Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 84a1ef86 by security tracker role at 2020-03-06T20:10:25+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,15 @@ +CVE-2020-10192 + RESERVED +CVE-2020-10191 + RESERVED +CVE-2020-10190 + RESERVED +CVE-2020-10189 (Zoho ManageEngine Desktop Central 10 allows remote code execution beca ...) + TODO: check +CVE-2020-10188 (utility.c in telnetd in netkit telnet through 0.17 allows remote attac ...) + TODO: check +CVE-2019-20503 (usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_address ...) + TODO: check CVE-2020-10187 RESERVED CVE-2020-10186 @@ -898,8 +910,8 @@ CVE-2020-9758 RESERVED CVE-2020-9757 (The Seomatic component before 3.2.46 for Craft CMS allows Server-Side ...) NOT-FOR-US: Seomatic component for Craft CMS -CVE-2020-9756 - RESERVED +CVE-2020-9756 (Patriot Viper RGB Driver 1.1 and prior exposes IOCTL and allows insuff ...) + TODO: check CVE-2020-9755 RESERVED CVE-2020-9754 @@ -1371,10 +1383,10 @@ CVE-2020-9533 RESERVED CVE-2020-9532 RESERVED -CVE-2020-9531 - RESERVED -CVE-2020-9530 - RESERVED +CVE-2020-9531 (An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In t ...) + TODO: check +CVE-2020-9530 (An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. The ...) + TODO: check CVE-2020-9529 RESERVED CVE-2020-9528 @@ -1525,16 +1537,16 @@ CVE-2020-9460 RESERVED CVE-2020-9459 (Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webn ...) NOT-FOR-US: Webnus Modern Events Calendar Lite plugin for WordPress -CVE-2020-9458 - RESERVED -CVE-2020-9457 - RESERVED -CVE-2020-9456 - RESERVED -CVE-2020-9455 - RESERVED -CVE-2020-9454 - RESERVED +CVE-2020-9458 (In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the exp ...) + TODO: check +CVE-2020-9457 (The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remo ...) + TODO: check +CVE-2020-9456 (In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the use ...) + TODO: check +CVE-2020-9455 (The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remo ...) + TODO: check +CVE-2020-9454 (A CSRF vulnerability in the RegistrationMagic plugin through 4.6.0.3 f ...) + TODO: check CVE-2020-9453 RESERVED CVE-2020-9452 @@ -2654,7 +2666,7 @@ CVE-2020-8993 CVE-2020-8992 (ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux k ...) - linux <unfixed> NOTE: https://patchwork.ozlabs.org/patch/1236118/ -CVE-2020-8991 (vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages me ...) +CVE-2020-8991 (** DISPUTED ** vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.0 ...) - lvm2 2.03.01-2 [stretch] - lvm2 <no-dsa> (Minor issue) [jessie] - lvm2 <no-dsa> (Minor issue) @@ -4588,8 +4600,7 @@ CVE-2020-8115 (A reflected XSS vulnerability has been discovered in the publicly CVE-2020-8114 (GitLab EE 8.9 and later through 12.7.2 has Insecure Permission ...) - gitlab <unfixed> NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/ -CVE-2020-8113 - RESERVED +CVE-2020-8113 (GitLab 10.7 and later through 12.7.2 has Incorrect Access Control. ...) - gitlab <unfixed> NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/ CVE-2020-8112 (opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through ...) @@ -4941,7 +4952,7 @@ CVE-2020-7976 (GitLab EE 12.4 and later through 12.7.2 has Incorrect Access Cont - gitlab <not-affected> (Only affects Gitlab EE 12.4 and later) NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/ CVE-2020-7975 - RESERVED + REJECTED CVE-2020-7974 (GitLab EE 10.1 through 12.7.2 allows Information Disclosure. ...) - gitlab <not-affected> (Only affects Gitlab EE 10.1 and later) NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84a1ef86eada2111c5a7c1ab16fa5a3fa278ab8b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84a1ef86eada2111c5a7c1ab16fa5a3fa278ab8b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits