[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Thu, 20 Feb 2020 00:11:43 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1ca07968 by security tracker role at 2020-02-20T08:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2020-9306
+       RESERVED
+CVE-2020-9305
+       RESERVED
+CVE-2020-9304
+       RESERVED
+CVE-2020-9303
+       RESERVED
+CVE-2020-9302
+       RESERVED
+CVE-2020-9301
+       RESERVED
+CVE-2020-9300
+       RESERVED
+CVE-2020-9299
+       RESERVED
+CVE-2020-9298
+       RESERVED
+CVE-2020-9297
+       RESERVED
+CVE-2020-9296
+       RESERVED
 CVE-2020-9295
        RESERVED
 CVE-2020-9294
@@ -3008,8 +3030,8 @@ CVE-2020-7944
        RESERVED
 CVE-2020-7943
        RESERVED
-CVE-2020-7942
-       RESERVED
+CVE-2020-7942 (Previously, Puppet operated on a model that a node with a valid 
certif ...)
+       TODO: check
 CVE-2020-7941 (A privilege escalation issue in plone.app.contenttypes in Plone 
4.3 th ...)
        NOT-FOR-US: Plone
 CVE-2020-7940 (Missing password strength checks on some forms in Plone 4.3 
through 5. ...)
@@ -5170,8 +5192,8 @@ CVE-2020-6972
        RESERVED
 CVE-2020-6971
        RESERVED
-CVE-2020-6970
-       RESERVED
+CVE-2020-6970 (A Heap-based Buffer Overflow was found in Emerson 
OpenEnterprise SCADA ...)
+       TODO: check
 CVE-2020-6969 (It is possible to unmask credentials and other sensitive 
information o ...)
        NOT-FOR-US: AutomationDirect
 CVE-2020-6968
@@ -12010,12 +12032,12 @@ CVE-2020-3947
        RESERVED
 CVE-2020-3946
        RESERVED
-CVE-2020-3945
-       RESERVED
-CVE-2020-3944
-       RESERVED
-CVE-2020-3943
-       RESERVED
+CVE-2020-3945 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 
and 6.6. ...)
+       TODO: check
+CVE-2020-3944 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 
and 6.6. ...)
+       TODO: check
+CVE-2020-3943 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 
and 6.6. ...)
+       TODO: check
 CVE-2020-3942
        RESERVED
 CVE-2020-3941 (The repair operation of VMware Tools for Windows 10.x.y has a 
race con ...)
@@ -14664,28 +14686,28 @@ CVE-2020-3165
        RESERVED
 CVE-2020-3164
        RESERVED
-CVE-2020-3163
-       RESERVED
+CVE-2020-3163 (A vulnerability in the Live Data server of Cisco Unified 
Contact Cente ...)
+       TODO: check
 CVE-2020-3162
        RESERVED
 CVE-2020-3161
        RESERVED
-CVE-2020-3160
-       RESERVED
-CVE-2020-3159
-       RESERVED
-CVE-2020-3158
-       RESERVED
+CVE-2020-3160 (A vulnerability in the Extensible Messaging and Presence 
Protocol (XMP ...)
+       TODO: check
+CVE-2020-3159 (A vulnerability in the web-based management interface of Cisco 
Finesse ...)
+       TODO: check
+CVE-2020-3158 (A vulnerability in the High Availability (HA) service of Cisco 
Smart S ...)
+       TODO: check
 CVE-2020-3157
        RESERVED
-CVE-2020-3156
-       RESERVED
+CVE-2020-3156 (A vulnerability in the logging component of Cisco Identity 
Services En ...)
+       TODO: check
 CVE-2020-3155
        RESERVED
-CVE-2020-3154
-       RESERVED
-CVE-2020-3153
-       RESERVED
+CVE-2020-3154 (A vulnerability in the web UI of Cisco Cloud Web Security (CWS) 
could  ...)
+       TODO: check
+CVE-2020-3153 (A vulnerability in the installer component of Cisco AnyConnect 
Secure  ...)
+       TODO: check
 CVE-2020-3152
        RESERVED
 CVE-2020-3151
@@ -14714,8 +14736,8 @@ CVE-2020-3140
        RESERVED
 CVE-2020-3139 (A vulnerability in the out of band (OOB) management interface 
IP table ...)
        NOT-FOR-US: Cisco
-CVE-2020-3138
-       RESERVED
+CVE-2020-3138 (A vulnerability in the upgrade component of Cisco Enterprise 
NFV Infra ...)
+       TODO: check
 CVE-2020-3137
        RESERVED
 CVE-2020-3136 (A vulnerability in the web-based management interface of Cisco 
Jabber  ...)
@@ -14726,8 +14748,8 @@ CVE-2020-3134 (A vulnerability in the zip decompression 
engine of Cisco AsyncOS
        NOT-FOR-US: Cisco
 CVE-2020-3133
        RESERVED
-CVE-2020-3132
-       RESERVED
+CVE-2020-3132 (A vulnerability in the email message scanning feature of Cisco 
AsyncOS ...)
+       TODO: check
 CVE-2020-3131 (A vulnerability in the Cisco Webex Teams client for Windows 
could allo ...)
        NOT-FOR-US: Cisco
 CVE-2020-3130
@@ -14766,12 +14788,12 @@ CVE-2020-3116
        RESERVED
 CVE-2020-3115 (A vulnerability in the CLI of the Cisco SD-WAN Solution vManage 
softwa ...)
        NOT-FOR-US: Cisco
-CVE-2020-3114
-       RESERVED
-CVE-2020-3113
-       RESERVED
-CVE-2020-3112
-       RESERVED
+CVE-2020-3114 (A vulnerability in the web-based management interface of Cisco 
Data Ce ...)
+       TODO: check
+CVE-2020-3113 (A vulnerability in the web-based management interface of Cisco 
Data Ce ...)
+       TODO: check
+CVE-2020-3112 (A vulnerability in the REST API endpoint of Cisco Data Center 
Network  ...)
+       TODO: check
 CVE-2020-3111 (A vulnerability in the Cisco Discovery Protocol implementation 
for the ...)
        NOT-FOR-US: Cisco
 CVE-2020-3110 (A vulnerability in the Cisco Discovery Protocol implementation 
for the ...)
@@ -73290,8 +73312,8 @@ CVE-2019-1952 (A vulnerability in the CLI of Cisco 
Enterprise NFV Infrastructure
        NOT-FOR-US: Cisco
 CVE-2019-1951 (A vulnerability in the packet filtering features of Cisco 
SD-WAN Solut ...)
        NOT-FOR-US: Cisco
-CVE-2019-1950
-       RESERVED
+CVE-2019-1950 (A vulnerability in the firmware of the Cisco UCS C-Series Rack 
Servers ...)
+       TODO: check
 CVE-2019-1949 (A vulnerability in the web-based management interface of Cisco 
Firepow ...)
        NOT-FOR-US: Cisco
 CVE-2019-1948 (A vulnerability in Cisco Webex Meetings Mobile (iOS) could 
allow an un ...)
@@ -217444,8 +217466,7 @@ CVE-2015-7545 (The (1) git-remote-ext and (2) 
unspecified other remote helper pr
        - git 1:2.6.1-1
        [squeeze] - git <not-affected> (git 1.7.2 did not have git-remote-ext 
yet)
        NOTE: http://www.openwall.com/lists/oss-security/2015/10/06/1
-CVE-2015-7747 [When changing both sample format and number of channels, data 
gets corrupted; if new sample format smaller than old, possible buffer overflow]
-       RESERVED
+CVE-2015-7747 (Buffer overflow in the afReadFrames function in audiofile (aka 
libaudi ...)
        - audiofile 0.3.6-3 (bug #801102)
        [jessie] - audiofile 0.3.6-2+deb8u1
        [wheezy] - audiofile <no-dsa> (Minor issue)
@@ -237043,30 +237064,30 @@ CVE-2014-9619 (Unrestricted file upload 
vulnerability in webadmin/ajaxfilemanage
        NOT-FOR-US: Netsweeper
 CVE-2014-9618 (The Client Filter Admin portal in Netsweeper before 3.1.10, 
4.0.x befo ...)
        NOT-FOR-US: Netsweeper
-CVE-2014-9617
-       RESERVED
+CVE-2014-9617 (Open redirect vulnerability in remotereporter/load_logfiles.php 
in Net ...)
+       TODO: check
 CVE-2014-9616 (Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 
4.1.2 a ...)
        NOT-FOR-US: Netsweeper
-CVE-2014-9615
-       RESERVED
-CVE-2014-9614
-       RESERVED
-CVE-2014-9613
-       RESERVED
-CVE-2014-9612
-       RESERVED
+CVE-2014-9615 (Cross-site scripting (XSS) vulnerability in Netsweeper 4.0.4 
allows re ...)
+       TODO: check
+CVE-2014-9614 (The Web Panel in Netsweeper before 4.0.5 has a default password 
of bra ...)
+       TODO: check
+CVE-2014-9613 (Multiple SQL injection vulnerabilities in Netsweeper before 
2.6.29.10  ...)
+       TODO: check
+CVE-2014-9612 (SQL injection vulnerability in remotereporter/load_logfiles.php 
in Net ...)
+       TODO: check
 CVE-2014-9611 (Netsweeper before 4.0.5 allows remote attackers to bypass 
authenticati ...)
        NOT-FOR-US: Netsweeper
 CVE-2014-9610 (Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 
4.1.2 a ...)
        NOT-FOR-US: Netsweeper
-CVE-2014-9609
-       RESERVED
-CVE-2014-9608
-       RESERVED
-CVE-2014-9607
-       RESERVED
-CVE-2014-9606
-       RESERVED
+CVE-2014-9609 (Directory traversal vulnerability in 
webadmin/reporter/view_server_log ...)
+       TODO: check
+CVE-2014-9608 (Cross-site scripting (XSS) vulnerability in 
webadmin/policy/group_tabl ...)
+       TODO: check
+CVE-2014-9607 (Cross-site scripting (XSS) vulnerability in 
remotereporter/load_logfil ...)
+       TODO: check
+CVE-2014-9606 (Multiple cross-site scripting (XSS) vulnerabilities in 
Netsweeper befo ...)
+       TODO: check
 CVE-2014-9605 (WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 
4.1.x  ...)
        NOT-FOR-US: Netsweeper
 CVE-2014-9604 (libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check 
for a ze ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ca079682dac3641fe9cbdf72199fa7c8fcc6cd6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ca079682dac3641fe9cbdf72199fa7c8fcc6cd6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to