diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-13 21:25:42 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-13 21:25:42 +0100 |
commit | 47d160f5aa400ad4d43a8f855ab19e181f923c67 (patch) | |
tree | d22d224df3dfda7209a577b0aa5e1b997df8336b /data/CVE | |
parent | 8833b55ff6387d224826a549134adc88903c289b (diff) |
Process several NFUs
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2009.list | 4 | ||||
-rw-r--r-- | data/CVE/2011.list | 4 | ||||
-rw-r--r-- | data/CVE/2012.list | 10 | ||||
-rw-r--r-- | data/CVE/2013.list | 18 | ||||
-rw-r--r-- | data/CVE/2014.list | 18 | ||||
-rw-r--r-- | data/CVE/2015.list | 2 | ||||
-rw-r--r-- | data/CVE/2019.list | 2 | ||||
-rw-r--r-- | data/CVE/2020.list | 106 |
8 files changed, 82 insertions, 82 deletions
diff --git a/data/CVE/2009.list b/data/CVE/2009.list index 83e00a8f84..d931e76ccf 100644 --- a/data/CVE/2009.list +++ b/data/CVE/2009.list @@ -70,9 +70,9 @@ CVE-2009-5142 (Cross-site scripting (XSS) vulnerability in timthumb.php in TimTh CVE-2009-5141 (Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 all ...) NOT-FOR-US: War FTP Daemon CVE-2009-5140 (The SIP implementation on the Linksys SPA2102 phone adapter provides h ...) - TODO: check + NOT-FOR-US: Linksys CVE-2009-5139 (The SIP implementation on the Gizmo5 software phone provides hashed cr ...) - TODO: check + NOT-FOR-US: Gizmo5 CVE-2009-5138 (GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag ...) - gnutls26 2.7.12-1 - gnutls28 <not-affected> (Only affects versions before 2.7.6) diff --git a/data/CVE/2011.list b/data/CVE/2011.list index 405a17eae3..93c797b60c 100644 --- a/data/CVE/2011.list +++ b/data/CVE/2011.list @@ -1520,7 +1520,7 @@ CVE-2011-4663 CVE-2011-4662 RESERVED CVE-2011-4661 (A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-4660 RESERVED CVE-2011-4659 (Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phon ...) @@ -3417,7 +3417,7 @@ CVE-2011-3903 (Google Chrome before 16.0.912.63 does not properly perform regex CVE-2011-3902 RESERVED CVE-2011-3901 (Android SQLite Journal before 4.0.1 has an information disclosure vuln ...) - TODO: check + NOT-FOR-US: Android SQLite Journal CVE-2011-3900 (Google V8, as used in Google Chrome before 15.0.874.121, allows remote ...) - chromium-browser 15.0.874.121~r109964-1 - webkit <not-affected> (Chrome issue) diff --git a/data/CVE/2012.list b/data/CVE/2012.list index bb1968f515..6161af4c75 100644 --- a/data/CVE/2012.list +++ b/data/CVE/2012.list @@ -1575,7 +1575,7 @@ CVE-2012-6093 (The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x befo CVE-2012-6092 (Multiple cross-site scripting (XSS) vulnerabilities in the web demos i ...) - activemq <not-affected> (Example code not shipped in .deb) CVE-2012-6091 (Zend_XmlRpc Class in Magento before 1.7.0.2 contains an information di ...) - TODO: check + NOT-FOR-US: Magento CVE-2012-6090 (Multiple stack-based buffer overflows in the expand function in os/pl- ...) - swi-prolog 5.10.4-5 (low; bug #697416) [squeeze] - swi-prolog 5.10.1-1+squeeze1 @@ -2288,7 +2288,7 @@ CVE-2012-5829 (Heap-based buffer overflow in the nsWindow::OnExposeEvent functio - icedove 10.0.11-1 - iceape 2.7.11-1 CVE-2012-5828 (BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerabi ...) - TODO: check + NOT-FOR-US: BlackBerry PlayBook CVE-2012-5827 (Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attack ...) NOT-FOR-US: Joomla! CVE-2012-5826 @@ -10407,7 +10407,7 @@ CVE-2012-2519 (Untrusted search path vulnerability in Entity Framework in ADO.NE CVE-2012-2518 REJECTED CVE-2012-2517 (Cross-site scripting (XSS) vulnerability in PrestaShop before 1.4.9 al ...) - TODO: check + NOT-FOR-US: PrestaShop CVE-2012-2516 (An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the ...) NOT-FOR-US: KeyWorks not in Debian CVE-2012-2515 (Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX ...) @@ -11697,7 +11697,7 @@ CVE-2012-1996 (Unspecified vulnerability in HP Systems Insight Manager (SIM) bef CVE-2012-1995 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7 ...) NOT-FOR-US: HP Systems Insight Manager CVE-2012-1994 (HP Systems Insight Manager before 7.0 allows a remote user on adjacent ...) - TODO: check + NOT-FOR-US: HP Systems Insight Manager CVE-2012-1993 (Unspecified vulnerability in HP System Management Homepage (SMH) befor ...) NOT-FOR-US: HP System Management Homepage CVE-2012-1992 (Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS ...) @@ -11998,7 +11998,7 @@ CVE-2012-1905 CVE-2012-1904 (mp4fformat.dll in the QuickTime File Format plugin in RealNetworks Rea ...) NOT-FOR-US: RealPlayer CVE-2012-1903 (XSS in Telligent Community 5.6.583.20496 via a flash file and related ...) - TODO: check + NOT-FOR-US: Telligent Community CVE-2012-1902 (show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a con ...) - phpmyadmin 4:3.4.10.2-1 (unimportant) CVE-2012-1901 (Multiple cross-site request forgery (CSRF) vulnerabilities in FlexCMS ...) diff --git a/data/CVE/2013.list b/data/CVE/2013.list index 6ce15810dc..a8ba69d57c 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -4153,7 +4153,7 @@ CVE-2013-5947 CVE-2013-5946 (The runShellCmd function in systemCheck.htm in D-Link DSR-150 with fir ...) NOT-FOR-US: D-Link CVE-2013-5945 (Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware ...) - TODO: check + NOT-FOR-US: D-Link CVE-2013-5944 (The integrated web server on Siemens SCALANCE X-200 switches with firm ...) NOT-FOR-US: web server on Siemens switches CVE-2013-5959 (Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 ...) @@ -7279,7 +7279,7 @@ CVE-2013-4604 (Fortinet FortiOS before 5.0.3 on FortiGate devices does not prope CVE-2013-4603 RESERVED CVE-2013-4602 (A Denial of Service (infinite loop) vulnerability exists in Avira Anti ...) - TODO: check + NOT-FOR-US: Avira CVE-2013-4601 RESERVED CVE-2013-4600 (Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms ...) @@ -9963,7 +9963,7 @@ CVE-2013-3727 (SQL injection vulnerability in Kasseler CMS before 2 r1232 allows CVE-2013-3726 REJECTED CVE-2013-3725 (Invision Power Board (IPB) through 3.x allows admin account takeover l ...) - TODO: check + NOT-FOR-US: Invision Power Board CVE-2013-3724 (The mk_request_header_process function in mk_request.c in Monkey 1.1.1 ...) - monkey <removed> (low) [squeeze] - monkey <no-dsa> (Minor issue) @@ -10049,7 +10049,7 @@ CVE-2013-3686 (cgi-bin/operator/param in AirLive WL2600CAM and possibly other ca CVE-2013-3685 (A Privilege Escalation Vulnerability exists in Sprite Software Spriteb ...) NOT-FOR-US: Sprite Software's backup softare for Android CVE-2013-3684 (NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php fil ...) - TODO: check + NOT-FOR-US: NextGEN Gallery plugin for WordPress CVE-2013-3683 RESERVED CVE-2013-3682 @@ -12495,7 +12495,7 @@ CVE-2013-2639 (Cross-site scripting (XSS) vulnerability in CTERA Cloud Storage O CVE-2013-2638 RESERVED CVE-2013-2637 (A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior t ...) - TODO: check + NOT-FOR-US: OTRS ITSM and OTRS FAQ CVE-2013-2636 (net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initiali ...) - linux <not-affected> (Introduced in 3.8) - linux-2.6 <not-affected> (Introduced in 3.8) @@ -16554,9 +16554,9 @@ CVE-2013-1362 (Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plu CVE-2013-1361 (Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with ...) NOT-FOR-US: Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software CVE-2013-1360 (An Authentication Bypass vulnerability exists in DELL SonicWALL Global ...) - TODO: check + NOT-FOR-US: DELL SonicWALL Global Management System (GMS) CVE-2013-1359 (An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyz ...) - TODO: check + NOT-FOR-US: DELL SonicWALL CVE-2013-1358 RESERVED CVE-2013-1357 @@ -16568,7 +16568,7 @@ CVE-2013-1355 CVE-2013-1354 RESERVED CVE-2013-1353 (Orange HRM 2.7.1 allows XSS via the vacancy name. ...) - TODO: check + NOT-FOR-US: Orange HRM CVE-2013-1352 (Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a ...) NOT-FOR-US: Verax NMS CVE-2013-1351 (Verax NMS prior to 2.10 allows authentication via the encrypted passwo ...) @@ -17877,7 +17877,7 @@ CVE-2013-0805 (Multiple cross-site scripting (XSS) vulnerabilities in the search CVE-2013-0804 (The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP ...) NOT-FOR-US: GroupWise CVE-2013-0803 (A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload ...) - TODO: check + NOT-FOR-US: PolarBear CMS CVE-2013-0802 RESERVED CVE-2013-0801 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) diff --git a/data/CVE/2014.list b/data/CVE/2014.list index c4de9256f0..112724a1e4 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -1791,7 +1791,7 @@ CVE-2014-9756 (The psf_fwrite function in file_io.c in libsndfile allows attacke [jessie] - libsndfile 1.0.25-9.1+deb8u1 NOTE: https://github.com/erikd/libsndfile/commit/725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6 CVE-2014-9753 (confirm.php in ATutor 2.2 and earlier allows remote attackers to bypas ...) - TODO: check + NOT-FOR-US: ATutor CVE-2014-9752 (Unrestricted file upload vulnerability in mods/_core/properties/lib/co ...) NOT-FOR-US: ATutor CVE-2014-9751 (The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before ...) @@ -5965,7 +5965,7 @@ CVE-2014-8349 (Cross-site scripting (XSS) vulnerability in Liferay Portal Enterp CVE-2014-8348 RESERVED CVE-2014-8347 (An Authentication Bypass vulnerability exists in the MatchPasswordData ...) - TODO: check + NOT-FOR-US: Filemaker CVE-2014-8346 (The Remote Controls feature on Samsung mobile devices does not validat ...) NOT-FOR-US: Samsung mobile devices CVE-2014-8345 @@ -10671,7 +10671,7 @@ CVE-2014-6449 (Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, CVE-2014-6448 (Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before ...) NOT-FOR-US: Juniper CVE-2014-6447 (Multiple vulnerabilities exist in Juniper Junos J-Web error handling t ...) - TODO: check + NOT-FOR-US: Juniper CVE-2014-6446 (The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPre ...) NOT-FOR-US: WordPress plugin Infusionsoft Gravity Forms CVE-2014-6445 (Multiple cross-site scripting (XSS) vulnerabilities in includes/toAdmi ...) @@ -14122,7 +14122,7 @@ CVE-2014-4970 CVE-2014-4969 RESERVED CVE-2014-4968 (The WebView class and use of the WebView.addJavascriptInterface method ...) - TODO: check + NOT-FOR-US: Boat Browser application for Android CVE-2014-4967 RESERVED - ansible 1.6.8+dfsg-1 @@ -15958,7 +15958,7 @@ CVE-2014-4199 (vm-support 0.88 in VMware Tools, as distributed with VMware Works [wheezy] - open-vm-tools <no-dsa> (Minor issue) NOTE: http://seclists.org/fulldisclosure/2014/Aug/71 CVE-2014-4198 (A Two-Factor Authentication Bypass Vulnerability exists in BS-Client P ...) - TODO: check + NOT-FOR-US: BS-Client Private Client CVE-2014-4197 (Multiple SQL injection vulnerabilities in Bank Soft Systems (BSS) RBS ...) NOT-FOR-US: Bank Soft Systems CVE-2014-4196 (Cross-site scripting (XSS) vulnerability in bsi.dll in Bank Soft Syste ...) @@ -16031,7 +16031,7 @@ CVE-2014-4171 (mm/shmem.c in the Linux kernel through 3.15.1 does not properly i - linux-2.6 <not-affected> (Vulnerable code introduced later) NOTE: https://lkml.org/lkml/2014/7/2/518 CVE-2014-4170 (A Privilege Escalation Vulnerability exists in Free Reprintables Artic ...) - TODO: check + NOT-FOR-US: Free Reprintables ArticleFR CVE-2014-4169 RESERVED CVE-2014-4166 (Cross-site scripting (XSS) vulnerability in the song history in SHOUTc ...) @@ -16616,7 +16616,7 @@ CVE-2014-3925 (sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Li CVE-2014-3920 (Cross-site request forgery (CSRF) vulnerability in Kanboard before 1.0 ...) - kanboard <itp> (bug #790814) CVE-2014-3919 (A vulnerability exists in Netgear CG3100 devices before 3.9.2421.13.mp ...) - TODO: check + NOT-FOR-US: Netgear CVE-2014-3918 RESERVED CVE-2014-3916 (The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 all ...) @@ -16748,7 +16748,7 @@ CVE-2014-3862 (CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to d CVE-2014-3861 (Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 a ...) NOT-FOR-US: HL7 C-CDA CVE-2014-3860 (Xilisoft Video Converter Ultimate 7.8.1 build-20140505 has a DLL Hijac ...) - TODO: check + NOT-FOR-US: Xilisoft Video Converter Ultimate CVE-2014-3859 (libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS opti ...) - bind9 <not-affected> (Only affects 9.10.0, 9.10.0-P1) NOTE: https://kb.isc.org/article/AA-01166 @@ -20383,7 +20383,7 @@ CVE-2014-2562 CVE-2014-2561 RESERVED CVE-2014-2560 (The PhonerLite phone before 2.15 provides hashed credentials in a resp ...) - TODO: check + NOT-FOR-US: PhonerLite phone CVE-2014-2559 (Multiple cross-site request forgery (CSRF) vulnerabilities in twitget. ...) NOT-FOR-US: WordPress plugin Twitget CVE-2014-2558 (The File Gallery plugin before 1.7.9.2 for WordPress does not properly ...) diff --git a/data/CVE/2015.list b/data/CVE/2015.list index 757138173c..14b315d300 100644 --- a/data/CVE/2015.list +++ b/data/CVE/2015.list @@ -11226,7 +11226,7 @@ CVE-2015-5619 (Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjac CVE-2015-5618 (Chiyu BF-630 and BF-630W fingerprint access-control devices allow remo ...) NOT-FOR-US: Chiyu BF-630 and BF-630W fingerprint access-control devices CVE-2015-5617 (SQL injection vulnerability in pub/m_pending_news/delete_pending_news. ...) - TODO: check + NOT-FOR-US: Enorth Webpublisher CMS CVE-2015-5616 RESERVED CVE-2015-5615 diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 64905479b6..62bb474e05 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -4434,7 +4434,7 @@ CVE-2019-18792 (An issue was discovered in Suricata 5.0.0. It is possible to byp NOTE: https://redmine.openinfosecfoundation.org/issues/3324 NOTE: https://redmine.openinfosecfoundation.org/issues/3394 CVE-2019-18791 (Lexmark printer MS812 and multiple older generation Lexmark devices ha ...) - TODO: check + NOT-FOR-US: Lexmark CVE-2019-18790 (An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13. ...) {DLA-2017-1} - asterisk <unfixed> (bug #947381) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 56b2d1632c..e001e9b918 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -9,7 +9,7 @@ CVE-2020-8983 CVE-2020-8982 RESERVED CVE-2020-8981 (A cross-site scripting (XSS) vulnerability was discovered in the Sourc ...) - TODO: check + NOT-FOR-US: Source Integration plugin for MantisBT CVE-2020-8980 RESERVED CVE-2020-8979 @@ -368,15 +368,15 @@ CVE-2020-8806 CVE-2020-8805 RESERVED CVE-2020-8804 (SuiteCRM through 7.11.10 allows SQL Injection via the SOAP API, the Em ...) - TODO: check + NOT-FOR-US: SuiteCRM CVE-2020-8803 (SuiteCRM through 7.11.11 allows Directory Traversal to include arbitra ...) - TODO: check + NOT-FOR-US: SuiteCRM CVE-2020-8802 (SuiteCRM through 7.11.11 has Incorrect Access Control via action_saveH ...) - TODO: check + NOT-FOR-US: SuiteCRM CVE-2020-8801 (SuiteCRM through 7.11.11 allows PHAR Deserialization. ...) - TODO: check + NOT-FOR-US: SuiteCRM CVE-2020-8800 (SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PH ...) - TODO: check + NOT-FOR-US: SuiteCRM CVE-2020-8799 RESERVED CVE-2020-8798 @@ -756,7 +756,7 @@ CVE-2020-8616 CVE-2020-8615 (A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPres ...) NOT-FOR-US: Tutor LMS plugin for WordPress CVE-2020-8614 (An issue was discovered on Askey AP4000W TDC_V1.01.003 devices. An att ...) - TODO: check + NOT-FOR-US: Askey devices CVE-2020-8613 RESERVED CVE-2020-8612 @@ -4218,11 +4218,11 @@ CVE-2020-6977 CVE-2020-6976 RESERVED CVE-2020-6975 (Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (820 ...) - TODO: check + NOT-FOR-US: Digi International ConnectPort LTS 32 MEI CVE-2020-6974 RESERVED CVE-2020-6973 (Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (820 ...) - TODO: check + NOT-FOR-US: Digi International ConnectPort LTS 32 MEI CVE-2020-6972 RESERVED CVE-2020-6971 @@ -7515,7 +7515,7 @@ CVE-2020-5401 CVE-2020-5400 RESERVED CVE-2020-5399 (Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL d ...) - TODO: check + NOT-FOR-US: Cloud Foundry CredHub CVE-2020-5398 (In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x pri ...) - libspring-java <unfixed> NOTE: https://pivotal.io/security/cve-2020-5398 @@ -10851,93 +10851,93 @@ CVE-2020-3765 CVE-2020-3764 RESERVED CVE-2020-3763 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3762 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3761 RESERVED CVE-2020-3760 (Adobe Digital Editions versions 4.5.10 and below have a command inject ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3759 (Adobe Digital Editions versions 4.5.10 and below have a buffer errors ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3758 (Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and e ...) NOT-FOR-US: Magento CVE-2020-3757 (Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and ear ...) NOT-FOR-US: Adobe CVE-2020-3756 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3755 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3754 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3753 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3752 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3751 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3750 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3749 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3748 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3747 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3746 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3745 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3744 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3743 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3742 (Adobe Acrobat and Reader versions, 2019.021.20061 and earlier, 2017.01 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3741 (Adobe Experience Manager versions 6.5, and 6.4 have an uncontrolled re ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3740 (Adobe Framemaker versions 2019.0.4 and below have a memory corruption ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3739 (Adobe Framemaker versions 2019.0.4 and below have a memory corruption ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3738 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3737 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3736 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3735 (Adobe Framemaker versions 2019.0.4 and below have a heap overflow vuln ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3734 (Adobe Framemaker versions 2019.0.4 and below have a buffer error vulne ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3733 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3732 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3731 (Adobe Framemaker versions 2019.0.4 and below have a heap overflow vuln ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3730 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3729 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3728 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3727 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3726 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3725 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3724 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3723 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3722 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3721 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3720 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...) - TODO: check + NOT-FOR-US: Adobe CVE-2020-3719 (Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and e ...) NOT-FOR-US: Magento CVE-2020-3718 (Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and e ...) @@ -14496,9 +14496,9 @@ CVE-2020-1978 CVE-2020-1977 (Insufficient Cross-Site Request Forgery (XSRF) protection on Expeditio ...) TODO: check CVE-2020-1976 (A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalPr ...) - TODO: check + NOT-FOR-US: Palo Alto Networks GlobalProtect software CVE-2020-1975 (Missing XML validation vulnerability in the PAN-OS web interface on Pa ...) - TODO: check + NOT-FOR-US: Palo Alto Networks PAN-OS CVE-2020-1974 RESERVED CVE-2020-1973 |