Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a1fa9308 by security tracker role at 2020-10-16T08:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,37 @@ +CVE-2020-27177 + RESERVED +CVE-2020-27176 (Mutation XSS exists in Mark Text through 0.16.2 that leads to Remote C ...) + TODO: check +CVE-2020-27175 + RESERVED +CVE-2020-27174 (In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the ...) + TODO: check +CVE-2020-27173 (In vm-superio before 0.1.1, the serial console FIFO can grow to unlimi ...) + TODO: check +CVE-2020-27172 + RESERVED +CVE-2020-27171 + RESERVED +CVE-2020-27170 + RESERVED +CVE-2020-27169 + RESERVED +CVE-2020-27168 + RESERVED +CVE-2020-27167 + RESERVED +CVE-2020-27166 + RESERVED +CVE-2020-27165 + RESERVED +CVE-2020-27164 + RESERVED +CVE-2020-27163 (phpRedisAdmin before 1.13.2 allows XSS via the login.php username para ...) + TODO: check +CVE-2020-27162 + RESERVED +CVE-2020-27161 + RESERVED CVE-2020-27160 RESERVED CVE-2020-27159 @@ -434,8 +468,8 @@ CVE-2020-26945 (MyBatis before 3.5.6 mishandles deserialization of object stream NOT-FOR-US: MyBatis CVE-2020-26944 RESERVED -CVE-2020-26943 - RESERVED +CVE-2020-26943 (An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2. ...) + TODO: check CVE-2020-26942 RESERVED CVE-2020-26941 @@ -1159,10 +1193,10 @@ CVE-2020-26586 RESERVED CVE-2020-26585 RESERVED -CVE-2020-26584 - RESERVED -CVE-2020-26583 - RESERVED +CVE-2020-26584 (An issue was discovered in Sage DPW 2020_06_x before 2020_06_002. The ...) + TODO: check +CVE-2020-26583 (An issue was discovered in Sage DPW 2020_06_x before 2020_06_002. It a ...) + TODO: check CVE-2020-26582 (D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users ...) NOT-FOR-US: D-Link CVE-2020-26581 @@ -2799,8 +2833,7 @@ CVE-2020-25831 RESERVED CVE-2020-25830 (An issue was discovered in MantisBT before 2.24.3. Improper escaping o ...) - mantis <removed> -CVE-2020-25829 [cache pollution issue] - RESERVED +CVE-2020-25829 (An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x befo ...) - pdns-recursor <unfixed> (bug #972159) NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html CVE-2020-25828 (An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through ...) @@ -6114,8 +6147,7 @@ CVE-2020-24354 (Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and p NOT-FOR-US: Zyxel CVE-2020-24353 RESERVED -CVE-2020-24352 - RESERVED +CVE-2020-24352 (An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory ...) - qemu <unfixed> (unimportant; bug #968820) [buster] - qemu <not-affected> (Vulnerable code introduced in ATI VGA device emulation added later) [stretch] - qemu <not-affected> (Vulnerable code introduced later) @@ -27968,8 +28000,8 @@ CVE-2020-14187 RESERVED CVE-2020-14186 RESERVED -CVE-2020-14185 - RESERVED +CVE-2020-14185 (Affected versions of Jira Server allow remote unauthenticated attacker ...) + TODO: check CVE-2020-14184 (Affected versions of Atlassian Jira Server allow remote attackers to i ...) NOT-FOR-US: Atlassian CVE-2020-14183 (Affected versions of Jira Server & Data Center allow a remote atta ...) @@ -70220,8 +70252,8 @@ CVE-2019-17642 (An issue was discovered in Centreon before 18.10.8, 19.10.1, and - centreon-web <itp> (bug #913903) CVE-2019-17641 RESERVED -CVE-2019-17640 - RESERVED +CVE-2019-17640 (In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone ...) + TODO: check CVE-2019-17639 (In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling th ...) NOT-FOR-US: IBM JDK specific issue on on AIX and Linux on the Power platform CVE-2019-17638 (In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in ca ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1fa9308054776cc44e1bfed5b6589fde9a475db -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1fa9308054776cc44e1bfed5b6589fde9a475db You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits