[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bbd30b26 by security tracker role at 2020-01-08T20:10:39+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,829 @@
+CVE-2020-6583 (BigProf Online Invoicing System (OIS) through 2.6 has XSS that 
can be  ...)
+       TODO: check
+CVE-2020-6582
+       RESERVED
+CVE-2020-6581
+       RESERVED
+CVE-2020-6580
+       RESERVED
+CVE-2020-6579
+       RESERVED
+CVE-2020-6578
+       RESERVED
+CVE-2020-6577
+       RESERVED
+CVE-2020-6576
+       RESERVED
+CVE-2020-6575
+       RESERVED
+CVE-2020-6574
+       RESERVED
+CVE-2020-6573
+       RESERVED
+CVE-2020-6572
+       RESERVED
+CVE-2020-6571
+       RESERVED
+CVE-2020-6570
+       RESERVED
+CVE-2020-6569
+       RESERVED
+CVE-2020-6568
+       RESERVED
+CVE-2020-6567
+       RESERVED
+CVE-2020-6566
+       RESERVED
+CVE-2020-6565
+       RESERVED
+CVE-2020-6564
+       RESERVED
+CVE-2020-6563
+       RESERVED
+CVE-2020-6562
+       RESERVED
+CVE-2020-6561
+       RESERVED
+CVE-2020-6560
+       RESERVED
+CVE-2020-6559
+       RESERVED
+CVE-2020-6558
+       RESERVED
+CVE-2020-6557
+       RESERVED
+CVE-2020-6556
+       RESERVED
+CVE-2020-6555
+       RESERVED
+CVE-2020-6554
+       RESERVED
+CVE-2020-6553
+       RESERVED
+CVE-2020-6552
+       RESERVED
+CVE-2020-6551
+       RESERVED
+CVE-2020-6550
+       RESERVED
+CVE-2020-6549
+       RESERVED
+CVE-2020-6548
+       RESERVED
+CVE-2020-6547
+       RESERVED
+CVE-2020-6546
+       RESERVED
+CVE-2020-6545
+       RESERVED
+CVE-2020-6544
+       RESERVED
+CVE-2020-6543
+       RESERVED
+CVE-2020-6542
+       RESERVED
+CVE-2020-6541
+       RESERVED
+CVE-2020-6540
+       RESERVED
+CVE-2020-6539
+       RESERVED
+CVE-2020-6538
+       RESERVED
+CVE-2020-6537
+       RESERVED
+CVE-2020-6536
+       RESERVED
+CVE-2020-6535
+       RESERVED
+CVE-2020-6534
+       RESERVED
+CVE-2020-6533
+       RESERVED
+CVE-2020-6532
+       RESERVED
+CVE-2020-6531
+       RESERVED
+CVE-2020-6530
+       RESERVED
+CVE-2020-6529
+       RESERVED
+CVE-2020-6528
+       RESERVED
+CVE-2020-6527
+       RESERVED
+CVE-2020-6526
+       RESERVED
+CVE-2020-6525
+       RESERVED
+CVE-2020-6524
+       RESERVED
+CVE-2020-6523
+       RESERVED
+CVE-2020-6522
+       RESERVED
+CVE-2020-6521
+       RESERVED
+CVE-2020-6520
+       RESERVED
+CVE-2020-6519
+       RESERVED
+CVE-2020-6518
+       RESERVED
+CVE-2020-6517
+       RESERVED
+CVE-2020-6516
+       RESERVED
+CVE-2020-6515
+       RESERVED
+CVE-2020-6514
+       RESERVED
+CVE-2020-6513
+       RESERVED
+CVE-2020-6512
+       RESERVED
+CVE-2020-6511
+       RESERVED
+CVE-2020-6510
+       RESERVED
+CVE-2020-6509
+       RESERVED
+CVE-2020-6508
+       RESERVED
+CVE-2020-6507
+       RESERVED
+CVE-2020-6506
+       RESERVED
+CVE-2020-6505
+       RESERVED
+CVE-2020-6504
+       RESERVED
+CVE-2020-6503
+       RESERVED
+CVE-2020-6502
+       RESERVED
+CVE-2020-6501
+       RESERVED
+CVE-2020-6500
+       RESERVED
+CVE-2020-6499
+       RESERVED
+CVE-2020-6498
+       RESERVED
+CVE-2020-6497
+       RESERVED
+CVE-2020-6496
+       RESERVED
+CVE-2020-6495
+       RESERVED
+CVE-2020-6494
+       RESERVED
+CVE-2020-6493
+       RESERVED
+CVE-2020-6492
+       RESERVED
+CVE-2020-6491
+       RESERVED
+CVE-2020-6490
+       RESERVED
+CVE-2020-6489
+       RESERVED
+CVE-2020-6488
+       RESERVED
+CVE-2020-6487
