summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMoritz Muehlenhoff <jmm@debian.org>2020-10-21 15:14:56 +0200
committerMoritz Muehlenhoff <jmm@debian.org>2020-10-21 15:14:56 +0200
commit07ae946402a28434a8bb3a4beb2dba6f069abc64 (patch)
tree609cd4770d811b547b24c745ff4da00bb28bfbd4
parent058eba1e661e55ef3fa89e58baeaad88218b0455 (diff)
NFUs
veyon n/a
-rw-r--r--data/CVE/list.202049
1 files changed, 25 insertions, 24 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index 24b27d60e9..ce0d50c671 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -5196,7 +5196,7 @@ CVE-2020-25159
CVE-2020-25158
RESERVED
CVE-2020-25157 (The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection ...)
- TODO: check
+ NOT-FOR-US: R-SeeNet
CVE-2020-25156
RESERVED
CVE-2020-25155
@@ -6036,7 +6036,7 @@ CVE-2020-24767
CVE-2020-24766
RESERVED
CVE-2020-24765 (InterMind iMind Server through 3.13.65 allows remote unauthenticated a ...)
- TODO: check
+ NOT-FOR-US: InterMind iMind Server
CVE-2020-24764
RESERVED
CVE-2020-24763
@@ -6798,21 +6798,21 @@ CVE-2020-24418
CVE-2020-24417
RESERVED
CVE-2020-24416 (Marketo Sales Insight plugin version 1.4355 (and earlier) is affected ...)
- TODO: check
+ NOT-FOR-US: Marketo Sales Insight plugin
CVE-2020-24415 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-24414 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-24413 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-24412 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-24411 (Adobe Illustrator version 24.2 (and earlier) is affected by an out-of- ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-24410 (Adobe Illustrator version 24.2 (and earlier) is affected by an out-of- ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-24409 (Adobe Illustrator version 24.2 (and earlier) is affected by an out-of- ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-24408 (Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by a per ...)
NOT-FOR-US: Magento
CVE-2020-24407
@@ -6857,9 +6857,9 @@ CVE-2020-24390 (eonweb in EyesOfNetwork before 5.3-7 does not properly escape th
CVE-2020-24389
RESERVED
CVE-2020-24388 (An issue was discovered in the _send_secure_msg() function of yubihsm- ...)
- TODO: check
+ NOT-FOR-US: yubihsm-shell
CVE-2020-24387 (An issue was discovered in the yh_create_session() function of yubihsm ...)
- TODO: check
+ NOT-FOR-US: yubihsm-shell
CVE-2020-24386
RESERVED
CVE-2020-24385 (In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD be ...)
@@ -6886,7 +6886,7 @@ CVE-2020-24377 (A DNS rebinding vulnerability in the Freebox OS web interface in
CVE-2020-24376 (A DNS rebinding vulnerability in the UPnP IGD implementations in Freeb ...)
NOT-FOR-US: Freebox
CVE-2020-24375 (A DNS rebinding vulnerability in the UPnP MediaServer implementation i ...)
- TODO: check
+ NOT-FOR-US: Freebox
CVE-2020-24374 (A DNS rebinding vulnerability in Freebox HD before 1.5.29. ...)
NOT-FOR-US: Freebox
CVE-2020-24373 (A CSRF vulnerability in the UPnP MediaServer implementation in Freebox ...)
@@ -23519,13 +23519,13 @@ CVE-2020-16163 (** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validato
CVE-2020-16162 (** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x ...)
NOT-FOR-US: RIPE NCC RPKI Validator
CVE-2020-16161 (GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Sca ...)
- TODO: check
+ NOT-FOR-US: GoPro
CVE-2020-16160 (GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Dec ...)
- TODO: check
+ NOT-FOR-US: GoPro
CVE-2020-16159 (GoPro gpmf-parser 1.5 has a heap out-of-bounds read and segfault in GP ...)
- TODO: check
+ NOT-FOR-US: GoPro
CVE-2020-16158 (GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerab ...)
- TODO: check
+ NOT-FOR-US: GoPro
CVE-2020-16157 (A Stored XSS vulnerability exists in Nagios Log Server before 2.1.7 vi ...)
NOT-FOR-US: Nagios Log Server
CVE-2020-16156
@@ -24118,7 +24118,7 @@ CVE-2020-15933
CVE-2020-15932 (Overwolf before 0.149.2.30 mishandles Symbolic Links during updates, c ...)
NOT-FOR-US: Overwolf
CVE-2020-15931 (Netwrix Account Lockout Examiner before 5.1 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Netwrix Account Lockout Examiner
CVE-2020-15930 (An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary cod ...)
NOT-FOR-US: Joplin desktop
CVE-2020-15929
@@ -25794,7 +25794,7 @@ CVE-2020-15271
CVE-2020-15270
RESERVED
CVE-2020-15269 (In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens ...)
- TODO: check
+ NOT-FOR-US: Spree
CVE-2020-15268
RESERVED
CVE-2020-15267
@@ -25804,13 +25804,14 @@ CVE-2020-15266
CVE-2020-15265
RESERVED
CVE-2020-15264 (The Boxstarter installer before version 2.13.0 configures C:\ProgramDa ...)
- TODO: check
+ NOT-FOR-US: Boxstarter
CVE-2020-15263 (In platform before version 9.4.4, inline attributes are not properly e ...)
NOT-FOR-US: Laravel Orchid Platform
CVE-2020-15262 (In webpack-subresource-integrity before version 1.5.1, all dynamically ...)
- TODO: check
+ NOT-FOR-US: Node webpack-subresource-integrity
CVE-2020-15261 (On Windows the Veyon Service before version 4.4.2 contains an unquoted ...)
- TODO: check
+ - veyon <not-affected> (Windows-specific)
+ NOTE: https://github.com/veyon/veyon/security/advisories/GHSA-c8cc-x786-hqqp
CVE-2020-15260
RESERVED
CVE-2020-15259
@@ -25846,7 +25847,7 @@ CVE-2020-15247
CVE-2020-15246
RESERVED
CVE-2020-15245 (In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may registe ...)
- TODO: check
+ NOT-FOR-US: Sylius
CVE-2020-15244
RESERVED
CVE-2020-15243 (Affected versions of Smartstore have a missing WebApi Authentication a ...)
@@ -40453,7 +40454,7 @@ CVE-2020-9429 (In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash.
CVE-2020-9418 (An untrusted search path vulnerability in the installer of PDFescape D ...)
NOT-FOR-US: PDFescape
CVE-2020-9417 (The Transaction Insight reporting component of TIBCO Software Inc.'s T ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2020-9416 (The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire ...)
NOT-FOR-US: TIBCO
CVE-2020-9415 (The TIBCO Data Virtualization Server component of TIBCO Software Inc.' ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy