Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
04b2ba90 by security tracker role at 2020-09-11T20:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2020-25277
+ RESERVED
+CVE-2020-25276 (An issue was discovered in PrimeKey EJBCA 6.x and 7.x before
7.4.1. Wh ...)
+ TODO: check
+CVE-2020-25275
+ RESERVED
+CVE-2020-25274
+ RESERVED
+CVE-2014-10401 (An issue was discovered in the DBI module before 1.632 for
Perl. DBD:: ...)
+ TODO: check
+CVE-2013-7491 (An issue was discovered in the DBI module before 1.628 for
Perl. Stack ...)
+ TODO: check
+CVE-2013-7490 (An issue was discovered in the DBI module before 1.632 for
Perl. Using ...)
+ TODO: check
CVE-2020-25273
RESERVED
CVE-2020-25272
@@ -186,6 +200,7 @@ CVE-2020-25201
CVE-2020-25200
RESERVED
CVE-2019-20916 (The pip package before 19.2 for Python allows Directory
Traversal when ...)
+ {DLA-2370-1}
- python-pip 20.0.2-1
NOTE: https://github.com/pypa/pip/issues/6413
NOTE:
https://github.com/pypa/pip/commit/a4c735b14a62f9cb864533808ac63936704f2ace
(19.2)
@@ -16999,34 +17014,34 @@ CVE-2020-16886
RESERVED
CVE-2020-16885
RESERVED
-CVE-2020-16884
- RESERVED
+CVE-2020-16884 (A remote code execution vulnerability exists in the way that
the IEToE ...)
+ TODO: check
CVE-2020-16883
RESERVED
CVE-2020-16882
RESERVED
-CVE-2020-16881
- RESERVED
+CVE-2020-16881 (A remote code execution vulnerability exists in Visual Studio
Code whe ...)
+ TODO: check
CVE-2020-16880
RESERVED
-CVE-2020-16879
- RESERVED
-CVE-2020-16878
- RESERVED
+CVE-2020-16879 (An information disclosure vulnerability exists when a Windows
Projecte ...)
+ TODO: check
+CVE-2020-16878 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
+ TODO: check
CVE-2020-16877
RESERVED
CVE-2020-16876
RESERVED
-CVE-2020-16875
- RESERVED
-CVE-2020-16874
- RESERVED
-CVE-2020-16873
- RESERVED
-CVE-2020-16872
- RESERVED
-CVE-2020-16871
- RESERVED
+CVE-2020-16875 (A remote code execution vulnerability exists in Microsoft
Exchange ser ...)
+ TODO: check
+CVE-2020-16874 (A remote code execution vulnerability exists in Visual Studio
when it ...)
+ TODO: check
+CVE-2020-16873 (A spoofing vulnerability manifests in Microsoft Xamarin.Forms
due to t ...)
+ TODO: check
+CVE-2020-16872 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
+ TODO: check
+CVE-2020-16871 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
+ TODO: check
CVE-2020-16870
RESERVED
CVE-2020-16869
@@ -17039,34 +17054,34 @@ CVE-2020-16866
RESERVED
CVE-2020-16865
RESERVED
-CVE-2020-16864
- RESERVED
+CVE-2020-16864 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
+ TODO: check
CVE-2020-16863
RESERVED
-CVE-2020-16862
- RESERVED
-CVE-2020-16861
- RESERVED
-CVE-2020-16860
- RESERVED
-CVE-2020-16859
- RESERVED
-CVE-2020-16858
- RESERVED
-CVE-2020-16857
- RESERVED
-CVE-2020-16856
- RESERVED
-CVE-2020-16855
- RESERVED
-CVE-2020-16854
- RESERVED
-CVE-2020-16853
- RESERVED
-CVE-2020-16852
- RESERVED
-CVE-2020-16851
- RESERVED
+CVE-2020-16862 (A remote code execution vulnerability exists in Microsoft
Dynamics 365 ...)
+ TODO: check
+CVE-2020-16861 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
+ TODO: check
+CVE-2020-16860 (A remote code execution vulnerability exists in Microsoft
Dynamics 365 ...)
+ TODO: check
+CVE-2020-16859 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
+ TODO: check
+CVE-2020-16858 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
+ TODO: check
+CVE-2020-16857 (A remote code execution vulnerability exists in Microsoft
Dynamics 365 ...)
+ TODO: check
+CVE-2020-16856 (A remote code execution vulnerability exists in Visual Studio
when it ...)
+ TODO: check
+CVE-2020-16855 (An information disclosure vulnerability exists when Microsoft
Office s ...)
+ TODO: check
+CVE-2020-16854 (An information disclosure vulnerability exists when the
Windows kernel ...)
+ TODO: check
+CVE-2020-16853 (An elevation of privilege vulnerability exists when the
OneDrive for W ...)
+ TODO: check
+CVE-2020-16852 (An elevation of privilege vulnerability exists when the
OneDrive for W ...)
+ TODO: check
+CVE-2020-16851 (An elevation of privilege vulnerability exists when the
OneDrive for W ...)
+ TODO: check
CVE-2020-16850
RESERVED
CVE-2020-16849
@@ -18406,40 +18421,40 @@ CVE-2020-16230
RESERVED
CVE-2020-16229 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.
Process ...)
NOT-FOR-US: Advantech WebAccess
-CVE-2020-16228
- RESERVED
+CVE-2020-16228 (Patient Information Center iX (PICiX) Versions B.02, C.02,
C.03, Perfo ...)
+ TODO: check
CVE-2020-16227 (Delta Electronics TPEditor Versions 1.97 and prior. An
improper input ...)
NOT-FOR-US: Delta Electronics
CVE-2020-16226
RESERVED
CVE-2020-16225 (Delta Electronics TPEditor Versions 1.97 and prior. A
write-what-where ...)
NOT-FOR-US: Delta Electronics
-CVE-2020-16224
- RESERVED
+CVE-2020-16224 (Patient Information Center iX (PICiX) Versions B.02, C.02,
C.03, Perfo ...)
+ TODO: check
CVE-2020-16223 (Delta Electronics TPEditor Versions 1.97 and prior. A
heap-based buffe ...)
NOT-FOR-US: Delta Electronics
-CVE-2020-16222
- RESERVED
+CVE-2020-16222 (Patient Information Center iX (PICiX) Versions B.02, C.02,
C.03, Perfo ...)
+ TODO: check
CVE-2020-16221 (Delta Electronics TPEditor Versions 1.97 and prior. A
stack-based buff ...)
NOT-FOR-US: Delta Electronics
-CVE-2020-16220
- RESERVED
+CVE-2020-16220 (Patient Information Center iX (PICiX) Versions B.02, C.02,
C.03, Perfo ...)
+ TODO: check
CVE-2020-16219 (Delta Electronics TPEditor Versions 1.97 and prior. An
out-of-bounds r ...)
NOT-FOR-US: Delta Electronics
-CVE-2020-16218
- RESERVED
+CVE-2020-16218 (Patient Information Center iX (PICiX) Versions B.02, C.02,
C.03, Perfo ...)
+ TODO: check
CVE-2020-16217 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.
A doubl ...)
NOT-FOR-US: Advantech WebAccess
-CVE-2020-16216
- RESERVED
+CVE-2020-16216 (Patient Information Center iX (PICiX) Versions B.02, C.02,
C.03, Perfo ...)
+ TODO: check
CVE-2020-16215 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.
Process ...)
NOT-FOR-US: Advantech WebAccess
-CVE-2020-16214
- RESERVED
+CVE-2020-16214 (Patient Information Center iX (PICiX) Versions B.02, C.02,
C.03, Perfo ...)
+ TODO: check
CVE-2020-16213 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.
Process ...)
NOT-FOR-US: Advantech WebAccess
-CVE-2020-16212
- RESERVED
+CVE-2020-16212 (Patient Information Center iX (PICiX) Versions B.02, C.02,
C.03, Perfo ...)
+ TODO: check
CVE-2020-16211 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.
An out- ...)
NOT-FOR-US: Advantech WebAccess
CVE-2020-16210 (The affected product is vulnerable to reflected cross-site
scripting, ...)
@@ -19382,8 +19397,8 @@ CVE-2020-15803 (Zabbix before 3.0.32rc1, 4.x before
4.0.22rc1, 4.1.x through 4.4
- zabbix 1:5.0.2+dfsg-1 (bug #966146)
[buster] - zabbix <no-dsa> (Minor issue)
NOTE: https://support.zabbix.com/browse/ZBX-18057
-CVE-2020-15802
- RESERVED
+CVE-2020-15802 (Devices supporting Bluetooth before 5.1 may allow
man-in-the-middle at ...)
+ TODO: check
CVE-2020-15801 (In Python 3.8.4, sys.path restrictions specified in a
python38._pth fi ...)
- python3.9 <not-affected> (Windows-specific)
- python3.8 <not-affected> (Windows-specific)
@@ -20970,8 +20985,7 @@ CVE-2020-15171 (In XWiki before versions 11.10.5 or
12.2.1, any user with SCRIPT
TODO: check
CVE-2020-15170 (apollo-adminservice before version 1.7.1 does not implement
access con ...)
NOT-FOR-US: apollo-adminservice
-CVE-2020-15169
- RESERVED
+CVE-2020-15169 (In Action View before versions 5.2.4.4 and 6.0.3.3 there is a
potentia ...)
- rails 2:6.0.3.3+dfsg-1 (bug #970040)
NOTE:
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2020-15169.yml
NOTE:
https://groups.google.com/g/rubyonrails-security/c/b-C9kSGXYrc?pli=1
@@ -20985,8 +20999,7 @@ CVE-2020-15167 (In Miller (command line utility) using
the configuration file su
[buster] - miller <not-affected> (Introduced in 5.9.0)
[stretch] - miller <not-affected> (Introduced in 5.9.0)
NOTE:
https://github.com/johnkerl/miller/security/advisories/GHSA-mw2v-4q78-j2cw
-CVE-2020-15166
- RESERVED
+CVE-2020-15166 (In ZeroMQ before version 4.3.3, there is a denial-of-service
vulnerabi ...)
{DSA-4761-1}
- zeromq3 4.3.3-1
NOTE: https://www.openwall.com/lists/oss-security/2020/09/07/3
@@ -23151,8 +23164,7 @@ CVE-2020-14364 (An out-of-bounds read/write access flaw
was found in the USB emu
NOTE: https://xenbits.xen.org/xsa/advisory-335.html
NOTE: https://www.openwall.com/lists/oss-security/2020/08/24/3
NOTE:
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=b946434f2659a182afc17e155be6791ebfb302eb
-CVE-2020-14363 [Double free in libX11 locale handling code]
- RESERVED
+CVE-2020-14363 (An integer overflow vulnerability leading to a double-free was
found i ...)
{DLA-2361-1}
- libx11 <unfixed> (bug #969008)
[buster] - libx11 <no-dsa> (Minor issue, will be fixed via spu)
@@ -23291,8 +23303,7 @@ CVE-2020-14334 (A flaw was found in Red Hat Satellite 6
which allows privileged
- foreman <itp> (bug #663101)
CVE-2020-14333 (A flaw was found in Ovirt Engine's web interface in ovirt 4.4
and earl ...)
NOT-FOR-US: ovirt-engine
-CVE-2020-14332
- RESERVED
+CVE-2020-14332 (A flaw was found in the Ansible Engine when using module_args.
Tasks e ...)
- ansible <unfixed> (bug #966672)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1857805
NOTE: https://github.com/ansible/ansible/pull/71033
@@ -23301,8 +23312,7 @@ CVE-2020-14331
- linux 5.7.17-1 (unimportant)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/28/2
NOTE: Only exploitable when CONFIG_VGACON_SOFT_SCROLLBACK is set
-CVE-2020-14330
- RESERVED
+CVE-2020-14330 (An Improper Output Neutralization for Logs flaw was found in
Ansible w ...)
- ansible <unfixed>
NOTE: https://github.com/ansible/ansible/issues/68400
NOTE: Initial fix: https://github.com/ansible/ansible/pull/69653
@@ -23887,16 +23897,16 @@ CVE-2020-14102
RESERVED
CVE-2020-14101
RESERVED
-CVE-2020-14100
- RESERVED
+CVE-2020-14100 (In Xiaomi router R3600 ROM version<1.0.66, filters in the
set_WAN6 ...)
+ TODO: check
CVE-2020-14099
RESERVED
CVE-2020-14098
RESERVED
CVE-2020-14097
RESERVED
-CVE-2020-14096
- RESERVED
+CVE-2020-14096 (Memory overflow in Xiaomi AI speaker Rom version <1.59.6
can happen ...)
+ TODO: check
CVE-2020-14095 (In Xiaomi router R3600, ROM version<1.0.20, a connect
service suffe ...)
NOT-FOR-US: Xiaomi
CVE-2020-14094 (In Xiaomi router R3600, ROM version<1.0.20, the connection
service ...)
@@ -24075,20 +24085,20 @@ CVE-2020-XXXX [Editor: Ensure latest comments can
only be viewed from public pos
[stretch] - wordpress 4.7.18+dfsg-1+deb9u1
NOTE: https://core.trac.wordpress.org/changeset/47984
CVE-2020-4050 (In affected versions of WordPress, misuse of the
`set-screen-option` f ...)
- {DSA-4709-1 DLA-2269-1}
+ {DSA-4709-1 DLA-2371-1 DLA-2269-1}
- wordpress 5.4.2+dfsg1-1 (bug #962685)
NOTE: https://core.trac.wordpress.org/changeset/47951
NOTE:
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-4vpv-fgg2-gcqc
NOTE:
https://github.com/WordPress/wordpress-develop/commit/b8dea76b495f0072523106c6ec46b9ea0d2a0920
NOTE: https://core.trac.wordpress.org/ticket/50392 (regression fix)
CVE-2020-4049 (In affected versions of WordPress, when uploading themes, the
name of ...)
- {DSA-4709-1 DLA-2269-1}
+ {DSA-4709-1 DLA-2371-1 DLA-2269-1}
- wordpress 5.4.2+dfsg1-1 (bug #962685)
NOTE: https://core.trac.wordpress.org/changeset/47950
NOTE:
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-87h4-phjv-rm6p
NOTE:
https://github.com/WordPress/wordpress-develop/commit/404f397b4012fd9d382e55bf7d206c1317f01148
CVE-2020-4048 (In affected versions of WordPress, due to an issue in
wp_validate_redi ...)
- {DSA-4709-1 DLA-2269-1}
+ {DSA-4709-1 DLA-2371-1 DLA-2269-1}
- wordpress 5.4.2+dfsg1-1 (bug #962685)
NOTE: https://core.trac.wordpress.org/changeset/47949
NOTE:
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-q6pw-gvf4-5fj5
@@ -24101,7 +24111,7 @@ CVE-2020-4046 (In affected versions of WordPress, users
with low privileges (lik
NOTE: https://core.trac.wordpress.org/changeset/47947
NOTE:
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rpwf-hrh2-39jf
CVE-2020-4047 (In affected versions of WordPress, authenticated users with
upload per ...)
- {DSA-4709-1 DLA-2269-1}
+ {DSA-4709-1 DLA-2371-1 DLA-2269-1}
- wordpress 5.4.2+dfsg1-1 (bug #962685)
NOTE: https://core.trac.wordpress.org/changeset/47948
NOTE:
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-8q2w-5m27-wm27
@@ -29372,8 +29382,7 @@ CVE-2020-11993 (Apache HTTP Server versions 2.4.20 to
2.4.43 When trace/debug wa
NOTE:
https://github.com/apache/httpd/commit/63a0a87efa0925514d15c211b508f6594669888c
CVE-2020-11992
REJECTED
-CVE-2020-11991
- RESERVED
+CVE-2020-11991 (When using the StreamGenerator, the code parse a user-provided
XML. A ...)
NOT-FOR-US: Apache Cocoon
CVE-2020-11990
RESERVED
@@ -37852,8 +37861,8 @@ CVE-2020-9241 (Huawei 5G Mobile WiFi E6878-370 with
versions of 10.0.3.1(H563SP1
NOT-FOR-US: Huawei
CVE-2020-9240
RESERVED
-CVE-2020-9239
- RESERVED
+CVE-2020-9239 (Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions
earlier t ...)
+ TODO: check
CVE-2020-9238
RESERVED
CVE-2020-9237 (Huawei smartphone Taurus-AL00B with versions earlier than
10.1.0.126(C ...)
