Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: eb78de54 by security tracker role at 2020-11-05T08:10:26+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1291,14 +1291,14 @@ CVE-2020-27693 CVE-2017-18925 (opentmpfiles through 0.3.1 allows local users to take ownership of arb ...) - opentmpfiles <unfixed> (bug #973242) NOTE: https://github.com/OpenRC/opentmpfiles/issues/4 -CVE-2020-27692 - RESERVED -CVE-2020-27691 - RESERVED -CVE-2020-27690 - RESERVED -CVE-2020-27689 - RESERVED +CVE-2020-27692 (The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0 ...) + TODO: check +CVE-2020-27691 (The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0 ...) + TODO: check +CVE-2020-27690 (The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0 ...) + TODO: check +CVE-2020-27689 (The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0 ...) + TODO: check CVE-2020-27688 RESERVED CVE-2020-27687 @@ -2343,8 +2343,8 @@ CVE-2020-27389 RESERVED CVE-2020-27388 (Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in th ...) NOT-FOR-US: YOURLS Admin Panel -CVE-2020-27387 - RESERVED +CVE-2020-27387 (An unrestricted file upload issue in HorizontCMS through 1.0.0-beta al ...) + TODO: check CVE-2020-27386 RESERVED CVE-2020-27385 @@ -4805,8 +4805,8 @@ CVE-2020-26209 RESERVED CVE-2020-26208 RESERVED -CVE-2020-26207 - RESERVED +CVE-2020-26207 (DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary ...) + TODO: check CVE-2020-26206 RESERVED CVE-2020-26205 (Sal is a multi-tenanted reporting dashboard for Munki with the ability ...) @@ -7173,8 +7173,8 @@ CVE-2020-25575 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in the f NOTE: https://github.com/rust-lang-nursery/failure/issues/336 CVE-2020-25202 RESERVED -CVE-2020-25201 - RESERVED +CVE-2020-25201 (HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a names ...) + TODO: check CVE-2020-25200 (Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames ...) NOT-FOR-US: Pritunl CVE-2019-20916 (The pip package before 19.2 for Python allows Directory Traversal when ...) @@ -50300,10 +50300,10 @@ CVE-2020-7131 (This document describes a security vulnerability in Blade Mainten NOT-FOR-US: HPE CVE-2020-7130 (HPE OneView Global Dashboard (OVGD) 1.9 has a remote information discl ...) NOT-FOR-US: HPE -CVE-2020-7129 - RESERVED -CVE-2020-7128 - RESERVED +CVE-2020-7129 (A remote execution of arbitrary commands vulnerability was discovered ...) + TODO: check +CVE-2020-7128 (A remote unauthenticated arbitrary code execution vulnerability was di ...) + TODO: check CVE-2020-7127 (A remote unauthenticated arbitrary code execution vulnerability was di ...) NOT-FOR-US: Aruba CVE-2020-7126 (A remote server-side request forgery (ssrf) vulnerability was discover ...) @@ -105299,8 +105299,8 @@ CVE-2019-7358 (An exploitable heap overflow vulnerability in the DXF-parsing fun NOT-FOR-US: Autodesk CVE-2019-7357 RESERVED -CVE-2019-7356 - RESERVED +CVE-2019-7356 (Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter. ...) + TODO: check CVE-2019-1000024 (OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cro ...) NOT-FOR-US: OPT/NET BV CVE-2019-1000023 (OPT/NET BV OPTOSS Next Gen Network Management System (NG-NetMS) versio ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb78de5471bd1debc43c9c613bd9c2afcd35663b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb78de5471bd1debc43c9c613bd9c2afcd35663b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits