summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMoritz Muehlenhoff <jmm@debian.org>2020-05-23 23:10:59 +0200
committerMoritz Muehlenhoff <jmm@debian.org>2020-05-23 23:10:59 +0200
commitda8c828498df78d5f032baab810b6a18092de9ce (patch)
tree05c2a3ccf4f33f0dcf429fc9691d99052c6ec13d
parent643a2f168f653a2a0e5b48d0044a5e3286107445 (diff)
NFUs
amarok non issue
-rw-r--r--data/CVE/list.202021
1 files changed, 11 insertions, 10 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index 56c0fb5..b42e725 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -1,7 +1,7 @@
CVE-2020-13425 (TrackR devices through 2020-05-06 allow attackers to trigger the Beep ...)
- TODO: check
+ NOT-FOR-US: TrackR
CVE-2020-13424 (The XCloner component before 3.5.4 for Joomla! allows Authenticated Lo ...)
- TODO: check
+ NOT-FOR-US: Joomla addon
CVE-2020-13423
RESERVED
CVE-2020-13422
@@ -79,7 +79,7 @@ CVE-2020-13390 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD0
CVE-2020-13389 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
NOT-FOR-US: Tenda devices
CVE-2020-13388 (An exploitable vulnerability exists in the configuration-loading funct ...)
- TODO: check
+ NOT-FOR-US: jw.util
CVE-2020-13387
RESERVED
CVE-2020-13386
@@ -339,7 +339,7 @@ CVE-2020-13260
CVE-2020-13259
RESERVED
CVE-2020-13258 (Contentful through 2020-05-21 for Python allows reflected XSS, as demo ...)
- TODO: check
+ NOT-FOR-US: Contentful
CVE-2020-13257
RESERVED
CVE-2020-13256
@@ -375,7 +375,7 @@ CVE-2020-13243
CVE-2020-13242
RESERVED
CVE-2020-13241 (Microweber 1.1.18 allows Unrestricted File Upload because admin/view:m ...)
- TODO: check
+ NOT-FOR-US: Microweber
CVE-2020-13240 (The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup doc ...)
- dolibarr <removed>
CVE-2020-13239 (The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html file ...)
@@ -526,7 +526,7 @@ CVE-2020-13169
CVE-2020-13168
RESERVED
CVE-2020-13167 (Netsweeper through 6.4.3 allows unauthenticated remote code execution ...)
- TODO: check
+ NOT-FOR-US: Netsweeper
CVE-2020-13166 (The management tool in MyLittleAdmin 3.8 allows remote attackers to ex ...)
NOT-FOR-US: MyLittleAdmin
CVE-2020-13165
@@ -540,7 +540,7 @@ CVE-2020-13164 (In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.1
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e6e98eab8e5e0bbc982cfdc808f2469d7cab6c5a
NOTE: https://www.wireshark.org/security/wnpa-sec-2020-08.html
CVE-2020-13163 (em-imap 0.5 uses the library eventmachine in an insecure way that allo ...)
- TODO: check
+ NOT-FOR-US: em-imap
CVE-2020-13162
RESERVED
CVE-2020-13161
@@ -562,7 +562,8 @@ CVE-2020-13154 (Zoho ManageEngine Service Plus before 11.1 build 11112 allows lo
CVE-2020-13153 (app/View/Events/resolved_attributes.ctp in MISP before 2.4.126 has XSS ...)
NOT-FOR-US: MISP
CVE-2020-13152 (A remote user can create a specially crafted M3U file, media playlist ...)
- TODO: check
+ - amarok <removed>
+ NOTE: Elevated resource usage in client application, no security impact
CVE-2020-13151
RESERVED
CVE-2020-13150
@@ -1705,7 +1706,7 @@ CVE-2020-12649 (Gurbalib through 2020-04-30 allows lib/cmds/player/help.c direct
CVE-2020-12648
RESERVED
CVE-2020-12647 (Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 6 ...)
- TODO: check
+ NOT-FOR-US: Unisys ALGOL Compiler
CVE-2020-12646
RESERVED
CVE-2020-12645
@@ -3673,7 +3674,7 @@ CVE-2020-11768 (Certain NETGEAR devices are affected by Stored XSS. This affects
CVE-2020-11767 (Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue. I ...)
NOT-FOR-US: itsio
CVE-2020-11766 (sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web I ...)
- TODO: check
+ NOT-FOR-US: iFAX AvantFAX
CVE-2020-11765 (An issue was discovered in OpenEXR before 2.4.1. There is an off-by-on ...)
[experimental] - openexr 2.5.0-1
- openexr <unfixed> (bug #959444)

© 2014-2020 Faster IT GmbH | imprint | privacy policy