Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f63caf44 by security tracker role at 2020-10-21T08:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,493 @@
+CVE-2020-27600
+ RESERVED
+CVE-2020-27599
+ RESERVED
+CVE-2020-27598
+ RESERVED
+CVE-2020-27597
+ RESERVED
+CVE-2020-27596
+ RESERVED
+CVE-2020-27595
+ RESERVED
+CVE-2020-27594
+ RESERVED
+CVE-2020-27593
+ RESERVED
+CVE-2020-27592
+ RESERVED
+CVE-2020-27591
+ RESERVED
+CVE-2020-27590
+ RESERVED
+CVE-2020-27589
+ RESERVED
+CVE-2020-27588
+ RESERVED
+CVE-2020-27587
+ RESERVED
+CVE-2020-27586
+ RESERVED
+CVE-2020-27585
+ RESERVED
+CVE-2020-27584
+ RESERVED
+CVE-2020-27583
+ RESERVED
+CVE-2020-27582
+ RESERVED
+CVE-2020-27581
+ RESERVED
+CVE-2020-27580
+ RESERVED
+CVE-2020-27579
+ RESERVED
+CVE-2020-27578
+ RESERVED
+CVE-2020-27577
+ RESERVED
+CVE-2020-27576
+ RESERVED
+CVE-2020-27575
+ RESERVED
+CVE-2020-27574
+ RESERVED
+CVE-2020-27573
+ RESERVED
+CVE-2020-27572
+ RESERVED
+CVE-2020-27571
+ RESERVED
+CVE-2020-27570
+ RESERVED
+CVE-2020-27569
+ RESERVED
+CVE-2020-27568
+ RESERVED
+CVE-2020-27567
+ RESERVED
+CVE-2020-27566
+ RESERVED
+CVE-2020-27565
+ RESERVED
+CVE-2020-27564
+ RESERVED
+CVE-2020-27563
+ RESERVED
+CVE-2020-27562
+ RESERVED
+CVE-2020-27561
+ RESERVED
+CVE-2020-27560
+ RESERVED
+CVE-2020-27559
+ RESERVED
+CVE-2020-27558
+ RESERVED
+CVE-2020-27557
+ RESERVED
+CVE-2020-27556
+ RESERVED
+CVE-2020-27555
+ RESERVED
+CVE-2020-27554
+ RESERVED
+CVE-2020-27553
+ RESERVED
+CVE-2020-27552
+ RESERVED
+CVE-2020-27551
+ RESERVED
+CVE-2020-27550
+ RESERVED
+CVE-2020-27549
+ RESERVED
+CVE-2020-27548
+ RESERVED
+CVE-2020-27547
+ RESERVED
+CVE-2020-27546
+ RESERVED
+CVE-2020-27545
+ RESERVED
+CVE-2020-27544
+ RESERVED
+CVE-2020-27543
+ RESERVED
+CVE-2020-27542
+ RESERVED
+CVE-2020-27541
+ RESERVED
+CVE-2020-27540
+ RESERVED
+CVE-2020-27539
+ RESERVED
+CVE-2020-27538
+ RESERVED
+CVE-2020-27537
+ RESERVED
+CVE-2020-27536
+ RESERVED
+CVE-2020-27535
+ RESERVED
+CVE-2020-27534
+ RESERVED
+CVE-2020-27533
+ RESERVED
+CVE-2020-27532
+ RESERVED
+CVE-2020-27531
+ RESERVED
+CVE-2020-27530
+ RESERVED
+CVE-2020-27529
+ RESERVED
+CVE-2020-27528
+ RESERVED
+CVE-2020-27527
+ RESERVED
+CVE-2020-27526
+ RESERVED
+CVE-2020-27525
+ RESERVED
+CVE-2020-27524
+ RESERVED
+CVE-2020-27523
+ RESERVED
+CVE-2020-27522
+ RESERVED
+CVE-2020-27521
+ RESERVED
+CVE-2020-27520
+ RESERVED
+CVE-2020-27519
+ RESERVED
+CVE-2020-27518
+ RESERVED
+CVE-2020-27517
+ RESERVED
+CVE-2020-27516
+ RESERVED
+CVE-2020-27515
+ RESERVED
+CVE-2020-27514
+ RESERVED
+CVE-2020-27513
+ RESERVED
+CVE-2020-27512
+ RESERVED
+CVE-2020-27511
+ RESERVED
+CVE-2020-27510
+ RESERVED
+CVE-2020-27509
+ RESERVED
+CVE-2020-27508
+ RESERVED
+CVE-2020-27507
+ RESERVED
+CVE-2020-27506
+ RESERVED
+CVE-2020-27505
+ RESERVED
+CVE-2020-27504
+ RESERVED
+CVE-2020-27503
+ RESERVED
+CVE-2020-27502
+ RESERVED
+CVE-2020-27501
+ RESERVED
+CVE-2020-27500
+ RESERVED
+CVE-2020-27499
+ RESERVED
+CVE-2020-27498
+ RESERVED
+CVE-2020-27497
+ RESERVED
+CVE-2020-27496
+ RESERVED
+CVE-2020-27495
+ RESERVED
+CVE-2020-27494
+ RESERVED
+CVE-2020-27493
+ RESERVED
+CVE-2020-27492
+ RESERVED
+CVE-2020-27491
+ RESERVED
+CVE-2020-27490
+ RESERVED
+CVE-2020-27489
+ RESERVED
+CVE-2020-27488
+ RESERVED
+CVE-2020-27487
+ RESERVED
+CVE-2020-27486
+ RESERVED
+CVE-2020-27485
+ RESERVED
+CVE-2020-27484
+ RESERVED
+CVE-2020-27483
+ RESERVED
+CVE-2020-27482
+ RESERVED
+CVE-2020-27481
+ RESERVED
+CVE-2020-27480
+ RESERVED
+CVE-2020-27479
+ RESERVED
+CVE-2020-27478
+ RESERVED
+CVE-2020-27477
+ RESERVED
+CVE-2020-27476
+ RESERVED
+CVE-2020-27475
+ RESERVED
+CVE-2020-27474
+ RESERVED
+CVE-2020-27473
+ RESERVED
+CVE-2020-27472
+ RESERVED
+CVE-2020-27471
+ RESERVED
+CVE-2020-27470
+ RESERVED
+CVE-2020-27469
+ RESERVED
+CVE-2020-27468
+ RESERVED
+CVE-2020-27467
+ RESERVED
+CVE-2020-27466
+ RESERVED
+CVE-2020-27465
+ RESERVED
+CVE-2020-27464
+ RESERVED
+CVE-2020-27463
+ RESERVED
+CVE-2020-27462
+ RESERVED
+CVE-2020-27461
+ RESERVED
+CVE-2020-27460
+ RESERVED
+CVE-2020-27459
+ RESERVED
+CVE-2020-27458
+ RESERVED
+CVE-2020-27457
+ RESERVED
+CVE-2020-27456
+ RESERVED
+CVE-2020-27455
+ RESERVED
+CVE-2020-27454
+ RESERVED
+CVE-2020-27453
+ RESERVED
+CVE-2020-27452
+ RESERVED
+CVE-2020-27451
+ RESERVED
+CVE-2020-27450
+ RESERVED
+CVE-2020-27449
+ RESERVED
+CVE-2020-27448
+ RESERVED
+CVE-2020-27447
+ RESERVED
+CVE-2020-27446
+ RESERVED
+CVE-2020-27445
+ RESERVED
+CVE-2020-27444
+ RESERVED
+CVE-2020-27443
+ RESERVED
+CVE-2020-27442
+ RESERVED
+CVE-2020-27441
+ RESERVED
+CVE-2020-27440
+ RESERVED
+CVE-2020-27439
+ RESERVED
+CVE-2020-27438
+ RESERVED
+CVE-2020-27437
+ RESERVED
+CVE-2020-27436
+ RESERVED
+CVE-2020-27435
+ RESERVED
+CVE-2020-27434
+ RESERVED
+CVE-2020-27433