+       RESERVED
+CVE-2020-6486
+       RESERVED
+CVE-2020-6485
+       RESERVED
+CVE-2020-6484
+       RESERVED
+CVE-2020-6483
+       RESERVED
+CVE-2020-6482
+       RESERVED
+CVE-2020-6481
+       RESERVED
+CVE-2020-6480
+       RESERVED
+CVE-2020-6479
+       RESERVED
+CVE-2020-6478
+       RESERVED
+CVE-2020-6477
+       RESERVED
+CVE-2020-6476
+       RESERVED
+CVE-2020-6475
+       RESERVED
+CVE-2020-6474
+       RESERVED
+CVE-2020-6473
+       RESERVED
+CVE-2020-6472
+       RESERVED
+CVE-2020-6471
+       RESERVED
+CVE-2020-6470
+       RESERVED
+CVE-2020-6469
+       RESERVED
+CVE-2020-6468
+       RESERVED
+CVE-2020-6467
+       RESERVED
+CVE-2020-6466
+       RESERVED
+CVE-2020-6465
+       RESERVED
+CVE-2020-6464
+       RESERVED
+CVE-2020-6463
+       RESERVED
+CVE-2020-6462
+       RESERVED
+CVE-2020-6461
+       RESERVED
+CVE-2020-6460
+       RESERVED
+CVE-2020-6459
+       RESERVED
+CVE-2020-6458
+       RESERVED
+CVE-2020-6457
+       RESERVED
+CVE-2020-6456
+       RESERVED
+CVE-2020-6455
+       RESERVED
+CVE-2020-6454
+       RESERVED
+CVE-2020-6453
+       RESERVED
+CVE-2020-6452
+       RESERVED
+CVE-2020-6451
+       RESERVED
+CVE-2020-6450
+       RESERVED
+CVE-2020-6449
+       RESERVED
+CVE-2020-6448
+       RESERVED
+CVE-2020-6447
+       RESERVED
+CVE-2020-6446
+       RESERVED
+CVE-2020-6445
+       RESERVED
+CVE-2020-6444
+       RESERVED
+CVE-2020-6443
+       RESERVED
+CVE-2020-6442
+       RESERVED
+CVE-2020-6441
+       RESERVED
+CVE-2020-6440
+       RESERVED
+CVE-2020-6439
+       RESERVED
+CVE-2020-6438
+       RESERVED
+CVE-2020-6437
+       RESERVED
+CVE-2020-6436
+       RESERVED
+CVE-2020-6435
+       RESERVED
+CVE-2020-6434
+       RESERVED
+CVE-2020-6433
+       RESERVED
+CVE-2020-6432
+       RESERVED
+CVE-2020-6431
+       RESERVED
+CVE-2020-6430
+       RESERVED
+CVE-2020-6429
+       RESERVED
+CVE-2020-6428
+       RESERVED
+CVE-2020-6427
+       RESERVED
+CVE-2020-6426
+       RESERVED
+CVE-2020-6425
+       RESERVED
+CVE-2020-6424
+       RESERVED
+CVE-2020-6423
+       RESERVED
+CVE-2020-6422
+       RESERVED
+CVE-2020-6421
+       RESERVED
+CVE-2020-6420
+       RESERVED
+CVE-2020-6419
+       RESERVED
+CVE-2020-6418
+       RESERVED
+CVE-2020-6417
+       RESERVED
+CVE-2020-6416
+       RESERVED
+CVE-2020-6415
+       RESERVED
+CVE-2020-6414
+       RESERVED
+CVE-2020-6413
+       RESERVED
+CVE-2020-6412
+       RESERVED
+CVE-2020-6411
+       RESERVED
+CVE-2020-6410
+       RESERVED
+CVE-2020-6409
+       RESERVED
+CVE-2020-6408
+       RESERVED
+CVE-2020-6407
+       RESERVED
+CVE-2020-6406
+       RESERVED
+CVE-2020-6405
+       RESERVED
+CVE-2020-6404
+       RESERVED
+CVE-2020-6403
+       RESERVED
+CVE-2020-6402
+       RESERVED
+CVE-2020-6401
+       RESERVED
+CVE-2020-6400
+       RESERVED
+CVE-2020-6399
+       RESERVED
+CVE-2020-6398
+       RESERVED
+CVE-2020-6397
+       RESERVED
+CVE-2020-6396
+       RESERVED
+CVE-2020-6395
+       RESERVED
+CVE-2020-6394
+       RESERVED
+CVE-2020-6393
+       RESERVED
+CVE-2020-6392
+       RESERVED
+CVE-2020-6391
+       RESERVED
+CVE-2020-6390
+       RESERVED
+CVE-2020-6389
+       RESERVED
+CVE-2020-6388
+       RESERVED
+CVE-2020-6387
+       RESERVED
+CVE-2020-6386
+       RESERVED
+CVE-2020-6385
+       RESERVED
+CVE-2020-6384
+       RESERVED
+CVE-2020-6383
+       RESERVED
