Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 4072d214 by security tracker role at 2020-02-23T08:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,47 @@ +CVE-2020-9358 + RESERVED +CVE-2020-9357 + RESERVED +CVE-2020-9356 + RESERVED +CVE-2020-9354 (An issue was discovered in SmartClient 12.0. The Remote Procedure Call ...) + TODO: check +CVE-2020-9353 (An issue was discovered in SmartClient 12.0. The Remote Procedure Call ...) + TODO: check +CVE-2020-9352 (An issue was discovered in SmartClient 12.0. Unauthenticated exploitat ...) + TODO: check +CVE-2020-9351 (An issue was discovered in SmartClient 12.0. If an unauthenticated att ...) + TODO: check +CVE-2020-9350 (Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph templ ...) + TODO: check +CVE-2020-9349 + RESERVED +CVE-2020-9348 + RESERVED +CVE-2020-9347 + RESERVED +CVE-2020-9346 + RESERVED +CVE-2020-9345 + RESERVED +CVE-2020-9344 + RESERVED +CVE-2020-9343 + RESERVED +CVE-2020-9342 (The F-Secure AV parsing engine before 2020-02-05 allows virus-detectio ...) + TODO: check +CVE-2020-9341 (CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator ...) + TODO: check +CVE-2020-9340 (fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandid ...) + TODO: check +CVE-2020-9339 (SOPlanning 1.45 allows XSS via the Name or Comment to status.php. ...) + TODO: check +CVE-2020-9338 (SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field. ...) + TODO: check +CVE-2020-9337 + RESERVED +CVE-2020-9336 (fauzantrif eLection 2.0 has XSS via the Admin Dashboard -> Settings ...) + TODO: check CVE-2020-XXXX [mutation XSS vulnerability] - python-bleach 3.1.1-1 (bug #951907) NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1615315 (not public) @@ -644,7 +688,7 @@ CVE-2019-20474 (An issue was discovered in Zoho ManageEngine Remote Access Plus NOT-FOR-US: Zoho ManageEngine Remote Access Plus CVE-2016-11019 RESERVED -CVE-2020-9355 [privilege escalation vulnerablility] +CVE-2020-9355 (danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalati ...) - network-manager-ssh 1.2.11-1 NOTE: https://github.com/danfruehauf/NetworkManager-ssh/pull/98 NOTE: https://github.com/danfruehauf/NetworkManager-ssh/commit/5d88cd89795352b5df54cc0ebb6a0076b8c89ee4 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4072d214cbb9451e5617e870a1d6b9438cb015ee -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4072d214cbb9451e5617e870a1d6b9438cb015ee You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits