[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Mon, 20 Jan 2020 00:10:53 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
fdc16fb7 by security tracker role at 2020-01-20T08:10:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2020-7238
+       RESERVED
+CVE-2020-7237 (Cacti 1.2.8 allows Remote Code Execution (by privileged users) 
via she ...)
+       TODO: check
+CVE-2020-7236 (UHP UHP-100 3.4.1.15, 3.4.2.4, and 3.4.3 devices allow XSS via 
cw2?td= ...)
+       TODO: check
+CVE-2020-7235 (UHP UHP-100 3.4.1.15, 3.4.2.4, and 3.4.3 devices allow XSS via 
cB3?ta= ...)
+       TODO: check
+CVE-2020-7234 (Ruckus ZoneFlex R310 104.0.0.0.1347 devices allow Stored XSS 
via the S ...)
+       TODO: check
+CVE-2020-7233 (KMS Controls BAC-A1616BC BACnet devices have a cleartext 
password of s ...)
+       TODO: check
+CVE-2020-7232 (Evoko Home 1.31 devices allow remote attackers to obtain 
sensitive inf ...)
+       TODO: check
+CVE-2020-7231 (Evoko Home 1.31 devices provide different error messages for 
failed lo ...)
+       TODO: check
+CVE-2019-20381 (TestLink before 1.9.20 allows XSS via non-lowercase 
javascript: in the ...)
+       TODO: check
+CVE-2016-11018
+       RESERVED
 CVE-2020-7230
        RESERVED
 CVE-2020-7229
@@ -28,8 +48,8 @@ CVE-2020-7217
        RESERVED
 CVE-2020-7216
        RESERVED
-CVE-2020-7215
-       RESERVED
+CVE-2020-7215 (An issue was discovered in Gallagher Command Centre 7.x before 
7.90.99 ...)
+       TODO: check
 CVE-2020-7214
        RESERVED
 CVE-2020-7213
@@ -11018,9 +11038,11 @@ CVE-2020-2657 (Vulnerability in the Oracle CRM 
Technical Foundation product of O
 CVE-2020-2656 (Vulnerability in the Oracle Solaris product of Oracle Systems 
(compone ...)
        NOT-FOR-US: Oracle
 CVE-2020-2655 (Vulnerability in the Java SE product of Oracle Java SE 
(component: JSS ...)
+       {DSA-4605-1}
        - openjdk-13 13.0.2+8-1
        - openjdk-11 11.0.6+10-1
 CVE-2020-2654 (Vulnerability in the Java SE product of Oracle Java SE 
(component: Lib ...)
+       {DSA-4605-1}
        - openjdk-13 13.0.2+8-1
        - openjdk-11 11.0.6+10-1
        - openjdk-8 <unfixed>
@@ -11125,6 +11147,7 @@ CVE-2020-2606 (Vulnerability in the PeopleSoft 
Enterprise PeopleTools product of
 CVE-2020-2605 (Vulnerability in the Oracle Solaris product of Oracle Systems 
(compone ...)
        NOT-FOR-US: Oracle
 CVE-2020-2604 (Vulnerability in the Oracle GraalVM Enterprise Edition product 
of Orac ...)
+       {DSA-4605-1}
        - openjdk-13 13.0.2+8-1
        - openjdk-11 11.0.6+10-1
        - openjdk-8 <unfixed>
@@ -11134,6 +11157,7 @@ CVE-2020-2603 (Vulnerability in the Oracle Field 
Service product of Oracle E-Bus
 CVE-2020-2602 (Vulnerability in the PeopleSoft Enterprise PeopleTools product 
of Orac ...)
        NOT-FOR-US: Oracle
 CVE-2020-2601 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
+       {DSA-4605-1}
        - openjdk-13 13.0.2+8-1
        - openjdk-11 11.0.6+10-1
        - openjdk-8 <unfixed>
@@ -11153,6 +11177,7 @@ CVE-2020-2595 (Vulnerability in the Oracle GraalVM 
Enterprise Edition product of
 CVE-2020-2594
        RESERVED
 CVE-2020-2593 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
+       {DSA-4605-1}
        - openjdk-13 13.0.2+8-1
        - openjdk-11 11.0.6+10-1
        - openjdk-8 <unfixed>
@@ -11162,6 +11187,7 @@ CVE-2020-2592 (Vulnerability in the Oracle AutoVue 
product of Oracle Supply Chai
 CVE-2020-2591 (Vulnerability in the Oracle Web Applications Desktop Integrator 
produc ...)
        NOT-FOR-US: Oracle
 CVE-2020-2590 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
+       {DSA-4605-1}
        - openjdk-13 13.0.2+8-1
        - openjdk-11 11.0.6+10-1
        - openjdk-8 <unfixed>
@@ -11182,6 +11208,7 @@ CVE-2020-2584 (Vulnerability in the MySQL Server 
product of Oracle MySQL (compon
        - mysql-5.7 <unfixed>
        NOTE: 
https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
 CVE-2020-2583 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
+       {DSA-4605-1}
        - openjdk-13 13.0.2+8-1
        - openjdk-11 11.0.6+10-1
        - openjdk-8 <unfixed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fdc16fb7ac4b8e93f5d55e21ad94d588d48848b4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fdc16fb7ac4b8e93f5d55e21ad94d588d48848b4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to