diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-08-29 10:47:17 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-08-29 10:55:36 +0200 |
| commit | 4cd95de81fc759cc13f5574394ef4bda32ed6917 (patch) | |
| tree | da3bd6f092bc14ee210a3cdb3653cc3b0d0b7f32 | |
| parent | abdb23f28b4e339b07819a526352dd566505b256 (diff) | |
Process NFUs
| -rw-r--r-- | data/CVE/2012.list | 2 | ||||
| -rw-r--r-- | data/CVE/2019.list | 2 | ||||
| -rw-r--r-- | data/CVE/2020.list | 92 |
3 files changed, 48 insertions, 48 deletions
diff --git a/data/CVE/2012.list b/data/CVE/2012.list index 6e40ac454b..21749206b1 100644 --- a/data/CVE/2012.list +++ b/data/CVE/2012.list @@ -4660,7 +4660,7 @@ CVE-2012-4820 (Unspecified vulnerability in the JRE component in IBM Java 7 SR2 CVE-2012-4819 (Cross-site scripting (XSS) vulnerability in InfoSphere Business Glossa ...) NOT-FOR-US: IBM InfoSphere CVE-2012-4818 (IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remo ...) - TODO: check + NOT-FOR-US: IBM CVE-2012-4817 (The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS ...) NOT-FOR-US: IBM AIX, VIOS CVE-2012-4816 (IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows rem ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index b4c33b1b27..937f8f9436 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -5456,7 +5456,7 @@ CVE-2019-18848 (The json-jwt gem before 1.11.0 for Ruby lacks an element count d - ruby-json-jwt 1.11.0-1 (bug #944850) NOTE: https://github.com/nov/json-jwt/commit/ada16e772906efdd035e3df49cb2ae372f0f948a CVE-2019-18847 (Enterprise Access Client Auto-Updater allows for Remote Code Execution ...) - TODO: check + NOT-FOR-US: Akamai / Enterprise Access Client Auto-Updater CVE-2019-18846 (OX App Suite through 7.10.2 allows SSRF. ...) NOT-FOR-US: OX App Suite CVE-2019-18845 (The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 ...) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 0dc7d65304..cc00781d3e 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -20280,7 +20280,7 @@ CVE-2020-15161 CVE-2020-15160 RESERVED CVE-2020-15159 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) a ...) - TODO: check + NOT-FOR-US: baserCMS CVE-2020-15158 (In libIEC61850 before version 1.4.3, when a message with COTP message ...) NOT-FOR-US: libIEC61850 CVE-2020-15157 @@ -20288,9 +20288,9 @@ CVE-2020-15157 CVE-2020-15156 (In nodebb-plugin-blog-comments before version 0.7.0, a logged in user ...) NOT-FOR-US: nodebb-plugin-blog-comments CVE-2020-15155 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: baserCMS CVE-2020-15154 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) v ...) - TODO: check + NOT-FOR-US: baserCMS CVE-2020-15153 RESERVED CVE-2020-15152 (ftp-srv versions 1.0.0 through 4.3.3 are vulnerable to Server-Side Req ...) @@ -22921,7 +22921,7 @@ CVE-2020-14044 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request CVE-2020-14043 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Side Request Forgery ...) NOT-FOR-US: Codiad CVE-2020-14042 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Site Scripting (XSS) ...) - TODO: check + NOT-FOR-US: Codiad CVE-2020-14041 RESERVED CVE-2020-14040 (The x/text package before 0.3.3 for Go has a vulnerability in encoding ...) @@ -31880,9 +31880,9 @@ CVE-2020-10520 CVE-2020-10519 RESERVED CVE-2020-10518 (A remote code execution vulnerability was identified in GitHub Enterpr ...) - TODO: check + NOT-FOR-US: GitHub Enterprise Server CVE-2020-10517 (An improper access control vulnerability was identified in GitHub Ente ...) - TODO: check + NOT-FOR-US: GitHub Enterprise Server CVE-2020-10516 (An improper access control vulnerability was identified in the GitHub ...) NOT-FOR-US: GitHub Enterprise Server API CVE-2020-10515 (STARFACE UCC Client before 6.7.1.204 on WIndows allows binary planting ...) @@ -34665,7 +34665,7 @@ CVE-2020-9300 CVE-2020-9299 RESERVED CVE-2020-9298 (The Spinnaker template resolution functionality is vulnerable to Serve ...) - TODO: check + NOT-FOR-US: Spinnaker CVE-2020-9297 (Netflix Titus, all versions prior to version v0.1.1-rc.274, uses Java ...) NOT-FOR-US: Netflix Titus CVE-2020-9296 (Netflix Titus uses Java Bean Validation (JSR 380) custom constraint va ...) @@ -38266,7 +38266,7 @@ CVE-2020-7707 (The package property-expr before 2.0.3 are vulnerable to Prototyp CVE-2020-7706 (The package connie-lang before 0.1.1 are vulnerable to Prototype Pollu ...) NOT-FOR-US: Node connie-lang CVE-2020-7705 (This affects the package MintegralAdSDK from 0.0.0. The SDK distribute ...) - TODO: check + NOT-FOR-US: MintegralAdSDK CVE-2020-7704 (The package linux-cmdline before 1.0.1 are vulnerable to Prototype Pol ...) NOT-FOR-US: Node linux-cmdline CVE-2020-7703 (All versions of package nis-utils are vulnerable to Prototype Pollutio ...) @@ -38969,9 +38969,9 @@ CVE-2020-7379 CVE-2020-7378 RESERVED CVE-2020-7377 (The Metasploit Framework module "auxiliary/admin/http/telpho10_credent ...) - TODO: check + NOT-FOR-US: Metasploit Framework module CVE-2020-7376 (The Metasploit Framework module "post/osx/gather/enum_osx module" is a ...) - TODO: check + NOT-FOR-US: Metasploit Framework module CVE-2020-7375 RESERVED CVE-2020-7374 (Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scan ...) @@ -39105,7 +39105,7 @@ CVE-2020-7311 CVE-2020-7310 (Privilege Escalation vulnerability in the installer in McAfee McAfee T ...) NOT-FOR-US: McAfee CVE-2020-7309 (Cross Site Scripting vulnerability in ePO extension in McAfee Applicat ...) - TODO: check + NOT-FOR-US: McAfee CVE-2020-7308 RESERVED CVE-2020-7307 (Unprotected Storage of Credentials vulnerability in McAfee Data Loss P ...) @@ -40764,7 +40764,7 @@ CVE-2020-6639 CVE-2020-6638 (Grin through 2.1.1 has Insufficient Validation. ...) NOT-FOR-US: Grin CVE-2020-6637 (openSIS Community Edition version 7.3 is vulnerable to SQL injection v ...) - TODO: check + NOT-FOR-US: openSIS CVE-2020-6636 RESERVED CVE-2020-6635 @@ -43315,15 +43315,15 @@ CVE-2020-5627 CVE-2020-5626 RESERVED CVE-2020-5625 (Cross-site scripting vulnerability in XooNIps 3.48 and earlier allows ...) - TODO: check + NOT-FOR-US: XooNIps CVE-2020-5624 (SQL injection vulnerability in the XooNIps 3.48 and earlier allows rem ...) - TODO: check + NOT-FOR-US: XooNIps CVE-2020-5623 (NITORI App for Android versions 6.0.4 and earlier and NITORI App for i ...) - TODO: check + NOT-FOR-US: NITORI App for Android and iOS CVE-2020-5622 RESERVED CVE-2020-5621 (Cross-site request forgery (CSRF) vulnerability in NETGEAR switching h ...) - TODO: check + NOT-FOR-US: Netgear CVE-2020-5620 (Cross-site scripting vulnerability in Exment prior to v3.6.0 allows re ...) NOT-FOR-US: Exment CVE-2020-5619 (Cross-site scripting vulnerability in Exment prior to v3.6.0 allows re ...) @@ -47814,19 +47814,19 @@ CVE-2020-3525 CVE-2020-3524 RESERVED CVE-2020-3523 (A vulnerability in the web-based management interface of Cisco Data Ce ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3522 (A vulnerability in the web-based management interface of Cisco Data Ce ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3521 (A vulnerability in a specific REST API of Cisco Data Center Network Ma ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3520 (A vulnerability in Cisco Data Center Network Manager (DCNM) Software c ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3519 (A vulnerability in a specific REST API method of Cisco Data Center Net ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3518 (A vulnerability in the web-based management interface of Cisco Data Ce ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3517 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS S ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3516 RESERVED CVE-2020-3515 @@ -47846,13 +47846,13 @@ CVE-2020-3509 CVE-2020-3508 RESERVED CVE-2020-3507 (Multiple vulnerabilities in the Cisco Discovery Protocol implementatio ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3506 (Multiple vulnerabilities in the Cisco Discovery Protocol implementatio ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3505 (A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveil ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3504 (A vulnerability in the local management (local-mgmt) CLI of Cisco UCS ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3503 RESERVED CVE-2020-3502 (Multiple vulnerabilities in the user interface of Cisco Webex Meetings ...) @@ -47868,7 +47868,7 @@ CVE-2020-3498 CVE-2020-3497 RESERVED CVE-2020-3496 (A vulnerability in the IPv6 packet processing engine of Cisco Small Bu ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3495 RESERVED CVE-2020-3494 @@ -47878,9 +47878,9 @@ CVE-2020-3493 CVE-2020-3492 RESERVED CVE-2020-3491 (A vulnerability in the web-based management interface of Cisco Vision ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3490 (A vulnerability in the web-based management interface of Cisco Vision ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3489 