From 4c4e986f6e83a32f1e5f10b8574e2f6e5a2964d5 Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Mon, 19 Oct 2020 15:59:21 +0200 Subject: NFUs --- data/CVE/list.2020 | 118 ++++++++++++++++++++++++++--------------------------- 1 file changed, 59 insertions(+), 59 deletions(-) diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 2bab1e4bf2..ee5141a9a0 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -17,7 +17,7 @@ CVE-2020-27199 CVE-2020-27198 RESERVED CVE-2020-27197 (** DISPUTED ** TAXII libtaxii through 1.1.117, as used in EclecticIQ O ...) - TODO: check + NOT-FOR-US: TAXII libtaxii CVE-2020-27196 RESERVED CVE-2020-27195 @@ -637,7 +637,7 @@ CVE-2020-26895 CVE-2020-26894 (Faulkner Wildlife Issues in the New Millennium 18.0.160 on Windows all ...) NOT-FOR-US: New Millennium CVE-2020-26893 (An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor c ...) - TODO: check + NOT-FOR-US: ClamXAV CVE-2020-26892 RESERVED CVE-2020-26891 @@ -20922,7 +20922,7 @@ CVE-2020-17005 CVE-2020-17004 RESERVED CVE-2020-17003 (A remote code execution vulnerability exists when the Base3D rendering ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-17002 RESERVED CVE-2020-17001 @@ -20938,7 +20938,7 @@ CVE-2020-16997 CVE-2020-16996 RESERVED CVE-2020-16995 (An elevation of privilege vulnerability exists in Network Watcher Agen ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16994 RESERVED CVE-2020-16993 @@ -21050,11 +21050,11 @@ CVE-2020-16941 (An information disclosure vulnerability exists when Microsoft Sh CVE-2020-16940 (An elevation of privilege vulnerability exists when the Windows User P ...) NOT-FOR-US: Microsoft CVE-2020-16939 (An elevation of privilege vulnerability exists when Group Policy impro ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16938 (An information disclosure vulnerability exists when the Windows kernel ...) NOT-FOR-US: Microsoft CVE-2020-16937 (An information disclosure vulnerability exists when the .NET Framework ...) - TODO: check + - dotnet-core-3.1 (bug #968921) CVE-2020-16936 (An elevation of privilege vulnerability exists when the Windows Backup ...) NOT-FOR-US: Microsoft CVE-2020-16935 (An elevation of privilege vulnerability exists when Windows improperly ...) @@ -21074,7 +21074,7 @@ CVE-2020-16929 (A remote code execution vulnerability exists in Microsoft Excel CVE-2020-16928 (An elevation of privilege vulnerability exists in the way that Microso ...) NOT-FOR-US: Microsoft CVE-2020-16927 (A denial of service vulnerability exists in Remote Desktop Protocol (R ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16926 RESERVED CVE-2020-16925 @@ -21084,15 +21084,15 @@ CVE-2020-16924 (A remote code execution vulnerability exists when the Windows Je CVE-2020-16923 (A remote code execution vulnerability exists in the way that Microsoft ...) NOT-FOR-US: Microsoft CVE-2020-16922 (A spoofing vulnerability exists when Windows incorrectly validates fil ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16921 (An information disclosure vulnerability exists in Text Services Framew ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16920 (An elevation of privilege vulnerability exists when the Windows Applic ...) NOT-FOR-US: Microsoft CVE-2020-16919 (An information disclosure vulnerability exists when the Windows Enterp ...) NOT-FOR-US: Microsoft CVE-2020-16918 (A remote code execution vulnerability exists when the Base3D rendering ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16917 RESERVED CVE-2020-16916 (An elevation of privilege vulnerability exists when Windows improperly ...) @@ -21100,13 +21100,13 @@ CVE-2020-16916 (An elevation of privilege vulnerability exists when Windows impr CVE-2020-16915 (A memory corruption vulnerability exists when Windows Media Foundation ...) NOT-FOR-US: Microsoft CVE-2020-16914 (An information disclosure vulnerability exists in the way that the Win ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16913 (An elevation of privilege vulnerability exists in Windows when the Win ...) NOT-FOR-US: Microsoft CVE-2020-16912 (An elevation of privilege vulnerability exists when the Windows Backup ...) NOT-FOR-US: Microsoft CVE-2020-16911 (A remote code execution vulnerability exists in the way that the Windo ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16910 (A security feature bypass vulnerability exists when Microsoft Windows ...) NOT-FOR-US: Microsoft CVE-2020-16909 (An elevation of privilege vulnerability exists in Windows Error Report ...) @@ -21120,7 +21120,7 @@ CVE-2020-16906 CVE-2020-16905 (An elevation of privilege vulnerability exists in Windows Error Report ...) NOT-FOR-US: Microsoft CVE-2020-16904 (An elevation of privilege vulnerability exists in the way Azure Functi ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16903 RESERVED CVE-2020-16902 (An elevation of privilege vulnerability exists in the Windows Installe ...) @@ -21134,9 +21134,9 @@ CVE-2020-16899 (A denial of service vulnerability exists when the Windows TCP/IP CVE-2020-16898 (A remote code execution vulnerability exists when the Windows TCP/IP s ...) NOT-FOR-US: Microsoft