diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-09-24 22:19:10 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-09-24 22:23:54 +0200 |
| commit | cbdeeab007204f9311866a312e887fd14ff5ace7 (patch) | |
| tree | 86554bc7bacf0d2caf057b22448aad2efcb1ae73 /data | |
| parent | ec5ed763f08a1330bd11609c0d21f35f00bf0f0a (diff) | |
Process some NFUs
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 148 |
1 files changed, 74 insertions, 74 deletions
diff --git a/data/CVE/list b/data/CVE/list index d25e3543d8..e7cf70e324 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3761,7 +3761,7 @@ CVE-2020-24367 CVE-2020-24366 RESERVED CVE-2020-24365 (An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-12 ...) - TODO: check + NOT-FOR-US: Gemtek devices CVE-2020-24364 (MineTime through 1.8.5 allows arbitrary command execution via the note ...) NOT-FOR-US: MineTime CVE-2020-24363 (TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticat ...) @@ -7617,7 +7617,7 @@ CVE-2020-22455 CVE-2020-22454 RESERVED CVE-2020-22453 (Untis WebUntis before 2020.9.6 allows XSS in multiple functions that s ...) - TODO: check + NOT-FOR-US: Untis WebUntis CVE-2020-22452 RESERVED CVE-2020-22451 @@ -20377,9 +20377,9 @@ CVE-2020-16150 (A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in lib CVE-2020-16149 REJECTED CVE-2020-16148 (The ping page of the administration panel in Telmat AccessLog <= 6. ...) - TODO: check + NOT-FOR-US: Telmat AccessLog CVE-2020-16147 (The login page in Telmat AccessLog <= 6.0 (TAL_20180415) allows an ...) - TODO: check + NOT-FOR-US: Telmat AccessLog CVE-2020-16146 RESERVED CVE-2020-16145 (Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML me ...) @@ -20880,7 +20880,7 @@ CVE-2020-15932 (Overwolf before 0.149.2.30 mishandles Symbolic Links during upda CVE-2020-15931 RESERVED CVE-2020-15930 (An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary cod ...) - TODO: check + NOT-FOR-US: Joplin desktop CVE-2020-15929 RESERVED CVE-2020-15928 @@ -21097,7 +21097,7 @@ CVE-2020-15842 (Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack CVE-2020-15841 (Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7 ...) NOT-FOR-US: Liferay CVE-2020-15840 (In Liferay Portal before 7.3.1, Liferay Portal 6.2 EE, and Liferay DXP ...) - TODO: check + NOT-FOR-US: Liferay CVE-2020-15839 (Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 an ...) NOT-FOR-US: Liferay CVE-2020-15838 @@ -28310,7 +28310,7 @@ CVE-2020-13121 (Submitty through 20.04.01 has an open redirect via authenticatio CVE-2020-13120 RESERVED CVE-2020-13119 (ismartgate PRO 1.5.9 is vulnerable to clickjacking. ...) - TODO: check + NOT-FOR-US: ismartgate PRO CVE-2020-13118 (An issue was discovered in Mikrotik-Router-Monitoring-System through 2 ...) NOT-FOR-US: Mikrotik-Router-Monitoring-System CVE-2020-13117 @@ -28941,19 +28941,19 @@ CVE-2020-12845 (Cherokee 0.4.27 to 1.2.104 is affected by a denial of service du CVE-2020-12844 RESERVED CVE-2020-12843 (ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the f ...) - TODO: check + NOT-FOR-US: ismartgate PRO CVE-2020-12842 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appendin ...) - TODO: check + NOT-FOR-US: ismartgate PRO CVE-2020-12841 (ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...) - TODO: check + NOT-FOR-US: ismartgate PRO CVE-2020-12840 (ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...) - TODO: check + NOT-FOR-US: ismartgate PRO CVE-2020-12839 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appendin ...) - TODO: check + NOT-FOR-US: ismartgate PRO CVE-2020-12838 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appendin ...) - TODO: check + NOT-FOR-US: ismartgate PRO CVE-2020-12837 (ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the f ...) - TODO: check + NOT-FOR-US: ismartgate PRO CVE-2020-12836 RESERVED CVE-2020-12835 (An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to ...) @@ -29011,13 +29011,13 @@ CVE-2020-12820 CVE-2020-12819 RESERVED CVE-2020-12818 (An insufficient logging vulnerability in FortiGate before 6.4.1 may al ...) - TODO: check + NOT-FOR-US: FortiGuard CVE-2020-12817 (An improper neutralization of input vulnerability in FortiAnalyzer bef ...) - TODO: check + NOT-FOR-US: FortiGuard CVE-2020-12816 (An improper neutralization of input vulnerability in FortiNAC before 8 ...) - TODO: check + NOT-FOR-US: FortiGuard CVE-2020-12815 (An improper neutralization of input vulnerability in FortiTester befor ...) - TODO: check + NOT-FOR-US: FortiGuard CVE-2020-12814 RESERVED CVE-2020-12813 @@ -29025,7 +29025,7 @@ CVE-2020-12813 CVE-2020-12812 (An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, ...) NOT-FOR-US: Fortinet CVE-2020-12811 (An improper neutralization of script-related HTML tags in a web page i ...) - TODO: check + NOT-FOR-US: FortiGuard CVE-2020-12810 RESERVED CVE-2020-12809 @@ -30492,11 +30492,11 @@ CVE-2016-11054 (NETGEAR DGN2200v4 devices before 2017-01-06 are affected by comm CVE-2020-12283 (Sourcegraph before 3.15.1 has a vulnerable authentication workflow bec ...) NOT-FOR-US: Sourcegraph CVE-2020-12282 (iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in ...) - TODO: check + NOT-FOR-US: iSmartgate PRO CVE-2020-12281 (iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...) - TODO: check + NOT-FOR-US: iSmartgate PRO CVE-2020-12280 (iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...) - TODO: check + NOT-FOR-US: iSmartgate PRO CVE-2020-12279 (An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99. ...) - libgit2 0.28.4+dfsg.1-2 [buster] - libgit2 <no-dsa> (Minor issue; only problematic when used on NTFS like filesystem) @@ -54584,9 +54584,9 @@ CVE-2020-3562 CVE-2020-3561 RESERVED CVE-2020-3560 (A vulnerability in Cisco Aironet Access Points (APs) could allow an un ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3559 (A vulnerability in Cisco Aironet Access Point (AP) Software could allo ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3558 RESERVED CVE-2020-3557 @@ -54600,7 +54600,7 @@ CVE-2020-3554 CVE-2020-3553 RESERVED CVE-2020-3552 (A vulnerability in the Ethernet packet handling of Cisco Aironet Acces ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3551 RESERVED CVE-2020-3550 @@ -54650,13 +54650,13 @@ CVE-2020-3529 CVE-2020-3528 RESERVED CVE-2020-3527 (A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Sw ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3526 (A vulnerability in the Common Open Policy Service (COPS) engine of Cis ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3525 RESERVED CVE-2020-3524 (A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3523 (A vulnerability in the web-based management interface of Cisco Data Ce ...) NOT-FOR-US: Cisco CVE-2020-3522 (A vulnerability in the web-based management interface of Cisco Data Ce ...) @@ -54672,23 +54672,23 @@ CVE-2020-3518 (A vulnerability in the web-based management interface of Cisco Da CVE-2020-3517 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS S ...) NOT-FOR-US: Cisco CVE-2020-3516 (A vulnerability in the web server authentication of Cisco IOS XE Softw ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3515 RESERVED CVE-2020-3514 RESERVED CVE-2020-3513 (Multiple vulnerabilities in the initialization routines that are execu ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3512 (A vulnerability in the PROFINET handler for Link Layer Discovery Proto ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3511 (A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3510 (A vulnerability in the Umbrella Connector component of Cisco IOS XE So ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3509 (A vulnerability in the DHCP message handler of Cisco IOS XE Software f ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3508 (A vulnerability in the IP Address Resolution Protocol (ARP) feature of ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3507 (Multiple vulnerabilities in the Cisco Discovery Protocol implementatio ...) NOT-FOR-US: Cisco CVE-2020-3506 (Multiple vulnerabilities in the Cisco Discovery Protocol implementatio ...) @@ -54698,7 +54698,7 @@ CVE-2020-3505 (A vulnerability in the Cisco Discovery Protocol of Cisco Video Su CVE-2020-3504 (A vulnerability in the local management (local-mgmt) CLI of Cisco UCS ...) NOT-FOR-US: Cisco CVE-2020-3503 (A vulnerability in the file system permissions of Cisco IOS XE Softwar ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3502 (Multiple vulnerabilities