A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Se ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3116 (A vulnerability in the way Cisco Webex applications process Universal ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3115 (A vulnerability in the CLI of the Cisco SD-WAN Solution vManage softwa ...)
NOT-FOR-US: Cisco
CVE-2020-3114 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
@@ -71792,29 +71792,29 @@ CVE-2019-16030
CVE-2019-16029 (A vulnerability in the application programming interface (API) of Cisc ...)
NOT-FOR-US: Cisco
CVE-2019-16028 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-16027 (A vulnerability in the implementation of the Intermediate System&n ...)
NOT-FOR-US: Cisco
CVE-2019-16026 (A vulnerability in the implementation of the Stream Control Transmissi ...)
NOT-FOR-US: Cisco
CVE-2019-16025 (A vulnerability in the web framework of Cisco Emergency Responder coul ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-16024 (A vulnerability in the web-based management interface of Cisco Crosswo ...)
NOT-FOR-US: Cisco
CVE-2019-16023 (Multiple vulnerabilities in the implementation of Border Gateway Proto ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-16022 (Multiple vulnerabilities in the implementation of Border Gateway Proto ...)
NOT-FOR-US: Cisco
CVE-2019-16021 (Multiple vulnerabilities in the implementation of Border Gateway Proto ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-16020 (Multiple vulnerabilities in the implementation of Border Gateway Proto ...)
NOT-FOR-US: Cisco
CVE-2019-16019 (Multiple vulnerabilities in the implementation of Border Gateway Proto ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-16018 (A vulnerability in the implementation of Border Gateway Protocol (BGP) ...)
NOT-FOR-US: Cisco
CVE-2019-16017 (A vulnerability in the Operations, Administration, Maintenance and Pro ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-16016
RESERVED
CVE-2019-16015 (A vulnerability in the web-based management interface of the Cisco Dat ...)
@@ -71830,17 +71830,17 @@ CVE-2019-16011 (A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could
CVE-2019-16010 (A vulnerability in the web UI of the Cisco SD-WAN vManage software cou ...)
NOT-FOR-US: Cisco
CVE-2019-16009 (A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software c ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-16008 (A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and ...)
NOT-FOR-US: Cisco
CVE-2019-16007 (A vulnerability in the inter-service communication of Cisco AnyConnect ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-16006
RESERVED
CVE-2019-16005 (A vulnerability in the web-based management interface of Cisco Webex V ...)
NOT-FOR-US: Cisco
CVE-2019-16004 (A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signa ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-16003 (A vulnerability in the web-based management interface of Cisco UCS Dir ...)
NOT-FOR-US: Cisco
CVE-2019-16002 (A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-W ...)
@@ -71848,7 +71848,7 @@ CVE-2019-16002 (A vulnerability in the vManage web-based UI (web UI) of the Cisc
CVE-2019-16001 (A vulnerability in the loading mechanism of specific dynamic link libr ...)
NOT-FOR-US: Cisco
CVE-2019-16000 (A vulnerability in the automatic update process of Cisco Umbrella Roam ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15999 (A vulnerability in the application environment of Cisco Data Center Ne ...)
NOT-FOR-US: Cisco
CVE-2019-15998 (A vulnerability in the access-control logic of the NETCONF over Secure ...)
@@ -71862,9 +71862,9 @@ CVE-2019-15995 (A vulnerability in the web UI of Cisco DNA Spaces: Connector cou
CVE-2019-15994 (A vulnerability in the web-based management interface of Cisco Stealth ...)
NOT-FOR-US: Cisco
CVE-2019-15993 (A vulnerability in the web UI of Cisco Small Business Switches could a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15992 (A vulnerability in the implementation of the Lua interpreter integrate ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15991
RESERVED
CVE-2019-15990 (A vulnerability in the web-based management interface of certain Cisco ...)
@@ -71900,7 +71900,7 @@ CVE-2019-15976 (Multiple vulnerabilities in the authentication mechanisms of Cis
CVE-2019-15975 (Multiple vulnerabilities in the authentication mechanisms of Cisco Dat ...)
NOT-FOR-US: Cisco
CVE-2019-15974 (A vulnerability in the web interface of Cisco Managed Services Acceler ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15973 (A vulnerability in the web-based management interface of Cisco Industr ...)
NOT-FOR-US: Cisco
CVE-2019-15972 (A vulnerability in the web-based management interface of Cisco Unified ...)
@@ -71910,7 +71910,7 @@ CVE-2019-15971 (A vulnerability in the MP3 detection engine of Cisco AsyncOS Sof
CVE-2019-15970
RESERVED
CVE-2019-15969 (A vulnerability in the web-based management interface of Cisco Web Sec ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15968 (A vulnerability in the web-based management interface of Cisco Unified ...)
NOT-FOR-US: Cisco
CVE-2019-15967 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
@@ -71922,7 +71922,7 @@ CVE-2019-15965
CVE-2019-15964
RESERVED
CVE-2019-15963 (A vulnerability in the web-based management interface of Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15962 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
NOT-FOR-US: Cisco
CVE-2019-15961 (A vulnerability in the email parsing module Clam AntiVirus (ClamAV) So ...)
@@ -71934,11 +71934,11 @@ CVE-2019-15961 (A vulnerability in the email parsing module Clam AntiVirus (Clam
CVE-2019-15960 (A vulnerability in the Webex Network Recording Admin page of Cisco Web ...)
NOT-FOR-US: Cisco
CVE-2019-15959 (A vulnerability in Cisco Small Business SPA500 Series IP Phones could ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15958 (A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and ...)
NOT-FOR-US: Cisco
CVE-2019-15957 (A vulnerability in the web-based management interface of certain Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15956 (A vulnerability in the web management interface of Cisco AsyncOS Softw ...)
NOT-FOR-US: Cisco
CVE-2019-15955 (An issue was discovered in Total.js CMS 12.0.0. A low privilege user c ...)
@@ -73982,19 +73982,19 @@ CVE-2019-15294 (An issue was discovered in Gallagher Command Centre 8.10 before
CVE-2019-15293 (An issue was discovered in ACDSee Photo Studio Standard 22.1 Build 115 ...)
NOT-FOR-US: ACDSee
CVE-2019-15289 (Multiple vulnerabilities in the video service of Cisco TelePresence Co ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15288 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
NOT-FOR-US: Cisco
CVE-2019-15287 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15286 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
NOT-FOR-US: Cisco
CVE-2019-15285 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15284 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
NOT-FOR-US: Cisco
CVE-2019-15283 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15282 (A vulnerability in the web-based management interface of Cisco Identit ...)
NOT-FOR-US: Cisco
CVE-2019-15281 (A vulnerability in the web-based management interface of Cisco Identit ...)
@@ -114317,7 +114317,7 @@ CVE-2018-19933 (Bolt CMS <3.6.2 allows XSS via text input click preview butto
CVE-2019-1984 (A vulnerability in Cisco Enterprise Network Functions Virtualization I ...)
NOT-FOR-US: Cisco
CVE-2019-1983 (A vulnerability in the email message filtering feature of Cisco AsyncO ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1982 (A vulnerability in the HTTP traffic filtering component of Cisco Firep ...)
NOT-FOR-US: Cisco
CVE-2019-1981 (A vulnerability in the normalization functionality of Cisco Firepower ...)
@@ -114389,7 +114389,7 @@ CVE-2019-1949 (A vulnerability in the web-based management interface of Cisco Fi
CVE-2019-1948 (A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an un ...)
NOT-FOR-US: Cisco
CVE-2019-1947 (A vulnerability in the email message filtering feature of Cisco AsyncO ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1946 (A vulnerability in the web-based management interface of Cisco Enterpr ...)
NOT-FOR-US: Cisco
CVE-2019-1945 (Multiple vulnerabilities in the smart tunnel functionality of Cisco Ad ...)
@@ -114507,7 +114507,7 @@ CVE-2019-1890 (A vulnerability in the fabric infrastructure VLAN connection esta
CVE-2019-1889 (A vulnerability in the REST API for software device management in Cisc ...)
NOT-FOR-US: Cisco
CVE-2019-1888 (A vulnerability in the Administration Web Interface of Cisco Unified C ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1887 (A vulnerability in the Session Initiation Protocol (SIP) protocol impl ...)
NOT-FOR-US: Cisco
CVE-2019-1886 (A vulnerability in the HTTPS decryption feature of Cisco Web Security ...)
@@ -114835,7 +114835,7 @@ CVE-2019-1738 (A vulnerability in the Network-Based Application Recognition (NBA
CVE-2019-1737 (A vulnerability in the processing of IP Service Level Agreement (SLA) ...)
NOT-FOR-US: Cisco
CVE-2019-1736 (A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1735 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
NOT-FOR-US: Cisco
CVE-2019-1734 (A vulnerability in the implementation of a CLI diagnostic command in C ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea51679c350302e7b1b9d3d4092d7897b3c1964a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea51679c350302e7b1b9d3d4092d7897b3c1964a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200923/aa3b8282/attachment.html>
More information about the debian-security-tracker-commits
mailing list