@@ -52273,7 +52282,7 @@ CVE-2020-3676 (Possible memory corruption in
perfservice due to improper validat
NOT-FOR-US: Snapdragon
CVE-2020-3675 (u'Potential integer underflow while parsing Service Info and
IPv6 link ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-3674 (u'Information can leak into userspace due to improper transfer
of data ...)
+CVE-2020-3674 (Information can leak into userspace due to improper transfer of
data f ...)
NOT-FOR-US: Snapdragon
CVE-2020-3673
RESERVED
@@ -52309,7 +52318,7 @@ CVE-2020-3658 (Possible null-pointer dereference can
occur while parsing mp4 cli
NOT-FOR-US: Snapdragon
CVE-2020-3657
RESERVED
-CVE-2020-3656 (u'Out of bound access can happen in MHI command process due to
lack of ...)
+CVE-2020-3656 (Out of bound access can happen in MHI command process due to
lack of c ...)
NOT-FOR-US: Snapdragon
CVE-2020-3655
RESERVED
@@ -59987,27 +59996,26 @@ CVE-2020-1600 (In a Point-to-Multipoint (P2MP) Label
Switched Path (LSP) scenari
NOT-FOR-US: Juniper
CVE-2020-1599
RESERVED
-CVE-2020-1598
- RESERVED
+CVE-2020-1598 (An elevation of privilege vulnerability exists when the Windows
Univer ...)
+ TODO: check
CVE-2020-1597 (A denial of service vulnerability exists when ASP.NET Core
improperly ...)
NOT-FOR-US: Microsoft
-CVE-2020-1596
- RESERVED
+CVE-2020-1596 (A information disclosure vulnerability exists when TLS
components use ...)
NOT-FOR-US: Microsoft
-CVE-2020-1595
- RESERVED
-CVE-2020-1594
- RESERVED
-CVE-2020-1593
- RESERVED
-CVE-2020-1592
- RESERVED
+CVE-2020-1595 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
+ TODO: check
+CVE-2020-1594 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
+ TODO: check
+CVE-2020-1593 (A remote code execution vulnerability exists when Windows Media
Audio ...)
+ TODO: check
+CVE-2020-1592 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
CVE-2020-1591 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
NOT-FOR-US: Microsoft
-CVE-2020-1590
- RESERVED
-CVE-2020-1589
- RESERVED
+CVE-2020-1590 (An elevation of privilege vulnerability exists when the
Connected User ...)
+ TODO: check
+CVE-2020-1589 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
CVE-2020-1588
RESERVED
CVE-2020-1587 (An elevation of privilege vulnerability exists when the Windows
Ancill ...)
@@ -60032,10 +60040,10 @@ CVE-2020-1578 (An information disclosure
vulnerability exists in the Windows ker
NOT-FOR-US: Microsoft
CVE-2020-1577 (An information disclosure vulnerability exists when DirectWrite
improp ...)
NOT-FOR-US: Microsoft
-CVE-2020-1576
- RESERVED
-CVE-2020-1575
- RESERVED
+CVE-2020-1576 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
+ TODO: check
+CVE-2020-1575 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
+ TODO: check
CVE-2020-1574 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-1573 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
@@ -60066,8 +60074,8 @@ CVE-2020-1561 (A remote code execution vulnerability
exists in the way that Micr
NOT-FOR-US: Microsoft
CVE-2020-1560 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
-CVE-2020-1559
- RESERVED
+CVE-2020-1559 (An elevation of privilege vulnerability exists when the Windows
Storag ...)
+ TODO: check
CVE-2020-1558 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2020-1557 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
@@ -60120,8 +60128,8 @@ CVE-2020-1534 (An elevation of privilege vulnerability
exists when the Windows B
NOT-FOR-US: Microsoft
CVE-2020-1533 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
-CVE-2020-1532
- RESERVED
+CVE-2020-1532 (An elevation of privilege vulnerability exists when the Windows
Instal ...)
+ TODO: check
CVE-2020-1531 (An elevation of privilege vulnerability exists when the Windows
Accoun ...)
NOT-FOR-US: Microsoft
CVE-2020-1530 (An elevation of privilege vulnerability exists when Windows
Remote Acc ...)
@@ -60138,8 +60146,8 @@ CVE-2020-1525 (A memory corruption vulnerability exists
when Windows Media Found
NOT-FOR-US: Microsoft
CVE-2020-1524 (An elevation of privilege vulnerability exists when the Windows
Speech ...)
NOT-FOR-US: Microsoft
-CVE-2020-1523
- RESERVED
+CVE-2020-1523 (A tampering vulnerability exists when Microsoft SharePoint
Server fail ...)
+ TODO: check
CVE-2020-1522 (An elevation of privilege vulnerability exists when the Windows
Speech ...)
NOT-FOR-US: Microsoft
CVE-2020-1521 (An elevation of privilege vulnerability exists when the Windows
Speech ...)
@@ -60156,8 +60164,8 @@ CVE-2020-1516 (An elevation of privilege vulnerability
exists when the Windows W
NOT-FOR-US: Microsoft
CVE-2020-1515 (An elevation of privilege vulnerability exists when the Windows
Teleph ...)
NOT-FOR-US: Microsoft
-CVE-2020-1514
- RESERVED
+CVE-2020-1514 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
+ TODO: check
CVE-2020-1513 (An elevation of privilege vulnerability exists when the Windows
CSC Se ...)
NOT-FOR-US: Microsoft
CVE-2020-1512 (An information disclosure vulnerability exists when the Windows
State ...)
@@ -60168,12 +60176,12 @@ CVE-2020-1510 (An information disclosure
vulnerability exists when the win32k co
NOT-FOR-US: Microsoft
CVE-2020-1509 (An elevation of privilege vulnerability exists in the Local
Security A ...)
NOT-FOR-US: Microsoft
-CVE-2020-1508
- RESERVED
-CVE-2020-1507
- RESERVED
-CVE-2020-1506
- RESERVED
+CVE-2020-1508 (A remote code execution vulnerability exists when Windows Media
Audio ...)
+ TODO: check
+CVE-2020-1507 (An elevation of privilege vulnerability exists in the way that
Microso ...)
+ TODO: check
+CVE-2020-1506 (An elevation of privilege vulnerability exists in the way that
the Win ...)
+ TODO: check
CVE-2020-1505 (An information disclosure vulnerability exists when Microsoft
SharePoi ...)
NOT-FOR-US: Microsoft
CVE-2020-1504 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
@@ -60202,8 +60210,8 @@ CVE-2020-1493 (An information disclosure vulnerability
exists when attaching fil
NOT-FOR-US: Microsoft
CVE-2020-1492 (A memory corruption vulnerability exists when Windows Media
Foundation ...)
NOT-FOR-US: Microsoft
-CVE-2020-1491
- RESERVED
+CVE-2020-1491 (An elevation of privilege vulnerability exists in the way that
the Win ...)
+ TODO: check
CVE-2020-1490 (An elevation of privilege vulnerability exists when the Storage
Servic ...)
NOT-FOR-US: Microsoft
CVE-2020-1489 (An elevation of privilege vulnerability exists when the Windows
CSC Se ...)
@@ -60220,8 +60228,8 @@ CVE-2020-1484 (An elevation of privilege vulnerability
exists when the Windows W
NOT-FOR-US: Microsoft
CVE-2020-1483 (A remote code execution vulnerability exists in Microsoft
Outlook when ...)
NOT-FOR-US: Microsoft
-CVE-2020-1482
- RESERVED
+CVE-2020-1482 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
+ TODO: check
CVE-2020-1481 (A remote code execution vulnerability exists in the ESLint
extension f ...)
NOT-FOR-US: Microsoft
CVE-2020-1480 (An elevation of privilege vulnerability exists in the way that
the Win ...)
@@ -60242,8 +60250,8 @@ CVE-2020-1473 (A remote code execution vulnerability
exists when the Windows Jet
NOT-FOR-US: Microsoft
CVE-2020-1472 (An elevation of privilege vulnerability exists when an attacker
establ ...)
NOT-FOR-US: Microsoft
-CVE-2020-1471
- RESERVED
+CVE-2020-1471 (An elevation of privilege vulnerability exists when Microsoft
Windows ...)
+ TODO: check
CVE-2020-1470 (An elevation of privilege vulnerability exists when the Windows
Work F ...)
NOT-FOR-US: Microsoft
CVE-2020-1469 (A denial of service vulnerability exists when the .NET
implementation ...)
