diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-02-16 21:28:48 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-02-16 21:28:48 +0100 |
commit | 76ad741f29a00c7b7b730a22e94d17fc22588418 (patch) | |
tree | cf14c1cecb1dbe7f8c7d917e73576f13244c9ae9 /data/CVE/2020.list | |
parent | 34a6a5274c7df3581842ef7a8ed8103b46462eea (diff) |
Process some NFUs
Diffstat (limited to 'data/CVE/2020.list')
-rw-r--r-- | data/CVE/2020.list | 114 |
1 files changed, 57 insertions, 57 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 9338c99a91..0d83f025bf 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1594,33 +1594,33 @@ CVE-2020-35573 (srs2.c in PostSRSd before 1.10 allows remote attackers to cause [buster] - postsrsd 1.5-2+deb10u1 NOTE: https://github.com/roehling/postsrsd/commit/4733fb11f6bec6524bb8518c5e1a699288c26bac (1.10) CVE-2020-35570 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35569 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35568 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35567 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35566 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35565 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35564 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35563 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35562 RESERVED CVE-2020-35561 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35560 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35559 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35558 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35557 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...) - TODO: check + NOT-FOR-US: MB CONNECT CVE-2020-35556 RESERVED CVE-2020-35555 (An issue was discovered on LG mobile devices with Android OS 10 softwa ...) @@ -4232,17 +4232,17 @@ CVE-2020-29029 CVE-2020-29028 RESERVED CVE-2020-29027 (Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager ...) - TODO: check + NOT-FOR-US: Secomea CVE-2020-29026 (A directory traversal vulnerability exists in the file upload function ...) NOT-FOR-US: GateManager CVE-2020-29025 (A vulnerability in SiteManager-Embedded (SM-E) Web server which may al ...) - TODO: check + NOT-FOR-US: Secomea CVE-2020-29024 (Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerabi ...) - TODO: check + NOT-FOR-US: Secomea CVE-2020-29023 (Improper Encoding or Escaping of Output from CSV Report Generator of S ...) - TODO: check + NOT-FOR-US: Secomea CVE-2020-29022 (Failure to Sanitize host header value on output in the GateManager Web ...) - TODO: check + NOT-FOR-US: Secomea CVE-2020-29021 (A vulnerability in web UI input field of GateManager allows authentica ...) NOT-FOR-US: GateManager CVE-2020-29020 @@ -12578,7 +12578,7 @@ CVE-2020-25495 (A reflected Cross-site scripting (XSS) vulnerability in Xinuo (f CVE-2020-25494 (Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute ...) NOT-FOR-US: Xinuo SCO Openserver CVE-2020-25493 (Oclean Mobile Application 2.1.2 communicates with an external website ...) - TODO: check + NOT-FOR-US: Oclean Mobile Application CVE-2020-25492 RESERVED CVE-2020-25491 @@ -14008,7 +14008,7 @@ CVE-2020-24843 CVE-2020-24842 (PNPSCADA 2.200816204020 allows cross-site scripting (XSS), which can e ...) NOT-FOR-US: PNPSCADA CVE-2020-24841 (PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in ...) - TODO: check + NOT-FOR-US: PNPSCADA CVE-2020-24840 RESERVED CVE-2020-24839 @@ -26450,13 +26450,13 @@ CVE-2020-18718 CVE-2020-18717 (SQL Injection in ZZZCMS zzzphp 1.7.1 allows remote attackers to execut ...) NOT-FOR-US: ZZZCMS CVE-2020-18716 (SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privile ...) - TODO: check + NOT-FOR-US: Rockoa CVE-2020-18715 REJECTED CVE-2020-18714 (SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privile ...) - TODO: check + NOT-FOR-US: Rockoa CVE-2020-18713 (SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privile ...) - TODO: check + NOT-FOR-US: Rockoa CVE-2020-18712 RESERVED CVE-2020-18711 @@ -27452,7 +27452,7 @@ CVE-2020-18217 CVE-2020-18216 RESERVED CVE-2020-18215 (Multiple SQL Injection vulnerabilities in PHPSHE 1.7 in phpshe/admin.p ...) - TODO: check + NOT-FOR-US: PHPSHE CVE-2020-18214 RESERVED CVE-2020-18213 @@ -29084,43 +29084,43 @@ CVE-2020-17437 (An issue was discovered in uIP 1.0, as used in Contiki 3.0 and o NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ NOTE: Adressed upstream in 2.1.3 release CVE-2020-17436 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17435 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17434 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17433 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17432 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17431 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17430 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17429 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17428 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17427 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17426 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17425 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17424 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17423 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17422 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17421 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17420 (This vulnerability allows remote attackers to disclose sensitive infor ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17419 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17418 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: Foxit CVE-2020-17417 (This vulnerability allows remote attackers to execute arbitrary code o ...) NOT-FOR-US: Foxit Reader CVE-2020-17416 (This vulnerability allows remote attackers to execute arbitrary code o ...) @@ -30727,7 +30727,7 @@ CVE-2020-16631 CVE-2020-16630 RESERVED CVE-2020-16629 (PhpOK 5.4.137 contains a SQL injection vulnerability that can inject a ...) - TODO: check + NOT-FOR-US: PhpOK CVE-2020-16628 RESERVED CVE-2020-16627 @@ -31709,7 +31709,7 @@ CVE-2020-16196 CVE-2020-16195 RESERVED CVE-2020-16194 (An Insecure Direct Object Reference (IDOR) vulnerability was found in ...) - TODO: check + NOT-FOR-US: Prestashop Opart devis CVE-2020-16193 (osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.ph ...) NOT-FOR-US: osTicket CVE-2020-16192 (LimeSurvey 4.3.2 allows reflected XSS because application/controllers/ ...) @@ -38551,7 +38551,7 @@ CVE-2020-13588 CVE-2020-13587 RESERVED CVE-2020-13586 (A memory corruption vulnerability exists in the Excel Document SST Rec ...) - TODO: check + NOT-FOR-US: SoftMaker CVE-2020-13585 (An out-of-bounds write vulnerability exists in the PSD Header processi ...) TODO: check CVE-2020-13584 (An exploitable use-after-free vulnerability exists in WebKitGTK browse ...) @@ -38566,11 +38566,11 @@ CVE-2020-13583 (A denial-of-service vulnerability exists in the HTTP Server func CVE-2020-13582 (A denial-of-service vulnerability exists in the HTTP Server functional ...) TODO: check CVE-2020-13581 (In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1 ...) - TODO: check + NOT-FOR-US: SoftMaker CVE-2020-13580 (An exploitable heap-based buffer overflow vulnerability exists in the ...) - TODO: check + NOT-FOR-US: SoftMaker CVE-2020-13579 (An exploitable integer overflow vulnerability exists in the PlanMaker ...) - TODO: check + NOT-FOR-US: SoftMaker CVE-2020-13578 (A denial-of-service vulnerability exists in the WS-Security plugin fun ...) TODO: check CVE-2020-13577 (A denial-of-service vulnerability exists in the WS-Security plugin fun ...) @@ -38640,7 +38640,7 @@ CVE-2020-13548 (In Foxit Reader 10.1.0.37527, a specially crafted PDF document c CVE-2020-13547 (A type confusion vulnerability exists in the JavaScript engine of Foxi ...) NOT-FOR-US: Foxit CVE-2020-13546 (In SoftMaker Software GmbH SoftMaker Office TextMaker 2021 (revision 1 ...) - TODO: check + NOT-FOR-US: SoftMaker CVE-2020-13545 (An exploitable signed conversion vulnerability exists in the TextMaker ...) NOT-FOR-US: SoftMaker CVE-2020-13544 (An exploitable sign extension vulnerability exists in the TextMaker do ...) @@ -39660,7 +39660,7 @@ CVE-2020-13119 (ismartgate PRO 1.5.9 is vulnerable to clickjacking. ...) CVE-2020-13118 (An issue was discovered in Mikrotik-Router-Monitoring-System through 2 ...) NOT-FOR-US: Mikrotik-Router-Monitoring-System CVE-2020-13117 (Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthent ...) - TODO: check + NOT-FOR-US: Wavlink WN575A4 and WN579X3 devices CVE-2020-13116 (OpenText Carbonite Server Backup Portal before 8.8.7 allows XSS by an ...) NOT-FOR-US: OpenText Carbonite Server Backup Portal CVE-2020-13115 @@ -42721,7 +42721,7 @@ CVE-2020-11922 CVE-2020-11921 RESERVED CVE-2020-11920 (An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3. ...) - TODO: check + NOT-FOR-US: Svakom Siime Eye CVE-2020-11919 RESERVED CVE-2020-11918 @@ -42731,7 +42731,7 @@ CVE-2020-11917 CVE-2020-11916 RESERVED CVE-2020-11915 (An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3. ...) - TODO: check + NOT-FOR-US: Svakom Siime Eye CVE-2020-11914 (The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read. ...) NOT-FOR-US: Treck TCP/IP stack / Cisco CVE-2020-11913 (The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. ...) @@ -45924,7 +45924,7 @@ CVE-2020-10736 (An authorization bypass vulnerability was found in Ceph versions CVE-2020-10735 RESERVED CVE-2020-10734 (A vulnerability was found in keycloak in the way that the OIDC logout ...) - TODO: check + NOT-FOR-US: Keycloak CVE-2020-10733 (The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided ...) - postgresql-12 <not-affected> (Windows-specific) - postgresql-11 <not-affected> (Windows-specific) @@ -49346,7 +49346,7 @@ CVE-2020-9308 (archive_read_support_format_rar5.c in libarchive before 3.4.2 att NOTE: https://github.com/libarchive/libarchive/pull/1326 NOTE: https://github.com/libarchive/libarchive/commit/94821008d6eea81e315c5881cdf739202961040a CVE-2020-9307 (Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a deni ...) - TODO: check + NOT-FOR-US: Hirschmann OS2, RSP, and RSPE devices CVE-2020-9306 RESERVED CVE-2020-9305 @@ -51519,7 +51519,7 @@ CVE-2020-8357 CVE-2020-8356 RESERVED CVE-2020-8355 (An internal product security audit of Lenovo XClarity Administrator (L ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2020-8354 (A potential vulnerability in the SMI callback function used in the Var ...) NOT-FOR-US: Lenovo CVE-2020-8353 (Prior to August 10, 2020, some Lenovo Desktop and Workstation systems ...) @@ -66871,7 +66871,7 @@ CVE-2020-1719 CVE-2020-1718 (A flaw was found in the reset credential flow in all Keycloak versions ...) NOT-FOR-US: Keycloak CVE-2020-1717 (A flaw was found in Keycloak 7.0.1. A logged in user can do an account ...) - TODO: check + NOT-FOR-US: Keycloak CVE-2020-1716 RESERVED NOT-FOR-US: ceph-ansible |