[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 16 Oct 2020 01:11:24 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a1fa9308 by security tracker role at 2020-10-16T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2020-27177
+       RESERVED
+CVE-2020-27176 (Mutation XSS exists in Mark Text through 0.16.2 that leads to 
Remote C ...)
+       TODO: check
+CVE-2020-27175
+       RESERVED
+CVE-2020-27174 (In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 
0.22.1, the ...)
+       TODO: check
+CVE-2020-27173 (In vm-superio before 0.1.1, the serial console FIFO can grow 
to unlimi ...)
+       TODO: check
+CVE-2020-27172
+       RESERVED
+CVE-2020-27171
+       RESERVED
+CVE-2020-27170
+       RESERVED
+CVE-2020-27169
+       RESERVED
+CVE-2020-27168
+       RESERVED
+CVE-2020-27167
+       RESERVED
+CVE-2020-27166
+       RESERVED
+CVE-2020-27165
+       RESERVED
+CVE-2020-27164
+       RESERVED
+CVE-2020-27163 (phpRedisAdmin before 1.13.2 allows XSS via the login.php 
username para ...)
+       TODO: check
+CVE-2020-27162
+       RESERVED
+CVE-2020-27161
+       RESERVED
 CVE-2020-27160
        RESERVED
 CVE-2020-27159
@@ -434,8 +468,8 @@ CVE-2020-26945 (MyBatis before 3.5.6 mishandles 
deserialization of object stream
        NOT-FOR-US: MyBatis
 CVE-2020-26944
        RESERVED
-CVE-2020-26943
-       RESERVED
+CVE-2020-26943 (An issue was discovered in OpenStack blazar-dashboard before 
1.3.1, 2. ...)
+       TODO: check
 CVE-2020-26942
        RESERVED
 CVE-2020-26941
@@ -1159,10 +1193,10 @@ CVE-2020-26586
        RESERVED
 CVE-2020-26585
        RESERVED
-CVE-2020-26584
-       RESERVED
-CVE-2020-26583
-       RESERVED
+CVE-2020-26584 (An issue was discovered in Sage DPW 2020_06_x before 
2020_06_002. The  ...)
+       TODO: check
+CVE-2020-26583 (An issue was discovered in Sage DPW 2020_06_x before 
2020_06_002. It a ...)
+       TODO: check
 CVE-2020-26582 (D-Link DAP-1360U before 3.0.1 devices allow remote 
authenticated users ...)
        NOT-FOR-US: D-Link
 CVE-2020-26581
@@ -2799,8 +2833,7 @@ CVE-2020-25831
        RESERVED
 CVE-2020-25830 (An issue was discovered in MantisBT before 2.24.3. Improper 
escaping o ...)
        - mantis <removed>
-CVE-2020-25829 [cache pollution issue]
-       RESERVED
+CVE-2020-25829 (An issue has been found in PowerDNS Recursor before 4.1.18, 
4.2.x befo ...)
        - pdns-recursor <unfixed> (bug #972159)
        NOTE: 
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html
 CVE-2020-25828 (An issue was discovered in MediaWiki before 1.31.10 and 1.32.x 
through ...)
@@ -6114,8 +6147,7 @@ CVE-2020-24354 (Zyxel VMG5313-B30B router on firmware 
5.13(ABCJ.6)b3_1127, and p
        NOT-FOR-US: Zyxel
 CVE-2020-24353
        RESERVED
-CVE-2020-24352
-       RESERVED
+CVE-2020-24352 (An issue was discovered in QEMU through 5.1.0. An 
out-of-bounds memory ...)
        - qemu <unfixed> (unimportant; bug #968820)
        [buster] - qemu <not-affected> (Vulnerable code introduced in ATI VGA 
device emulation added later)
        [stretch] - qemu <not-affected> (Vulnerable code introduced later)
@@ -27968,8 +28000,8 @@ CVE-2020-14187
        RESERVED
 CVE-2020-14186
        RESERVED
-CVE-2020-14185
-       RESERVED
+CVE-2020-14185 (Affected versions of Jira Server allow remote unauthenticated 
attacker ...)
+       TODO: check
 CVE-2020-14184 (Affected versions of Atlassian Jira Server allow remote 
attackers to i ...)
        NOT-FOR-US: Atlassian
 CVE-2020-14183 (Affected versions of Jira Server &amp; Data Center allow a 
remote atta ...)
@@ -70220,8 +70252,8 @@ CVE-2019-17642 (An issue was discovered in Centreon 
before 18.10.8, 19.10.1, and
        - centreon-web <itp> (bug #913903)
 CVE-2019-17641
        RESERVED
-CVE-2019-17640
-       RESERVED
+CVE-2019-17640 (In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 
4.0.0.milestone ...)
+       TODO: check
 CVE-2019-17639 (In Eclipse OpenJ9 prior to version 0.21 on Power platforms, 
calling th ...)
        NOT-FOR-US: IBM JDK specific issue on on AIX and Linux on the Power 
platform
 CVE-2019-17638 (In Eclipse Jetty, versions 9.4.27.v20200227 to 
9.4.29.v20200521, in ca ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1fa9308054776cc44e1bfed5b6589fde9a475db

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1fa9308054776cc44e1bfed5b6589fde9a475db
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to