From f600595b5a03db9f8a7da24c39675f9e78705d91 Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Wed, 28 Oct 2020 14:03:14 +0100 Subject: NFUs --- data/CVE/list | 48 ++++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) (limited to 'data/CVE/list') diff --git a/data/CVE/list b/data/CVE/list index 86ae842e3e..9597c4955b 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -21,7 +21,7 @@ CVE-2020-27959 CVE-2020-27958 RESERVED CVE-2020-27957 (The RandomGameUnit extension for MediaWiki through 1.35 was not proper ...) - TODO: check + NOT-FOR-US: MediaWiki extension CVE-2020-27956 (An Arbitrary File Upload in the Upload Image component in SourceCodest ...) NOT-FOR-US: SourceCodester Car Rental Management System CVE-2020-27955 @@ -159,7 +159,7 @@ CVE-2020-27890 (The Zigbee protocol implementation on Texas Instruments CC2538 d CVE-2020-27889 RESERVED CVE-2020-27888 (An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC- ...) - TODO: check + NOT-FOR-US: Ubiquiti CVE-2021-0300 RESERVED CVE-2021-0299 @@ -429,7 +429,7 @@ CVE-2020-27855 CVE-2020-27854 RESERVED CVE-2020-27853 (Wire before 2020-10-16 allows remote attackers to cause a denial of se ...) - TODO: check + NOT-FOR-US: Wire app CVE-2020-27852 RESERVED CVE-2020-27851 @@ -27363,11 +27363,11 @@ CVE-2020-15276 CVE-2020-15275 RESERVED CVE-2020-15274 (In Wiki.js before version 2.5.162, an XSS payload can be injected in a ...) - TODO: check + NOT-FOR-US: Wiki.js CVE-2020-15273 RESERVED CVE-2020-15272 (In the git-tag-annotation-action (open source GitHub Action) before ve ...) - TODO: check + NOT-FOR-US: git-tag-annotation-action CVE-2020-15271 (In lookatme (python/pypi package) versions prior to 2.3.0, the package ...) - lookatme (bug #972988) NOTE: https://github.com/d0c-s4vage/lookatme/security/advisories/GHSA-c84h-w6cr-5v8q @@ -42767,7 +42767,7 @@ CVE-2020-9981 CVE-2020-9980 (An out-of-bounds write issue was addressed with improved bounds checki ...) NOT-FOR-US: Apple CVE-2020-9979 (A trust issue was addressed by removing a legacy API. This issue is fi ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9978 RESERVED CVE-2020-9977 @@ -42779,7 +42779,7 @@ CVE-2020-9975 CVE-2020-9974 RESERVED CVE-2020-9973 (An out-of-bounds read was addressed with improved bounds checking. Thi ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9972 RESERVED CVE-2020-9971 @@ -42803,7 +42803,7 @@ CVE-2020-9963 CVE-2020-9962 RESERVED CVE-2020-9961 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9960 RESERVED CVE-2020-9959 (A lock screen issue allowed access to messages on a locked device. Thi ...) @@ -42843,7 +42843,7 @@ CVE-2020-9943 CVE-2020-9942 RESERVED CVE-2020-9941 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9940 (A buffer overflow issue was addressed with improved memory handling. T ...) NOT-FOR-US: Apple CVE-2020-9939 (This issue was addressed with improved checks. This issue is fixed in ...) @@ -42861,7 +42861,7 @@ CVE-2020-9934 (An issue existed in the handling of environment variables. This i CVE-2020-9933 (An authorization issue was addressed with improved state management. T ...) NOT-FOR-US: Apple CVE-2020-9932 (A memory corruption issue was addressed with improved validation. This ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9931 (A denial of service issue was addressed with improved input validation ...) NOT-FOR-US: Apple CVE-2020-9930 @@ -43018,7 +43018,7 @@ CVE-2020-9868 (A certificate validation issue existed when processing administra CVE-2020-9867 RESERVED CVE-2020-9866 (A buffer overflow was addressed with improved bounds checking. This is ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9865 (A memory corruption issue was addressed by removing the vulnerable cod ...) NOT-FOR-US: Apple CVE-2020-9864 (A logic issue was addressed with improved restrictions. This issue is ...) @@ -43035,13 +43035,13 @@ CVE-2020-9862 (A command injection issue existed in Web Inspector. This issue wa CVE-2020-9861 RESERVED CVE-2020-9860 (A custom URL scheme handling issue was addressed with improved input v ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9859 (A memory consumption issue was addressed with improved memory handling ...) NOT-FOR-US: Apple CVE-2020-9858 (A dynamic library loading issue was addressed with improved path searc ...) NOT-FOR-US: Apple CVE-2020-9857 (An issue existed in the parsing of URLs. This issue was addressed with ...) - TODO: check + NOT-FOR-US: Safari CVE-2020-9856 (This issue was addressed with improved checks. This issue is fixed in ...) NOT-FOR-US: Apple CVE-2020-9855 (A validation issue existed in the handling of symlinks. This issue was ...) @@ -43219,7 +43219,7 @@ CVE-2020-9788 (A validation issue was addressed with improved input sanitization CVE-2020-9787 (A logic issue was addressed with improved restrictions. This issue is ...) NOT-FOR-US: Apple CVE-2020-9786 (This issue was addressed with improved checks This issue is fixed in m ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9785 (Multiple memory corruption issues were addressed with improved state m ...) NOT-FOR-US: Apple CVE-2020-9784 (A logic issue was addressed with improved restrictions. This issue is ...) @@ -43227,7 +43227,7 @@ CVE-2020-9784 (A logic issue was addressed with improved restrictions. This issu CVE-2020-9783 (A use after free issue was addressed with improved memory management. ...) NOT-FOR-US: Apple CVE-2020-9782 (A parsing issue in the handling of directory paths was addressed with ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9781 (The issue was addressed by clearing website permission prompts after n ...) NOT-FOR-US: Apple CVE-2020-9780 (The issue was resolved by clearing application previews when content i ...) @@ -43243,7 +43243,7 @@ CVE-2020-9776 (This issue was addressed with a new entitlement. This issue is fi CVE-2020-9775 (An issue existed in the handling of tabs displaying picture in picture ...) NOT-FOR-US: Apple CVE-2020-9774 (An issue existed with Siri Suggestions access to encrypted data. The i ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-9773 (The issue was addressed with improved handling of icon caches. This is ...) NOT-FOR-US: Apple CVE-2020-9772 (A logic issue was addressed with improved restrictions. This issue is ...) @@ -58569,7 +58569,7 @@ CVE-2020-3882 (This issue was addressed with improved checks. This issue is fixe CVE-2020-3881 (A logic issue was addressed with improved state management. This issue ...) NOT-FOR-US: Apple CVE-2020-3880 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-3879 RESERVED CVE-2020-3878 (An out-of-bounds read was addressed with improved input validation. Th ...) @@ -58623,7 +58623,7 @@ CVE-2020-3864 (A logic issue was addressed with improved validation. This issue - wpewebkit 2.26.4-1 NOTE: https://webkitgtk.org/security/WSA-2020-0002.html CVE-2020-3863 (A memory corruption issue was addressed with improved memory handling. ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-3862 (A denial of service issue was addressed with improved memory handling. ...) {DSA-4627-1} - webkit2gtk 2.26.4-1 @@ -58644,15 +58644,15 @@ CVE-2020-3857 (A memory corruption issue was addressed with improved memory hand CVE-2020-3856 (A memory corruption issue was addressed with improved input validation ...) NOT-FOR-US: Apple CVE-2020-3855 (An access issue was addressed with improved access restrictions. This ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-3854 (A memory corruption issue was addressed with improved memory handling. ...) NOT-FOR-US: Apple CVE-2020-3853 (A type confusion issue was addressed with improved memory handling. Th ...) NOT-FOR-US: Apple CVE-2020-3852 (A logic issue was addressed with improved validation. This issue is fi ...) - TODO: check + NOT-FOR-US: Safari CVE-2020-3851 (A use after free issue was addressed with improved memory management. ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-3850 (A memory corruption issue was addressed with improved input validation ...) NOT-FOR-US: Apple CVE-2020-3849 (A memory corruption issue was addressed with improved input validation ...) @@ -63963,7 +63963,7 @@ CVE-2020-1917 CVE-2020-1916 RESERVED CVE-2020-1915 (An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes ...) - TODO: check + NOT-FOR-US: Facebook Hermes CVE-2020-1914 (A logic vulnerability when handling the SaveGeneratorLong instruction ...) NOT-FOR-US: Facebook Hermes CVE-2020-1913 (An Integer signedness error in the JavaScript Interpreter in Facebook ...) @@ -100829,13 +100829,13 @@ CVE-2019-8903 (index.js in Total.js Platform before 3.2.3 allows path traversal. CVE-2019-8902 (An issue was discovered in idreamsoft iCMS through 7.0.14. A CSRF vuln ...) NOT-FOR-US: idreamsoft iCMS CVE-2019-8901 (This issue was addressed by verifying host keys when connecting to a p ...) - TODO: check + NOT-FOR-US: Apple CVE-2019-8900 RESERVED CVE-2019-8899 RESERVED CVE-2019-8898 (An information disclosure issue existed in the handling of the Storage ...) - TODO: check + NOT-FOR-US: Apple CVE-2019-8897 RESERVED CVE-2019-8896 -- cgit v1.2.3