RESERVED CVE-2020-3488 @@ -47890,9 +47890,9 @@ CVE-2020-3487 CVE-2020-3486 RESERVED CVE-2020-3485 (A vulnerability in the role-based access control (RBAC) functionality ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3484 (A vulnerability in the web-based management interface of Cisco Vision ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3483 RESERVED CVE-2020-3482 @@ -47931,7 +47931,7 @@ CVE-2020-3468 (A vulnerability in the web-based management interface of Cisco SD CVE-2020-3467 RESERVED CVE-2020-3466 (Multiple vulnerabilities in the web-based management interface of Cisc ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3465 RESERVED CVE-2020-3464 (A vulnerability in the web-based management interface of Cisco UCS Dir ...) @@ -47955,7 +47955,7 @@ CVE-2020-3456 CVE-2020-3455 RESERVED CVE-2020-3454 (A vulnerability in the Call Home feature of Cisco NX-OS Software could ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3453 RESERVED CVE-2020-3452 (A vulnerability in the web services interface of Cisco Adaptive Securi ...) @@ -47971,21 +47971,21 @@ CVE-2020-3448 (A vulnerability in an access control mechanism of Cisco Cyber Vis CVE-2020-3447 (A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security A ...) NOT-FOR-US: Cisco CVE-2020-3446 (A vulnerability in Cisco Virtual Wide Area Application Services (vWAAS ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3445 RESERVED CVE-2020-3444 RESERVED CVE-2020-3443 (A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3442 (The DuoConnect client enables users to establish SSH connections to ho ...) NOT-FOR-US: DuoConnect CVE-2020-3441 RESERVED CVE-2020-3440 (A vulnerability in Cisco Webex Meetings Desktop App for Windows could ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3439 (A vulnerability in the web-based management interface of Cisco Data Ce ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3438 RESERVED CVE-2020-3437 (A vulnerability in the web-based management interface of Cisco SD-WAN ...) @@ -48033,7 +48033,7 @@ CVE-2020-3417 CVE-2020-3416 RESERVED CVE-2020-3415 (A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Sof ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3414 RESERVED CVE-2020-3413 (A vulnerability in the scheduled meeting template feature of Cisco Web ...) @@ -48067,15 +48067,15 @@ CVE-2020-3400 CVE-2020-3399 RESERVED CVE-2020-3398 (A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MV ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3397 (A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MV ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3396 RESERVED CVE-2020-3395 RESERVED CVE-2020-3394 (A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Serie ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3393 RESERVED CVE-2020-3392 @@ -48085,7 +48085,7 @@ CVE-2020-3391 (A vulnerability in Cisco Digital Network Architecture (DNA) Cente CVE-2020-3390 RESERVED CVE-2020-3389 (A vulnerability in the installation component of Cisco Hyperflex HX-Se ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3388 (A vulnerability in the CLI of Cisco SD-WAN vManage Software could allo ...) NOT-FOR-US: Cisco CVE-2020-3387 (A vulnerability in Cisco SD-WAN vManage Software could allow an authen ...) @@ -48194,7 +48194,7 @@ CVE-2020-3340 (Multiple vulnerabilities in the web-based management interface of CVE-2020-3339 (A vulnerability in the web-based management interface of Cisco Prime I ...) NOT-FOR-US: Cisco CVE-2020-3338 (A vulnerability in the Protocol Independent Multicast (PIM) feature fo ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3337 (A vulnerability in the web server of Cisco Umbrella could allow an una ...) NOT-FOR-US: Cisco CVE-2020-3336 (A vulnerability in the software upgrade process of Cisco TelePresence ...) @@ -48571,9 +48571,9 @@ CVE-2020-3154 (A vulnerability in the web UI of Cisco Cloud Web Security (CWS) c CVE-2020-3153 (A vulnerability in the installer component of Cisco AnyConnect Secure ...) NOT-FOR-US: Cisco CVE-2020-3152 (A vulnerability in Cisco Connected Mobile Experiences (CMX) could allo ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3151 (A vulnerability in the CLI of Cisco Connected Mobile Experiences (CMX) ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3150 (A vulnerability in the web-based management interface of Cisco Small B ...) NOT-FOR-US: Cisco CVE-2020-3149 (A vulnerability in the web-based management interface of Cisco Identit ...) |