@@ -60264,8 +60272,8 @@ CVE-2020-1462 (An information disclosure vulnerability
exists when Skype for Bus
NOT-FOR-US: Microsoft
CVE-2020-1461 (An elevation of privilege vulnerability exists when the
MpSigStub.exe ...)
NOT-FOR-US: Microsoft
-CVE-2020-1460
- RESERVED
+CVE-2020-1460 (A remote code execution vulnerability exists in Microsoft
SharePoint S ...)
+ TODO: check
CVE-2020-1459 (An information disclosure vulnerability exists on ARM
implementations ...)
NOT-FOR-US: Microsoft
CVE-2020-1458 (A remote code execution vulnerability exists when Microsoft
Office imp ...)
@@ -60278,10 +60286,10 @@ CVE-2020-1455 (A denial of service vulnerability
exists when Microsoft SQL Serve
NOT-FOR-US: Microsoft
CVE-2020-1454 (This vulnerability is caused when SharePoint Server does not
properly ...)
NOT-FOR-US: Microsoft
-CVE-2020-1453
- RESERVED
-CVE-2020-1452
- RESERVED
+CVE-2020-1453 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
+ TODO: check
+CVE-2020-1452 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
+ TODO: check
CVE-2020-1451 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-1450 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
@@ -60304,8 +60312,8 @@ CVE-2020-1442 (A spoofing vulnerability exists when an
Office Web Apps server do
NOT-FOR-US: Microsoft
CVE-2020-1441
RESERVED
-CVE-2020-1440
- RESERVED
+CVE-2020-1440 (A tampering vulnerability exists when Microsoft SharePoint
Server fail ...)
+ TODO: check
CVE-2020-1439 (A remote code execution vulnerability exists in
PerformancePoint Servi ...)
NOT-FOR-US: Microsoft
CVE-2020-1438 (An elevation of privilege vulnerability exists in the way that
the Win ...)
@@ -60432,8 +60440,8 @@ CVE-2020-1378 (An elevation of privilege vulnerability
exists when the Windows K
NOT-FOR-US: Microsoft
CVE-2020-1377 (An elevation of privilege vulnerability exists when the Windows
Kernel ...)
NOT-FOR-US: Microsoft
-CVE-2020-1376
- RESERVED
+CVE-2020-1376 (An elevation of privilege vulnerability exists in the way that
fdSSDP. ...)
+ TODO: check
CVE-2020-1375 (An elevation of privilege vulnerability exists when Windows
improperly ...)
NOT-FOR-US: Microsoft
CVE-2020-1374 (A remote code execution vulnerability exists in the Windows
Remote Des ...)
@@ -60494,8 +60502,8 @@ CVE-2020-1347 (An elevation of privilege vulnerability
exists when the Windows S
NOT-FOR-US: Microsoft
CVE-2020-1346 (An elevation of privilege vulnerability exists when the Windows
Module ...)
NOT-FOR-US: Microsoft
-CVE-2020-1345
- RESERVED
+CVE-2020-1345 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
+ TODO: check
CVE-2020-1344 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1343 (An information disclosure vulnerability exists in Visual Studio
Code L ...)
@@ -60508,20 +60516,20 @@ CVE-2020-1340 (A spoofing vulnerability exists when
the NuGetGallery does not pr
NOT-FOR-US: Microsoft
CVE-2020-1339 (A remote code execution vulnerability exists when Windows Media
Audio ...)
NOT-FOR-US: Microsoft
-CVE-2020-1338
- RESERVED
+CVE-2020-1338 (A remote code execution vulnerability exists in Microsoft Word
softwar ...)
+ TODO: check
CVE-2020-1337 (An elevation of privilege vulnerability exists when the Windows
Print ...)
NOT-FOR-US: Microsoft
CVE-2020-1336 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
-CVE-2020-1335
- RESERVED
+CVE-2020-1335 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
+ TODO: check
CVE-2020-1334 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1333 (An elevation of privilege vulnerability exists when Group
Policy Servi ...)
NOT-FOR-US: Microsoft
-CVE-2020-1332
- RESERVED
+CVE-2020-1332 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
+ TODO: check
CVE-2020-1331 (A spoofing vulnerability exists when System Center Operations
Manager ...)
NOT-FOR-US: Microsoft
CVE-2020-1330 (An information disclosure vulnerability exists when Windows
Mobile Dev ...)
@@ -60546,8 +60554,8 @@ CVE-2020-1321 (A remote code execution vulnerability
exists in Microsoft Office
NOT-FOR-US: Microsoft
CVE-2020-1320 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
-CVE-2020-1319
- RESERVED
+CVE-2020-1319 (A remote code execution vulnerability exists in the way that
Microsoft ...)
+ TODO: check
CVE-2020-1318 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-1317 (An elevation of privilege vulnerability exists when Group
Policy impro ...)
@@ -60568,8 +60576,8 @@ CVE-2020-1310 (An elevation of privilege vulnerability
exists in Windows when th
NOT-FOR-US: Microsoft
CVE-2020-1309 (An elevation of privilege vulnerability exists when the
Microsoft Stor ...)
NOT-FOR-US: Microsoft
-CVE-2020-1308
- RESERVED
+CVE-2020-1308 (An elevation of privilege vulnerability exists when DirectX
improperly ...)
+ TODO: check
CVE-2020-1307 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2020-1306 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
@@ -60578,8 +60586,8 @@ CVE-2020-1305 (An elevation of privilege vulnerability
exists when the Windows S
NOT-FOR-US: Microsoft
CVE-2020-1304 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
NOT-FOR-US: Microsoft
-CVE-2020-1303
- RESERVED
+CVE-2020-1303 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
+ TODO: check
CVE-2020-1302 (An elevation of privilege vulnerability exists in Windows
Installer be ...)
NOT-FOR-US: Microsoft
CVE-2020-1301 (A remote code execution vulnerability exists in the way that
the Micro ...)
@@ -60614,8 +60622,8 @@ CVE-2020-1287 (An elevation of privilege vulnerability
exists in the way that th
NOT-FOR-US: Microsoft
CVE-2020-1286 (A remote code execution vulnerability exists when the Windows
Shell do ...)
NOT-FOR-US: Microsoft
-CVE-2020-1285
- RESERVED
+CVE-2020-1285 (A remote code execution vulnerability exists in the way that
the Windo ...)
+ TODO: check
CVE-2020-1284 (A denial of service vulnerability exists in the way that the
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-1283 (A denial of service vulnerability exists when Windows
improperly handl ...)
@@ -60672,20 +60680,20 @@ CVE-2020-1258 (An elevation of privilege
vulnerability exists when DirectX impro
NOT-FOR-US: Microsoft
CVE-2020-1257 (An elevation of privilege vulnerability exists when the
Diagnostics Hu ...)
NOT-FOR-US: Microsoft
-CVE-2020-1256
- RESERVED
+CVE-2020-1256 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
CVE-2020-1255 (An elevation of privilege vulnerability exists when the Windows
Backgr ...)
NOT-FOR-US: Microsoft
CVE-2020-1254 (An elevation of privilege vulnerability exists when Windows
Modules In ...)
NOT-FOR-US: Microsoft
CVE-2020-1253 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft
-CVE-2020-1252
- RESERVED
+CVE-2020-1252 (A remote code execution vulnerability exists when Windows
improperly h ...)
+ TODO: check
CVE-2020-1251 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft
-CVE-2020-1250
- RESERVED
+CVE-2020-1250 (An information disclosure vulnerability exists when the win32k
compone ...)
+ TODO: check
CVE-2020-1249 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1248 (A remote code execution vulnerability exists in the way that
the Windo ...)
@@ -60694,8 +60702,8 @@ CVE-2020-1247 (An elevation of privilege vulnerability
exists in Windows when th
NOT-FOR-US: Microsoft
CVE-2020-1246 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
-CVE-2020-1245
- RESERVED
+CVE-2020-1245 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
+ TODO: check
CVE-2020-1244 (A denial of service vulnerability exists when Connected User
Experienc ...)
NOT-FOR-US: Microsoft
CVE-2020-1243
@@ -60728,16 +60736,16 @@ CVE-2020-1230 (A remote code execution vulnerability
exists in the way that the
NOT-FOR-US: Microsoft
CVE-2020-1229 (A security feature bypass vulnerability exists in Microsoft
Outlook wh ...)
NOT-FOR-US: Microsoft
-CVE-2020-1228
- RESERVED
-CVE-2020-1227
- RESERVED
+CVE-2020-1228 (A denial of service vulnerability exists in Windows DNS when it
fails ...)
+ TODO: check
+CVE-2020-1227 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
+ TODO: check
CVE-2020-1226 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
NOT-FOR-US: Microsoft
CVE-2020-1225 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
NOT-FOR-US: Microsoft
-CVE-2020-1224
- RESERVED
+CVE-2020-1224 (An information disclosure vulnerability exists when Microsoft
Excel im ...)
+ TODO: check
CVE-2020-1223 (A remote code execution vulnerability exists when Microsoft
Word for A ...)
NOT-FOR-US: Microsoft
CVE-2020-1222 (An elevation of privilege vulnerability exists when the
Microsoft Stor ...)
@@ -60748,8 +60756,8 @@ CVE-2020-1220 (A spoofing vulnerability exists when
theMicrosoft Edge (Chromium-
NOT-FOR-US: Microsoft
CVE-2020-1219 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
-CVE-2020-1218
- RESERVED
+CVE-2020-1218 (A remote code execution vulnerability exists in Microsoft Word
softwar ...)
+ TODO: check
CVE-2020-1217 (An information disclosure vulnerability exists when the Windows
Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1216 (A remote code execution vulnerability exists in the way that
the VBScr ...)
@@ -60764,8 +60772,8 @@ CVE-2020-1212 (An elevation of privilege vulnerability
exists when an OLE Automa
NOT-FOR-US: Microsoft
CVE-2020-1211 (An elevation of privilege vulnerability exists in the way that
the Con ...)
NOT-FOR-US: Microsoft
-CVE-2020-1210
- RESERVED
+CVE-2020-1210 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
+ TODO: check
CVE-2020-1209 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1208 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
@@ -60774,8 +60782,8 @@ CVE-2020-1207 (An elevation of privilege vulnerability
exists in Windows when th
NOT-FOR-US: Microsoft
CVE-2020-1206 (An information disclosure vulnerability exists in the way that
the Mic ...)
NOT-FOR-US: Microsoft
-CVE-2020-1205
- RESERVED
+CVE-2020-1205 (A spoofing vulnerability exists when Microsoft SharePoint
Server does ...)
+ TODO: check
CVE-2020-1204 (An elevation of privilege vulnerability exists when Windows
Mobile Dev ...)
NOT-FOR-US: Microsoft
CVE-2020-1203 (An elevation of privilege vulnerability exists when the
Diagnostics Hu ...)
@@ -60784,12 +60792,12 @@ CVE-2020-1202 (An elevation of privilege
vulnerability exists when the Diagnosti
NOT-FOR-US: Microsoft
CVE-2020-1201 (An elevation of privilege vulnerability exists in the way the
Windows ...)
NOT-FOR-US: Microsoft
-CVE-2020-1200
- RESERVED
+CVE-2020-1200 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
+ TODO: check
CVE-2020-1199 (An elevation of privilege vulnerability exists when the Windows
Feedba ...)
NOT-FOR-US: Microsoft
-CVE-2020-1198
- RESERVED
+CVE-2020-1198 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
+ TODO: check
CVE-2020-1197 (An elevation of privilege vulnerability exists when Windows
Error Repo ...)
NOT-FOR-US: Microsoft
CVE-2020-1196 (An elevation of privilege vulnerability exists in the way that
the pri ...)
@@ -60798,8 +60806,8 @@ CVE-2020-1195 (An elevation of privilege vulnerability
exists in Microsoft Edge
NOT-FOR-US: Microsoft
CVE-2020-1194 (A denial of service vulnerability exists when Windows Registry
imprope ...)
NOT-FOR-US: Microsoft
-CVE-2020-1193
- RESERVED
+CVE-2020-1193 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
+ TODO: check
CVE-2020-1192 (A remote code execution vulnerability exists in Visual Studio
Code whe ...)
NOT-FOR-US: Microsoft
CVE-2020-1191 (An elevation of privilege vulnerability exists when the Windows
State ...)
@@ -60824,8 +60832,8 @@ CVE-2020-1182 (A remote code execution vulnerability
exists in Microsoft Dynamic
NOT-FOR-US: Microsoft
CVE-2020-1181 (A remote code execution vulnerability exists in Microsoft
SharePoint S ...)
NOT-FOR-US: Microsoft
-CVE-2020-1180
- RESERVED
+CVE-2020-1180 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
CVE-2020-1179 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
CVE-2020-1178 (An elevation of privilege vulnerability exists when Microsoft
SharePoi ...)
@@ -60840,14 +60848,14 @@ CVE-2020-1174 (A remote code execution vulnerability
exists when the Windows Jet
NOT-FOR-US: Microsoft
CVE-2020-1173 (A spoofing vulnerability exists in Microsoft Power BI Report
Server in ...)
NOT-FOR-US: Microsoft
-CVE-2020-1172
- RESERVED
+CVE-2020-1172 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
CVE-2020-1171 (A remote code execution vulnerability exists in Visual Studio
Code whe ...)
NOT-FOR-US: Microsoft
CVE-2020-1170 (An elevation of privilege vulnerability exists in Windows
Defender tha ...)
NOT-FOR-US: Microsoft
-CVE-2020-1169
- RESERVED
+CVE-2020-1169 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
+ TODO: check
CVE-2020-1168
RESERVED
CVE-2020-1167
@@ -60866,8 +60874,8 @@ CVE-2020-1161 (A denial of service vulnerability exists
when ASP.NET Core improp
NOT-FOR-US: Microsoft .NET
CVE-2020-1160 (An information disclosure vulnerability exists when the
Microsoft Wind ...)
NOT-FOR-US: Microsoft
-CVE-2020-1159
- RESERVED
+CVE-2020-1159 (An elevation of privilege vulnerability exists in the way that
the Sta ...)
+ TODO: check
CVE-2020-1158 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1157 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
@@ -60880,8 +60888,8 @@ CVE-2020-1154 (An elevation of privilege vulnerability
exists when the Windows C
NOT-FOR-US: Microsoft
CVE-2020-1153 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
-CVE-2020-1152
- RESERVED
+CVE-2020-1152 (An elevation of privilege vulnerability exists when Windows
improperly ...)
+ TODO: check
CVE-2020-1151 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1150 (A memory corruption vulnerability exists when Windows Media
Foundation ...)
@@ -60892,8 +60900,8 @@ CVE-2020-1148 (A spoofing vulnerability exists when
Microsoft SharePoint Server
NOT-FOR-US: Microsoft
CVE-2020-1147 (A remote code execution vulnerability exists in .NET Framework,
Micros ...)
NOT-FOR-US: Microsoft .NET
-CVE-2020-1146
- RESERVED
+CVE-2020-1146 (An elevation of privilege vulnerability exists when the
Microsoft Stor ...)
+ TODO: check
CVE-2020-1145 (An information disclosure vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-1144 (An elevation of privilege vulnerability exists when the Windows
State ...)
@@ -60918,16 +60926,16 @@ CVE-2020-1135 (An elevation of privilege
vulnerability exists when the Windows G
NOT-FOR-US: Microsoft
CVE-2020-1134 (An elevation of privilege vulnerability exists when the Windows
State ...)
NOT-FOR-US: Microsoft
-CVE-2020-1133
- RESERVED
+CVE-2020-1133 (An elevation of privilege vulnerability exists when the
Diagnostics Hu ...)
+ TODO: check
CVE-2020-1132 (An elevation of privilege vulnerability exists when Windows
Error Repo ...)
NOT-FOR-US: Microsoft
CVE-2020-1131 (An elevation of privilege vulnerability exists when the Windows
State ...)
NOT-FOR-US: Microsoft
-CVE-2020-1130
- RESERVED
-CVE-2020-1129
- RESERVED
+CVE-2020-1130 (An elevation of privilege vulnerability exists when the
Diagnostics Hu ...)
+ TODO: check
+CVE-2020-1129 (A remote code execution vulnerability exists in the way that
Microsoft ...)
+ TODO: check
CVE-2020-1128
RESERVED
CVE-2020-1127
@@ -60940,22 +60948,22 @@ CVE-2020-1124 (An elevation of privilege
vulnerability exists when the Windows S
NOT-FOR-US: Microsoft
CVE-2020-1123 (A denial of service vulnerability exists when Connected User
Experienc ...)
