[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Mon, 07 Dec 2020 12:10:40 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
01b2e85a by security tracker role at 2020-12-07T20:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2020-29597
+       RESERVED
+CVE-2020-29596
+       RESERVED
+CVE-2020-29595 (PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio 
Professional 2021 ...)
+       TODO: check
+CVE-2020-29594
+       RESERVED
+CVE-2020-29593
+       RESERVED
+CVE-2020-29592
+       RESERVED
 CVE-2020-29591
        RESERVED
 CVE-2020-29590
@@ -2086,8 +2098,8 @@ CVE-2020-28729
        RESERVED
 CVE-2020-28728
        RESERVED
-CVE-2020-28727
-       RESERVED
+CVE-2020-28727 (Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the 
folderid p ...)
+       TODO: check
 CVE-2020-28726 (Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 
parameter  ...)
        NOT-FOR-US: SeedDMS
 CVE-2020-28725
@@ -8918,8 +8930,8 @@ CVE-2020-27152 (An issue was discovered in 
ioapic_lazy_update_eoi in arch/x86/kv
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1888886
        NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=208767
        NOTE: 
https://git.kernel.org/linus/77377064c3a94911339f13ce113b3abf265e06da
-CVE-2020-27151
-       RESERVED
+CVE-2020-27151 (An issue was discovered in Kata Containers through 1.11.3 and 
2.x thro ...)
+       TODO: check
 CVE-2020-27153 (In BlueZ before 5.55, a double free was found in the gatttool 
disconne ...)
        {DLA-2410-1}
        - bluez 5.55-1
@@ -10387,8 +10399,8 @@ CVE-2020-26515
        RESERVED
 CVE-2020-26514
        RESERVED
-CVE-2020-26513
-       RESERVED
+CVE-2020-26513 (An issue was discovered in Intland codeBeamer ALM 10.x through 
10.1.SP ...)
+       TODO: check
 CVE-2020-26512
        RESERVED
 CVE-2020-26511 (The wpo365-login plugin before v11.7 for WordPress allows use 
of a sym ...)
@@ -11234,8 +11246,8 @@ CVE-2020-26124 (openmediavault before 4.1.36 and 5.x 
before 5.5.12 allows authen
        NOT-FOR-US: openmediavault
 CVE-2020-26123
        RESERVED
-CVE-2020-26122
-       RESERVED
+CVE-2020-26122 (Inspur NF5266M5 through 3.21.2 and other server M5 devices 
allow remot ...)
+       TODO: check
 CVE-2020-26121 (An issue was discovered in the FileImporter extension for 
MediaWiki be ...)
        NOT-FOR-US: FileImporter MediaWiki extension
 CVE-2020-26120 (XSS exists in the MobileFrontend extension for MediaWiki 
before 1.34.4 ...)
@@ -38118,8 +38130,8 @@ CVE-2020-13947
        RESERVED
 CVE-2020-13946 (In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 
3.0.22, 3.1 ...)
        - cassandra <itp> (bug #585905)
-CVE-2020-13945
-       RESERVED
+CVE-2020-13945 (In Apache APISIX, the user enabled the Admin API and deleted 
the Admin ...)
+       TODO: check
 CVE-2020-13944 (In Apache Airflow &lt; 1.10.12, the "origin" parameter passed 
to some  ...)
        - airflow <itp> (bug #819700)
 CVE-2020-13943 (If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 
10.0.0-M7 ...)
@@ -51752,8 +51764,8 @@ CVE-2020-9249 (HUAWEI P30 smartphones with versions 
earlier than 10.1.0.160(C00E
        NOT-FOR-US: Huawei
 CVE-2020-9248 (Huawei FusionComput 8.0.0 have an improper authorization 
vulnerability ...)
        NOT-FOR-US: Huawei
-CVE-2020-9247
-       RESERVED
+CVE-2020-9247 (There is a buffer overflow vulnerability in several Huawei 
products. T ...)
+       TODO: check
 CVE-2020-9246 (FusionCompute 8.0.0 has an information leak vulnerability. A 
module do ...)
        NOT-FOR-US: Huawei
 CVE-2020-9245 (HUAWEI P30 versions Versions earlier than 
10.1.0.160(C00E160R2P11);HUA ...)
@@ -60423,12 +60435,12 @@ CVE-2020-5802
        RESERVED
 CVE-2020-5801
        RESERVED
-CVE-2020-5800
-       RESERVED
-CVE-2020-5799
-       RESERVED
-CVE-2020-5798
-       RESERVED
+CVE-2020-5800 (The Eat Spray Love mobile app for both iOS and Android contains 
logic  ...)
+       TODO: check
+CVE-2020-5799 (The Eat Spray Love mobile app for both iOS and Android contains 
a back ...)
+       TODO: check
+CVE-2020-5798 (inSync Client installer for macOS versions v6.8.0 and prior 
could allo ...)
+       TODO: check
 CVE-2020-5797 (UNIX Symbolic Link (Symlink) Following in TP-Link Archer 
C9(US)_V1_180 ...)
        NOT-FOR-US: TP-Link
 CVE-2020-5796 (Improper preservation of permissions in Nagios XI 5.7.4 allows 
a local ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01b2e85a2ea0c405d2dce9d0dd9ace8c2145124c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01b2e85a2ea0c405d2dce9d0dd9ace8c2145124c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to