diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-08 16:22:49 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-08 16:22:49 +0200 |
commit | e03f63e275cb2bb6a01eed58249d43e1bc04342a (patch) | |
tree | 732388f509f365a85d2547a02ebe27ff2505c325 | |
parent | 701f3ee971e5a0f299991f0035e42cc2514e9487 (diff) |
NFUs
-rw-r--r-- | data/CVE/list.2019 | 2 | ||||
-rw-r--r-- | data/CVE/list.2020 | 66 |
2 files changed, 34 insertions, 34 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index 03c3b31288..6d4857f3e9 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -19,7 +19,7 @@ CVE-2019-20898 CVE-2019-20897 RESERVED CVE-2019-20896 (WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponen ...) - TODO: check + NOT-FOR-US: WebChess CVE-2019-20895 RESERVED CVE-2019-20894 (Traefik 2.x, in certain configurations, allows HTTPS sessions to proce ...) diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 0edf627fb1..d308a01193 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -89,9 +89,9 @@ CVE-2020-15602 CVE-2020-15601 RESERVED CVE-2020-15600 (An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to ...) - TODO: check + NOT-FOR-US: CMSUno CVE-2020-15599 (Victor CMS through 2019-02-28 allows XSS via the register.php user_fir ...) - TODO: check + NOT-FOR-US: Victor CMS CVE-2020-15598 RESERVED CVE-2020-15597 @@ -276,15 +276,15 @@ CVE-2020-15519 CVE-2020-15518 (VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup &a ...) NOT-FOR-US: Veeam CVE-2020-15517 (The ke_search (aka Faceted Search) extension through 2.8.2, and 3.x th ...) - TODO: check + NOT-FOR-US: Typo3 extension CVE-2020-15516 (The mm_forum extension through 1.9.5 for TYPO3 allows XSS that can be ...) - TODO: check + NOT-FOR-US: Typo3 extension CVE-2020-15515 (The turn extension through 0.3.2 for TYPO3 allows Remote Code Executio ...) - TODO: check + NOT-FOR-US: Typo3 extension CVE-2020-15514 (The jh_captcha extension through 2.1.3, and 3.x through 3.0.2, for TYP ...) - TODO: check + NOT-FOR-US: Typo3 extension CVE-2020-15513 (The typo3_forum extension before 1.2.1 for TYPO3 has Incorrect Access ...) - TODO: check + NOT-FOR-US: Typo3 extension CVE-2020-15512 RESERVED CVE-2020-15511 @@ -1168,7 +1168,7 @@ CVE-2020-15098 CVE-2020-15097 RESERVED CVE-2020-15096 (In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, the ...) - TODO: check + - electron <itp> (bug #842420) CVE-2020-15095 (Versions of the npm CLI prior to 6.14.6 are vulnerable to an informati ...) TODO: check CVE-2020-15094 @@ -1289,25 +1289,25 @@ CVE-2020-15039 CVE-2020-15038 (The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS. ...) NOT-FOR-US: WordPress plugin CVE-2020-15037 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15036 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15035 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15034 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15033 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15032 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15031 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15030 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15029 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15028 (NeDi 1.9C is vulnerable to a cross-site scripting (XSS) attack. The ap ...) - TODO: check + NOT-FOR-US: NeDi CVE-2020-15027 RESERVED CVE-2020-15026 (Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ ...) @@ -1356,7 +1356,7 @@ CVE-2020-15010 CVE-2020-15009 RESERVED CVE-2020-15008 (A SQLi exists in the probe code of all Connectwise Automate versions b ...) - TODO: check + NOT-FOR-US: Connectwise CVE-2020-15007 (A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ...) - rbdoom3bfg <unfixed> (unimportant) NOTE: https://github.com/AXDOOMER/doom-vanille/commit/8a6d9a02fa991a91ff90ccdc73b5ceabaa6cb9ec @@ -6291,7 +6291,7 @@ CVE-2020-12823 (OpenConnect 8.09 has a buffer overflow, causing a denial of serv CVE-2020-12822 RESERVED CVE-2020-12821 (Gossipsub 1.0 does not properly resist invalid message spam, such as a ...) - TODO: check + NOT-FOR-US: Gossipsub CVE-2020-12820 RESERVED CVE-2020-12819 @@ -6527,7 +6527,7 @@ CVE-2020-12738 CVE-2020-12737 (An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authen ...) NOT-FOR-US: Maxum Rumpus CVE-2020-12736 (Code42 environments with on-premises server versions 7.0.4 and earlier ...) - TODO: check + NOT-FOR-US: Code42 CVE-2020-12735 (reset.php in DomainMOD 4.13.0 uses insufficient entropy for password r ...) NOT-FOR-US: DomainMOD CVE-2020-12734 @@ -8597,7 +8597,7 @@ CVE-2020-11884 (In the Linux kernel through 5.6.7 on the s390 platform, code exe CVE-2020-11883 (In Divante vue-storefront-api through 1.11.1 and storefront-api throug ...) NOT-FOR-US: Divante vue-storefront-api CVE-2020-11882 (The O2 Business application 1.2.0 for Android exposes the canvasm.myo2 ...) - TODO: check + NOT-FOR-US: O2 Business CVE-2020-11881 RESERVED CVE-2020-11880 (An issue was discovered in KDE KMail before 19.12.3. By using the prop ...) @@ -14995,9 +14995,9 @@ CVE-2020-9264 (ESET Archive Support Module before 1296 allows virus-detection by CVE-2020-9263 RESERVED CVE-2020-9262 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have ...) - TODO: check + NOT-FOR-US: HUAWEI CVE-2020-9261 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have ...) - TODO: check + NOT-FOR-US: HUAWEI CVE-2020-9260 RESERVED CVE-2020-9259 @@ -15067,7 +15067,7 @@ CVE-2020-9228 CVE-2020-9227 RESERVED CVE-2020-9226 (HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an ...) - TODO: check + NOT-FOR-US: HUAWEI CVE-2020-9225 (FusionSphere OpenStack 6.5.1 have an improper permissions management v ...) TODO: check CVE-2020-9224 @@ -15319,7 +15319,7 @@ CVE-2020-9102 CVE-2020-9101 RESERVED CVE-2020-9100 (Earlier than HiSuite 10.1.0.500 have a DLL hijacking vulnerability. Th ...) - TODO: check + NOT-FOR-US: Huawei CVE-2020-9099 (Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Se ...) NOT-FOR-US: Huawei CVE-2020-9098 (Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an ...) @@ -16614,11 +16614,11 @@ CVE-2020-8523 CVE-2020-8522 RESERVED CVE-2020-8521 (SQL injection with start and length parameters in Records.php for phpz ...) - TODO: check + NOT-FOR-US: phpzag CVE-2020-8520 (SQL injection in order and column parameters in Records.php for phpzag ...) - TODO: check + NOT-FOR-US: phpzag CVE-2020-8519 (SQL injection with the search parameter in Records.php for phpzag live ...) - TODO: check + NOT-FOR-US: phpzag CVE-2020-8518 (Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary P ...) {DLA-2174-1} - php-horde-data <unfixed> (bug #951537) @@ -26594,13 +26594,13 @@ CVE-2020-4079 CVE-2020-4078 RESERVED CVE-2020-4077 (In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, there is a ...) - TODO: check + - electron <itp> (bug #842420) CVE-2020-4076 (In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, there is a ...) - TODO: check + - electron <itp> (bug #842420) CVE-2020-4075 (In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary ...) - TODO: check + - electron <itp> (bug #842420) CVE-2020-4074 (In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, the aut ...) - TODO: check + NOT-FOR-US: PrestaShop CVE-2020-4073 RESERVED CVE-2020-4072 (In generator-jhipster-kotlin version 1.6.0 log entries are created for ...) |