NOT-FOR-US: Microsoft
-CVE-2020-1122
- RESERVED
+CVE-2020-1122 (An elevation of privilege vulnerability exists when the Windows
Langua ...)
+ TODO: check
CVE-2020-1121 (An elevation of privilege vulnerability exists when Windows
improperly ...)
NOT-FOR-US: Microsoft
CVE-2020-1120 (A denial of service vulnerability exists when Connected User
Experienc ...)
NOT-FOR-US: Microsoft
-CVE-2020-1119
- RESERVED
+CVE-2020-1119 (An information disclosure vulnerability exists when
StartTileData.dll ...)
+ TODO: check
CVE-2020-1118 (A denial of service vulnerability exists in the Windows
implementation ...)
NOT-FOR-US: Microsoft
CVE-2020-1117 (A remote code execution vulnerability exists in the way that
the Color ...)
NOT-FOR-US: Microsoft
CVE-2020-1116 (An information disclosure vulnerability exists when the Windows
Client ...)
NOT-FOR-US: Microsoft
-CVE-2020-1115
- RESERVED
+CVE-2020-1115 (An elevation of privilege vulnerability exists when the Windows
Common ...)
+ TODO: check
CVE-2020-1114 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2020-1113 (A security feature bypass vulnerability exists in Microsoft
Windows wh ...)
@@ -60988,10 +60996,10 @@ CVE-2020-1100 (A cross-site-scripting (XSS)
vulnerability exists when Microsoft
NOT-FOR-US: Microsoft
CVE-2020-1099 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
-CVE-2020-1098
- RESERVED
-CVE-2020-1097
- RESERVED
+CVE-2020-1098 (An elevation of privilege vulnerability exists when the Shell
infrastr ...)
+ TODO: check
+CVE-2020-1097 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
CVE-2020-1096 (A remote code execution vulnerability exists when Microsoft
Edge PDF R ...)
NOT-FOR-US: Microsoft
CVE-2020-1095
@@ -61002,8 +61010,8 @@ CVE-2020-1093 (A remote code execution vulnerability
exists in the way that the
NOT-FOR-US: Microsoft
CVE-2020-1092 (A remote code execution vulnerability exists when Internet
Explorer im ...)
NOT-FOR-US: Microsoft
-CVE-2020-1091
- RESERVED
+CVE-2020-1091 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
CVE-2020-1090 (An elevation of privilege vulnerability exists when the Windows
Runtim ...)
NOT-FOR-US: Microsoft
CVE-2020-1089
@@ -61018,8 +61026,8 @@ CVE-2020-1085 (An elevation of privilege vulnerability
exists in the way that th
NOT-FOR-US: Microsoft
CVE-2020-1084 (A Denial Of Service vulnerability exists when Connected User
Experienc ...)
NOT-FOR-US: Microsoft
-CVE-2020-1083
- RESERVED
+CVE-2020-1083 (An information disclosure vulnerability exists when the
Microsoft Wind ...)
+ TODO: check
CVE-2020-1082 (An elevation of privilege vulnerability exists in Windows Error
Report ...)
NOT-FOR-US: Microsoft
CVE-2020-1081 (An elevation of privilege vulnerability exists when the Windows
Printe ...)
@@ -61036,8 +61044,8 @@ CVE-2020-1076 (A denial of service vulnerability exists
when Windows improperly
NOT-FOR-US: Microsoft
CVE-2020-1075 (An information disclosure vulnerability exists when Windows
Subsystem ...)
NOT-FOR-US: Microsoft
-CVE-2020-1074
- RESERVED
+CVE-2020-1074 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
+ TODO: check
CVE-2020-1073 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2020-1072 (An information disclosure vulnerability exists when the Windows
kernel ...)
@@ -61070,18 +61078,18 @@ CVE-2020-1059 (A spoofing vulnerability exists when
Microsoft Edge does not prop
NOT-FOR-US: Microsoft
CVE-2020-1058 (A remote code execution vulnerability exists in the way that
the VBScr ...)
NOT-FOR-US: Microsoft
-CVE-2020-1057
- RESERVED
+CVE-2020-1057 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
CVE-2020-1056 (An elevation of privilege vulnerability exists when Microsoft
Edge doe ...)
NOT-FOR-US: Microsoft
CVE-2020-1055 (A cross-site-scripting (XSS) vulnerability exists when Active
Director ...)
NOT-FOR-US: Microsoft
CVE-2020-1054 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft
-CVE-2020-1053
- RESERVED
-CVE-2020-1052
- RESERVED
+CVE-2020-1053 (An elevation of privilege vulnerability exists when DirectX
improperly ...)
+ TODO: check
+CVE-2020-1052 (An elevation of privilege vulnerability exists in the way that
the ssd ...)
+ TODO: check
CVE-2020-1051 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2020-1050 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
@@ -61094,11 +61102,10 @@ CVE-2020-1047
RESERVED
CVE-2020-1046 (A remote code execution vulnerability exists when Microsoft
.NET Frame ...)
NOT-FOR-US: Microsoft
-CVE-2020-1045
- RESERVED
+CVE-2020-1045 (A security feature bypass vulnerability exists in the way
Microsoft AS ...)
- dotnet-core-3.1 <itp> (bug #968921)
-CVE-2020-1044
- RESERVED
+CVE-2020-1044 (A security feature bypass vulnerability exists in SQL Server
Reporting ...)
+ TODO: check
CVE-2020-1043 (A remote code execution vulnerability exists when Hyper-V
RemoteFX vGP ...)
NOT-FOR-US: Microsoft
CVE-2020-1042 (A remote code execution vulnerability exists when Hyper-V
RemoteFX vGP ...)
@@ -61107,26 +61114,26 @@ CVE-2020-1041 (A remote code execution vulnerability
exists when Hyper-V RemoteF
NOT-FOR-US: Microsoft
CVE-2020-1040 (A remote code execution vulnerability exists when Hyper-V
RemoteFX vGP ...)
NOT-FOR-US: Microsoft
-CVE-2020-1039
- RESERVED
-CVE-2020-1038
- RESERVED
+CVE-2020-1039 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
+ TODO: check
+CVE-2020-1038 (A denial of service vulnerability exists when Windows Routing
Utilitie ...)
+ TODO: check
CVE-2020-1037 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2020-1036 (A remote code execution vulnerability exists when Hyper-V
RemoteFX vGP ...)
NOT-FOR-US: Microsoft
CVE-2020-1035 (A remote code execution vulnerability exists in the way that
the VBScr ...)
NOT-FOR-US: Microsoft
-CVE-2020-1034
- RESERVED
-CVE-2020-1033
- RESERVED
+CVE-2020-1034 (An elevation of privilege vulnerability exists in the way that
the Win ...)
+ TODO: check
+CVE-2020-1033 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
CVE-2020-1032 (A remote code execution vulnerability exists when Hyper-V
RemoteFX vGP ...)
NOT-FOR-US: Microsoft
-CVE-2020-1031
- RESERVED
-CVE-2020-1030
- RESERVED
+CVE-2020-1031 (An information disclosure vulnerability exists in the way that
the Win ...)
+ TODO: check
+CVE-2020-1030 (An elevation of privilege vulnerability exists when the Windows
Print ...)
+ TODO: check
CVE-2020-1029 (An elevation of privilege vulnerability exists when Connected
User Exp ...)
NOT-FOR-US: Microsoft
CVE-2020-1028 (A memory corruption vulnerability exists when Windows Media
Foundation ...)
@@ -61159,10 +61166,10 @@ CVE-2020-1015 (An elevation of privilege
vulnerability exists in the way that th
NOT-FOR-US: Microsoft
CVE-2020-1014 (An elevation of privilege vulnerability exists in the Microsoft
Window ...)
NOT-FOR-US: Microsoft
-CVE-2020-1013
- RESERVED
-CVE-2020-1012
- RESERVED
+CVE-2020-1013 (An elevation of privilege vulnerability exists when Microsoft
Windows ...)
+ TODO: check
+CVE-2020-1012 (An elevation of privilege vulnerability exists in the way that
the Win ...)
+ TODO: check
CVE-2020-1011 (An elevation of privilege vulnerability exists when the Windows
System ...)
NOT-FOR-US: Microsoft
CVE-2020-1010 (An elevation of privilege vulnerability exists in Windows Block
Level ...)