+CVE-2020-6382
+       RESERVED
+CVE-2020-6381
+       RESERVED
+CVE-2020-6380
+       RESERVED
+CVE-2020-6379
+       RESERVED
+CVE-2020-6378
+       RESERVED
+CVE-2020-6377
+       RESERVED
+CVE-2020-6376
+       RESERVED
+CVE-2020-6375
+       RESERVED
+CVE-2020-6374
+       RESERVED
+CVE-2020-6373
+       RESERVED
+CVE-2020-6372
+       RESERVED
+CVE-2020-6371
+       RESERVED
+CVE-2020-6370
+       RESERVED
+CVE-2020-6369
+       RESERVED
+CVE-2020-6368
+       RESERVED
+CVE-2020-6367
+       RESERVED
+CVE-2020-6366
+       RESERVED
+CVE-2020-6365
+       RESERVED
+CVE-2020-6364
+       RESERVED
+CVE-2020-6363
+       RESERVED
+CVE-2020-6362
+       RESERVED
+CVE-2020-6361
+       RESERVED
+CVE-2020-6360
+       RESERVED
+CVE-2020-6359
+       RESERVED
+CVE-2020-6358
+       RESERVED
+CVE-2020-6357
+       RESERVED
+CVE-2020-6356
+       RESERVED
+CVE-2020-6355
+       RESERVED
+CVE-2020-6354
+       RESERVED
+CVE-2020-6353
+       RESERVED
+CVE-2020-6352
+       RESERVED
+CVE-2020-6351
+       RESERVED
+CVE-2020-6350
+       RESERVED
+CVE-2020-6349
+       RESERVED
+CVE-2020-6348
+       RESERVED
+CVE-2020-6347
+       RESERVED
+CVE-2020-6346
+       RESERVED
+CVE-2020-6345
+       RESERVED
+CVE-2020-6344
+       RESERVED
+CVE-2020-6343
+       RESERVED
+CVE-2020-6342
+       RESERVED
+CVE-2020-6341
+       RESERVED
+CVE-2020-6340
+       RESERVED
+CVE-2020-6339
+       RESERVED
+CVE-2020-6338
+       RESERVED
+CVE-2020-6337
+       RESERVED
+CVE-2020-6336
+       RESERVED
+CVE-2020-6335
+       RESERVED
+CVE-2020-6334
+       RESERVED
+CVE-2020-6333
+       RESERVED
+CVE-2020-6332
+       RESERVED
+CVE-2020-6331
+       RESERVED
+CVE-2020-6330
+       RESERVED
+CVE-2020-6329
+       RESERVED
+CVE-2020-6328
+       RESERVED
+CVE-2020-6327
+       RESERVED
+CVE-2020-6326
+       RESERVED
+CVE-2020-6325
+       RESERVED
+CVE-2020-6324
+       RESERVED
+CVE-2020-6323
+       RESERVED
+CVE-2020-6322
+       RESERVED
+CVE-2020-6321
+       RESERVED
+CVE-2020-6320
+       RESERVED
+CVE-2020-6319
+       RESERVED
+CVE-2020-6318
+       RESERVED
+CVE-2020-6317
+       RESERVED
+CVE-2020-6316
+       RESERVED
+CVE-2020-6315
+       RESERVED
+CVE-2020-6314
+       RESERVED
+CVE-2020-6313
+       RESERVED
+CVE-2020-6312
+       RESERVED
+CVE-2020-6311
+       RESERVED
+CVE-2020-6310
+       RESERVED
+CVE-2020-6309
+       RESERVED
+CVE-2020-6308
+       RESERVED
+CVE-2020-6307
+       RESERVED
+CVE-2020-6306
+       RESERVED
+CVE-2020-6305
+       RESERVED
+CVE-2020-6304
+       RESERVED
+CVE-2020-6303
+       RESERVED
+CVE-2020-6302
+       RESERVED
+CVE-2020-6301
+       RESERVED
+CVE-2020-6300
+       RESERVED
+CVE-2020-6299
+       RESERVED
+CVE-2020-6298
+       RESERVED
+CVE-2020-6297
+       RESERVED
+CVE-2020-6296
+       RESERVED
+CVE-2020-6295
+       RESERVED
+CVE-2020-6294
+       RESERVED
+CVE-2020-6293
+       RESERVED
+CVE-2020-6292
+       RESERVED
+CVE-2020-6291
+       RESERVED
+CVE-2020-6290
+       RESERVED
+CVE-2020-6289
+       RESERVED
+CVE-2020-6288
+       RESERVED
+CVE-2020-6287
+       RESERVED
+CVE-2020-6286
+       RESERVED
+CVE-2020-6285
+       RESERVED
+CVE-2020-6284
+       RESERVED
+CVE-2020-6283
+       RESERVED
+CVE-2020-6282
+       RESERVED
+CVE-2020-6281
+       RESERVED
+CVE-2020-6280
+       RESERVED
+CVE-2020-6279
+       RESERVED
+CVE-2020-6278
+       RESERVED
+CVE-2020-6277
+       RESERVED
+CVE-2020-6276
+       RESERVED
+CVE-2020-6275
+       RESERVED
+CVE-2020-6274
+       RESERVED
+CVE-2020-6273
+       RESERVED
+CVE-2020-6272
+       RESERVED
+CVE-2020-6271
+       RESERVED
+CVE-2020-6270
+       RESERVED
+CVE-2020-6269
+       RESERVED
+CVE-2020-6268
+       RESERVED
+CVE-2020-6267
+       RESERVED
+CVE-2020-6266
+       RESERVED
+CVE-2020-6265
+       RESERVED
+CVE-2020-6264
+       RESERVED
+CVE-2020-6263
+       RESERVED
+CVE-2020-6262
+       RESERVED
+CVE-2020-6261
+       RESERVED
+CVE-2020-6260
+       RESERVED
+CVE-2020-6259
+       RESERVED
+CVE-2020-6258
+       RESERVED
+CVE-2020-6257
+       RESERVED
+CVE-2020-6256
+       RESERVED
+CVE-2020-6255
+       RESERVED
+CVE-2020-6254
+       RESERVED
+CVE-2020-6253
+       RESERVED
+CVE-2020-6252
+       RESERVED
+CVE-2020-6251
+       RESERVED
+CVE-2020-6250
+       RESERVED
+CVE-2020-6249
+       RESERVED
+CVE-2020-6248
+       RESERVED
+CVE-2020-6247
+       RESERVED
+CVE-2020-6246
+       RESERVED
+CVE-2020-6245
+       RESERVED
+CVE-2020-6244
+       RESERVED
+CVE-2020-6243
+       RESERVED
+CVE-2020-6242
+       RESERVED
+CVE-2020-6241
+       RESERVED
+CVE-2020-6240
+       RESERVED
+CVE-2020-6239
+       RESERVED
+CVE-2020-6238
+       RESERVED
+CVE-2020-6237
+       RESERVED
+CVE-2020-6236
+       RESERVED
+CVE-2020-6235
+       RESERVED
+CVE-2020-6234
+       RESERVED
+CVE-2020-6233
+       RESERVED
+CVE-2020-6232
+       RESERVED
+CVE-2020-6231
+       RESERVED
+CVE-2020-6230
+       RESERVED
+CVE-2020-6229
+       RESERVED
+CVE-2020-6228
+       RESERVED
+CVE-2020-6227
+       RESERVED
+CVE-2020-6226
+       RESERVED
+CVE-2020-6225
+       RESERVED
+CVE-2020-6224
+       RESERVED
+CVE-2020-6223
+       RESERVED
+CVE-2020-6222
+       RESERVED
+CVE-2020-6221
+       RESERVED
+CVE-2020-6220
+       RESERVED
+CVE-2020-6219
+       RESERVED
+CVE-2020-6218
+       RESERVED
+CVE-2020-6217
+       RESERVED
+CVE-2020-6216
+       RESERVED
+CVE-2020-6215
+       RESERVED
+CVE-2020-6214
+       RESERVED
+CVE-2020-6213
+       RESERVED
+CVE-2020-6212
+       RESERVED
+CVE-2020-6211
+       RESERVED
+CVE-2020-6210
+       RESERVED
+CVE-2020-6209
+       RESERVED
+CVE-2020-6208
+       RESERVED
+CVE-2020-6207
+       RESERVED
+CVE-2020-6206
+       RESERVED
+CVE-2020-6205
+       RESERVED
+CVE-2020-6204
+       RESERVED
+CVE-2020-6203
+       RESERVED
+CVE-2020-6202
+       RESERVED
+CVE-2020-6201
+       RESERVED
+CVE-2020-6200
+       RESERVED
+CVE-2020-6199
+       RESERVED
+CVE-2020-6198
+       RESERVED
+CVE-2020-6197
+       RESERVED
+CVE-2020-6196
+       RESERVED
+CVE-2020-6195
+       RESERVED
+CVE-2020-6194
+       RESERVED
+CVE-2020-6193
+       RESERVED
+CVE-2020-6192
+       RESERVED
+CVE-2020-6191
+       RESERVED
+CVE-2020-6190
+       RESERVED
+CVE-2020-6189
+       RESERVED
+CVE-2020-6188
+       RESERVED
+CVE-2020-6187
+       RESERVED
+CVE-2020-6186
+       RESERVED
+CVE-2020-6185
+       RESERVED
+CVE-2020-6184
+       RESERVED
+CVE-2020-6183
+       RESERVED
+CVE-2020-6182
+       RESERVED
+CVE-2020-6181
+       RESERVED
+CVE-2020-6180
+       RESERVED
+CVE-2020-6179
+       RESERVED
+CVE-2020-6178
+       RESERVED
+CVE-2020-6177
+       RESERVED
+CVE-2019-20367 (nlist.c in libbsd before 0.10.0 has an out-of-bounds read 
during a com ...)
+       TODO: check
+CVE-2019-20366 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 
via isTr ...)
+       TODO: check
+CVE-2019-20365 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 
via sear ...)
+       TODO: check
+CVE-2019-20364 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 
via cach ...)
+       TODO: check
+CVE-2019-20363 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 
via alia ...)
+       TODO: check
+CVE-2019-20362 (In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 
19.08.3 ...)
+       TODO: check
 CVE-2020-6176
        RESERVED
 CVE-2020-6175
@@ -1342,10 +2168,10 @@ CVE-2020-5513 (Gila CMS 1.11.8 allows /cm/delete?t=../ 
Directory Traversal. ...)
        NOT-FOR-US: Gila CMS
 CVE-2020-5512 (Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal. 
...)
        NOT-FOR-US: Gila CMS
-CVE-2020-5511
-       RESERVED
-CVE-2020-5510
-       RESERVED
+CVE-2020-5511 (PHPGurukul Small CRM v2.0 was found vulnerable to 
authentication bypas ...)
+       TODO: check
+CVE-2020-5510 (PHPGurukul Hostel Management System v2.0 allows SQL injection 
via the  ...)
+       TODO: check
 CVE-2020-5509
        RESERVED
 CVE-2020-5508
@@ -2299,8 +3125,8 @@ CVE-2020-5185
        RESERVED
 CVE-2020-5184
        RESERVED
-CVE-2020-5183
-       RESERVED
+CVE-2020-5183 (FTPGetter Professional 5.97.0.223 is vulnerable to a memory 
corruption ...)
+       TODO: check
 CVE-2020-5182
        RESERVED
 CVE-2020-5181
@@ -10530,8 +11356,8 @@ CVE-2019-19546 (Norton Password Manager, prior to 
6.6.2.5, may be susceptible to
        NOT-FOR-US: Norton Password Manager
 CVE-2019-19545 (Norton Password Manager, prior to 6.6.2.5, may be susceptible 
to a cro ...)
        NOT-FOR-US: Norton Password Manager
-CVE-2019-19544
-       RESERVED
+CVE-2019-19544 (CA Automic Dollar Universe 5.3.3 contains a vulnerability, 
related to  ...)
+       TODO: check
 CVE-2019-19542 (The ListingPro theme before v2.0.14.2 for WordPress has 
Persistent XSS ...)
        NOT-FOR-US: ListingPro theme for WordPress
 CVE-2019-19541 (The ListingPro theme before v2.0.14.2 for WordPress has 
Persistent XSS ...)
@@ -10613,8 +11439,8 @@ CVE-2019-19520 (xlock in OpenBSD 6.6 allows local users 
to gain the privileges o
        NOT-FOR-US: OpenBSD
 CVE-2019-19519 (In OpenBSD 6.6, local users can use the su -L option to 
achieve any lo ...)
        NOT-FOR-US: OpenBSD
-CVE-2019-19518
-       RESERVED
+CVE-2019-19518 (CA Automic Sysload 5.6.0 through 6.1.2 contains a 
vulnerability, relat ...)
+       TODO: check
 CVE-2020-1964
        RESERVED
 CVE-2020-1963
@@ -10819,8 +11645,8 @@ CVE-2019-19497 (MDaemon Email Server 17.5.1 allows XSS 
via the filename of an at
        NOT-FOR-US: MDaemon Email Server
 CVE-2019-19496 (Alfresco Enterprise before 5.2.5 allows stored XSS via an 
uploaded HTM ...)
        NOT-FOR-US: Alfresco
-CVE-2019-19495
-       RESERVED
+CVE-2019-19495 (The web interface on the Technicolor TC7230 STEB 01.25 is 
vulnerable t ...)
+       TODO: check
 CVE-2019-19494
        RESERVED
 CVE-2019-19493 (Kentico before 12.0.50 allows file uploads in which the 
Content-Type h ...)
@@ -17769,24 +18595,24 @@ CVE-2020-0011
        RESERVED
 CVE-2020-0010
        RESERVED
-CVE-2020-0009
-       RESERVED
-CVE-2020-0008
-       RESERVED
-CVE-2020-0007
-       RESERVED
-CVE-2020-0006
-       RESERVED
+CVE-2020-0009 (In calc_vm_may_flags of ashmem.c, there is a possible arbitrary 
write  ...)
+       TODO: check
+CVE-2020-0008 (In LowEnergyClient::MtuChangedCallback of low_energy_client.cc, 
there  ...)
+       TODO: check
+CVE-2020-0007 (In flattenString8 of Sensor.cpp, there is a possible 
information discl ...)
+       TODO: check
+CVE-2020-0006 (In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a 
possibl ...)
+       TODO: check
 CVE-2020-0005
        RESERVED
-CVE-2020-0004
-       RESERVED
-CVE-2020-0003
-       RESERVED
-CVE-2020-0002
-       RESERVED
-CVE-2020-0001
-       RESERVED
+CVE-2020-0004 (In generateCrop of WallpaperManagerService.java, there is a 
possible s ...)
+       TODO: check
+CVE-2020-0003 (In onCreate of InstallStart.java, there is a possible package 
validati ...)
+       TODO: check
+CVE-2020-0002 (In ih264d_init_decoder of ih264d_api.c, there is a possible out 
of bou ...)
+       TODO: check
+CVE-2020-0001 (In getProcessRecordLocked of ActivityManagerService.java 
isolated apps ...)
+       TODO: check
 CVE-2019-18192 (GNU Guix 1.0.1 allows local users to gain access to an 
arbitrary user' ...)
        - guix <itp> (bug #850644)
        NOTE: https://issues.guix.gnu.org/issue/37744
@@ -20467,8 +21293,8 @@ CVE-2019-17078
        RESERVED
 CVE-2019-17077
        RESERVED
-CVE-2019-17076
-       RESERVED
+CVE-2019-17076 (An issue was discovered in Jamf Pro 9.x and 10.x before 
10.15.1. Deser ...)
+       TODO: check
 CVE-2019-17075 (An issue was discovered in write_tpt_entry in 
drivers/infiniband/hw/cx ...)
        - linux 5.3.7-1
        [jessie] - linux <ignored> (Not a problem in practice)
@@ -27372,8 +28198,7 @@ CVE-2019-14821 (An out-of-bounds access issue was found 
in the Linux kernel, all
        {DSA-4531-1 DLA-1940-1 DLA-1930-1}
        - linux 5.2.17-1
        NOTE: 
https://git.kernel.org/linus/b60fe990c6b07ef6d4df67bc0530c7c90a62623a
-CVE-2019-14820
-       RESERVED
+CVE-2019-14820 (It was found that keycloak before version 8.0.0 exposes 
internal adapt ...)
        NOT-FOR-US: Keycloak
 CVE-2019-14819 (A flaw was found during the upgrade of an existing OpenShift 
Container ...)
        NOT-FOR-US: openshift-ansible
@@ -40082,10 +40907,10 @@ CVE-2019-10780
        RESERVED
 CVE-2019-10779
        RESERVED
-CVE-2019-10778
-       RESERVED
-CVE-2019-10777
-       RESERVED
+CVE-2019-10778 (devcert-sanscache before 0.4.7 allows remote attackers to 
execute arbi ...)
+       TODO: check
+CVE-2019-10777 (In aws-lambda versions prior to version 1.0.5, the 
"config.FunctioName ...)
+       TODO: check
 CVE-2019-10776 (In "index.js" file line 240, the run command executes the git 
command  ...)
        NOT-FOR-US: git-diff-apply
 CVE-2019-10775 (ecstatic have a denial of service vulnerability. Successful 
exploitati ...)
@@ -55794,8 +56619,7 @@ CVE-2019-5190
        RESERVED
 CVE-2019-5189
        RESERVED
-CVE-2019-5188
-       RESERVED
+CVE-2019-5188 (A code execution vulnerability exists in the directory 
rehashing funct ...)
        - e2fsprogs 1.45.5-1
        [buster] - e2fsprogs <no-dsa> (Minor issue)
        [stretch] - e2fsprogs <no-dsa> (Minor issue)
@@ -56032,8 +56856,8 @@ CVE-2019-5084 (An exploitable heap out-of-bounds write 
vulnerability exists in t
        NOT-FOR-US: LEADTOOLS
 CVE-2019-5083 (An exploitable out-of-bounds write vulnerability exists in the 
igcore1 ...)
        NOT-FOR-US: Accusoft ImageGear
-CVE-2019-5082
-       RESERVED
+CVE-2019-5082 (An exploitable heap buffer overflow vulnerability exists in the 
iochec ...)
+       TODO: check
 CVE-2019-5081 (An exploitable heap buffer overflow vulnerability exists in the 
iochec ...)
        NOT-FOR-US: WAGO
 CVE-2019-5080 (An exploitable denial-of-service vulnerability exists in the 
iocheckd  ...)
@@ -64562,7 +65386,7 @@ CVE-2019-2210 (In load_logging_config of 
qmi_vs_service.cc, there is a possible
        NOT-FOR-US: Android
 CVE-2019-2209 (In BTA_DmPinReply of bta_dm_api.cc, there is a possible out of 
bounds  ...)
        NOT-FOR-US: Android
-CVE-2019-2208 (There is a possible out of bounds read in v8 JIT code due to a 
bug in  ...)
+CVE-2019-2208 (In PromiseBuiltinsAssembler::NewPromiseCapability of 
builtins-promise. ...)
        NOT-FOR-US: Android
 CVE-2019-2207 (In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a 
possibl ...)
        NOT-FOR-US: Android
@@ -179466,8 +180290,8 @@ CVE-2015-8961 (The __ext4_journal_stop function in 
fs/ext4/ext4_jbd2.c in the Li
        [jessie] - linux 3.16.7-ckt25-1
        [wheezy] - linux <not-affected> (Vulnerable code not present)
        NOTE: Fixed by: 
https://git.kernel.org/linus/6934da9238da947628be83635e365df41064b09b (v4.4-rc5)
-CVE-2014-9908
-       RESERVED
+CVE-2014-9908 (A Denial of Service vulnerability exists in Google Android 
4.4.4, 5.0. ...)
+       TODO: check
 CVE-2016-1000247 [mpg123 memory overread]
        {DLA-655-1}
        - mpg123 1.23.8-1 (low; bug #838960)
@@ -185329,25 +186153,24 @@ CVE-2016-6596
        RESERVED
 CVE-2016-6594 (Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 
6.5 and  ...)
        NOT-FOR-US: Blue Coat
-CVE-2016-6593
-       RESERVED
+CVE-2016-6593 (A code-execution vulnerability exists during startup in jhi.dll 
and ot ...)
        NOT-FOR-US: Symantec VIP Access
 CVE-2016-6592
        RESERVED
-CVE-2016-6591
-       RESERVED
-CVE-2016-6590
-       RESERVED
-CVE-2016-6589
-       RESERVED
-CVE-2016-6588
-       RESERVED
-CVE-2016-6587
-       RESERVED
-CVE-2016-6586
-       RESERVED
-CVE-2016-6585
-       RESERVED
+CVE-2016-6591 (A security bypass vulnerability exists in Symantec Norton App 
Lock 1.0 ...)
+       TODO: check
+CVE-2016-6590 (A privilege escalation vulnerability exists when loading DLLs 
during b ...)
+       TODO: check
+CVE-2016-6589 (A Denial of Service vulnerability exists in the ITMS workflow 
process  ...)
+       TODO: check
+CVE-2016-6588 (A Cross-Site Scripting (XSS) vulnerability exists in the ITMS 
workflow ...)
+       TODO: check
+CVE-2016-6587 (An Information Disclosure vulnerability exists in the mid.dat 
file sto ...)
+       TODO: check
+CVE-2016-6586 (A security bypass vulnerability exists in Symantec Norton 
Mobile Secur ...)
+       TODO: check
+CVE-2016-6585 (A Denial of Service vulnerability exists in Symantec Norton 
Mobile Sec ...)
+       TODO: check
 CVE-2016-6584
        RESERVED
 CVE-2016-6583
@@ -189346,8 +190169,7 @@ CVE-2016-5348 (The GPS component in Android 4.x 
before 4.4.4, 5.0.x before 5.0.2
        NOT-FOR-US: Android
 CVE-2016-5347 (In all Qualcomm products with Android releases from CAF using 
the Linu ...)
        NOT-FOR-US: Qualcomm driver for Android
-CVE-2016-5346
-       RESERVED
+CVE-2016-5346 (An Information Disclosure vulnerability exists in the Google 
Pixel/Pix ...)
        NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-5345 (Buffer overflow in the Qualcomm radio driver in Android before 
2017-01 ...)
        NOT-FOR-US: Qualcomm radio driver for Android
@@ -243292,8 +244114,8 @@ CVE-2014-5289 (Buffer overflow in Senkas Kolibri 2.0 
allows remote attackers to
        NOT-FOR-US: Senkas Kolibri
 CVE-2014-5288
        RESERVED
-CVE-2014-5287
-       RESERVED
+CVE-2014-5287 (A Bash script injection vulnerability exists in Kemp Load 
Master 7.1-1 ...)
+       TODO: check
 CVE-2014-5286 (The ActiveMatrix Policy Manager Authentication module in TIBCO 
ActiveM ...)
        NOT-FOR-US: TIBCO
 CVE-2014-5285 (Unspecified vulnerability in the Authentication Module in TIBCO 
Spotfi ...)
@@ -251991,8 +252813,7 @@ CVE-2014-2074
        RESERVED
 CVE-2014-2073 (Stack-based buffer overflow in Dassault Systemes CATIA 
V5-6R2013 allow ...)
        NOT-FOR-US: Dassault Systemes Catia
-CVE-2014-2072
-       RESERVED
+CVE-2014-2072 (Dassault Systemes Catia V5-6R2013: Stack Buffer Overflow due to 
inadeq ...)
        NOT-FOR-US: Dassault Systemes Catia
 CVE-2014-2071 (Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before 
6.2.5.6164 ...)
        NOT-FOR-US: Aruba Networks ClearPass Policy Manager
@@ -252668,8 +253489,7 @@ CVE-2014-1874 (The security_context_to_sid_core 
function in security/selinux/ss/
        [wheezy] - linux 3.2.57-1
        - linux-2.6 <removed>
        NOTE: 
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2172fa709ab32ca60e86179dc67d0857be8e2c98,
 first included in v3.14-rc2
-CVE-2014-1860 [PHP object insertion]
-       RESERVED
+CVE-2014-1860 (Contao CMS through 3.2.4 has PHP Object Injection 
Vulnerabilities ...)
        NOT-FOR-US: Contao CMS
 CVE-2014-1832 (Phusion Passenger 4.0.37 allows local users to write to certain 
files  ...)
        - ruby-passenger 4.0.37-2
@@ -253393,8 +254213,8 @@ CVE-2014-1600
        RESERVED
 CVE-2014-1599 (Multiple cross-site scripting (XSS) vulnerabilities in the SFR 
Box rou ...)
        NOT-FOR-US: SFR Box router
-CVE-2014-1598
-       RESERVED
+CVE-2014-1598 (centurystar 7.12 ActiveX Control has a Stack Buffer Overflow 
...)
+       TODO: check
 CVE-2014-1597 (SQL injection vulnerability in the CMDB web application in 
synetics i- ...)
        NOT-FOR-US: i-doit
 CVE-2014-1596
@@ -254129,8 +254949,8 @@ CVE-2014-1456 (Cross-site scripting (XSS) 
vulnerability in the login page in Ope
        NOT-FOR-US: Open Web Analytics
 CVE-2014-1455 (SQL injection vulnerability in the password reset functionality 
in Pea ...)
        NOT-FOR-US: Pearson eSIS Enterprise Student Information System
-CVE-2014-1454
-       RESERVED
+CVE-2014-1454 (Pearson eSIS (Enterprise Student Information System) message 
board has ...)
+       TODO: check
 CVE-2014-1453 (The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not 
acquir ...)
        {DSA-2952-1}
        - kfreebsd-8 <removed>
@@ -254295,8 +255115,8 @@ CVE-2014-1447 (Race condition in the 
virNetServerClientStartKeepAlive function i
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1047577
        NOTE: 
http://libvirt.org/git/?p=libvirt.git;a=commit;h=066c8ef6c18bc1faf8b3e10787b39796a7a06cc0
        NOTE: 
http://libvirt.org/git/?p=libvirt.git;a=commit;h=173c2914734eb5c32df6d35a82bf503e12261bcf
-CVE-2014-1409
-       RESERVED
+CVE-2014-1409 (MobileIron VSP versions prior to 5.9.1 and Sentry versions 
prior to 5. ...)
+       TODO: check
 CVE-2014-1404
        RESERVED
 CVE-2014-1403 (Cross-site scripting (XSS) vulnerability in name.html in 
easyXDM befor ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bbd30b26d6649085667acd3046d4f2584a55253a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bbd30b26d6649085667acd3046d4f2584a55253a
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits