[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 14 Mar 2020 01:10:51 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
33aaec07 by security tracker role at 2020-03-14T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2020-10566 (grub2-bhyve, as used in FreeBSD bhyve before revision 525916 
2020-02-1 ...)
+       TODO: check
+CVE-2020-10565 (grub2-bhyve, as used in FreeBSD bhyve before revision 525916 
2020-02-1 ...)
+       TODO: check
+CVE-2020-10564 (An issue was discovered in the File Upload plugin before 
4.13.0 for Wo ...)
+       TODO: check
+CVE-2020-10563 (An issue was discovered in DEVOME GRR before 3.4.1c. 
frmcontactlist.ph ...)
+       TODO: check
+CVE-2020-10562 (An issue was discovered in DEVOME GRR before 3.4.1c. 
admin_edit_room.p ...)
+       TODO: check
+CVE-2020-10561
+       RESERVED
+CVE-2020-10560
+       RESERVED
+CVE-2020-10559
+       RESERVED
 CVE-2020-10558
        RESERVED
 CVE-2020-10557
@@ -11899,8 +11915,8 @@ CVE-2020-5258 (In affected versions of dojo (NPM 
package), the deepCopy method i
        [buster] - dojo <no-dsa> (Minor issue)
        NOTE: 
https://github.com/dojo/dojo/security/advisories/GHSA-jxfh-8wgv-vfr2
        NOTE: 
https://github.com/dojo/dojo/commit/20a00afb68f5587946dc76fbeaa68c39bda2171d
-CVE-2020-5257
-       RESERVED
+CVE-2020-5257 (In Administrate (rubygem) before version 0.13.0, when sorting 
by attri ...)
+       TODO: check
 CVE-2020-5256 (BookStack before version 0.25.5 has a vulnerability where a 
user could ...)
        NOT-FOR-US: BookStack
 CVE-2020-5255
@@ -11948,8 +11964,8 @@ CVE-2020-5242 (openHAB before 2.5.2 allow a remote 
attacker to use REST calls to
        NOT-FOR-US: openHAB
 CVE-2020-5241 (matestack-ui-core (RubyGem) before 0.7.4 is vulnerable to 
XSS/Script i ...)
        NOT-FOR-US: matestack-ui-core Ruby gem
-CVE-2020-5240
-       RESERVED
+CVE-2020-5240 (In wagtail-2fa before 1.4.1, any user with access to the CMS 
can view  ...)
+       TODO: check
 CVE-2020-5239 (In Mailu before version 1.7, an authenticated user can exploit 
a vulne ...)
        NOT-FOR-US: Mailu
 CVE-2020-5238
@@ -26241,12 +26257,12 @@ CVE-2019-18580 (Dell EMC Storage Monitoring and 
Reporting version 4.3.1 contains
        NOT-FOR-US: EMC
 CVE-2019-18579 (Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior 
to 1.1. ...)
        NOT-FOR-US: Dell
-CVE-2019-18578
-       RESERVED
-CVE-2019-18577
-       RESERVED
-CVE-2019-18576
-       RESERVED
+CVE-2019-18578 (Dell EMC XtremIO XMS versions prior to 6.3.0 contain a stored 
cross-si ...)
+       TODO: check
+CVE-2019-18577 (Dell EMC XtremIO XMS versions prior to 6.3.0 contain an 
incorrect perm ...)
+       TODO: check
+CVE-2019-18576 (Dell EMC XtremIO XMS versions prior to 6.3.0 contain an 
information di ...)
+       TODO: check
 CVE-2019-18575 (Dell Command Configure versions prior to 4.2.1 contain an 
uncontrolled ...)
        NOT-FOR-US: Dell Command Configure
 CVE-2019-18574 (RSA Authentication Manager software versions prior to 8.4 P8 
contain a ...)
@@ -70175,10 +70191,10 @@ CVE-2019-3772 (Spring Integration 
(spring-integration-xml and spring-integration
        NOT-FOR-US: Spring Integration
 CVE-2019-3771
        RESERVED
-CVE-2019-3770
-       RESERVED
-CVE-2019-3769
-       RESERVED
+CVE-2019-3770 (Dell Wyse Management Suite versions prior to 1.4.1 contain a 
stored cr ...)
+       TODO: check
+CVE-2019-3769 (Dell Wyse Management Suite versions prior to 1.4.1 contain a 
stored cr ...)
+       TODO: check
 CVE-2019-3768 (RSA Authentication Manager versions prior to 8.4 P7 contain an 
XML Ent ...)
        NOT-FOR-US: RSA Authentication Manager
 CVE-2019-3767 (Dell ImageAssist versions prior to 8.7.15 contain an 
information discl ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33aaec07fcd61bafa0c1c6bf4e27b40c52b0a43e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33aaec07fcd61bafa0c1c6bf4e27b40c52b0a43e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to