summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-09-17 22:19:22 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2020-09-17 22:19:22 +0200
commitde2a2db059912aca31087ddb5b26ca74bb9d4d45 (patch)
treea07a221da5c56abd2bd2dd2109867e2ce687ded0
parentd0a794cb1a1ae1a08b4413688670a597e8004523 (diff)
Process some NFUs
-rw-r--r--data/CVE/2020.list38
1 files changed, 19 insertions, 19 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 3ffdab8da5..21a1d00afa 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -22,9 +22,9 @@ CVE-2020-25729 (ZoneMinder before 1.34.21 has XSS via the connkey parameter to d
- zoneminder <unfixed>
NOTE: https://github.com/ZoneMinder/zoneminder/commit/9268db14a79c4ccd444c2bf8d24e62b13207b413
CVE-2020-25728 (The Reset Password add-on before 1.2.0 for Alfresco has a broken algor ...)
- TODO: check
+ NOT-FOR-US: Reset Password add-on for Alfresco
CVE-2020-25727 (The Reset Password add-on before 1.2.0 for Alfresco suffers from CMIS- ...)
- TODO: check
+ NOT-FOR-US: Reset Password add-on for Alfresco
CVE-2020-25726
RESERVED
CVE-2020-25725
@@ -496,9 +496,9 @@ CVE-2020-25492
CVE-2020-25491
RESERVED
CVE-2020-25490 (Lack of cryptographic signature verification in the Sqreen PHP agent d ...)
- TODO: check
+ NOT-FOR-US: Sqreen
CVE-2020-25489 (A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) before 0 ...)
- TODO: check
+ NOT-FOR-US: Sqreen
CVE-2020-25488
RESERVED
CVE-2020-25487
@@ -1062,9 +1062,9 @@ CVE-2020-25218
CVE-2020-25217
RESERVED
CVE-2020-25216 (yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Tran ...)
- TODO: check
+ NOT-FOR-US: yWorks yEd Desktop
CVE-2020-25215 (yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or Grap ...)
- TODO: check
+ NOT-FOR-US: yWorks yEd Desktop
CVE-2020-25214
RESERVED
CVE-2020-25213 (The File Manager (wp-file-manager) plugin before 6.9 for WordPress all ...)
@@ -3564,9 +3564,9 @@ CVE-2020-24048
CVE-2020-24047
RESERVED
CVE-2020-24046 (A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.0 ...)
- TODO: check
+ NOT-FOR-US: TitanHQ
CVE-2020-24045 (A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.0 ...)
- TODO: check
+ NOT-FOR-US: TitanHQ
CVE-2020-24044
RESERVED
CVE-2020-24043
@@ -26709,7 +26709,7 @@ CVE-2020-13170 (HashiCorp Consul and Consul Enterprise did not appropriately enf
NOTE: https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
NOTE: https://github.com/hashicorp/consul/pull/8068
CVE-2020-13169 (Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platf ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2020-13168
RESERVED
CVE-2020-13167 (Netsweeper through 6.4.3 allows unauthenticated remote code execution ...)
@@ -30090,9 +30090,9 @@ CVE-2020-11806 (In MailStore Outlook Add-in (and Email Archive Outlook Add-in) t
CVE-2020-11805
RESERVED
CVE-2020-11804 (An issue was discovered in Titan SpamTitan 7.07. Due to improper sanit ...)
- TODO: check
+ NOT-FOR-US: Titan SpamTitan
CVE-2020-11803 (An issue was discovered in Titan SpamTitan 7.07. Improper sanitization ...)
- TODO: check
+ NOT-FOR-US: Titan SpamTitan
CVE-2020-11802
RESERVED
CVE-2020-11801
@@ -30395,11 +30395,11 @@ CVE-2020-11702 (An issue was discovered in ProVide (formerly zFTPServer) through
CVE-2020-11701 (An issue was discovered in ProVide (formerly zFTPServer) through 13.1. ...)
NOT-FOR-US: ProVide (formerly zFTPServer)
CVE-2020-11700 (An issue was discovered in Titan SpamTitan 7.07. Improper sanitization ...)
- TODO: check
+ NOT-FOR-US: Titan SpamTitan
CVE-2020-11699 (An issue was discovered in Titan SpamTitan 7.07. Improper validation o ...)
- TODO: check
+ NOT-FOR-US: Titan SpamTitan
CVE-2020-11698 (An issue was discovered in Titan SpamTitan 7.07. Improper input saniti ...)
- TODO: check
+ NOT-FOR-US: Titan SpamTitan
CVE-2020-11697 (In Combodo iTop, dashboard ids can be exploited with a reflective XSS ...)
NOT-FOR-US: Combodo iTop
CVE-2020-11696 (In Combodo iTop a menu shortcut name can be exploited with a stored XS ...)
@@ -43974,15 +43974,15 @@ CVE-2020-6118 (SQL injection vulnerabilities exist in the CheckDuplicateStudent.
CVE-2020-6117 (SQL injection vulnerabilities exist in the CheckDuplicateStudent.php p ...)
NOT-FOR-US: OS4Ed openSIS
CVE-2020-6116 (An arbitrary code execution vulnerability exists in the rendering func ...)
- TODO: check
+ NOT-FOR-US: Nitro Pro
CVE-2020-6115 (An exploitable vulnerability exists in the cross-reference table repai ...)
- TODO: check
+ NOT-FOR-US: Nitro Pro
CVE-2020-6114 (An exploitable SQL injection vulnerability exists in the Admin Reports ...)
NOT-FOR-US: Glacies IceHRM
CVE-2020-6113 (An exploitable vulnerability exists in the object stream parsing funct ...)
- TODO: check
+ NOT-FOR-US: Nitro Pro
CVE-2020-6112 (An exploitable code execution vulnerability exists in the JPEG2000 Str ...)
- TODO: check
+ NOT-FOR-US: Nitro Pro
CVE-2020-6111
RESERVED
CVE-2020-6110 (An exploitable partial path traversal vulnerability exists in the way ...)
@@ -56352,7 +56352,7 @@ CVE-2020-0404 (In uvc_scan_chain_forward of uvc_driver.c, there is a possible li
[stretch] - linux 4.9.228-1
NOTE: https://git.kernel.org/linus/68035c80e129c4cfec659aac4180354530b26527
CVE-2020-0403 (In the FPC TrustZone fingerprint App, there is a possible invalid comm ...)
- TODO: check
+ NOT-FOR-US: FPC TrustZone fingerprint App
CVE-2020-0402
RESERVED
NOTE: Duplicate assignment for CVE-2019-19769 (Android security informed)

© 2014-2024 Faster IT GmbH | imprint | privacy policy