Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
693ca55b by security tracker role at 2020-05-08T20:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2020-12744
+ RESERVED
+CVE-2020-12743
+ RESERVED
+CVE-2020-12742
+ RESERVED
+CVE-2020-12741
+ RESERVED
+CVE-2020-12740 (tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer
over-rea ...)
+ TODO: check
+CVE-2020-12739
+ RESERVED
+CVE-2020-12738
+ RESERVED
+CVE-2020-12737 (An issue was discovered in Maxum Rumpus before 8.2.12 on
macOS. Authen ...)
+ TODO: check
+CVE-2020-12736
+ RESERVED
CVE-2020-12735 (reset.php in DomainMOD 4.13.0 uses insufficient entropy for
password r ...)
NOT-FOR-US: DomainMOD
CVE-2020-12734
@@ -100,8 +118,8 @@ CVE-2020-12682
RESERVED
CVE-2020-12681
RESERVED
-CVE-2020-12680
- RESERVED
+CVE-2020-12680 (** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866
allows loca ...)
+ TODO: check
CVE-2020-12679 (A reflected cross-site scripting (XSS) vulnerability in the
Mitel Shor ...)
NOT-FOR-US: Mitel
CVE-2020-12678
@@ -745,6 +763,7 @@ CVE-2020-12398
RESERVED
CVE-2020-12397
RESERVED
+ {DSA-4683-1}
- thunderbird 1:68.8.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12397
CVE-2020-12396
@@ -753,7 +772,7 @@ CVE-2020-12396
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12396
CVE-2020-12395
RESERVED
- {DSA-4678-1}
+ {DSA-4683-1 DSA-4678-1 DLA-2205-1}
- firefox 76.0-1
- firefox-esr 68.8.0esr-1
- thunderbird 1:68.8.0-1
@@ -774,7 +793,7 @@ CVE-2020-12393
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12393
CVE-2020-12392
RESERVED
- {DSA-4678-1}
+ {DSA-4683-1 DSA-4678-1 DLA-2205-1}
- firefox 76.0-1
- firefox-esr 68.8.0esr-1
- thunderbird 1:68.8.0-1
@@ -803,7 +822,7 @@ CVE-2020-12388
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-12388
CVE-2020-12387
RESERVED
- {DSA-4678-1}
+ {DSA-4683-1 DSA-4678-1 DLA-2205-1}
- firefox 76.0-1
- firefox-esr 68.8.0esr-1
- thunderbird 1:68.8.0-1
@@ -1645,56 +1664,56 @@ CVE-2020-12028
RESERVED
CVE-2020-12027
RESERVED
-CVE-2020-12026
- RESERVED
+CVE-2020-12026 (Advantech WebAccess Node, Version 8.4.4 and prior, Version
9.0.0. Mult ...)
+ TODO: check
CVE-2020-12025
RESERVED
CVE-2020-12024
RESERVED
CVE-2020-12023
RESERVED
-CVE-2020-12022
- RESERVED
+CVE-2020-12022 (Advantech WebAccess Node, Version 8.4.4 and prior, Version
9.0.0. An i ...)
+ TODO: check
CVE-2020-12021
RESERVED
CVE-2020-12020
RESERVED
CVE-2020-12019
RESERVED
-CVE-2020-12018
- RESERVED
+CVE-2020-12018 (Advantech WebAccess Node, Version 8.4.4 and prior, Version
9.0.0. An o ...)
+ TODO: check
CVE-2020-12017
RESERVED
CVE-2020-12016
RESERVED
CVE-2020-12015
RESERVED
-CVE-2020-12014
- RESERVED
+CVE-2020-12014 (Advantech WebAccess Node, Version 8.4.4 and prior, Version
9.0.0. Inpu ...)
+ TODO: check
CVE-2020-12013
RESERVED
CVE-2020-12012
RESERVED
CVE-2020-12011
RESERVED
-CVE-2020-12010
- RESERVED
+CVE-2020-12010 (Advantech WebAccess Node, Version 8.4.4 and prior, Version
9.0.0. Mult ...)
+ TODO: check
CVE-2020-12009
RESERVED
CVE-2020-12008
RESERVED
CVE-2020-12007
RESERVED
-CVE-2020-12006
- RESERVED
+CVE-2020-12006 (Advantech WebAccess Node, Version 8.4.4 and prior, Version
9.0.0. Mult ...)
+ TODO: check
CVE-2020-12005
RESERVED
CVE-2020-12004
RESERVED
CVE-2020-12003
RESERVED
-CVE-2020-12002
- RESERVED
+CVE-2020-12002 (Advantech WebAccess Node, Version 8.4.4 and prior, Version
9.0.0. Mult ...)
+ TODO: check
CVE-2020-12001
RESERVED
CVE-2020-12000
@@ -1816,6 +1835,7 @@ CVE-2020-11947
CVE-2020-11946 (Zoho ManageEngine OpManager before 125120 allows an
unauthenticated us ...)
NOT-FOR-US: Zoho ManageEngine OpManager
CVE-2020-11945 (An issue was discovered in Squid before 5.0.2. A remote
attacker can r ...)
+ {DSA-4682-1}
- squid 4.11-1
- squid3 <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_4.txt
@@ -4000,8 +4020,8 @@ CVE-2020-11543 (OpsRamp Gateway before 5.5.0 has a
backdoor account vadmin with
NOT-FOR-US: OpsRamp Gateway
CVE-2020-11542 (3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow
Authenticat ...)
NOT-FOR-US: 3xLOGIC Infinias eIDC32 2.213 devices
-CVE-2020-11541
- RESERVED
+CVE-2020-11541 (In TechSmith SnagIt before 20.1.1, an XML External Entity
(XXE) inject ...)
+ TODO: check
CVE-2020-11540
RESERVED
CVE-2020-11539 (An issue was discovered on Tata Sonata Smart SF Rush 1.12
devices. It ...)
@@ -5221,8 +5241,8 @@ CVE-2020-11008 (Affected versions of Git have a
vulnerability whereby Git can be
NOTE: Fixed by:
https://git.kernel.org/pub/scm/git/git.git/commit/?id=1a3609e402a062ef7b11f197fe96c28cabca132c
CVE-2020-11007 (In Shopizer before version 2.11.0, using API or Controller
based versi ...)
NOT-FOR-US: Shopizer
-CVE-2020-11006
- RESERVED
+CVE-2020-11006 (In Shopizer before version 2.11.0, a script can be injected in
various ...)
+ TODO: check
CVE-2020-11005 (The WindowsHello open source library (NuGet
HaemmerElectronics.SeppPen ...)
NOT-FOR-US: WindowsHello
CVE-2020-11004 (SQL Injection was discovered in Admidio before version 3.3.13.
The mai ...)
@@ -6263,8 +6283,7 @@ CVE-2020-10691 (An archive traversal flaw was found in
all ansible-engine versio
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1817161
NOTE: https://github.com/ansible/ansible/pull/68596
NOTE:
https://github.com/ansible/ansible/commit/b2551bb6943eec078066aa3a923e0bb3ed85abe8
(stable-2.9)
-CVE-2020-10690
- RESERVED
+CVE-2020-10690 (There is a use-after-free in kernel versions before 5.5 due to
a race ...)
- linux 5.4.8-1
[buster] - linux 4.19.98-1
NOTE: Fixed by:
https://git.kernel.org/linus/a33121e5487b424339636b25c35d3a180eaa5f5e
@@ -6469,8 +6488,8 @@ CVE-2020-10640
RESERVED
CVE-2020-10639 (Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version
3.00.23 and p ...)
NOT-FOR-US: Eaton HMiSoft VU3
-CVE-2020-10638
- RESERVED
+CVE-2020-10638 (Advantech WebAccess Node, Version 8.4.4 and prior, Version
9.0.0. Mult ...)
+ TODO: check
CVE-2020-10637 (Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version
3.00.23 and p ...)
NOT-FOR-US: Eaton HMiSoft VU3
CVE-2020-10636
@@ -11466,6 +11485,7 @@ CVE-2020-8452
CVE-2020-8451
RESERVED
CVE-2020-8450 (An issue was discovered in Squid before 4.10. Due to incorrect
buffer ...)
+ {DSA-4682-1}
- squid 4.10-1 (bug #950802)
- squid3 <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_1.txt
@@ -11473,6 +11493,7 @@ CVE-2020-8450 (An issue was discovered in Squid before
4.10. Due to incorrect bu
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_1.patch (Squid 4.8
and older)
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-b3a0719affab099c684f1cd62b79ab02816fa962.patch
(Squid 4.9)
CVE-2020-8449 (An issue was discovered in Squid before 4.10. Due to incorrect
input v ...)
+ {DSA-4682-1}
- squid 4.10-1 (bug #950802)
- squid3 <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_1.txt
@@ -14086,20 +14107,20 @@ CVE-2020-7293
RESERVED
CVE-2020-7292
RESERVED
-CVE-2020-7291
- RESERVED
-CVE-2020-7290
- RESERVED
-CVE-2020-7289
- RESERVED
-CVE-2020-7288
- RESERVED
-CVE-2020-7287
- RESERVED
-CVE-2020-7286
- RESERVED
-CVE-2020-7285
- RESERVED
+CVE-2020-7291 (Privilege Escalation vulnerability in McAfee Active Response
(MAR) for ...)
+ TODO: check
+CVE-2020-7290 (Privilege Escalation vulnerability in McAfee Active Response
(MAR) for ...)
+ TODO: check
+CVE-2020-7289 (Privilege Escalation vulnerability in McAfee Active Response
(MAR) for ...)
+ TODO: check
+CVE-2020-7288 (Privilege Escalation vulnerability in McAfee Exploit Detection
and Res ...)
+ TODO: check
+CVE-2020-7287 (Privilege Escalation vulnerability in McAfee Exploit Detection
and Res ...)
+ TODO: check
+CVE-2020-7286 (Privilege Escalation vulnerability in McAfee Exploit Detection
and Res ...)
+ TODO: check
+CVE-2020-7285 (Privilege Escalation vulnerability in McAfee MVISION Endpoint
prior to ...)
+ TODO: check
CVE-2020-7284
RESERVED
CVE-2020-7283
@@ -14134,14 +14155,14 @@ CVE-2020-7269
RESERVED
CVE-2020-7268
RESERVED
-CVE-2020-7267
- RESERVED
-CVE-2020-7266
- RESERVED
-CVE-2020-7265
- RESERVED
-CVE-2020-7264
- RESERVED
+CVE-2020-7267 (Privilege Escalation vulnerability in McAfee VirusScan
Enterprise (VSE ...)
+ TODO: check
+CVE-2020-7266 (Privilege Escalation vulnerability in McAfee VirusScan
Enterprise (VSE ...)
+ TODO: check
+CVE-2020-7265 (Privilege Escalation vulnerability in McAfee Endpoint Security
(ENS) f ...)
+ TODO: check
+CVE-2020-7264 (Privilege Escalation vulnerability in McAfee Endpoint Security
(ENS) f ...)
+ TODO: check
CVE-2020-7263 (Improper access control vulnerability in ESConfigTool.exe in
ENS for W ...)
NOT-FOR-US: ENS for Windows
CVE-2020-7262
@@ -15214,7 +15235,7 @@ CVE-2019-20377 (TopList before 2019-09-03 allows XSS
via a title. ...)
NOT-FOR-US: TopList
CVE-2020-6831
RESERVED
- {DSA-4678-1}
+ {DSA-4683-1 DSA-4678-1 DLA-2205-1}
- firefox 76.0-1
- firefox-esr 68.8.0esr-1
- chromium <unfixed>
@@ -17820,8 +17841,8 @@ CVE-2020-5743 (Improper Control of Resource Identifiers
in TCExam 14.2.2 allows
TODO: check
CVE-2020-5742
RESERVED
-CVE-2020-5741
- RESERVED
+CVE-2020-5741 (Deserialization of Untrusted Data in Plex Media Server on
Windows allo ...)
+ TODO: check
CVE-2020-5740 (Improper Input Validation in Plex Media Server on Windows
allows a loc ...)
NOT-FOR-US: Plex Media Server
CVE-2020-5739 (Grandstream GXP1600 series firmware 1.0.4.152 and below is
vulnerable ...)
@@ -21108,11 +21129,11 @@ CVE-2020-4432
RESERVED
CVE-2020-4431
RESERVED
-CVE-2020-4430 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and
2.0.6 cou ...)
+CVE-2020-4430 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could
allow a rem ...)
NOT-FOR-US: IBM
CVE-2020-4429 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and
2.0.6 con ...)
NOT-FOR-US: IBM
-CVE-2020-4428 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and
2.0.6 cou ...)
+CVE-2020-4428 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could
allow a rem ...)
NOT-FOR-US: IBM
CVE-2020-4427 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and
2.0.6 cou ...)
NOT-FOR-US: IBM
@@ -33317,25 +33338,26 @@ CVE-2019-18680 (An issue was discovered in the Linux
kernel 4.4.x before 4.4.195
- linux <not-affected> (Vulnerable code not present)
NOTE: https://lkml.org/lkml/2019/9/18/337
CVE-2019-18679 (An issue was discovered in Squid 2.x, 3.x, and 4.x through
4.8. Due to ...)
- {DLA-2028-1}
+ {DSA-4682-1 DLA-2028-1}
- squid 4.9-1
- squid3 <removed>
NOTE: Squid 4:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_11.txt
CVE-2019-18678 (An issue was discovered in Squid 3.x and 4.x through 4.8. It
allows at ...)
- {DLA-2028-1}
+ {DSA-4682-1 DLA-2028-1}
- squid 4.9-1
- squid3 <removed>
NOTE: Squid 4:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_10.txt
CVE-2019-18677 (An issue was discovered in Squid 3.x and 4.x through 4.8 when
the appe ...)
- {DLA-2028-1}
+ {DSA-4682-1 DLA-2028-1}
- squid 4.9-1
- squid3 <removed>
NOTE: Squid 4:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-36492033ea4097821a4f7ff3ddcb971fbd1e8ba0.patch
NOTE: Squid 3.5:
http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-e5f1813a674848dde570f7920873e1071f96e0b4.patch
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_9.txt
CVE-2019-18676 (An issue was discovered in Squid 3.x and 4.x through 4.8. Due
to incor ...)
+ {DSA-4682-1}
- squid 4.9-1
- squid3 <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_8.txt
@@ -38043,35 +38065,35 @@ CVE-2019-17293 (SugarCRM before 8.0.4 and 9.x before
9.0.2 allows SQL injection
CVE-2019-17292 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL
injection in the ...)
NOT-FOR-US: SugarCRM
CVE-2019-17291
- RESERVED
+ REJECTED
CVE-2019-17290
- RESERVED
+ REJECTED
CVE-2019-17289
- RESERVED
+ REJECTED
CVE-2019-17288
- RESERVED
+ REJECTED
CVE-2019-17287
- RESERVED
+ REJECTED
CVE-2019-17286
- RESERVED
+ REJECTED
CVE-2019-17285
- RESERVED
+ REJECTED
CVE-2019-17284
- RESERVED
+ REJECTED
CVE-2019-17283
- RESERVED
+ REJECTED
CVE-2019-17282
- RESERVED
+ REJECTED
CVE-2019-17281
- RESERVED
+ REJECTED
CVE-2019-17280
- RESERVED
+ REJECTED
CVE-2019-17279
- RESERVED
+ REJECTED
CVE-2019-17278
- RESERVED
+ REJECTED
CVE-2019-17277
- RESERVED
+ REJECTED
CVE-2019-17276 (OnCommand System Manager versions 9.3 prior to 9.3P18 and 9.4
prior to ...)
NOT-FOR-US: OnCommand
CVE-2019-17275 (OnCommand Cloud Manager versions prior to 3.8.0 are
susceptible to arb ...)
@@ -45249,8 +45271,7 @@ CVE-2019-14900
RESERVED
CVE-2019-14899 (A vulnerability was discovered in Linux, FreeBSD, OpenBSD,
MacOS, iOS, ...)
NOTE: https://www.openwall.com/lists/oss-security/2019/12/05/1
-CVE-2019-14898 [RHEL-7 specific incompete fix issue for CVE-2019-11599]
- RESERVED
+CVE-2019-14898 (The fix for CVE-2019-11599, affecting the Linux kernel before
5.0.10 w ...)
- linux <not-affected> (RHEL-7 specific incomplete fix for
CVE-2019-11599)
CVE-2019-14897 (A stack-based buffer overflow was found in the Linux kernel,
version k ...)
{DLA-2114-1 DLA-2068-1}
@@ -53527,6 +53548,7 @@ CVE-2019-12529 (An issue was discovered in Squid 2.x
through 2.7.STABLE9, 3.x th
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_2.txt
NOTE: Squid 4:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-dd46b5417809647f561d8a5e0e74c3aacd235258.patch
CVE-2019-12528 (An issue was discovered in Squid before 4.10. It allows a
crafted FTP ...)
+ {DSA-4682-1}
- squid 4.10-1 (bug #950925)
- squid3 <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_2.txt
@@ -53542,7 +53564,7 @@ CVE-2019-12527 (An issue was discovered in Squid 4.0.23
through 4.7. When checki
NOTE: than the length of the target buffer, whilst in 4.x the entire
input is decoded
NOTE: without regard for the size of the target buffer.
CVE-2019-12526 (An issue was discovered in Squid before 4.9. URN response
handling in ...)
- {DLA-2028-1}
+ {DSA-4682-1 DLA-2028-1}
- squid 4.9-1
- squid3 <removed>
NOTE: Squid 4:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-7aa0184a720fd216191474e079f4fe87de7c4f5a.patch
@@ -53555,11 +53577,13 @@ CVE-2019-12525 (An issue was discovered in Squid
3.3.9 through 3.5.28 and 4.x th
NOTE: Squid 4:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-409956536647b3a05ee1e367424a24ae6b8f13fd.patch
NOTE: Squid 3.5:
http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-ec0d0f39cf28da14eead0ba5e777e95855bc2f67.patch
CVE-2019-12524 (An issue was discovered in Squid through 4.7. When handling
requests f ...)
+ {DSA-4682-1}
- squid 4.8-1
- squid3 <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_4.txt
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/SQUID-2019_4.patch
CVE-2019-12523 (An issue was discovered in Squid before 4.9. When handling a
URN reque ...)
+ {DSA-4682-1}
- squid 4.9-1
- squid3 <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_8.txt
@@ -53567,16 +53591,19 @@ CVE-2019-12523 (An issue was discovered in Squid
before 4.9. When handling a URN
CVE-2019-12522 (An issue was discovered in Squid through 4.7. When Squid is
run as roo ...)
TODO: check
CVE-2019-12521 (An issue was discovered in Squid through 4.7. When Squid is
parsing ES ...)
+ {DSA-4682-1}
- squid 4.11-1
- squid3 <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_12.txt
NOTE: Squid 4:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-fdd4123629320aa1ee4c3481bb392437c90d188d.patch
CVE-2019-12520 (An issue was discovered in Squid through 4.7 and 5. When
receiving a r ...)
+ {DSA-4682-1}
- squid 4.8-1
- squid3 <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_4.txt
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/SQUID-2019_4.patch
CVE-2019-12519 (An issue was discovered in Squid through 4.7. When handling
the tag es ...)
+ {DSA-4682-1}
- squid 4.11-1
- squid3 <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_12.txt
@@ -60181,11 +60208,9 @@ CVE-2019-10172 (A flaw was found in
org.codehaus.jackson:jackson-mapper-asl:1.9.
NOTE:
https://stackoverflow.com/questions/38017676/small-fix-for-cve-2016-3720-with-older-versions-of-jackson-all-1-9-11-and-in-ja/38017721
CVE-2019-10171 (It was found that the fix for CVE-2018-14648 in 389-ds-base,
versions ...)
- 389-ds-base <not-affected> (Incomplete RHEL backport)
-CVE-2019-10170
- RESERVED
+CVE-2019-10170 (A flaw was found in the Keycloak admin console, where the
realm manage ...)
NOT-FOR-US: Keycloak
-CVE-2019-10169
- RESERVED
+CVE-2019-10169 (A flaw was found in Keycloak’s user-managed access
interface, wh ...)
NOT-FOR-US: Keycloak
CVE-2019-10168 (The virConnectBaselineHypervisorCPU() and
virConnectCompareHypervisorC ...)