in the user interface of Cisco Webex Meetings ...) NOT-FOR-US: Cisco CVE-2020-3501 (Multiple vulnerabilities in the user interface of Cisco Webex Meetings ...) @@ -54710,29 +54710,29 @@ CVE-2020-3499 CVE-2020-3498 (A vulnerability in Cisco Jabber software could allow an authenticated, ...) NOT-FOR-US: Cisco CVE-2020-3497 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3496 (A vulnerability in the IPv6 packet processing engine of Cisco Small Bu ...) NOT-FOR-US: Cisco CVE-2020-3495 (A vulnerability in Cisco Jabber for Windows could allow an authenticat ...) NOT-FOR-US: Cisco CVE-2020-3494 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3493 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3492 (A vulnerability in the Flexible NetFlow Version 9 packet processor of ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3491 (A vulnerability in the web-based management interface of Cisco Vision ...) NOT-FOR-US: Cisco CVE-2020-3490 (A vulnerability in the web-based management interface of Cisco Vision ...) NOT-FOR-US: Cisco CVE-2020-3489 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3488 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3487 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3486 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3485 (A vulnerability in the role-based access control (RBAC) functionality ...) NOT-FOR-US: Cisco CVE-2020-3484 (A vulnerability in the web-based management interface of Cisco Vision ...) @@ -54747,19 +54747,19 @@ CVE-2020-3481 (A vulnerability in the EGG archive parsing module in Clam AntiVir [buster] - clamav 0.102.4+dfsg-0+deb10u1 NOTE: https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html CVE-2020-3480 (Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco I ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3479 (A vulnerability in the implementation of Multiprotocol Border Gateway ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3478 (A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure ...) NOT-FOR-US: Cisco CVE-2020-3477 (A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3476 (A vulnerability in the CLI implementation of a specific command of Cis ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3475 (Multiple vulnerabilities in the web management framework of Cisco IOS ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3474 (Multiple vulnerabilities in the web management framework of Cisco IOS ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3473 (A vulnerability in task group assignment for a specific CLI command in ...) NOT-FOR-US: Cisco CVE-2020-3472 (A vulnerability in the contacts feature of Cisco Webex Meetings could ...) @@ -54777,7 +54777,7 @@ CVE-2020-3467 CVE-2020-3466 (Multiple vulnerabilities in the web-based management interface of Cisc ...) NOT-FOR-US: Cisco CVE-2020-3465 (A vulnerability in Cisco IOS XE Software could allow an unauthenticate ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3464 (A vulnerability in the web-based management interface of Cisco UCS Dir ...) NOT-FOR-US: Cisco CVE-2020-3463 (A vulnerability in the web-based management interface of Cisco Webex M ...) @@ -54849,37 +54849,37 @@ CVE-2020-3431 CVE-2020-3430 (A vulnerability in the application protocol handling features of Cisco ...) NOT-FOR-US: Cisco CVE-2020-3429 (A vulnerability in the WPA2 and WPA3 security implementation of Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3428 (A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wi ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3427 RESERVED CVE-2020-3426 (A vulnerability in the implementation of the Low Power, Wide Area (LPW ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3425 (Multiple vulnerabilities in the web management framework of Cisco IOS ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3424 RESERVED CVE-2020-3423 (A vulnerability in the implementation of the Lua interpreter that is i ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3422 (A vulnerability in the IP Service Level Agreement (SLA) responder feat ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3421 (Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco I ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3420 