Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eb78de54 by security tracker role at 2020-11-05T08:10:26+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1291,14 +1291,14 @@ CVE-2020-27693
CVE-2017-18925 (opentmpfiles through 0.3.1 allows local users to take
ownership of arb ...)
- opentmpfiles <unfixed> (bug #973242)
NOTE: https://github.com/OpenRC/opentmpfiles/issues/4
-CVE-2020-27692
- RESERVED
-CVE-2020-27691
- RESERVED
-CVE-2020-27690
- RESERVED
-CVE-2020-27689
- RESERVED
+CVE-2020-27692 (The Relish (Verve Connect) VH510 device with firmware before
1.0.1.6L0 ...)
+ TODO: check
+CVE-2020-27691 (The Relish (Verve Connect) VH510 device with firmware before
1.0.1.6L0 ...)
+ TODO: check
+CVE-2020-27690 (The Relish (Verve Connect) VH510 device with firmware before
1.0.1.6L0 ...)
+ TODO: check
+CVE-2020-27689 (The Relish (Verve Connect) VH510 device with firmware before
1.0.1.6L0 ...)
+ TODO: check
CVE-2020-27688
RESERVED
CVE-2020-27687
@@ -2343,8 +2343,8 @@ CVE-2020-27389
RESERVED
CVE-2020-27388 (Multiple Stored Cross Site Scripting (XSS) vulnerabilities
exist in th ...)
NOT-FOR-US: YOURLS Admin Panel
-CVE-2020-27387
- RESERVED
+CVE-2020-27387 (An unrestricted file upload issue in HorizontCMS through
1.0.0-beta al ...)
+ TODO: check
CVE-2020-27386
RESERVED
CVE-2020-27385
@@ -4805,8 +4805,8 @@ CVE-2020-26209
RESERVED
CVE-2020-26208
RESERVED
-CVE-2020-26207
- RESERVED
+CVE-2020-26207 (DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to
arbitrary ...)
+ TODO: check
CVE-2020-26206
RESERVED
CVE-2020-26205 (Sal is a multi-tenanted reporting dashboard for Munki with the
ability ...)
@@ -7173,8 +7173,8 @@ CVE-2020-25575 (** UNSUPPORTED WHEN ASSIGNED ** An issue
was discovered in the f
NOTE: https://github.com/rust-lang-nursery/failure/issues/336
CVE-2020-25202
RESERVED
-CVE-2020-25201
- RESERVED
+CVE-2020-25201 (HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes
a names ...)
+ TODO: check
CVE-2020-25200 (Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN
usernames ...)
NOT-FOR-US: Pritunl
CVE-2019-20916 (The pip package before 19.2 for Python allows Directory
Traversal when ...)
@@ -50300,10 +50300,10 @@ CVE-2020-7131 (This document describes a security
vulnerability in Blade Mainten
NOT-FOR-US: HPE
CVE-2020-7130 (HPE OneView Global Dashboard (OVGD) 1.9 has a remote
information discl ...)
NOT-FOR-US: HPE
-CVE-2020-7129
- RESERVED
-CVE-2020-7128
- RESERVED
+CVE-2020-7129 (A remote execution of arbitrary commands vulnerability was
discovered ...)
+ TODO: check
+CVE-2020-7128 (A remote unauthenticated arbitrary code execution vulnerability
was di ...)
+ TODO: check
CVE-2020-7127 (A remote unauthenticated arbitrary code execution vulnerability
was di ...)
NOT-FOR-US: Aruba
CVE-2020-7126 (A remote server-side request forgery (ssrf) vulnerability was
discover ...)
@@ -105299,8 +105299,8 @@ CVE-2019-7358 (An exploitable heap overflow
vulnerability in the DXF-parsing fun
NOT-FOR-US: Autodesk
CVE-2019-7357
RESERVED
-CVE-2019-7356
- RESERVED
+CVE-2019-7356 (Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE
parameter. ...)
+ TODO: check
CVE-2019-1000024 (OPT/NET BV NG-NetMS version v3.6-2 and earlier versions
contains a Cro ...)
NOT-FOR-US: OPT/NET BV
CVE-2019-1000023 (OPT/NET BV OPTOSS Next Gen Network Management System
(NG-NetMS) versio ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb78de5471bd1debc43c9c613bd9c2afcd35663b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb78de5471bd1debc43c9c613bd9c2afcd35663b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
