[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Nov 18 21:48:52 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cd234df0 by Salvatore Bonaccorso at 2024-11-18T22:48:27+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -97,7 +97,7 @@ CVE-2024-51499 (MarkUs is a web application for the submission and grading of st
CVE-2024-50919 (Jpress until v5.1.1 has arbitrary file uploads on the windows platform ...)
NOT-FOR-US: Jpress
CVE-2024-48917 (PhpSpreadsheet is a PHP library for reading and writing spreadsheet fi ...)
- TODO: check
+ NOT-FOR-US: PhpSpreadsheet
CVE-2024-48901 (A vulnerability was found in Moodle. Additional checks are required to ...)
- moodle <removed>
CVE-2024-48898 (A vulnerability was found in Moodle. Users with access to delete audie ...)
@@ -113,7 +113,7 @@ CVE-2024-48293 (Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 a
CVE-2024-48292 (An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version ...)
NOT-FOR-US: QuickHeal Antivirus Pro
CVE-2024-47873 (PhpSpreadsheet is a PHP library for reading and writing spreadsheet fi ...)
- TODO: check
+ NOT-FOR-US: PhpSpreadsheet
CVE-2024-47820 (MarkUs, a web application for the submission and grading of student as ...)
NOT-FOR-US: MarkUs
CVE-2024-47533 (Cobbler, a Linux installation server that allows for rapid setup of ne ...)
@@ -127,25 +127,25 @@ CVE-2024-43416 (GLPI is a free asset and IT management software package. Startin
NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-j8gc-xpgr-2ww7
NOTE: https://github.com/glpi-project/glpi/commit/9be1466053f829680db318f7e7e5880d2d789c6d
CVE-2024-42392 (Improper Neutralization of Delimiters vulnerability in Cesanta Mongoos ...)
- TODO: check
+ NOT-FOR-US: Cesenta Mongoose
CVE-2024-42391 (Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose W ...)
- TODO: check
+ NOT-FOR-US: Cesenta Mongoose
CVE-2024-42390 (Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose W ...)
- TODO: check
+ NOT-FOR-US: Cesenta Mongoose
CVE-2024-42389 (Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose W ...)
- TODO: check
+ NOT-FOR-US: Cesenta Mongoose
CVE-2024-42388 (Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose W ...)
- TODO: check
+ NOT-FOR-US: Cesenta Mongoose
CVE-2024-42387 (Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose W ...)
- TODO: check
+ NOT-FOR-US: Cesenta Mongoose
CVE-2024-42386 (Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose W ...)
- TODO: check
+ NOT-FOR-US: Cesenta Mongoose
CVE-2024-42385 (Improper Neutralization of Delimiters vulnerability in Cesanta Mongoos ...)
- TODO: check
+ NOT-FOR-US: Cesenta Mongoose
CVE-2024-42384 (Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web S ...)
- TODO: check
+ NOT-FOR-US: Cesenta Mongoose
CVE-2024-42383 (Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose W ...)
- TODO: check
+ NOT-FOR-US: Cesenta Mongoose
CVE-2024-41974 (A low privileged remote attackermay modify the BACNet service properti ...)
NOT-FOR-US: WAGO
CVE-2024-41973 (A low privileged remote attacker canspecify an arbitrary file on the f ...)
@@ -171,17 +171,17 @@ CVE-2024-28058 (In RSA NetWitness (NW) Platform before 12.5.1, even when an admi
CVE-2024-11319 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2024-11318 (An IDOR (Insecure Direct Object Reference) vulnerability has been disc ...)
- TODO: check
+ NOT-FOR-US: AbsysNet
CVE-2024-11304 (Missing input validation in the SEH Computertechnik utnserver Pro, SEH ...)
- TODO: check
+ NOT-FOR-US: SEH Computertechnik
CVE-2024-11303 (The pathname of the root directory to a Restricted Directory ('Path Tr ...)
- TODO: check
+ NOT-FOR-US: Korenix JetPort
CVE-2024-11023 (Firebase JavaScript SDK utilizes a "FIREBASE_DEFAULTS" cookie to store ...)
TODO: check
CVE-2024-10390 (The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to un ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0012 (An authentication bypass in Palo Alto Networks PAN-OS software enables ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2023-49952 (Mastodon 4.1.x before 4.1.17 and 4.2.x before 4.2.9 allows a bypass of ...)
TODO: check
CVE-2024-5030 (The CM Table Of Contents WordPress plugin before 1.2.3 does not have ...)
@@ -202802,7 +202802,7 @@ CVE-2022-1886 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to
CVE-2022-1885 (The Cimy Header Image Rotator WordPress plugin through 6.1.1 does not ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1884 (A remote command execution vulnerability exists in gogs/gogs versions ...)
- TODO: check
+ NOT-FOR-US: Go Git Service
CVE-2022-1883 (SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2. ...)
NOT-FOR-US: camptocamp/terraboard
CVE-2022-1882 (A use-after-free flaw was found in the Linux kernel\u2019s pipes funct ...)
@@ -244269,7 +244269,7 @@ CVE-2022-20665 (A vulnerability in the CLI of Cisco StarOS could allow an authen
CVE-2022-20664 (A vulnerability in the web management interface of Cisco Secure Email ...)
NOT-FOR-US: Cisco
CVE-2022-20663 (A vulnerability in the web-based management interface of Cisco Se ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20662 (A vulnerability in the smart card login authentication of Cisco Duo fo ...)
NOT-FOR-US: Cisco
CVE-2022-20661 (Multiple vulnerabilities that affect Cisco Catalyst Digital Building S ...)
@@ -244281,25 +244281,25 @@ CVE-2022-20659 (A vulnerability in the web-based management interface of Cisco P
CVE-2022-20658 (A vulnerability in the web-based management interface of Cisco Unified ...)
NOT-FOR-US: Cisco
CVE-2022-20657 (A vulnerability in the web-based management interface of Cisco PI ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20656 (A vulnerability in the web-based management interface of Cisco PI ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20655 (A vulnerability in the implementation of the CLI on a device that is r ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20654 (A vulnerability in the web-based interface of Cisco Webex Meeting ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20653 (A vulnerability in the DNS-based Authentication of Named Entities (DAN ...)
NOT-FOR-US: Cisco
CVE-2022-20652 (A vulnerability in the web-based management interface and in the API s ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20651 (A vulnerability in the logging component of Cisco Adaptive Security De ...)
NOT-FOR-US: Cisco
CVE-2022-20650 (A vulnerability in the NX-API feature of Cisco NX-OS Software could al ...)
NOT-FOR-US: Cisco
CVE-2022-20649 (A vulnerability in Cisco RCM for Cisco StarOS Software could ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20648 (A vulnerability in a debug function for Cisco RCM for Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20647 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
CVE-2022-20646 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
@@ -244327,13 +244327,13 @@ CVE-2022-20636 (Multiple vulnerabilities in the web-based management interface o
CVE-2022-20635 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
CVE-2022-20634 (A vulnerability in the web-based management interface of Cisco EC ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20633 (A vulnerability in the web-based management interface of Cisco EC ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20632 (A vulnerability in the web-based management interface of Cisco EC ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20631 (A vulnerability in the web-based management interface of Cisco EC ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20630 (A vulnerability in the audit log of Cisco DNA Center could allow an au ...)
NOT-FOR-US: Cisco
CVE-2022-20629 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
@@ -244343,7 +244343,7 @@ CVE-2022-20628 (Multiple vulnerabilities in the web-based management interface o
CVE-2022-20627 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco Firepower
CVE-2022-20626 (A vulnerability in the web-based management interface of Cisco Pr ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2022-20625 (A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS ...)
NOT-FOR-US: Cisco
CVE-2022-20624 (A vulnerability in the Cisco Fabric Services over IP (CFSoIP) feature ...)
@@ -249271,7 +249271,7 @@ CVE-2021-3842 (nltk is vulnerable to Inefficient Regular Expression Complexity)
NOTE: https://huntr.dev/bounties/761a761e-2be2-430a-8d92-6f74ffe9866a/
NOTE: https://github.com/nltk/nltk/commit/2a50a3edc9d35f57ae42a921c621edc160877f4d (3.6.6)
CVE-2021-3841 (sylius/sylius versions prior to 1.9.10, 1.10.11, and 1.11.2 are vulner ...)
- TODO: check
+ NOT-FOR-US: sylius
CVE-2021-41829 (Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the ...)
NOT-FOR-US: Zoho ManageEngine
CVE-2021-41828 (Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded ...)
@@ -267136,13 +267136,13 @@ CVE-2021-34755 (Multiple vulnerabilities in the CLI of Cisco Firepower Threat De
CVE-2021-34754 (Multiple vulnerabilities in the payload inspection for Ethernet Indust ...)
NOT-FOR-US: Cisco
CVE-2021-34753 (A vulnerability in the payload inspection for Ethernet Industrial Prot ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34752 (A vulnerability in the CLI of Cisco FTD Software could allow an a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34751 (A vulnerability in the administrative web-based GUI configuration mana ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34750 (A vulnerability in the administrative web-based GUI configuration mana ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-34749 (A vulnerability in Server Name Identification (SNI) request filtering ...)
{DSA-5354-1 DLA-3317-1}
- snort <removed> (bug #1021276)
@@ -285755,13 +285755,13 @@ CVE-2021-27705 (Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.
CVE-2021-27704 (Appspace 6.2.4 is affected by Incorrect Access Control via the Appspac ...)
NOT-FOR-US: Appspace
CVE-2021-27703 (Sercomm Model Etisalat Model S3- AC2100 is affected by Cross Site Scri ...)
- TODO: check
+ NOT-FOR-US: Sercomm Model Etisalat Model S3- AC2100
CVE-2021-27702 (Sercomm Router Etisalat Model S3- AC2100 is affected by Incorrect Acce ...)
- TODO: check
+ NOT-FOR-US: Sercomm Router Etisalat Model S3- AC2100
CVE-2021-27701 (SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request For ...)
- TODO: check
+ NOT-FOR-US: SOCIFI Socifi Guest wifi as SAAS
CVE-2021-27700 (SOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure P ...)
- TODO: check
+ NOT-FOR-US: SOCIFI Socifi Guest wifi as SAAS
CVE-2021-27699
RESERVED
CVE-2021-27698 (RIOT-OS 2021.01 contains a buffer overflow vulnerability in /sys/net/g ...)
@@ -311965,7 +311965,7 @@ CVE-2021-1493 (A vulnerability in the web services interface of Cisco Adaptive S
CVE-2021-1492 (The Duo Authentication Proxy installer prior to 5.2.1 did not properly ...)
NOT-FOR-US: Duo Authentication Proxy
CVE-2021-1491 (A vulnerability in the web-based management interface of Cisco SD ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1490 (A vulnerability in the web-based management interface of Cisco AsyncOS ...)
NOT-FOR-US: Cisco
CVE-2021-1489 (A vulnerability in filesystem usage management for Cisco Firepower Dev ...)
@@ -311979,13 +311979,13 @@ CVE-2021-1486 (A vulnerability in Cisco SD-WAN vManage Software could allow an u
CVE-2021-1485 (A vulnerability in the CLI of Cisco IOS XR Software could allow an aut ...)
NOT-FOR-US: Cisco
CVE-2021-1484 (A vulnerability in the web UI of Cisco SD-WAN vManage Software co ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1483 (A vulnerability in the web UI of Cisco SD-WAN vManage Software co ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1482 (A vulnerability in the web-based management interface of Cisco SD ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1481 (A vulnerability in the web-based management interface of Cisco SD ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1480 (Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow ...)
NOT-FOR-US: Cisco
CVE-2021-1479 (Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow ...)
@@ -312007,7 +312007,7 @@ CVE-2021-1472 (Multiple vulnerabilities exist in the web-based management interf
CVE-2021-1471 (Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for ...)
NOT-FOR-US: Cisco
CVE-2021-1470 (A vulnerability in the web-based management interface of Cisco SD ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1469 (Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for ...)
NOT-FOR-US: Cisco
CVE-2021-1468 (Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow ...)
@@ -312015,17 +312015,17 @@ CVE-2021-1468 (Multiple vulnerabilities in Cisco SD-WAN vManage Software could a
CVE-2021-1467 (A vulnerability in Cisco Webex Meetings for Android could allow an aut ...)
NOT-FOR-US: Cisco
CVE-2021-1466 (A vulnerability in the vDaemon service of Cisco SD-WAN vManage So ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1465 (A vulnerability in the web-based management interface of Cisco SD-WAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1464 (A vulnerability in Cisco SD-WAN vManage Software could allow an a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1463 (A vulnerability in the web-based management interface of Cisco Unified ...)
NOT-FOR-US: Cisco
CVE-2021-1462 (A vulnerability in the CLI of Cisco SD-WAN vManage Software could ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1461 (A vulnerability in the Image Signature Verification feature of Cisco&n ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1460 (A vulnerability in the Cisco IOx Application Framework of Cisco 809 In ...)
NOT-FOR-US: Cisco
CVE-2021-1459 (A vulnerability in the web-based management interface of Cisco Small B ...)
@@ -312059,7 +312059,7 @@ CVE-2021-1446 (A vulnerability in the DNS application layer gateway (ALG) functi
CVE-2021-1445 (Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) So ...)
NOT-FOR-US: Cisco
CVE-2021-1444 (A vulnerability in the web services interface of Cisco Adaptive S ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1443 (A vulnerability in the web UI of Cisco IOS XE Software could allow an ...)
NOT-FOR-US: Cisco
CVE-2021-1442 (A vulnerability in a diagnostic command for the Plug-and-Play (PnP) su ...)
@@ -312067,7 +312067,7 @@ CVE-2021-1442 (A vulnerability in a diagnostic command for the Plug-and-Play (Pn
CVE-2021-1441 (A vulnerability in the hardware initialization routines of Cisco IOS X ...)
NOT-FOR-US: Cisco
CVE-2021-1440 (A vulnerability in the implementation of the Resource Public Key Infra ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1439 (A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco A ...)
NOT-FOR-US: Cisco
CVE-2021-1438 (A vulnerability in Cisco Wide Area Application Services (WAAS) Softwar ...)
@@ -312097,9 +312097,9 @@ CVE-2021-1427 (Multiple vulnerabilities in the install, uninstall, and upgrade p
CVE-2021-1426 (Multiple vulnerabilities in the install, uninstall, and upgrade proces ...)
NOT-FOR-US: Cisco
CVE-2021-1425 (A vulnerability in the web-based management interface of Cisco As ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1424 (A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1423 (A vulnerability in the implementation of a CLI command in Cisco Airone ...)
NOT-FOR-US: Cisco
CVE-2021-1422 (A vulnerability in the software cryptography module of Cisco Adaptive ...)
@@ -312127,7 +312127,7 @@ CVE-2021-1412 (Multiple vulnerabilities in the Admin portal of Cisco Identity Se
CVE-2021-1411 (Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for ...)
NOT-FOR-US: Cisco
CVE-2021-1410 (A vulnerability in the distribution list feature of Cisco Webex M ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1409 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
CVE-2021-1408 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
@@ -312195,7 +312195,7 @@ CVE-2021-1381 (A vulnerability in Cisco IOS XE Software could allow an authentic
CVE-2021-1380 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
CVE-2021-1379 (Multiple vulnerabilities in the Cisco Discovery Protocol and Link ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1378 (A vulnerability in the SSH service of the Cisco StarOS operating syste ...)
NOT-FOR-US: Cisco
CVE-2021-1377 (A vulnerability in Address Resolution Protocol (ARP) management of Cis ...)
@@ -312383,7 +312383,7 @@ CVE-2021-1287 (A vulnerability in the web-based management interface of Cisco RV
CVE-2021-1286 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
CVE-2021-1285 (Multiple Cisco products are affected by a vulnerability in the Et ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1284 (A vulnerability in the web-based messaging service interface of Cisco ...)
NOT-FOR-US: Cisco
CVE-2021-1283 (A vulnerability in the logging subsystem of Cisco Data Center Network ...)
@@ -312490,11 +312490,11 @@ CVE-2021-1236 (Multiple Cisco products are affected by a vulnerability in the Sn
CVE-2021-1235 (A vulnerability in the CLI of Cisco SD-WAN vManage Software could allo ...)
NOT-FOR-US: Cisco
CVE-2021-1234 (A vulnerability in the cluster management interface of Cisco SD-W ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1233 (A vulnerability in the CLI of Cisco SD-WAN Software could allow an aut ...)
NOT-FOR-US: Cisco
CVE-2021-1232 (A vulnerability in the web-based management interface of Cisco SD ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1231 (A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus ...)
NOT-FOR-US: Cisco
CVE-2021-1230 (A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus ...)
@@ -312698,7 +312698,7 @@ CVE-2021-1134 (A vulnerability in the Cisco Identity Services Engine (ISE) integ
CVE-2021-1133 (Multiple vulnerabilities in the REST API endpoint of Cisco Data Center ...)
NOT-FOR-US: Cisco
CVE-2021-1132 (A vulnerability in the API subsystem and in the web-management interfa ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2021-1131 (A vulnerability in the Cisco Discovery Protocol implementation for Cis ...)
NOT-FOR-US: Cisco
CVE-2021-1130 (A vulnerability in the web-based management interface of Cisco DNA Cen ...)
@@ -319054,7 +319054,7 @@ CVE-2020-27126 (A vulnerability in an API of Cisco Webex Meetings could allow an
CVE-2020-27125 (A vulnerability in Cisco Security Manager could allow an unauthenticat ...)
NOT-FOR-US: Cisco
CVE-2020-27124 (A vulnerability in the SSL/TLS handler of Cisco Adaptive Security ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-27123 (A vulnerability in the interprocess communication (IPC) channel of Cis ...)
NOT-FOR-US: Cisco
CVE-2020-27122 (A vulnerability in the Microsoft Active Directory integration of Cisco ...)
@@ -321605,13 +321605,13 @@ CVE-2020-26076 (A vulnerability in Cisco IoT Field Network Director (FND) could
CVE-2020-26075 (A vulnerability in the REST API of Cisco IoT Field Network Director (F ...)
NOT-FOR-US: Cisco
CVE-2020-26074 (A vulnerability in system file transfer functions of Cisco SD-WAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26073 (A vulnerability in the application data endpoints of Cisco SD-WAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26072 (A vulnerability in the SOAP API of Cisco IoT Field Network Director (F ...)
NOT-FOR-US: Cisco
CVE-2020-26071 (A vulnerability in the CLI of Cisco SD-WAN Software could allow a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26070 (A vulnerability in the ingress packet processing function of Cisco IOS ...)
NOT-FOR-US: Cisco
CVE-2020-26069
@@ -321619,17 +321619,17 @@ CVE-2020-26069
CVE-2020-26068 (A vulnerability in the xAPI service of Cisco Telepresence CE Software ...)
NOT-FOR-US: Cisco
CVE-2020-26067 (A vulnerability in the web-based interface of Cisco Webex Teams c ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26066 (A vulnerability in the web UI of Cisco SD-WAN vManage Software co ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26065 (A vulnerability in the web-based management interface of Cisco SD-WAN ...)
NOT-FOR-US: Cisco
CVE-2020-26064 (A vulnerability in the web UI of Cisco SD-WAN vManage Software could a ...)
NOT-FOR-US: Cisco
CVE-2020-26063 (A vulnerability in the API endpoints of Cisco Integrated Manageme ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26062 (A vulnerability in Cisco Integrated Management Controller could a ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-26088 (A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock. ...)
{DLA-2420-1 DLA-2385-1}
- linux 5.7.17-1
@@ -379020,7 +379020,7 @@ CVE-2020-3550 (A vulnerability in the sfmgr daemon of Cisco Firepower Management
CVE-2020-3549 (A vulnerability in the sftunnel functionality of Cisco Firepower Manag ...)
NOT-FOR-US: Cisco
CVE-2020-3548 (A vulnerability in the Transport Layer Security (TLS) protocol impleme ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3547 (A vulnerability in the web-based management interface of Cisco AsyncOS ...)
NOT-FOR-US: Cisco
CVE-2020-3546 (A vulnerability in the web-based management interface of Cisco AsyncOS ...)
@@ -379038,9 +379038,9 @@ CVE-2020-3541 (A vulnerability in the media engine component of Cisco Webex Meet
CVE-2020-3540
RESERVED
CVE-2020-3539 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3538 (A vulnerability in a certain REST API endpoint of Cisco Data Cent ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3537 (A vulnerability in Cisco Jabber for Windows software could allow an au ...)
NOT-FOR-US: Cisco
CVE-2020-3536 (A vulnerability in the web-based management interface of Cisco SD-WAN ...)
@@ -379052,7 +379052,7 @@ CVE-2020-3534
CVE-2020-3533 (A vulnerability in the Simple Network Management Protocol (SNMP) input ...)
NOT-FOR-US: Cisco
CVE-2020-3532 (A vulnerability in the web-based management interface of Cisco Un ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3531 (A vulnerability in the REST API of Cisco IoT Field Network Director (F ...)
NOT-FOR-US: Cisco
CVE-2020-3530 (A vulnerability in task group assignment for a specific CLI command in ...)
@@ -379066,7 +379066,7 @@ CVE-2020-3527 (A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Seri
CVE-2020-3526 (A vulnerability in the Common Open Policy Service (COPS) engine of Cis ...)
NOT-FOR-US: Cisco
CVE-2020-3525 (A vulnerability in the Admin portal of Cisco Identity Services En ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3524 (A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for ...)
NOT-FOR-US: Cisco
CVE-2020-3523 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
@@ -379257,7 +379257,7 @@ CVE-2020-3433 (A vulnerability in the interprocess communication (IPC) channel o
CVE-2020-3432
RESERVED
CVE-2020-3431 (A vulnerability in the web-based management interface of Cisco Sm ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3430 (A vulnerability in the application protocol handling features of Cisco ...)
NOT-FOR-US: Cisco
CVE-2020-3429 (A vulnerability in the WPA2 and WPA3 security implementation of Cisco ...)
@@ -379279,7 +379279,7 @@ CVE-2020-3422 (A vulnerability in the IP Service Level Agreement (SLA) responder
CVE-2020-3421 (Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco I ...)
NOT-FOR-US: Cisco
CVE-2020-3420 (A vulnerability in the web-based management interface of Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2020-3419 (A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Serve ...)
NOT-FOR-US: Cisco
CVE-2020-3418 (A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco ...)
@@ -510755,17 +510755,17 @@ CVE-2017-13316
CVE-2017-13315
RESERVED
CVE-2017-13314 (In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-13313 (In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-13312 (In createFromParcel of MediaCas.java, there is a possible parcel read/ ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-13311 (In the read() function of ProcessStats.java, there is a possible read/ ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-13310 (In createFromParcel of ViewPager.java, there is a possible read/write ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-13309 (In readEncryptedData of ConscryptEngine.java, there is a possible plai ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-13308
RESERVED
CVE-2017-13307 (A elevation of privilege vulnerability in the Upstream kernel pci sysf ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd234df0e895d7fd566d32a607aab35b72404772
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd234df0e895d7fd566d32a607aab35b72404772
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241118/c06261ff/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list