RESERVED CVE-2020-3419 RESERVED CVE-2020-3418 (A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3417 (A vulnerability in Cisco IOS XE Software could allow an authenticated, ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3416 (Multiple vulnerabilities in the initialization routines that are execu ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3415 (A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Sof ...) NOT-FOR-US: Cisco CVE-2020-3414 (A vulnerability in the packet processing of Cisco IOS XE Software for ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3413 (A vulnerability in the scheduled meeting template feature of Cisco Web ...) NOT-FOR-US: Cisco CVE-2020-3412 (A vulnerability in the scheduled meeting template feature of Cisco Web ...) @@ -54889,45 +54889,45 @@ CVE-2020-3411 (A vulnerability in Cisco DNA Center software could allow an unaut CVE-2020-3410 RESERVED CVE-2020-3409 (A vulnerability in the PROFINET feature of Cisco IOS Software and Cisc ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3408 (A vulnerability in the Split DNS feature of Cisco IOS Software and Cis ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3407 (A vulnerability in the RESTCONF and NETCONF-YANG access control list ( ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3406 (A vulnerability in the web-based management interface of the Cisco SD- ...) NOT-FOR-US: Cisco CVE-2020-3405 (A vulnerability in the web UI of Cisco SD-WAN vManage Software could a ...) NOT-FOR-US: Cisco CVE-2020-3404 (A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cis ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3403 (A vulnerability in the CLI of Cisco IOS XE Software could allow an aut ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3402 (A vulnerability in the Java Remote Method Invocation (RMI) interface o ...) NOT-FOR-US: Cisco CVE-2020-3401 (A vulnerability in the web-based management interface of Cisco SD-WAN ...) NOT-FOR-US: Cisco CVE-2020-3400 (A vulnerability in the web UI feature of Cisco IOS XE Software could a ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3399 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3398 (A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MV ...) NOT-FOR-US: Cisco CVE-2020-3397 (A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MV ...) NOT-FOR-US: Cisco CVE-2020-3396 (A vulnerability in the file system on the pluggable USB 3.0 Solid Stat ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3395 RESERVED CVE-2020-3394 (A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Serie ...) NOT-FOR-US: Cisco CVE-2020-3393 (A vulnerability in the application-hosting subsystem of Cisco IOS XE S ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3392 RESERVED CVE-2020-3391 (A vulnerability in Cisco Digital Network Architecture (DNA) Center cou ...) NOT-FOR-US: Cisco CVE-2020-3390 (A vulnerability in Simple Network Management Protocol (SNMP) trap gene ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3389 (A vulnerability in the installation component of Cisco Hyperflex HX-Se ...) NOT-FOR-US: Cisco CVE-2020-3388 (A vulnerability in the CLI of Cisco SD-WAN vManage Software could allo ...) @@ -54989,7 +54989,7 @@ CVE-2020-3361 (A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings CVE-2020-3360 (A vulnerability in the Web Access feature of Cisco IP Phones Series 78 ...) NOT-FOR-US: Cisco CVE-2020-3359 (A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE So ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3358 (A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisc ...) NOT-FOR-US: Cisco CVE-2020-3357 (A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco ...) @@ -55437,7 +55437,7 @@ CVE-2020-3143 (A vulnerability in the video endpoint API (xAPI) of Cisco TelePre CVE-2020-3142 (A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Me ...) NOT-FOR-US: Cisco CVE-2020-3141 (Multiple vulnerabilities in the web management framework of Cisco IOS ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-3140 (A vulnerability in the web management interface of Cisco Prime License ...) NOT-FOR-US: Cisco CVE-2020-3139 (A vulnerability in the out of band (OOB) management interface IP table ...) |