Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
55bf77f5 by security tracker role at 2020-01-18T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2020-7226
+ RESERVED
+CVE-2020-7225
+ RESERVED
+CVE-2020-7224
+ RESERVED
+CVE-2020-7223
+ RESERVED
+CVE-2020-7222 (An issue was discovered in Amcrest Web Server 2.520.AC00.18.R
2017-06- ...)
+ TODO: check
+CVE-2020-7221
+ RESERVED
+CVE-2020-7220
+ RESERVED
+CVE-2020-7219
+ RESERVED
+CVE-2020-7218
+ RESERVED
+CVE-2020-7217
+ RESERVED
+CVE-2020-7216
+ RESERVED
CVE-2020-7215
RESERVED
CVE-2020-7214
@@ -223,8 +245,8 @@ CVE-2020-7106 (Cacti 1.2.8 has stored XSS in
data_sources.php, color_templates_i
CVE-2020-7105 (async.c and dict.c in libhiredis.a in hiredis through 0.14.0
allow a N ...)
- hiredis <unfixed>
NOTE: https://github.com/redis/hiredis/issues/747
-CVE-2020-7104
- RESERVED
+CVE-2020-7104 (The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS
via th ...)
+ TODO: check
CVE-2019-20380
RESERVED
CVE-2020-7103
@@ -2663,8 +2685,8 @@ CVE-2020-5957
RESERVED
CVE-2019-20358
RESERVED
-CVE-2019-20357
- RESERVED
+CVE-2019-20357 (A Persistent Arbitrary Code Execution vulnerability exists in
the Tren ...)
+ TODO: check
CVE-2020-5956
RESERVED
CVE-2020-5955
@@ -11396,10 +11418,10 @@ CVE-2019-19699
RESERVED
CVE-2019-19698 (marc-q libwav through 2017-04-20 has a NULL pointer
dereference in wav ...)
NOT-FOR-US: libwav
-CVE-2019-19697
- RESERVED
-CVE-2019-19696
- RESERVED
+CVE-2019-19697 (An arbitrary code execution vulnerability exists in the Trend
Micro Se ...)
+ TODO: check
+CVE-2019-19696 (A RootCA vulnerability found in Trend Micro Password Manager
for Windo ...)
+ TODO: check
CVE-2019-19695 (A privilege escalation vulnerability in Trend Micro Antivirus
for Mac ...)
NOT-FOR-US: Trend Micro
CVE-2019-19694
@@ -22980,7 +23002,7 @@ CVE-2019-17027
RESERVED
CVE-2019-17026
RESERVED
- {DSA-4600-1 DLA-2061-1}
+ {DSA-4603-1 DSA-4600-1 DLA-2061-1}
- firefox 72.0.1-1 (bug #948452)
- firefox-esr 68.4.1esr-1
- thunderbird 1:68.4.1-1
@@ -22990,7 +23012,7 @@ CVE-2019-17025 (Mozilla developers reported memory
safety bugs present in Firefo
- firefox 72.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17025
CVE-2019-17024 (Mozilla developers reported memory safety bugs present in
Firefox 71 a ...)
- {DSA-4600-1 DLA-2061-1}
+ {DSA-4603-1 DSA-4600-1 DLA-2061-1}
- firefox 72.0-1
- firefox-esr 68.4.0esr-1
- thunderbird 1:68.4.1-1
@@ -23004,7 +23026,7 @@ CVE-2019-17023 (After a HelloRetryRequest has been
sent, the client may negotiat
NOTE:
https://hg.mozilla.org/projects/nss/rev/d64102b76a437f24d98a20480dcc9f1655143e7c
NOTE:
https://hg.mozilla.org/projects/nss/rev/8a2bd40e7f89a796cf24a0ff7cfb67c6e69c5c78
CVE-2019-17022 (When pasting a &lt;style&gt; tag from the clipboard
into a ric ...)
- {DSA-4600-1 DLA-2061-1}
+ {DSA-4603-1 DSA-4600-1 DLA-2061-1}
- firefox 72.0-1
- firefox-esr 68.4.0esr-1
- thunderbird 1:68.4.1-1
@@ -23028,7 +23050,7 @@ CVE-2019-17018 (When in Private Browsing Mode on
Windows 10, the Windows keyboar
- firefox <not-affected> (Windows-specific)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17018
CVE-2019-17017 (Due to a missing case handling object types, a type confusion
vulnerab ...)
- {DSA-4600-1 DLA-2061-1}
+ {DSA-4603-1 DSA-4600-1 DLA-2061-1}
- firefox 72.0-1
- firefox-esr 68.4.0esr-1
- thunderbird 1:68.4.1-1
@@ -23036,7 +23058,7 @@ CVE-2019-17017 (Due to a missing case handling object
types, a type confusion vu
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/#CVE-2019-17017
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/#CVE-2019-17017
CVE-2019-17016 (When pasting a &lt;style&gt; tag from the clipboard
into a ric ...)
- {DSA-4600-1 DLA-2061-1}
+ {DSA-4603-1 DSA-4600-1 DLA-2061-1}
- firefox 72.0-1
- firefox-esr 68.4.0esr-1
- thunderbird 1:68.4.1-1
@@ -27096,8 +27118,8 @@ CVE-2019-15627 (Versions 10.0, 11.0 and 12.0 of the
Trend Micro Deep Security Ag
NOT-FOR-US: Trend Micro
CVE-2019-15626 (The Deep Security Manager application (Versions 10.0, 11.0 and
12.0), ...)
NOT-FOR-US: Deep Security Manager application (Trend Micro)
-CVE-2019-15625
- RESERVED
+CVE-2019-15625 (A memory usage vulnerability exists in Trend Micro Password
Manager 3. ...)
+ TODO: check
CVE-2019-15624
RESERVED
CVE-2019-15623
@@ -246440,8 +246462,8 @@ CVE-2014-5011 (DOMPDF before 0.6.2 allows Information
Disclosure. ...)
NOTE: https://github.com/dompdf/dompdf/releases/tag/v0.6.2
CVE-2014-5010
RESERVED
-CVE-2014-5007
- RESERVED
+CVE-2014-5007 (Directory traversal vulnerability in the agentLogUploader
servlet in Z ...)
+ TODO: check
CVE-2014-5006 (Directory traversal vulnerability in ZOHO ManageEngine Desktop
Central ...)
NOT-FOR-US: ZOHO ManageEngine
CVE-2014-5005 (Directory traversal vulnerability in ZOHO ManageEngine Desktop
Central ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/55bf77f5c30c95993a2a44d7838537110fcc7589
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/55bf77f5c30c95993a2a44d7838537110fcc7589
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
