diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2021-02-17 11:21:22 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-02-17 11:21:22 +0100 |
commit | 4e8be58a004d1e1b2eae410d91744132fe9b8e49 (patch) | |
tree | 63a921006f42a43475a563000b9748e730210d5a /data/CVE/2020.list | |
parent | f70f63207f83d706025d822625a33480b2874e87 (diff) |
NFUs
Diffstat (limited to 'data/CVE/2020.list')
-rw-r--r-- | data/CVE/2020.list | 46 |
1 files changed, 23 insertions, 23 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 7e2fcfe731..f7e1b40e62 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -3298,7 +3298,7 @@ CVE-2020-29459 CVE-2020-29458 (Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem. ...) NOT-FOR-US: Textpattern CMS CVE-2020-29457 (A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4. ...) - TODO: check + NOT-FOR-US: OPC UA .NET CVE-2020-29456 (Multiple cross-site scripting (XSS) vulnerabilities in Papermerge befo ...) NOT-FOR-US: Papermerge CVE-2020-29455 (A cross-Site Scripting (XSS) vulnerability in this.showInvalid and thi ...) @@ -4525,7 +4525,7 @@ CVE-2020-28920 CVE-2020-28919 RESERVED CVE-2020-28918 (DualShield 5.9.8.0821 allows username enumeration on its login form. A ...) - TODO: check + NOT-FOR-US: DualShield CVE-2020-28917 (An issue was discovered in the view_statistics (aka View frontend stat ...) NOT-FOR-US: TYPO3 extension CVE-2020-28916 (hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX desc ...) @@ -11530,15 +11530,15 @@ CVE-2020-25859 (The QCMAP_CLI utility in the Qualcomm QCMAP software suite prior CVE-2020-25858 (The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software suite prior ...) NOT-FOR-US: Qualcomm QCMAP CVE-2020-25857 (The function ClientEAPOLKeyRecvd() in the Realtek RTL8195A Wi-Fi Modul ...) - TODO: check + NOT-FOR-US: Realtek CVE-2020-25856 (The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module pri ...) - TODO: check + NOT-FOR-US: Realtek CVE-2020-25855 (The function AES_UnWRAP() in the Realtek RTL8195A Wi-Fi Module prior t ...) - TODO: check + NOT-FOR-US: Realtek CVE-2020-25854 (The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module pri ...) - TODO: check + NOT-FOR-US: Realtek CVE-2020-25853 (The function CheckMic() in the Realtek RTL8195A Wi-Fi Module prior to ...) - TODO: check + NOT-FOR-US: Realtek CVE-2020-25852 RESERVED CVE-2020-25851 @@ -12887,7 +12887,7 @@ CVE-2020-25342 CVE-2020-25341 RESERVED CVE-2020-25340 (An issue was discovered in NFStream 5.2.0. Because some allocated modu ...) - TODO: check + NOT-FOR-US: NFStream (not src:ndpi) CVE-2020-25339 RESERVED CVE-2020-25338 @@ -13783,7 +13783,7 @@ CVE-2020-24946 CVE-2020-24945 RESERVED CVE-2020-24944 (picoquic (before 3rd of July 2020) allows attackers to cause a denial ...) - TODO: check + NOT-FOR-US: picoquic CVE-2020-24943 RESERVED CVE-2020-24942 @@ -14014,9 +14014,9 @@ CVE-2020-24840 CVE-2020-24839 RESERVED CVE-2020-24838 (An integer overflow has been found in the the latest version of Issuer ...) - TODO: check + NOT-FOR-US: Issuer CVE-2020-24837 (An integer underflow has been found in the latest version of ZCFees. T ...) - TODO: check + NOT-FOR-US: ZCFees CVE-2020-24836 RESERVED CVE-2020-24835 @@ -16162,7 +16162,7 @@ CVE-2020-23851 CVE-2020-23850 RESERVED CVE-2020-23849 (Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 ...) - TODO: check + NOT-FOR-US: jsoneditor CVE-2020-23848 RESERVED CVE-2020-23847 @@ -19010,7 +19010,7 @@ CVE-2020-22427 (NagiosXI 5.6.11 is affected by a remote code execution (RCE) vul CVE-2020-22426 RESERVED CVE-2020-22425 (Centreon 19.10-3.el7 is affected by a SQL injection vulnerability, whe ...) - TODO: check + - centreon-web <itp> (bug #913903) CVE-2020-22424 RESERVED CVE-2020-22423 @@ -21513,7 +21513,7 @@ CVE-2020-21178 CVE-2020-21177 RESERVED CVE-2020-21176 (SQL injection vulnerability in the model.increment and model.decrement ...) - TODO: check + NOT-FOR-US: ThinkJS CVE-2020-21175 RESERVED CVE-2020-21174 @@ -26382,7 +26382,7 @@ CVE-2020-18752 CVE-2020-18751 RESERVED CVE-2020-18750 (Buffer overflow in pdf2json 0.69 allows local users to execute arbitra ...) - TODO: check + NOT-FOR-US: pdf2json CVE-2020-18749 RESERVED CVE-2020-18748 @@ -26408,7 +26408,7 @@ CVE-2020-18739 CVE-2020-18738 RESERVED CVE-2020-18737 (An issue was discovered in Typora 0.9.67. There is an XSS vulnerabilit ...) - TODO: check + NOT-FOR-US: Typora CVE-2020-18736 RESERVED CVE-2020-18735 @@ -32060,9 +32060,9 @@ CVE-2020-16048 CVE-2020-16047 RESERVED CVE-2020-16046 (Script injection in iOSWeb in Google Chrome on iOS prior to 84.0.4147. ...) - TODO: check + - chromium <not-affected> (Only affects Chrome on iOS) CVE-2020-16045 (Use after Free in Payments in Google Chrome on Android prior to 87.0.4 ...) - TODO: check + - chromium <not-affected> (Only affects Chrome on Android) CVE-2020-16044 (Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowe ...) {DSA-4846-1 DSA-4842-1 DSA-4827-1 DLA-2541-1 DLA-2521-1} - firefox 84.0.2-1 @@ -32838,7 +32838,7 @@ CVE-2020-15800 (A vulnerability has been identified in SCALANCE X-200 switch fam CVE-2020-15799 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...) NOT-FOR-US: Siemens CVE-2020-15798 (A vulnerability has been identified in SIMATIC HMI Comfort Panels (inc ...) - TODO: check + NOT-FOR-US: Siemens CVE-2020-15797 (A vulnerability has been identified in DCA Vantage Analyzer (All versi ...) NOT-FOR-US: DCA Vantage Analyzer CVE-2020-15796 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...) @@ -36176,7 +36176,7 @@ CVE-2020-14420 CVE-2020-14419 RESERVED CVE-2020-14418 (A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that al ...) - TODO: check + NOT-FOR-US: madCodeHook CVE-2020-14417 RESERVED CVE-2020-14415 (oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer ...) @@ -37167,7 +37167,7 @@ CVE-2020-14099 CVE-2020-14098 (The login verification can be bypassed by using the problem that the t ...) NOT-FOR-US: Xiaomi CVE-2020-14097 (Wrong nginx configuration, causing specific paths to be downloaded wit ...) - TODO: check + NOT-FOR-US: Xiaomi CVE-2020-14096 (Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen ...) NOT-FOR-US: Xiaomi CVE-2020-14095 (In Xiaomi router R3600, ROM version<1.0.20, a connect service suffe ...) @@ -37665,7 +37665,7 @@ CVE-2020-13924 CVE-2020-13923 (IDOR vulnerability in the order processing feature from ecommerce comp ...) NOT-FOR-US: Apache OFBiz CVE-2020-13922 (Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary ...) - TODO: check + NOT-FOR-US: Apache DolphinScheduler CVE-2020-13921 (**Resolved** Only when using H2/MySQL/TiDB as Apache SkyWalking storag ...) NOT-FOR-US: Apache SkyWalking CVE-2020-13920 (Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX ...) @@ -38553,7 +38553,7 @@ CVE-2020-13587 CVE-2020-13586 (A memory corruption vulnerability exists in the Excel Document SST Rec ...) NOT-FOR-US: SoftMaker CVE-2020-13585 (An out-of-bounds write vulnerability exists in the PSD Header processi ...) - TODO: check + NOT-FOR-US: AccuSoft CVE-2020-13584 (An exploitable use-after-free vulnerability exists in WebKitGTK browse ...) {DSA-4797-1} - webkit2gtk 2.30.3-1 |