+ RESERVED
+CVE-2020-27432
+ RESERVED
+CVE-2020-27431
+ RESERVED
+CVE-2020-27430
+ RESERVED
+CVE-2020-27429
+ RESERVED
+CVE-2020-27428
+ RESERVED
+CVE-2020-27427
+ RESERVED
+CVE-2020-27426
+ RESERVED
+CVE-2020-27425
+ RESERVED
+CVE-2020-27424
+ RESERVED
+CVE-2020-27423
+ RESERVED
+CVE-2020-27422
+ RESERVED
+CVE-2020-27421
+ RESERVED
+CVE-2020-27420
+ RESERVED
+CVE-2020-27419
+ RESERVED
+CVE-2020-27418
+ RESERVED
+CVE-2020-27417
+ RESERVED
+CVE-2020-27416
+ RESERVED
+CVE-2020-27415
+ RESERVED
+CVE-2020-27414
+ RESERVED
+CVE-2020-27413
+ RESERVED
+CVE-2020-27412
+ RESERVED
+CVE-2020-27411
+ RESERVED
+CVE-2020-27410
+ RESERVED
+CVE-2020-27409
+ RESERVED
+CVE-2020-27408
+ RESERVED
+CVE-2020-27407
+ RESERVED
+CVE-2020-27406
+ RESERVED
+CVE-2020-27405
+ RESERVED
+CVE-2020-27404
+ RESERVED
+CVE-2020-27403
+ RESERVED
+CVE-2020-27402
+ RESERVED
+CVE-2020-27401
+ RESERVED
+CVE-2020-27400
+ RESERVED
+CVE-2020-27399
+ RESERVED
+CVE-2020-27398
+ RESERVED
+CVE-2020-27397
+ RESERVED
+CVE-2020-27396
+ RESERVED
+CVE-2020-27395
+ RESERVED
+CVE-2020-27394
+ RESERVED
+CVE-2020-27393
+ RESERVED
+CVE-2020-27392
+ RESERVED
+CVE-2020-27391
+ RESERVED
+CVE-2020-27390
+ RESERVED
+CVE-2020-27389
+ RESERVED
+CVE-2020-27388
+ RESERVED
+CVE-2020-27387
+ RESERVED
+CVE-2020-27386
+ RESERVED
+CVE-2020-27385
+ RESERVED
+CVE-2020-27384
+ RESERVED
+CVE-2020-27383
+ RESERVED
+CVE-2020-27382
+ RESERVED
+CVE-2020-27381
+ RESERVED
+CVE-2020-27380
+ RESERVED
+CVE-2020-27379
+ RESERVED
+CVE-2020-27378
+ RESERVED
+CVE-2020-27377
+ RESERVED
+CVE-2020-27376
+ RESERVED
+CVE-2020-27375
+ RESERVED
+CVE-2020-27374
+ RESERVED
+CVE-2020-27373
+ RESERVED
+CVE-2020-27372
+ RESERVED
+CVE-2020-27371
+ RESERVED
+CVE-2020-27370
+ RESERVED
+CVE-2020-27369
+ RESERVED
+CVE-2020-27368
+ RESERVED
+CVE-2020-27367
+ RESERVED
+CVE-2020-27366
+ RESERVED
+CVE-2020-27365
+ RESERVED
+CVE-2020-27364
+ RESERVED
+CVE-2020-27363
+ RESERVED
+CVE-2020-27362
+ RESERVED
+CVE-2020-27361
+ RESERVED
+CVE-2020-27360
+ RESERVED
+CVE-2020-27359
+ RESERVED
+CVE-2020-27358
+ RESERVED
+CVE-2020-27357
+ RESERVED
+CVE-2020-27356
+ RESERVED
CVE-2020-27355
RESERVED
CVE-2020-27354
@@ -928,10 +1418,10 @@ CVE-2020-26898 (NETGEAR RAX40 devices before 1.0.3.80
are affected by incorrect
NOT-FOR-US: Netgear
CVE-2020-26897 (Certain NETGEAR devices are affected by disclosure of
administrative c ...)
NOT-FOR-US: Netgear
-CVE-2020-26896
- RESERVED
-CVE-2020-26895
- RESERVED
+CVE-2020-26896 (Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a
vulnerabili ...)
+ TODO: check
+CVE-2020-26895 (Prior to 0.10.0-beta, LND (Lightning Network Daemon) would
have accept ...)
+ TODO: check
CVE-2020-26894 (Faulkner Wildlife Issues in the New Millennium 18.0.160 on
Windows all ...)
NOT-FOR-US: New Millennium
CVE-2020-26893 (An issue was discovered in ClamXAV 3 before 3.1.1. A malicious
actor c ...)
@@ -3628,8 +4118,7 @@ CVE-2020-25649
- jackson-databind 2.11.1-1
NOTE: https://github.com/FasterXML/jackson-databind/issues/2589
NOTE:
https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59
(jackson-databind-2.11.0.rc1)
-CVE-2020-25648 [Tighten CCS handling for middlebox compatibility mode]
- RESERVED
+CVE-2020-25648 (A flaw was found in the way NSS handled CCS (ChangeCipherSpec)
message ...)
- nss 2:3.58-1
NOTE:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1641480 (private)
@@ -4771,8 +5260,8 @@ CVE-2020-25159
RESERVED
CVE-2020-25158
RESERVED
-CVE-2020-25157
- RESERVED
+CVE-2020-25157 (The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL
injection ...)
+ TODO: check
CVE-2020-25156
RESERVED
CVE-2020-25155
@@ -5611,8 +6100,8 @@ CVE-2020-24767
RESERVED
CVE-2020-24766
RESERVED
-CVE-2020-24765
- RESERVED
+CVE-2020-24765 (InterMind iMind Server through 3.13.65 allows remote
unauthenticated a ...)
+ TODO: check
CVE-2020-24764
RESERVED
CVE-2020-24763
@@ -6373,22 +6862,22 @@ CVE-2020-24418
RESERVED
CVE-2020-24417
RESERVED
-CVE-2020-24416
- RESERVED
-CVE-2020-24415
- RESERVED
-CVE-2020-24414
- RESERVED
-CVE-2020-24413
- RESERVED
-CVE-2020-24412
- RESERVED
-CVE-2020-24411
- RESERVED
-CVE-2020-24410
- RESERVED
-CVE-2020-24409
- RESERVED
+CVE-2020-24416 (Marketo Sales Insight plugin version 1.4355 (and earlier) is
affected ...)
+ TODO: check
+CVE-2020-24415 (Adobe Illustrator version 24.1.2 (and earlier) is affected by
a memory ...)
+ TODO: check
+CVE-2020-24414 (Adobe Illustrator version 24.1.2 (and earlier) is affected by
a memory ...)
+ TODO: check
+CVE-2020-24413 (Adobe Illustrator version 24.1.2 (and earlier) is affected by
a memory ...)
+ TODO: check
+CVE-2020-24412 (Adobe Illustrator version 24.1.2 (and earlier) is affected by
a memory ...)
+ TODO: check
+CVE-2020-24411 (Adobe Illustrator version 24.2 (and earlier) is affected by an
out-of- ...)
+ TODO: check
+CVE-2020-24410 (Adobe Illustrator version 24.2 (and earlier) is affected by an
out-of- ...)
+ TODO: check
+CVE-2020-24409 (Adobe Illustrator version 24.2 (and earlier) is affected by an
out-of- ...)
+ TODO: check
CVE-2020-24408 (Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected
by a per ...)
NOT-FOR-US: Magento
CVE-2020-24407
@@ -23699,8 +24188,8 @@ CVE-2020-15933
RESERVED
CVE-2020-15932 (Overwolf before 0.149.2.30 mishandles Symbolic Links during
updates, c ...)
NOT-FOR-US: Overwolf
-CVE-2020-15931
- RESERVED
+CVE-2020-15931 (Netwrix Account Lockout Examiner before 5.1 allows remote
attackers to ...)
