[Git][security-tracker-team/security-tracker][master] automatic update

Thu, 09 Apr 2020 01:11:21 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b9633bbf by security tracker role at 2020-04-09T08:10:27+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2020-11657
+       RESERVED
+CVE-2020-11656 (In SQLite through 3.31.1, the ALTER TABLE implementation has a 
use-aft ...)
+       TODO: check
+CVE-2020-11655 (SQLite through 3.31.1 allows attackers to cause a denial of 
service (s ...)
+       TODO: check
+CVE-2020-11654
+       RESERVED
+CVE-2020-11653 (An issue was discovered in Varnish Cache before 6.0.6 LTS, 
6.1.x and 6 ...)
+       TODO: check
+CVE-2020-11652
+       RESERVED
+CVE-2020-11651
+       RESERVED
+CVE-2020-11650 (An issue was discovered in iXsystems FreeNAS 11.2 and 11.3 
before 11.3 ...)
+       TODO: check
+CVE-2020-11649
+       RESERVED
+CVE-2020-11648
+       RESERVED
+CVE-2020-11647
+       RESERVED
+CVE-2019-20637 (An issue was discovered in Varnish Cache before 6.0.5 LTS, 
6.1.x and 6 ...)
+       TODO: check
 CVE-2020-11646
        RESERVED
 CVE-2020-11645
@@ -6878,12 +6902,12 @@ CVE-2020-8830
        RESERVED
 CVE-2020-8829
        RESERVED
-CVE-2020-8828
-       RESERVED
-CVE-2020-8827
-       RESERVED
-CVE-2020-8826
-       RESERVED
+CVE-2020-8828 (As of v1.5.0, the default admin password is set to the 
argocd-server p ...)
+       TODO: check
+CVE-2020-8827 (As of v1.5.0, the Argo API does not implement anti-automation 
measures ...)
+       TODO: check
+CVE-2020-8826 (As of v1.5.0, the Argo web interface authentication system 
issued immu ...)
+       TODO: check
 CVE-2020-8825 (index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 
allows store ...)
        NOT-FOR-US: Vanilla Forums
 CVE-2020-8824 (Hitron CODA-4582U 7.1.1.30 devices allow XSS via a Managed 
Device name ...)
@@ -21960,8 +21984,7 @@ CVE-2020-2734
        RESERVED
 CVE-2020-2733
        RESERVED
-CVE-2020-2732 [kvm: nVMX: L2 guest may trick the L0 hypervisor to access 
sensitive L1 resources]
-       RESERVED
+CVE-2020-2732 (A flaw was discovered in the way that the KVM hypervisor 
handled instr ...)
        - linux 5.5.13-1
        NOTE: 
https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ec
        NOTE: 
https://git.kernel.org/linus/35a571346a94fb93b5b3b6a599675ef3384bc75c
@@ -24385,8 +24408,8 @@ CVE-2020-1887 (Incorrect validation of the TLS SNI 
hostname in osquery versions
        - osquery <itp> (bug #803502)
 CVE-2020-1886
        RESERVED
-CVE-2020-1885
-       RESERVED
+CVE-2020-1885 (Writing to an unprivileged file from a privileged OVRRedir.exe 
process ...)
+       TODO: check
 CVE-2019-19512
        RESERVED
 CVE-2019-19511
@@ -27014,21 +27037,17 @@ CVE-2020-1641
        RESERVED
 CVE-2020-1640
        RESERVED
-CVE-2020-1639
-       RESERVED
+CVE-2020-1639 (When an attacker sends a specific crafted Ethernet Operation, 
Administ ...)
        NOT-FOR-US: Juniper
-CVE-2020-1638
-       RESERVED
+CVE-2020-1638 (The FPC (Flexible PIC Concentrator) of Juniper Networks Junos 
OS and J ...)
        NOT-FOR-US: Juniper
-CVE-2020-1637
-       RESERVED
+CVE-2020-1637 (A vulnerability in Juniper Networks SRX Series device 
configured as a  ...)
        NOT-FOR-US: Juniper
 CVE-2020-1636
        RESERVED
 CVE-2020-1635
        RESERVED
-CVE-2020-1634
-       RESERVED
+CVE-2020-1634 (On High-End SRX Series devices, in specific configurations and 
when sp ...)
        NOT-FOR-US: Juniper
 CVE-2020-1633
        RESERVED
@@ -27038,59 +27057,41 @@ CVE-2020-1632
        NOT-FOR-US: Juniper
 CVE-2020-1631
        RESERVED
-CVE-2020-1630
-       RESERVED
+CVE-2020-1630 (A privilege escalation vulnerability in Juniper Networks Junos 
OS devi ...)
        NOT-FOR-US: Juniper
-CVE-2020-1629
-       RESERVED
+CVE-2020-1629 (A race condition vulnerability on Juniper Network Junos OS 
devices may ...)
        NOT-FOR-US: Juniper
-CVE-2020-1628
-       RESERVED
+CVE-2020-1628 (Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for 
internal com ...)
        NOT-FOR-US: Juniper
-CVE-2020-1627
-       RESERVED
+CVE-2020-1627 (A vulnerability in Juniper Networks Junos OS on vMX and MX150 
devices  ...)
        NOT-FOR-US: Juniper
-CVE-2020-1626
-       RESERVED
+CVE-2020-1626 (A vulnerability in Juniper Networks Junos OS Evolved may allow 
an atta ...)
        NOT-FOR-US: Juniper
-CVE-2020-1625
-       RESERVED
+CVE-2020-1625 (The kernel memory usage represented as "temp" via 'show system 
virtual ...)
        NOT-FOR-US: Juniper
-CVE-2020-1624
-       RESERVED
+CVE-2020-1624 (A local, authenticated user with shell can obtain the hashed 
values of ...)
        NOT-FOR-US: Juniper
-CVE-2020-1623
-       RESERVED
+CVE-2020-1623 (A local, authenticated user with shell can view sensitive 
configuratio ...)
        NOT-FOR-US: Juniper
-CVE-2020-1622
-       RESERVED
+CVE-2020-1622 (A local, authenticated user with shell can obtain the hashed 
values of ...)
        NOT-FOR-US: Juniper
-CVE-2020-1621
-       RESERVED
+CVE-2020-1621 (A local, authenticated user with shell can obtain the hashed 
values of ...)
        NOT-FOR-US: Juniper
-CVE-2020-1620
-       RESERVED
+CVE-2020-1620 (A local, authenticated user with shell can obtain the hashed 
values of ...)
        NOT-FOR-US: Juniper
-CVE-2020-1619
-       RESERVED
+CVE-2020-1619 (A privilege escalation vulnerability in Juniper Networks QFX10K 
Series ...)
        NOT-FOR-US: Juniper
-CVE-2020-1618
-       RESERVED
+CVE-2020-1618 (On Juniper Networks EX and QFX Series, an authentication bypass 
vulner ...)
        NOT-FOR-US: Juniper
-CVE-2020-1617
-       RESERVED
+CVE-2020-1617 (This issue occurs on Juniper Networks Junos OS devices which do 
not su ...)
        NOT-FOR-US: Juniper
-CVE-2020-1616
-       RESERVED
+CVE-2020-1616 (Due to insufficient server-side login attempt limit 
enforcement, a vul ...)
        NOT-FOR-US: Juniper
-CVE-2020-1615
-       RESERVED
+CVE-2020-1615 (The factory configuration for vMX installations, as shipped, 
includes  ...)
        NOT-FOR-US: Juniper
-CVE-2020-1614
-       RESERVED
+CVE-2020-1614 (A Use of Hard-coded Credentials vulnerability exists in the 
NFX250 Ser ...)
        NOT-FOR-US: Juniper
-CVE-2020-1613
-       RESERVED
+CVE-2020-1613 (A vulnerability in the BGP FlowSpec implementation may cause a 
Juniper ...)
        NOT-FOR-US: Juniper
 CVE-2020-1612
        RESERVED



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9633bbf36277d9e3f31208c081cc0550b167a2e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9633bbf36277d9e3f31208c081cc0550b167a2e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to