[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Wed, 20 May 2020 01:11:11 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e451b0eb by security tracker role at 2020-05-20T08:10:50+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,129 @@
-CVE-2020-13165
+CVE-2020-13225 (phpIPAM 1.4 contains a stored cross site scripting (XSS) 
vulnerability ...)
+       TODO: check
+CVE-2020-13224
+       RESERVED
+CVE-2020-13223
+       RESERVED
+CVE-2020-13222
+       RESERVED
+CVE-2020-13221
+       RESERVED
+CVE-2020-13220
+       RESERVED
+CVE-2020-13219
+       RESERVED
+CVE-2020-13218
+       RESERVED
+CVE-2020-13217
+       RESERVED
+CVE-2020-13216
+       RESERVED
+CVE-2020-13215
+       RESERVED
+CVE-2020-13214
+       RESERVED
+CVE-2020-13213
+       RESERVED
+CVE-2020-13212
+       RESERVED
+CVE-2020-13211
+       RESERVED
+CVE-2020-13210
+       RESERVED
+CVE-2020-13209
+       RESERVED
+CVE-2020-13208
+       RESERVED
+CVE-2020-13207
+       RESERVED
+CVE-2020-13206
+       RESERVED
+CVE-2020-13205
+       RESERVED
+CVE-2020-13204
+       RESERVED
+CVE-2020-13203
+       RESERVED
+CVE-2020-13202
+       RESERVED
+CVE-2020-13201
+       RESERVED
+CVE-2020-13200
+       RESERVED
+CVE-2020-13199
+       RESERVED
+CVE-2020-13198
+       RESERVED
+CVE-2020-13197
+       RESERVED
+CVE-2020-13196
+       RESERVED
+CVE-2020-13195
+       RESERVED
+CVE-2020-13194
+       RESERVED
+CVE-2020-13193
+       RESERVED
+CVE-2020-13192
+       RESERVED
+CVE-2020-13191
+       RESERVED
+CVE-2020-13190
+       RESERVED
+CVE-2020-13189
+       RESERVED
+CVE-2020-13188
+       RESERVED
+CVE-2020-13187
+       RESERVED
+CVE-2020-13186
+       RESERVED
+CVE-2020-13185
        RESERVED
-CVE-2020-13164
+CVE-2020-13184
        RESERVED
-CVE-2020-13163
+CVE-2020-13183
        RESERVED
+CVE-2020-13182
+       RESERVED
+CVE-2020-13181
+       RESERVED
+CVE-2020-13180
+       RESERVED
+CVE-2020-13179
+       RESERVED
+CVE-2020-13178
+       RESERVED
+CVE-2020-13177
+       RESERVED
+CVE-2020-13176
+       RESERVED
+CVE-2020-13175
+       RESERVED
+CVE-2020-13174
+       RESERVED
+CVE-2020-13173
+       RESERVED
+CVE-2020-13172
+       RESERVED
+CVE-2020-13171
+       RESERVED
+CVE-2020-13170
+       RESERVED
+CVE-2020-13169
+       RESERVED
+CVE-2020-13168
+       RESERVED
+CVE-2020-13167 (Netsweeper through 6.4.3 allows unauthenticated remote code 
execution  ...)
+       TODO: check
+CVE-2020-13166 (The management tool in MyLittleAdmin 3.8 allows remote 
attackers to ex ...)
+       TODO: check
+CVE-2020-13165
+       RESERVED
+CVE-2020-13164 (In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 
2.6.16, the ...)
+       TODO: check
+CVE-2020-13163 (em-imap 0.5 uses the library eventmachine in an insecure way 
that allo ...)
+       TODO: check
 CVE-2020-13162
        RESERVED
 CVE-2020-13161
@@ -2587,16 +2707,16 @@ CVE-2020-12040
        RESERVED
 CVE-2020-12039
        RESERVED
-CVE-2020-12038
-       RESERVED
+CVE-2020-12038 (Products that use EDS Subsystem: Version 28.0.1 and prior 
(FactoryTalk ...)
+       TODO: check
 CVE-2020-12037
        RESERVED
 CVE-2020-12036
        RESERVED
 CVE-2020-12035
        RESERVED
-CVE-2020-12034
-       RESERVED
+CVE-2020-12034 (Products that use EDS Subsystem: Version 28.0.1 and prior 
(FactoryTalk ...)
+       TODO: check
 CVE-2020-12033
        RESERVED
 CVE-2020-12032
@@ -4083,8 +4203,8 @@ CVE-2019-20638 (NETGEAR MR1100 devices before 12.06.08.00 
are affected by disclo
        NOT-FOR-US: Netgear
 CVE-2020-11767 (Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak 
issue. I ...)
        NOT-FOR-US: itsio
-CVE-2020-11766
-       RESERVED
+CVE-2020-11766 (sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX 
Enterprise Web I ...)
+       TODO: check
 CVE-2020-11765 (An issue was discovered in OpenEXR before 2.4.1. There is an 
off-by-on ...)
        [experimental] - openexr 2.5.0-1
        - openexr <unfixed> (bug #959444)
@@ -9476,8 +9596,8 @@ CVE-2020-9755
        RESERVED
 CVE-2020-9754
        RESERVED
-CVE-2020-9753
-       RESERVED
+CVE-2020-9753 (Whale Browser Installer before 1.2.0.5 versions don't support 
signatur ...)
+       TODO: check
 CVE-2020-9752 (Naver Cloud Explorer before 2.2.2.11 allows the attacker can 
move a lo ...)
        NOT-FOR-US: Naver Cloud Explorer
 CVE-2020-9751 (Naver Cloud Explorer before 2.2.2.11 allows the system to 
download an  ...)
@@ -14385,8 +14505,8 @@ CVE-2020-7658
        RESERVED
 CVE-2020-7657
        RESERVED
-CVE-2020-7656
-       RESERVED
+CVE-2020-7656 (jquery prior to 1.9.0 allows Cross-site Scripting attacks via 
the load ...)
+       TODO: check
 CVE-2020-7655
        RESERVED
 CVE-2020-7654
@@ -15520,12 +15640,12 @@ CVE-2020-7141
        RESERVED
 CVE-2020-7140
        RESERVED
-CVE-2020-7139
-       RESERVED
-CVE-2020-7138
-       RESERVED
-CVE-2020-7137
-       RESERVED
+CVE-2020-7139 (Potential remote access security vulnerabilities have been 
identified  ...)
+       TODO: check
+CVE-2020-7138 (Potential remote code execution security vulnerabilities have 
been ide ...)
+       TODO: check
+CVE-2020-7137 (A validation issue in HPE Superdome Flex's RMC component may 
allow loc ...)
+       TODO: check
 CVE-2020-7136 (A security vulnerability in HPE Smart Update Manager (SUM) 
prior to ve ...)
        NOT-FOR-US: HPE Smart Update Manager (SUM)
 CVE-2020-7135 (A potential security vulnerability has been identified in the 
disk dri ...)
@@ -25530,6 +25650,7 @@ CVE-2020-3343
 CVE-2020-3342
        RESERVED
 CVE-2020-3341 (A vulnerability in the PDF archive parsing module in Clam 
AntiVirus (C ...)
+       {DLA-2215-1}
        - clamav 0.102.3+dfsg-1
        [buster] - clamav <no-dsa> (ClamAV is updated via -updates)
        [stretch] - clamav <no-dsa> (ClamAV is updated via -updates)
@@ -25561,6 +25682,7 @@ CVE-2020-3329 (A vulnerability in role-based access 
control of Cisco Integrated
 CVE-2020-3328
        RESERVED
 CVE-2020-3327 (A vulnerability in the ARJ archive parsing module in Clam 
AntiVirus (C ...)
+       {DLA-2215-1}
        - clamav 0.102.3+dfsg-1
        [buster] - clamav <no-dsa> (ClamAV is updated via -updates)
        [stretch] - clamav <no-dsa> (ClamAV is updated via -updates)
@@ -28823,10 +28945,10 @@ CVE-2020-2027
        RESERVED
 CVE-2020-2026
        RESERVED
-CVE-2020-2025
-       RESERVED
-CVE-2020-2024
-       RESERVED
+CVE-2020-2025 (Kata Containers before 1.11.0 on Cloud Hypervisor persists 
guest files ...)
+       TODO: check
+CVE-2020-2024 (An improper link resolution vulnerability affects Kata 
Containers vers ...)
+       TODO: check
 CVE-2020-2023
        RESERVED
 CVE-2020-2022



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e451b0ebc468a07a015eaf25250d3e58470599bc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e451b0ebc468a07a015eaf25250d3e58470599bc
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to