Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 549213d2 by security tracker role at 2020-05-12T08:10:16+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,21 @@ +CVE-2020-12799 + RESERVED +CVE-2020-12798 + RESERVED +CVE-2020-12797 + RESERVED +CVE-2020-12796 + RESERVED +CVE-2020-12795 + RESERVED +CVE-2020-12794 + RESERVED +CVE-2020-12793 + RESERVED +CVE-2020-12792 + RESERVED +CVE-2020-12791 + RESERVED CVE-2020-12790 (In the SEOmatic plugin before 3.2.49 for Craft CMS, helpers/DynamicMet ...) NOT-FOR-US: SEOmatic plugin for Craft CMS CVE-2020-12789 @@ -5170,10 +5188,10 @@ CVE-2020-11074 RESERVED CVE-2020-11073 RESERVED -CVE-2020-11072 - RESERVED -CVE-2020-11071 - RESERVED +CVE-2020-11072 (In SLP Validate (npm package slp-validate) before version 1.2.1, users ...) + TODO: check +CVE-2020-11071 (SLPJS (npm package slpjs) before version 0.27.2, has a vulnerability w ...) + TODO: check CVE-2020-11070 RESERVED CVE-2020-11069 @@ -7933,8 +7951,8 @@ CVE-2020-10069 RESERVED CVE-2020-10068 RESERVED -CVE-2020-10067 - RESERVED +CVE-2020-10067 (A malicious userspace application can cause a integer overflow and byp ...) + TODO: check CVE-2020-10066 RESERVED CVE-2020-10065 @@ -7947,12 +7965,12 @@ CVE-2020-10062 RESERVED CVE-2020-10061 RESERVED -CVE-2020-10060 - RESERVED -CVE-2020-10059 - RESERVED -CVE-2020-10058 - RESERVED +CVE-2020-10060 (In updatehub_probe, right after JSON parsing is complete, objects\[1] ...) + TODO: check +CVE-2020-10059 (The UpdateHub module disables DTLS peer checking, which allows for a m ...) + TODO: check +CVE-2020-10058 (Multiple syscalls in the Kscan subsystem perform insufficient argument ...) + TODO: check CVE-2019-20498 (cPanel before 82.0.18 allows WebDAV authentication bypass because the ...) NOT-FOR-US: cPanel CVE-2019-20497 (cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration (SE ...) @@ -8353,8 +8371,8 @@ CVE-2020-9842 RESERVED CVE-2020-9841 RESERVED -CVE-2020-9840 - RESERVED +CVE-2020-9840 (In SwiftNIO Extras before 1.4.1, a logic issue was addressed with impr ...) + TODO: check CVE-2020-9839 RESERVED CVE-2020-9838 @@ -8501,26 +8519,26 @@ CVE-2020-9768 (A use after free issue was addressed with improved memory managem NOT-FOR-US: Apple CVE-2020-9767 RESERVED -CVE-2020-10028 - RESERVED -CVE-2020-10027 - RESERVED +CVE-2020-10028 (Multiple syscalls with insufficient argument validation See NCC-ZEP-00 ...) + TODO: check +CVE-2020-10027 (An attacker who has obtained code execution within a user thread is ab ...) + TODO: check CVE-2020-10026 - RESERVED + REJECTED CVE-2020-10025 - RESERVED -CVE-2020-10024 - RESERVED -CVE-2020-10023 - RESERVED -CVE-2020-10022 - RESERVED -CVE-2020-10021 - RESERVED + REJECTED +CVE-2020-10024 (The arm platform-specific code uses a signed integer comparison when v ...) + TODO: check +CVE-2020-10023 (The shell subsystem contains a buffer overflow, whereby an adversary w ...) + TODO: check +CVE-2020-10022 (A malformed JSON payload that is received from an UpdateHub server may ...) + TODO: check +CVE-2020-10021 (Out-of-bounds Write in the USB Mass Storage memoryWrite handler with u ...) + TODO: check CVE-2020-10020 REJECTED -CVE-2020-10019 - RESERVED +CVE-2020-10019 (USB DFU has a potential buffer overflow where the requested length (wL ...) + TODO: check CVE-2020-10018 (WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the ...) {DSA-4641-1} - webkit2gtk 2.28.0-2 @@ -13518,8 +13536,8 @@ CVE-2020-7649 RESERVED CVE-2020-7648 RESERVED -CVE-2020-7647 - RESERVED +CVE-2020-7647 (All versions before 1.6.7 and all versions after 2.0.0 inclusive and b ...) + TODO: check CVE-2020-7646 (curlrequest through 1.0.1 allows execution of arbitrary commands.It is ...) TODO: check CVE-2020-7645 (All versions of chrome-launcher allow execution of arbitrary commands, ...) @@ -17813,16 +17831,16 @@ CVE-2020-5839 RESERVED CVE-2020-5838 RESERVED -CVE-2020-5837 - RESERVED -CVE-2020-5836 - RESERVED -CVE-2020-5835 - RESERVED -CVE-2020-5834 - RESERVED -CVE-2020-5833 - RESERVED +CVE-2020-5837 (Symantec Endpoint Protection, prior to 14.3, may not respect file perm ...) + TODO: check +CVE-2020-5836 (Symantec Endpoint Protection, prior to 14.3, can potentially reset the ...) + TODO: check +CVE-2020-5835 (Symantec Endpoint Protection Manager, prior to 14.3, has a race condit ...) + TODO: check +CVE-2020-5834 (Symantec Endpoint Protection Manager, prior to 14.3, may be susceptibl ...) + TODO: check +CVE-2020-5833 (Symantec Endpoint Protection Manager, prior to 14.3, may be susceptibl ...) + TODO: check CVE-2020-5832 (Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6 ...) NOT-FOR-US: Symantec CVE-2020-5831 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...) @@ -29355,8 +29373,7 @@ CVE-2020-1726 (A flaw was discovered in Podman where it incorrectly allows conta - podman <itp> (bug #930440) CVE-2020-1725 RESERVED -CVE-2020-1724 - RESERVED +CVE-2020-1724 (A flaw was found in Keycloak in versions before 9.0.2. This flaw allow ...) NOT-FOR-US: Keycloak CVE-2020-1723 RESERVED @@ -152852,7 +152869,7 @@ CVE-2017-14202 (Improper Restriction of Operations within the Bounds of a Memory CVE-2017-14201 (Use After Free vulnerability in the Zephyr shell allows a serial or te ...) NOT-FOR-US: Zephyr CVE-2017-14200 - RESERVED + REJECTED CVE-2017-14199 (A buffer overflow has been found in the Zephyr Project's getaddrinfo() ...) NOT-FOR-US: Zephyr OS CVE-2017-14198 (An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x befor ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/549213d2c217c8b88c64fd2d37138f7fb58bcb4c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/549213d2c217c8b88c64fd2d37138f7fb58bcb4c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits