Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 01b2e85a by security tracker role at 2020-12-07T20:10:21+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,15 @@ +CVE-2020-29597 + RESERVED +CVE-2020-29596 + RESERVED +CVE-2020-29595 (PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 ...) + TODO: check +CVE-2020-29594 + RESERVED +CVE-2020-29593 + RESERVED +CVE-2020-29592 + RESERVED CVE-2020-29591 RESERVED CVE-2020-29590 @@ -2086,8 +2098,8 @@ CVE-2020-28729 RESERVED CVE-2020-28728 RESERVED -CVE-2020-28727 - RESERVED +CVE-2020-28727 (Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid p ...) + TODO: check CVE-2020-28726 (Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 parameter ...) NOT-FOR-US: SeedDMS CVE-2020-28725 @@ -8918,8 +8930,8 @@ CVE-2020-27152 (An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kv NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1888886 NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=208767 NOTE: https://git.kernel.org/linus/77377064c3a94911339f13ce113b3abf265e06da -CVE-2020-27151 - RESERVED +CVE-2020-27151 (An issue was discovered in Kata Containers through 1.11.3 and 2.x thro ...) + TODO: check CVE-2020-27153 (In BlueZ before 5.55, a double free was found in the gatttool disconne ...) {DLA-2410-1} - bluez 5.55-1 @@ -10387,8 +10399,8 @@ CVE-2020-26515 RESERVED CVE-2020-26514 RESERVED -CVE-2020-26513 - RESERVED +CVE-2020-26513 (An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP ...) + TODO: check CVE-2020-26512 RESERVED CVE-2020-26511 (The wpo365-login plugin before v11.7 for WordPress allows use of a sym ...) @@ -11234,8 +11246,8 @@ CVE-2020-26124 (openmediavault before 4.1.36 and 5.x before 5.5.12 allows authen NOT-FOR-US: openmediavault CVE-2020-26123 RESERVED -CVE-2020-26122 - RESERVED +CVE-2020-26122 (Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remot ...) + TODO: check CVE-2020-26121 (An issue was discovered in the FileImporter extension for MediaWiki be ...) NOT-FOR-US: FileImporter MediaWiki extension CVE-2020-26120 (XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 ...) @@ -38118,8 +38130,8 @@ CVE-2020-13947 RESERVED CVE-2020-13946 (In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.1 ...) - cassandra <itp> (bug #585905) -CVE-2020-13945 - RESERVED +CVE-2020-13945 (In Apache APISIX, the user enabled the Admin API and deleted the Admin ...) + TODO: check CVE-2020-13944 (In Apache Airflow < 1.10.12, the "origin" parameter passed to some ...) - airflow <itp> (bug #819700) CVE-2020-13943 (If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7 ...) @@ -51752,8 +51764,8 @@ CVE-2020-9249 (HUAWEI P30 smartphones with versions earlier than 10.1.0.160(C00E NOT-FOR-US: Huawei CVE-2020-9248 (Huawei FusionComput 8.0.0 have an improper authorization vulnerability ...) NOT-FOR-US: Huawei -CVE-2020-9247 - RESERVED +CVE-2020-9247 (There is a buffer overflow vulnerability in several Huawei products. T ...) + TODO: check CVE-2020-9246 (FusionCompute 8.0.0 has an information leak vulnerability. A module do ...) NOT-FOR-US: Huawei CVE-2020-9245 (HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUA ...) @@ -60423,12 +60435,12 @@ CVE-2020-5802 RESERVED CVE-2020-5801 RESERVED -CVE-2020-5800 - RESERVED -CVE-2020-5799 - RESERVED -CVE-2020-5798 - RESERVED +CVE-2020-5800 (The Eat Spray Love mobile app for both iOS and Android contains logic ...) + TODO: check +CVE-2020-5799 (The Eat Spray Love mobile app for both iOS and Android contains a back ...) + TODO: check +CVE-2020-5798 (inSync Client installer for macOS versions v6.8.0 and prior could allo ...) + TODO: check CVE-2020-5797 (UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180 ...) NOT-FOR-US: TP-Link CVE-2020-5796 (Improper preservation of permissions in Nagios XI 5.7.4 allows a local ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01b2e85a2ea0c405d2dce9d0dd9ace8c2145124c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01b2e85a2ea0c405d2dce9d0dd9ace8c2145124c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits