[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 23 21:18:07 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2faea283 by Salvatore Bonaccorso at 2020-09-23T22:17:34+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2666,11 +2666,11 @@ CVE-2020-24628
CVE-2020-24627
RESERVED
CVE-2020-24626 (Unathenticated directory traversal in the ReceiverServlet class doPost ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2020-24625 (Unathenticated directory traversal in the ReceiverServlet class doGet( ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2020-24624 (Unathenticated directory traversal in the DownloadServlet class execut ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2020-24623 (A potential security vulnerability has been identified in Hewlett Pack ...)
NOT-FOR-US: Hewlett Packard Enterprise Universal API Framework
CVE-2020-24622 (In Sonatype Nexus Repository 3.26.1, an S3 secret key can be exposed b ...)
@@ -19664,7 +19664,7 @@ CVE-2020-16246
CVE-2020-16245 (Advantech iView, Versions 5.7 and prior. The affected product is vulne ...)
NOT-FOR-US: Advantech
CVE-2020-16244 (GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for h ...)
- TODO: check
+ NOT-FOR-US: GE Digital APM Classic
CVE-2020-16243
RESERVED
CVE-2020-16242
@@ -19672,7 +19672,7 @@ CVE-2020-16242
CVE-2020-16241 (Philips SureSigns VS4, A.07.107 and prior. The software does not restr ...)
NOT-FOR-US: Philips SureSigns
CVE-2020-16240 (GE Digital APM Classic, Versions 4.4 and prior. An insecure direct obj ...)
- TODO: check
+ NOT-FOR-US: GE Digital APM Classic
CVE-2020-16239 (Philips SureSigns VS4, A.07.107 and prior. When an actor claims to hav ...)
NOT-FOR-US: Philips SureSigns
CVE-2020-16238
@@ -44213,9 +44213,9 @@ CVE-2020-7124
CVE-2020-7123
RESERVED
CVE-2020-7122 (Two memory corruption vulnerabilities in the Aruba CX Switches Series ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2020-7121 (Two memory corruption vulnerabilities in the Aruba CX Switches Series ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2020-7120
RESERVED
CVE-2020-7119 (A vulnerability exists in the Aruba Analytics and Location Engine (ALE ...)
@@ -51308,7 +51308,7 @@ CVE-2020-4342 (IBM Security Secret Server 10.7 could disclose sensitive informat
CVE-2020-4341 (IBM Security Secret Server 10.7 could allow a remote attacker to obtai ...)
NOT-FOR-US: IBM
CVE-2020-4340 (IBM Security Secret Server prior to 10.9 could allow an attacker to by ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4339
RESERVED
CVE-2020-4338 (IBM MQ 9.1.4 could allow a local attacker to obtain sensitive informat ...)
@@ -51340,7 +51340,7 @@ CVE-2020-4326
CVE-2020-4325 (The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0 ...)
NOT-FOR-US: IBM
CVE-2020-4324 (IBM Security Secret Server proir to 10.9 could allow a remote attacker ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4323 (IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. ...)
NOT-FOR-US: IBM
CVE-2020-4322 (IBM Security Secret Server 10.7 could allow a remote attacker to hijac ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2faea2839cd837d5a2f2ebde434c061bbac5b26c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2faea2839cd837d5a2f2ebde434c061bbac5b26c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200923/cdb8d2e0/attachment.html>
More information about the debian-security-tracker-commits
mailing list