- libvirt 5.0.0-4
@@ -73640,7 +73665,7 @@ CVE-2019-5501 (Data ONTAP operating in 7-Mode versions
prior to 8.2.5P3 may disc
CVE-2019-5500
RESERVED
CVE-2019-5499
- RESERVED
+ REJECTED
CVE-2019-5498 (OnCommand Insight versions through 7.3.6 may disclose sensitive
accoun ...)
NOT-FOR-US: OnCommand Insight
CVE-2019-5497 (NetApp AFF A700s Baseboard Management Controller (BMC) firmware
versio ...)
@@ -79877,8 +79902,8 @@ CVE-2018-20227 (RDF4J 2.4.2 allows Directory Traversal
via ../ in an entry in a
NOT-FOR-US: RDF4J
CVE-2018-20226 (An organization administrator can add a super administrator in
THEHIVE ...)
NOT-FOR-US: THEHIVE
-CVE-2018-20225
- RESERVED
+CVE-2018-20225 (An issue was discovered in pip (all versions) because it
installs the ...)
+ TODO: check
CVE-2018-20224
RESERVED
CVE-2018-20223
@@ -127764,7 +127789,7 @@ CVE-2018-5493 (ATTO FibreBridge 7500N firmware
versions prior to 2.90 are suscep
CVE-2018-5492 (NetApp E-Series SANtricity OS Controller Software 11.30 and
later vers ...)
NOT-FOR-US: NetApp
CVE-2018-5491
- RESERVED
+ REJECTED
CVE-2018-5490 (Read-Only export policy rules are not correctly enforced in
Clustered ...)
NOT-FOR-US: NetApp Data ONTAP
CVE-2018-5489 (NetApp 7-Mode Transition Tool allows users with valid
credentials to a ...)
@@ -127778,7 +127803,7 @@ CVE-2018-5486 (NetApp OnCommand Unified Manager for
Linux versions 7.2 though 7.
CVE-2018-5485 (NetApp OnCommand Unified Manager for Windows versions 7.2
through 7.3 ...)
NOT-FOR-US: NetApp OnCommand Unified Manager for Windows
CVE-2018-5484
- RESERVED
+ REJECTED
CVE-2018-5483
RESERVED
CVE-2018-5482 (NetApp SnapCenter Server prior to 4.1 does not set the secure
flag for ...)
@@ -127786,7 +127811,7 @@ CVE-2018-5482 (NetApp SnapCenter Server prior to 4.1
does not set the secure fla
CVE-2018-5481 (OnCommand Unified Manager for 7-Mode (core package) prior to
5.2.4 use ...)
NOT-FOR-US: OnCommand Unified Manager
CVE-2018-5480
- RESERVED
+ REJECTED
CVE-2018-5479 (FoxSash ImgHosting 1.5 (according to footer information) is
vulnerable ...)
NOT-FOR-US: FoxSash ImgHosting
CVE-2018-5478
@@ -148443,7 +148468,7 @@ CVE-2017-15516 (NetApp SnapCenter Server versions 1.1
through 2.x are susceptibl
CVE-2017-15515 (NetApp SnapCenter Server prior to 4.0 is susceptible to cross
site scr ...)
NOT-FOR-US: NetApp SnapCenter Server
CVE-2017-15514
- RESERVED
+ REJECTED
CVE-2017-15568 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before
3.4.3, X ...)
{DSA-4191-1}
- redmine 3.4.4-1 (bug #882544)
@@ -154339,19 +154364,19 @@ CVE-2017-13660
CVE-2017-13659
RESERVED
CVE-2017-13657
- RESERVED
+ REJECTED
CVE-2017-13656
- RESERVED
+ REJECTED
CVE-2017-13655
- RESERVED
+ REJECTED
CVE-2017-13654
- RESERVED
+ REJECTED
CVE-2017-13653
- RESERVED
+ REJECTED
CVE-2017-13652 (NetApp OnCommand Insight version 7.3.0 and versions prior to
7.2.0 are ...)
NOT-FOR-US: NetApp
CVE-2017-13651
- RESERVED
+ REJECTED
CVE-2017-13650
RESERVED
CVE-2017-1002150 (python-fedora 0.8.0 and lower is vulnerable to an open
redirect result ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/693ca55bb108074dc75455b0dcf7211c90161c12
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/693ca55bb108074dc75455b0dcf7211c90161c12
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
