diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-10-26 21:36:41 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-10-26 21:36:41 +0100 |
commit | 651a523e427d9159f9f693da53868a9f2a2de7a4 (patch) | |
tree | 9a56772ce269ac06cf3be1e5935db6f41955ea5d /data | |
parent | eb2dad6d08422f7128cf43a3f018207ec79db66d (diff) |
Process NFUs
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/data/CVE/list b/data/CVE/list index 3c905f0129..2df1427cf9 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3683,7 +3683,7 @@ CVE-2020-26163 (BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host a CVE-2020-26162 (Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073 ...) NOT-FOR-US: Xerox CVE-2020-26161 (In Octopus Deploy through 2020.4.2, an attacker could redirect users t ...) - TODO: check + NOT-FOR-US: Octopus Deploy CVE-2020-26160 (jwt-go before 4.0.0-preview1 allows attackers to bypass intended acces ...) - golang-github-dgrijalva-jwt-go <unfixed> (bug #971556) NOTE: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515 @@ -5282,7 +5282,7 @@ CVE-2020-25472 CVE-2020-25471 RESERVED CVE-2020-25470 (AntSword 2.1.8.1 contains a cross-site scripting (XSS) vulnerability i ...) - TODO: check + NOT-FOR-US: AntSword CVE-2020-25469 RESERVED CVE-2020-25468 @@ -6255,7 +6255,7 @@ CVE-2020-25036 CVE-2020-25035 RESERVED CVE-2020-25034 (eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authentic ...) - TODO: check + NOT-FOR-US: eMPS CVE-2020-25033 (The Blubrry subscribe-sidebar (aka Subscribe Sidebar) plugin 1.3.1 for ...) NOT-FOR-US: Blubrry subscribe-sidebar (aka Subscribe Sidebar) plugin for WordPress CVE-2020-25032 (An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) ...) @@ -18956,7 +18956,7 @@ CVE-2020-18768 CVE-2020-18767 RESERVED CVE-2020-18766 (A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotel ...) - TODO: check + NOT-FOR-US: AntSword CVE-2020-18765 RESERVED CVE-2020-18764 @@ -25006,7 +25006,7 @@ CVE-2020-15899 (Grin 3.0.0 before 4.0.0 has insufficient validation of data rela CVE-2020-15898 RESERVED CVE-2020-15897 (Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23. ...) - TODO: check + NOT-FOR-US: Arista EOS CVE-2020-15896 (An authentication-bypass issue was discovered on D-Link DAP-1522 devic ...) NOT-FOR-US: D-Link CVE-2020-15895 (An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10 ...) @@ -32549,7 +32549,7 @@ CVE-2020-13102 CVE-2020-13101 (In OASIS Digital Signature Services (DSS) 1.0, an attacker can control ...) NOT-FOR-US: OASIS Digital Signature Services (DSS) CVE-2020-13100 (Arista’s CloudVision eXchange (CVX) server before 4.21.12M, 4.22 ...) - TODO: check + NOT-FOR-US: Arista CVE-2020-13099 RESERVED CVE-2020-13098 @@ -48875,7 +48875,7 @@ CVE-2020-7198 CVE-2020-7197 (SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreSe ...) TODO: check CVE-2020-7196 (The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Co ...) - TODO: check + NOT-FOR-US: HPE CVE-2020-7195 (A iccselectrules expression language injection remote code execution v ...) NOT-FOR-US: HPE Intelligent Management Center (iMC) CVE-2020-7194 (A perfaddormoddevicemonitor expression language injection remote code ...) @@ -49013,13 +49013,13 @@ CVE-2020-7129 CVE-2020-7128 RESERVED CVE-2020-7127 (A remote unauthenticated arbitrary code execution vulnerability was di ...) - TODO: check + NOT-FOR-US: Aruba CVE-2020-7126 (A remote server-side request forgery (ssrf) vulnerability was discover ...) - TODO: check + NOT-FOR-US: Aruba CVE-2020-7125 (A remote escalation of privilege vulnerability was discovered in Aruba ...) - TODO: check + NOT-FOR-US: Aruba CVE-2020-7124 (A remote unauthorized access vulnerability was discovered in Aruba Air ...) - TODO: check + NOT-FOR-US: Aruba CVE-2020-7123 RESERVED CVE-2020-7122 (Two memory corruption vulnerabilities in the Aruba CX Switches Series ...) @@ -49654,7 +49654,7 @@ CVE-2020-6878 CVE-2020-6877 RESERVED CVE-2020-6876 (A ZTE product is impacted by an XSS vulnerability. The vulnerability i ...) - TODO: check + NOT-FOR-US: ZTE CVE-2020-6875 (A ZTE product is impacted by the improper access control vulnerability ...) NOT-FOR-US: ZTE CVE-2020-6874 (A ZTE product is impacted by the cryptographic issues vulnerability. T ...) |