+ TODO: check
CVE-2020-15930 (An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows
arbitrary cod ...)
NOT-FOR-US: Joplin desktop
CVE-2020-15929
@@ -25453,8 +25942,8 @@ CVE-2020-15271
RESERVED
CVE-2020-15270
RESERVED
-CVE-2020-15269
- RESERVED
+CVE-2020-15269 (In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired
user tokens ...)
+ TODO: check
CVE-2020-15268
RESERVED
CVE-2020-15267
@@ -25463,8 +25952,8 @@ CVE-2020-15266
RESERVED
CVE-2020-15265
RESERVED
-CVE-2020-15264
- RESERVED
+CVE-2020-15264 (The Boxstarter installer before version 2.13.0 configures
C:\ProgramDa ...)
+ TODO: check
CVE-2020-15263 (In platform before version 9.4.4, inline attributes are not
properly e ...)
NOT-FOR-US: Laravel Orchid Platform
CVE-2020-15262 (In webpack-subresource-integrity before version 1.5.1, all
dynamically ...)
@@ -25642,7 +26131,7 @@ CVE-2020-15181 (The Alfresco Reset Password add-on
before version 1.2.0 relies o
NOT-FOR-US: Alfresco Reset Password add-on
CVE-2020-15180
RESERVED
- {DSA-4776-1}
+ {DSA-4776-1 DLA-2409-1}
- mariadb-10.5 1:10.5.6-1
- mariadb-10.3 <unfixed>
- mariadb-10.1 <removed>
@@ -42169,8 +42658,8 @@ CVE-2020-9429 (In Wireshark 3.2.0 to 3.2.1, the
WireGuard dissector could crash.
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a2530f740d67d41908e84434bb5ec99480c2ac2e
CVE-2020-9418 (An untrusted search path vulnerability in the installer of
PDFescape D ...)
NOT-FOR-US: PDFescape
-CVE-2020-9417
- RESERVED
+CVE-2020-9417 (The Transaction Insight reporting component of TIBCO Software
Inc.'s T ...)
+ TODO: check
CVE-2020-9416 (The Spotfire client component of TIBCO Software Inc.'s TIBCO
Spotfire ...)
NOT-FOR-US: TIBCO
CVE-2020-9415 (The TIBCO Data Virtualization Server component of TIBCO
Software Inc.' ...)
@@ -51269,12 +51758,12 @@ CVE-2020-5794
RESERVED
CVE-2020-5793
RESERVED
-CVE-2020-5792
- RESERVED
-CVE-2020-5791
- RESERVED
-CVE-2020-5790
- RESERVED
+CVE-2020-5792 (Improper neutralization of argument delimiters in a command in
Nagios ...)
+ TODO: check
+CVE-2020-5791 (Improper neutralization of special elements used in an OS
command in N ...)
+ TODO: check
+CVE-2020-5790 (Cross-site request forgery in Nagios XI 5.7.3 allows a remote
attacker ...)
+ TODO: check
CVE-2020-5789 (Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3
allows ...)
NOT-FOR-US: Teltonika
CVE-2020-5788 (Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3
allows ...)
@@ -211712,7 +212201,7 @@ CVE-2017-6078 (FastStone MaxView 3.0 and 3.1 allows
user-assisted attackers to c
NOT-FOR-US: FastStone MaxView
CVE-2017-6077 (ping.cgi on NETGEAR DGN2200 devices with firmware through
10.0.0.50 al ...)
NOT-FOR-US: NETGEAR
-CVE-2016-10228 (The iconv program in the GNU C Library (aka glibc or libc6)
2.25 and e ...)
+CVE-2016-10228 (The iconv program in the GNU C Library (aka glibc or libc6)
2.31 and e ...)
- glibc 2.31-3 (low; bug #856503)
[buster] - glibc <no-dsa> (Minor issue)
[stretch] - glibc <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f63caf44a0b821a415ec180e86d39d6d2f07684b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f63caf44a0b821a415ec180e86d39d6d2f07684b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
