Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8297ced8 by Salvatore Bonaccorso at 2020-07-01T22:16:34+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24037,7 +24037,7 @@ CVE-2020-6263 (Standalone clients connecting to SAP
NetWeaver AS Java via P4 Pro
CVE-2020-6262 (Service Data Download in SAP Application Server ABAP (ST-PI,
before ve ...)
NOT-FOR-US: SAP
CVE-2020-6261 (SAP Solution Manager (Trace Analysis), version 7.20, allows an
attacke ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2020-6260 (SAP Solution Manager (Trace Analysis), version 7.20, allows an
attacke ...)
NOT-FOR-US: SAP
CVE-2020-6259 (Under certain conditions SAP Adaptive Server Enterprise,
versions 15.7 ...)
@@ -24857,19 +24857,19 @@ CVE-2020-5910
CVE-2020-5909
RESERVED
CVE-2020-5908 (In versions bundled with BIG-IP APM 12.1.0-12.1.5 and
11.6.1-11.6.5.2, ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2020-5907 (In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.3,
13.1.0-13.1.3.3, ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2020-5906 (In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and
11.6.1-11.6.5.2, the ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2020-5905 (In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration
utility ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2020-5904 (In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5,
13.1.0-13.1.3.3, ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2020-5903 (In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5,
13.1.0-13.1.3.3, ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2020-5902 (In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5,
13.1.0-13.1.3.3, ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2020-5901 (In NGINX Controller 3.3.0-3.4.0, undisclosed API endpoints may
allow f ...)
TODO: check
CVE-2020-5900 (In versions 3.0.0-3.4.0, 2.0.0-2.9.0, and 1.0.1, there is
insufficient ...)
@@ -28508,7 +28508,7 @@ CVE-2020-4422 (IBM i2 Intelligent Analyis Platform
9.2.1 could allow a remote at
CVE-2020-4421 (IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4
could allo ...)
NOT-FOR-US: IBM
CVE-2020-4420 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 9.7, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4419 (IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is
vulnerable to cr ...)
NOT-FOR-US: IBM
CVE-2020-4418
@@ -28520,7 +28520,7 @@ CVE-2020-4416
CVE-2020-4415 (IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a
stack-based ...)
NOT-FOR-US: IBM
CVE-2020-4414 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 9.7, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4413 (IBM Security Secret Server 10.7 could allow a remote attacker
to obtai ...)
NOT-FOR-US: IBM
CVE-2020-4412 (The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through
5.0.4. ...)
@@ -28574,9 +28574,9 @@ CVE-2020-4389
CVE-2020-4388
RESERVED
CVE-2020-4387 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 9.7, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4386 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 9.7, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4385
RESERVED
CVE-2020-4384 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is
vulnerable t ...)
@@ -28596,7 +28596,7 @@ CVE-2020-4378 (IBM Spectrum Scale 5.0.0.0 through
5.0.4.4 could allow a privileg
CVE-2020-4377
RESERVED
CVE-2020-4376 (IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0.4 and
8.1.0 could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4375
RESERVED
CVE-2020-4374
@@ -28622,7 +28622,7 @@ CVE-2020-4365 (IBM WebSphere Application Server 8.5 is
vulnerable to server-side
CVE-2020-4364
RESERVED
CVE-2020-4363 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 9.7, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4362 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0
traditional is ...)
NOT-FOR-US: IBM
CVE-2020-4361
@@ -28638,7 +28638,7 @@ CVE-2020-4357 (IBM Spectrum Scale 5.0.0.0 through
5.0.4.4 could allow a remote a
CVE-2020-4356
RESERVED
CVE-2020-4355 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 9.7, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4354
RESERVED
CVE-2020-4353 (IBM MaaS360 6.82 could allow a user with pysical access to the
device ...)
@@ -82999,11 +82999,11 @@ CVE-2019-4708
CVE-2019-4707 (IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to
an XML ...)
NOT-FOR-US: IBM
CVE-2019-4706 (IBM Security Identity Manager Virtual Appliance 7.0.2 writes
informati ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4705 (IBM Security Identity Manager Virtual Appliance 7.0.2 discloses
sensit ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4704 (IBM Security Identity Manager Virtual Appliance 7.0.2 does not
set the ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4703 (IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting
Microsoft ...)
NOT-FOR-US: IBM
CVE-2019-4702
@@ -83059,7 +83059,7 @@ CVE-2019-4678
CVE-2019-4677
RESERVED
CVE-2019-4676 (IBM Security Identity Manager Virtual Appliance 7.0.2 stores
user cred ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4675 (IBM Security Identity Manager 7.0.1 contains hard-coded
credentials, s ...)
NOT-FOR-US: IBM
CVE-2019-4674 (IBM Security Identity Manager 7.0.1 could allow a remote
attacker to t ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8297ced8c872a270bc0ec6b0bc11a08b8c6bdb5d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8297ced8c872a270bc0ec6b0bc11a08b8c6bdb5d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