@@ -61189,10 +61196,10 @@ CVE-2020-1000 (An elevation of privilege
vulnerability exists when the Windows k
NOT-FOR-US: Microsoft
CVE-2020-0999 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
-CVE-2020-0998
- RESERVED
-CVE-2020-0997
- RESERVED
+CVE-2020-0998 (An elevation of privilege vulnerability exists when the Windows
Graphi ...)
+ TODO: check
+CVE-2020-0997 (A remote code execution vulnerability exists when the Windows
Camera C ...)
+ TODO: check
CVE-2020-0996 (An elevation of privilege vulnerability exists when the Windows
Update ...)
NOT-FOR-US: Microsoft
CVE-2020-0995 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
@@ -61207,8 +61214,8 @@ CVE-2020-0991 (A remote code execution vulnerability
exists in Microsoft Office
NOT-FOR-US: Microsoft
CVE-2020-0990
RESERVED
-CVE-2020-0989
- RESERVED
+CVE-2020-0989 (An information disclosure vulnerability exists when Windows
Mobile Dev ...)
+ TODO: check
CVE-2020-0988 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2020-0987 (An information disclosure vulnerability exists when the
Microsoft Wind ...)
@@ -61283,8 +61290,8 @@ CVE-2020-0953 (A remote code execution vulnerability
exists when the Windows Jet
NOT-FOR-US: Microsoft
CVE-2020-0952 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
-CVE-2020-0951
- RESERVED
+CVE-2020-0951 (A security feature bypass vulnerability exists in Windows
Defender App ...)
+ TODO: check
CVE-2020-0950 (A memory corruption vulnerability exists when Windows Media
Foundation ...)
NOT-FOR-US: Microsoft
CVE-2020-0949 (A memory corruption vulnerability exists when Windows Media
Foundation ...)
@@ -61303,8 +61310,8 @@ CVE-2020-0943 (An authentication bypass vulnerability
exists in Microsoft YourPh
NOT-FOR-US: Microsoft
CVE-2020-0942 (An elevation of privilege vulnerability exists when Connected
User Exp ...)
NOT-FOR-US: Microsoft
-CVE-2020-0941
- RESERVED
+CVE-2020-0941 (An information disclosure vulnerability exists when the win32k
compone ...)
+ TODO: check
CVE-2020-0940 (An elevation of privilege vulnerability exists in the way the
Windows ...)
NOT-FOR-US: Microsoft
CVE-2020-0939 (An information disclosure vulnerability exists when Media
Foundation i ...)
@@ -61329,8 +61336,8 @@ CVE-2020-0930 (A cross-site-scripting (XSS)
vulnerability exists when Microsoft
NOT-FOR-US: Microsoft
CVE-2020-0929 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
NOT-FOR-US: Microsoft
-CVE-2020-0928
- RESERVED
+CVE-2020-0928 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
CVE-2020-0927 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-0926 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
@@ -61341,10 +61348,10 @@ CVE-2020-0924 (A cross-site-scripting (XSS)
vulnerability exists when Microsoft
NOT-FOR-US: Microsoft
CVE-2020-0923 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
-CVE-2020-0922
- RESERVED
-CVE-2020-0921
- RESERVED
+CVE-2020-0922 (A remote code execution vulnerability exists in the way that
Microsoft ...)
+ TODO: check
+CVE-2020-0921 (An information disclosure vulnerability exists when the
Microsoft Wind ...)
+ TODO: check
CVE-2020-0920 (A remote code execution vulnerability exists in Microsoft
SharePoint w ...)
NOT-FOR-US: Microsoft
CVE-2020-0919 (An elevation of privilege vulnerability exists in Remote
Desktop App f ...)
@@ -61357,28 +61364,28 @@ CVE-2020-0916 (An elevation of privilege
vulnerability exists in the way that th
NOT-FOR-US: Microsoft
CVE-2020-0915 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
-CVE-2020-0914
- RESERVED
+CVE-2020-0914 (An information disclosure vulnerability exists when the Windows
State ...)
+ TODO: check
CVE-2020-0913 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
-CVE-2020-0912
- RESERVED
-CVE-2020-0911
- RESERVED
+CVE-2020-0912 (An elevation of privilege vulnerability exists when the Windows
Functi ...)
+ TODO: check
+CVE-2020-0911 (An elevation of privilege vulnerability exists when Windows
Modules In ...)
+ TODO: check
CVE-2020-0910 (A remote code execution vulnerability exists when Windows
Hyper-V on a ...)
NOT-FOR-US: Microsoft
CVE-2020-0909 (A denial of service vulnerability exists when Hyper-V on a
Windows Ser ...)
NOT-FOR-US: Microsoft
-CVE-2020-0908
- RESERVED
+CVE-2020-0908 (A remote code execution vulnerability exists when the Windows
Text Ser ...)
+ TODO: check
CVE-2020-0907 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2020-0906 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
NOT-FOR-US: Microsoft
CVE-2020-0905 (An remote code execution vulnerability exists in Microsoft
Dynamics Bu ...)
NOT-FOR-US: Microsoft
-CVE-2020-0904
- RESERVED
+CVE-2020-0904 (A denial of service vulnerability exists when Microsoft Hyper-V
on a h ...)
+ TODO: check
CVE-2020-0903 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Excha ...)
NOT-FOR-US: Microsoft
CVE-2020-0902 (An elevation of privilege vulnerability exists in Service
Fabric File ...)
@@ -61405,16 +61412,16 @@ CVE-2020-0892 (A remote code execution vulnerability
exists in Microsoft Word so
NOT-FOR-US: Microsoft
CVE-2020-0891 (This vulnerability is caused when SharePoint Server does not
properly ...)
NOT-FOR-US: Microsoft
-CVE-2020-0890
- RESERVED
+CVE-2020-0890 (A denial of service vulnerability exists when Microsoft Hyper-V
on a h ...)
+ TODO: check
CVE-2020-0889 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2020-0888 (An elevation of privilege vulnerability exists when DirectX
improperly ...)
NOT-FOR-US: Microsoft
CVE-2020-0887 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft
-CVE-2020-0886
- RESERVED
+CVE-2020-0886 (An elevation of privilege vulnerability exists when the Windows
Storag ...)
+ TODO: check
CVE-2020-0885 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
CVE-2020-0884 (A spoofing vulnerability exists in Microsoft Visual Studio as
it inclu ...)
@@ -61429,14 +61436,14 @@ CVE-2020-0880 (An information disclosure
vulnerability exists when the Windows G
NOT-FOR-US: Microsoft
CVE-2020-0879 (An information disclosure vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
-CVE-2020-0878
- RESERVED
+CVE-2020-0878 (A remote code execution vulnerability exists in the way that
Microsoft ...)
+ TODO: check
CVE-2020-0877 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-0876 (An information disclosure vulnerability exists when the win32k
compone ...)
NOT-FOR-US: Microsoft
-CVE-2020-0875
- RESERVED
+CVE-2020-0875 (An information disclosure vulnerability exists in how
splwow64.exe han ...)
+ TODO: check
CVE-2020-0874 (An information disclosure vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-0873
@@ -61445,8 +61452,8 @@ CVE-2020-0872 (A remote code execution vulnerability
exists in Application Inspe
NOT-FOR-US: Microsoft
CVE-2020-0871 (An information disclosure vulnerability exists when Windows
Network Co ...)
NOT-FOR-US: Microsoft
-CVE-2020-0870
- RESERVED
+CVE-2020-0870 (An elevation of privilege vulnerability exists when the Shell
infrastr ...)
+ TODO: check
CVE-2020-0869 (A memory corruption vulnerability exists when Windows Media
Foundation ...)
NOT-FOR-US: Microsoft
CVE-2020-0868 (An elevation of privilege vulnerability exists when the Windows
Update ...)
@@ -61473,8 +61480,8 @@ CVE-2020-0858 (An elevation of privilege vulnerability
exists when the &quot
NOT-FOR-US: Microsoft
CVE-2020-0857 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
-CVE-2020-0856
- RESERVED
+CVE-2020-0856 (An information disclosure vulnerability exists when Active
Directory i ...)
+ TODO: check
CVE-2020-0855 (A remote code execution vulnerability exists in Microsoft Word
softwar ...)
NOT-FOR-US: Microsoft
CVE-2020-0854 (An elevation of privilege vulnerability exists when Windows
Mobile Dev ...)
@@ -61507,14 +61514,14 @@ CVE-2020-0841 (An elevation of privilege
vulnerability exists when Windows impro
NOT-FOR-US: Microsoft
CVE-2020-0840 (An elevation of privilege vulnerability exists when Windows
improperly ...)
NOT-FOR-US: Microsoft
-CVE-2020-0839
- RESERVED
-CVE-2020-0838
- RESERVED
-CVE-2020-0837
- RESERVED
-CVE-2020-0836
- RESERVED
+CVE-2020-0839 (An elevation of privilege vulnerability exists in the way that
the dns ...)
+ TODO: check
+CVE-2020-0838 (An elevation of privilege vulnerability exists when NTFS
improperly ch ...)
+ TODO: check
+CVE-2020-0837 (A spoofing vulnerability exists when Active Directory
Federation Servi ...)
+ TODO: check
+CVE-2020-0836 (A denial of service vulnerability exists in Windows DNS when it
fails ...)
+ TODO: check
CVE-2020-0835 (An elevation of privilege vulnerability exists when Windows
Defender a ...)
NOT-FOR-US: Microsoft
CVE-2020-0834 (An elevation of privilege vulnerability exists when Windows
improperly ...)
@@ -61575,8 +61582,8 @@ CVE-2020-0807 (A memory corruption vulnerability exists
when Windows Media Found
NOT-FOR-US: Microsoft
CVE-2020-0806 (An elevation of privilege vulnerability exists in Windows Error
Report ...)
NOT-FOR-US: Microsoft
-CVE-2020-0805
- RESERVED
+CVE-2020-0805 (A security feature bypass vulnerability exists when a Windows
Projecte ...)
+ TODO: check
CVE-2020-0804 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-0803 (An elevation of privilege vulnerability exists in the way that
the Win ...)
@@ -61605,8 +61612,8 @@ CVE-2020-0792 (An elevation of privilege vulnerability
exists when the Windows G
NOT-FOR-US: Microsoft
CVE-2020-0791 (An elevation of privilege vulnerability exists when the Windows
Graphi ...)
NOT-FOR-US: Microsoft
-CVE-2020-0790
- RESERVED
+CVE-2020-0790 (A local elevation of privilege vulnerability exists in how
splwow64.ex ...)
+ TODO: check
CVE-2020-0789 (A denial of service vulnerability exists when the Visual Studio
Extens ...)
NOT-FOR-US: Microsoft
CVE-2020-0788 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
@@ -61621,8 +61628,8 @@ CVE-2020-0784 (An elevation of privilege vulnerability
exists when DirectX impro
NOT-FOR-US: Microsoft
CVE-2020-0783 (An elevation of privilege vulnerability exists when the Windows
Univer ...)
NOT-FOR-US: Microsoft
-CVE-2020-0782
- RESERVED
+CVE-2020-0782 (An elevation of privilege vulnerability exists when the Windows
Crypto ...)
+ TODO: check
CVE-2020-0781 (An elevation of privilege vulnerability exists when the Windows
Univer ...)
NOT-FOR-US: Microsoft
CVE-2020-0780 (An elevation of privilege vulnerability exists in the way that
the Win ...)
@@ -61653,8 +61660,8 @@ CVE-2020-0768 (A remote code execution vulnerability
exists in the way the scrip
NOT-FOR-US: Microsoft
CVE-2020-0767 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
-CVE-2020-0766
- RESERVED
+CVE-2020-0766 (An elevation of privilege vulnerability exists when the
Microsoft Stor ...)
+ TODO: check
CVE-2020-0765 (An information disclosure vulnerability exists in the Remote
Desktop C ...)
NOT-FOR-US: Microsoft
CVE-2020-0764
@@ -61663,8 +61670,8 @@ CVE-2020-0763 (An elevation of privilege vulnerability
exists when Windows Defen
NOT-FOR-US: Microsoft
CVE-2020-0762 (An elevation of privilege vulnerability exists when Windows
Defender S ...)
NOT-FOR-US: Microsoft
-CVE-2020-0761
- RESERVED
+CVE-2020-0761 (A remote code execution vulnerability exists when Active
Directory int ...)
+ TODO: check
CVE-2020-0760 (A remote code execution vulnerability exists when Microsoft
Office imp ...)
NOT-FOR-US: Microsoft
CVE-2020-0759 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
@@ -61749,8 +61756,8 @@ CVE-2020-0720 (An elevation of privilege vulnerability
exists in Windows when th
NOT-FOR-US: Microsoft
CVE-2020-0719 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft
-CVE-2020-0718
- RESERVED
+CVE-2020-0718 (A remote code execution vulnerability exists when Active
Directory int ...)
+ TODO: check
CVE-2020-0717 (An information disclosure vulnerability exists when the win32k
compone ...)
NOT-FOR-US: Microsoft
CVE-2020-0716 (An information disclosure vulnerability exists when the win32k
compone ...)
@@ -61857,8 +61864,8 @@ CVE-2020-0666 (An elevation of privilege vulnerability
exists in the way that th
NOT-FOR-US: Microsoft
CVE-2020-0665 (An elevation of privilege vulnerability exists in Active
Directory For ...)
NOT-FOR-US: Microsoft
-CVE-2020-0664
- RESERVED
+CVE-2020-0664 (An information disclosure vulnerability exists when Active
Directory i ...)
+ TODO: check
CVE-2020-0663 (An elevation of privilege vulnerability exists when Microsoft
Edge doe ...)
NOT-FOR-US: Microsoft
CVE-2020-0662 (A remote code execution vulnerability exists in the way that
Windows h ...)
@@ -61889,8 +61896,8 @@ CVE-2020-0650 (A remote code execution vulnerability
exists in Microsoft Excel s
NOT-FOR-US: Microsoft
CVE-2020-0649
RESERVED
-CVE-2020-0648
- RESERVED
+CVE-2020-0648 (An elevation of privilege vulnerability exists when the Windows
RSoP S ...)
+ TODO: check
CVE-2020-0647 (A spoofing vulnerability exists when Office Online does not
validate o ...)
NOT-FOR-US: Microsoft
CVE-2020-0646 (A remote code execution vulnerability exists when the Microsoft
.NET F ...)
@@ -65892,7 +65899,7 @@ CVE-2019-17671 (In WordPress before 5.2.4,
unauthenticated viewing of certain co
NOTE: https://core.trac.wordpress.org/changeset/46474
NOTE:
https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308
CVE-2019-17670 (WordPress before 5.2.4 has a Server Side Request Forgery
(SSRF) vulner ...)
- {DLA-1980-1}
+ {DLA-2371-1 DLA-1980-1}
- wordpress 5.2.4+dfsg1-1 (bug #942459)
[buster] - wordpress <no-dsa> (Minor issue)
NOTE:
https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
@@ -113015,12 +113022,12 @@ CVE-2018-19950
RESERVED
CVE-2018-19949
RESERVED
-CVE-2018-19948
- RESERVED
-CVE-2018-19947
- RESERVED
-CVE-2018-19946
- RESERVED
+CVE-2018-19948 (The vulnerability have been reported to affect earlier
versions of Hel ...)
+ TODO: check
+CVE-2018-19947 (The vulnerability have been reported to affect earlier
versions of Hel ...)
+ TODO: check
+CVE-2018-19946 (The vulnerability have been reported to affect earlier
versions of Hel ...)
+ TODO: check
CVE-2018-19945
RESERVED
CVE-2018-19944
@@ -200748,7 +200755,7 @@ CVE-2017-7878 (SQL Injection vulnerability in
flatCore version 1.4.6 allows an a
NOT-FOR-US: flatCore
CVE-2017-7877 (CSRF vulnerability in flatCore version 1.4.6 allows remote
attackers t ...)
NOT-FOR-US: flatCore
-CVE-2017-7876 (This command injection vulnerability in authLogout.cgi allows
attacker ...)
+CVE-2017-7876 (This command injection vulnerability in QTS allows attackers to
run ar ...)
NOT-FOR-US: QNAP QTS
CVE-2017-7875 (In wallpaper.c in feh before v2.18.3, if a malicious client
pretends t ...)
{DLA-2219-1 DLA-899-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04b2ba9032cf01fc89d975339e11542dfd026dda
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04b2ba9032cf01fc89d975339e11542dfd026dda
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