CVE-2020-16897 (An information disclosure vulnerability exists when NetBIOS over TCP ( ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16896 (An information disclosure vulnerability exists in Remote Desktop Proto ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16895 (An elevation of privilege vulnerability exists when Windows Error Repo ...) NOT-FOR-US: Microsoft CVE-2020-16894 (A remote code execution vulnerability exists when Windows Network Addr ...) @@ -21146,7 +21146,7 @@ CVE-2020-16893 CVE-2020-16892 (An elevation of privilege vulnerability exists in the way that the Win ...) NOT-FOR-US: Microsoft CVE-2020-16891 (A remote code execution vulnerability exists when Windows Hyper-V on a ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16890 (An elevation of privilege vulnerability exists when the Windows kernel ...) NOT-FOR-US: Microsoft CVE-2020-16889 (An information disclosure vulnerability exists when the Windows Kernel ...) @@ -21156,7 +21156,7 @@ CVE-2020-16888 CVE-2020-16887 (An elevation of privilege vulnerability exists in the way that the Win ...) NOT-FOR-US: Microsoft CVE-2020-16886 (A security feature bypass vulnerability exists in the PowerShellGet V2 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16885 (An elevation of privilege vulnerability exists when the Windows Storag ...) NOT-FOR-US: Microsoft CVE-2020-16884 (A remote code execution vulnerability exists in the way that the IEToE ...) @@ -21202,7 +21202,7 @@ CVE-2020-16865 CVE-2020-16864 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...) NOT-FOR-US: Microsoft CVE-2020-16863 (A denial of service vulnerability exists in Windows Remote Desktop Ser ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2020-16862 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...) NOT-FOR-US: Microsoft CVE-2020-16861 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...) @@ -24978,13 +24978,13 @@ CVE-2020-15260 CVE-2020-15259 RESERVED CVE-2020-15258 (In Wire before 3.20.x, `shell.openExternal` was used without checking ...) - TODO: check + NOT-FOR-US: Wire app CVE-2020-15257 RESERVED CVE-2020-15256 RESERVED CVE-2020-15255 (In Anuko Time Tracker before verion 1.19.23.5325, due to not properly ...) - TODO: check + NOT-FOR-US: Anuko Time Tracker CVE-2020-15254 (Crossbeam is a set of tools for concurrent programming. In crossbeam-c ...) TODO: check CVE-2020-15253 (Versions of Grocy <= 2.7.1 are vulnerable to Cross-Site Scripting v ...) @@ -28366,7 +28366,7 @@ CVE-2020-13896 (The web interface of Maipu MP1800X-50 7.5.3.14(R) devices allows CVE-2020-13894 (handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows ...) NOT-FOR-US: DEXT5 Editor CVE-2020-13893 (Multiple stored cross-site scripting (XSS) vulnerabilities in Sage Eas ...) - TODO: check + NOT-FOR-US: Sage EasyPay CVE-2020-13892 (The SportsPress plugin before 2.7.2 for WordPress allows XSS. ...) NOT-FOR-US: SportsPress plugin for WordPress CVE-2020-13891 (An issue was discovered in Mattermost Mobile Apps before 1.31.2 on iOS ...) @@ -38142,7 +38142,7 @@ CVE-2020-9994 CVE-2020-9993 RESERVED CVE-2020-9992 (This issue was addressed by encrypting communications over the network ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9991 RESERVED CVE-2020-9990 @@ -38160,7 +38160,7 @@ CVE-2020-9985 CVE-2020-9984 RESERVED CVE-2020-9983 (An out-of-bounds write issue was addressed with improved bounds checki ...) - TODO: check + NOT-FOR-US: Safari CVE-2020-9982 RESERVED CVE-2020-9981 @@ -38174,7 +38174,7 @@ CVE-2020-9978 CVE-2020-9977 RESERVED CVE-2020-9976 (A logic issue was addressed with improved state management. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9975 RESERVED CVE-2020-9974 @@ -38190,7 +38190,7 @@ CVE-2020-9970 CVE-2020-9969 RESERVED CVE-2020-9968 (A logic issue was addressed with improved restrictions. This issue is ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9967 RESERVED CVE-2020-9966 @@ -38198,7 +38198,7 @@ CVE-2020-9966 CVE-2020-9965 RESERVED CVE-2020-9964 (A memory initialization issue was addressed with improved memory handl ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9963 RESERVED CVE-2020-9962 @@ -38208,9 +38208,9 @@ CVE-2020-9961 CVE-2020-9960 RESERVED CVE-2020-9959 (A lock screen issue allowed access to messages on a locked device. Thi ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9958 (An out-of-bounds write issue was addressed with improved bounds checki ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9957 RESERVED CVE-2020-9956 @@ -38222,19 +38222,19 @@ CVE-2020-9954 CVE-2020-9953 RESERVED CVE-2020-9952 (An input validation issue was addressed with improved input validation ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9951 (A use after free issue was addressed with improved memory management. ...) - TODO: check + NOT-FOR-US: Safari CVE-2020-9950 RESERVED CVE-2020-9949 RESERVED CVE-2020-9948 (A type confusion issue was addressed with improved memory handling. Th ...) - TODO: check + NOT-FOR-US: Safari CVE-2020-9947 RESERVED CVE-2020-9946 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9945 RESERVED CVE-2020-9944 @@ -38254,17 +38254,17 @@ CVE-2020-9938 CVE-2020-9937 RESERVED CVE-2020-9936 (An out-of-bounds write issue was addressed with improved bounds checki ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9935 RESERVED CVE-2020-9934 (An issue existed in the handling of environment variables. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9933 (An authorization issue was addressed with improved state management. T ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9932 RESERVED CVE-2020-9931 (A denial of service issue was addressed with improved input validation ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9930 RESERVED CVE-2020-9929 @@ -38285,7 +38285,7 @@ CVE-2020-9925 (A logic issue was addressed with improved state management. This CVE-2020-9924 RESERVED CVE-2020-9923 (A memory corruption issue was addressed with improved memory handling. ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9922 RESERVED CVE-2020-9921 @@ -38295,11 +38295,11 @@ CVE-2020-9920 CVE-2020-9919 RESERVED CVE-2020-9918 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9917 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9916 (A URL Unicode encoding issue was addressed with improved state managem ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9915 (An access issue existed in Content Security Policy. This issue was add ...) {DSA-4739-1} - webkit2gtk 2.28.4-1 @@ -38308,21 +38308,21 @@ CVE-2020-9915 (An access issue existed in Content Security Policy. This issue wa - wpewebkit 2.28.4-1 NOTE: https://webkitgtk.org/security/WSA-2020-0007.html CVE-2020-9914 (An input validation issue existed in Bluetooth. This issue was address ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9913 (This issue was addressed with improved data protection. This issue is ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9912 (A logic issue was addressed with improved restrictions. This issue is ...) - TODO: check + NOT-FOR-US: Safari CVE-2020-9911 (A logic issue was addressed with improved restrictions. This issue is ...) - TODO: check + NOT-FOR-US: Safari CVE-2020-9910 (Multiple issues were addressed with improved logic. This issue is fixe ...) - TODO: check + NOT-FOR-US: Safari CVE-2020-9909 (An out-of-bounds read was addressed with improved bounds checking. Thi ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9908 RESERVED CVE-2020-9907 (A memory corruption issue was addressed by removing the vulnerable cod ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9906 RESERVED CVE-2020-9905 @@ -38330,7 +38330,7 @@ CVE-2020-9905 CVE-2020-9904 RESERVED CVE-2020-9903 (A logic issue was addressed with improved restrictions. This issue is ...) - TODO: check + NOT-FOR-US: Safari CVE-2020-9902 RESERVED CVE-2020-9901 @@ -38369,21 +38369,21 @@ CVE-2020-9893 (A use after free issue was addressed with improved memory managem CVE-2020-9892 RESERVED CVE-2020-9891 (An out-of-bounds read was addressed with improved bounds checking. Thi ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9890 (An out-of-bounds read was addressed with improved bounds checking. Thi ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9889 (An out-of-bounds write issue was addressed with improved bounds checki ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9888 (An out-of-bounds read was addressed with improved bounds checking. Thi ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9887 RESERVED CVE-2020-9886 RESERVED CVE-2020-9885 (An issue existed in the handling of iMessage tapbacks. The issue was r ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9884 (An out-of-bounds write issue was addressed with improved bounds checki ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9883 RESERVED CVE-2020-9882 @@ -38395,7 +38395,7 @@ CVE-2020-9880 CVE-2020-9879 RESERVED CVE-2020-9878 (A buffer overflow issue was addressed with improved memory handling. T ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9877 RESERVED CVE-2020-9876 @@ -38411,7 +38411,7 @@ CVE-2020-9872 CVE-2020-9871 RESERVED CVE-2020-9870 (A logic issue was addressed with improved validation. This issue is fi ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9869 RESERVED CVE-2020-9868 @@ -38421,9 +38421,9 @@ CVE-2020-9867 CVE-2020-9866 RESERVED CVE-2020-9865 (A memory corruption issue was addressed by removing the vulnerable cod ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9864 (A logic issue was addressed with improved restrictions. This issue is ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9863 RESERVED CVE-2020-9862 (A command injection issue existed in Web Inspector. This issue was add ...) @@ -38593,7 +38593,7 @@ CVE-2020-9801 (A logic issue was addressed with improved restrictions. This issu CVE-2020-9800 (A type confusion issue was addressed with improved memory handling. Th ...) NOT-FOR-US: Apple CVE-2020-9799 (An out-of-bounds read was addressed with improved bounds checking. Thi ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9798 RESERVED CVE-2020-9797 (An information disclosure issue was addressed by removing the vulnerab ...) -- cgit v1.2.3