Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
33aaec07 by security tracker role at 2020-03-14T08:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2020-10566 (grub2-bhyve, as used in FreeBSD bhyve before revision 525916
2020-02-1 ...)
+ TODO: check
+CVE-2020-10565 (grub2-bhyve, as used in FreeBSD bhyve before revision 525916
2020-02-1 ...)
+ TODO: check
+CVE-2020-10564 (An issue was discovered in the File Upload plugin before
4.13.0 for Wo ...)
+ TODO: check
+CVE-2020-10563 (An issue was discovered in DEVOME GRR before 3.4.1c.
frmcontactlist.ph ...)
+ TODO: check
+CVE-2020-10562 (An issue was discovered in DEVOME GRR before 3.4.1c.
admin_edit_room.p ...)
+ TODO: check
+CVE-2020-10561
+ RESERVED
+CVE-2020-10560
+ RESERVED
+CVE-2020-10559
+ RESERVED
CVE-2020-10558
RESERVED
CVE-2020-10557
@@ -11899,8 +11915,8 @@ CVE-2020-5258 (In affected versions of dojo (NPM
package), the deepCopy method i
[buster] - dojo <no-dsa> (Minor issue)
NOTE:
https://github.com/dojo/dojo/security/advisories/GHSA-jxfh-8wgv-vfr2
NOTE:
https://github.com/dojo/dojo/commit/20a00afb68f5587946dc76fbeaa68c39bda2171d
-CVE-2020-5257
- RESERVED
+CVE-2020-5257 (In Administrate (rubygem) before version 0.13.0, when sorting
by attri ...)
+ TODO: check
CVE-2020-5256 (BookStack before version 0.25.5 has a vulnerability where a
user could ...)
NOT-FOR-US: BookStack
CVE-2020-5255
@@ -11948,8 +11964,8 @@ CVE-2020-5242 (openHAB before 2.5.2 allow a remote
attacker to use REST calls to
NOT-FOR-US: openHAB
CVE-2020-5241 (matestack-ui-core (RubyGem) before 0.7.4 is vulnerable to
XSS/Script i ...)
NOT-FOR-US: matestack-ui-core Ruby gem
-CVE-2020-5240
- RESERVED
+CVE-2020-5240 (In wagtail-2fa before 1.4.1, any user with access to the CMS
can view ...)
+ TODO: check
CVE-2020-5239 (In Mailu before version 1.7, an authenticated user can exploit
a vulne ...)
NOT-FOR-US: Mailu
CVE-2020-5238
@@ -26241,12 +26257,12 @@ CVE-2019-18580 (Dell EMC Storage Monitoring and
Reporting version 4.3.1 contains
NOT-FOR-US: EMC
CVE-2019-18579 (Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior
to 1.1. ...)
NOT-FOR-US: Dell
-CVE-2019-18578
- RESERVED
-CVE-2019-18577
- RESERVED
-CVE-2019-18576
- RESERVED
+CVE-2019-18578 (Dell EMC XtremIO XMS versions prior to 6.3.0 contain a stored
cross-si ...)
+ TODO: check
+CVE-2019-18577 (Dell EMC XtremIO XMS versions prior to 6.3.0 contain an
incorrect perm ...)
+ TODO: check
+CVE-2019-18576 (Dell EMC XtremIO XMS versions prior to 6.3.0 contain an
information di ...)
+ TODO: check
CVE-2019-18575 (Dell Command Configure versions prior to 4.2.1 contain an
uncontrolled ...)
NOT-FOR-US: Dell Command Configure
CVE-2019-18574 (RSA Authentication Manager software versions prior to 8.4 P8
contain a ...)
@@ -70175,10 +70191,10 @@ CVE-2019-3772 (Spring Integration
(spring-integration-xml and spring-integration
NOT-FOR-US: Spring Integration
CVE-2019-3771
RESERVED
-CVE-2019-3770
- RESERVED
-CVE-2019-3769
- RESERVED
+CVE-2019-3770 (Dell Wyse Management Suite versions prior to 1.4.1 contain a
stored cr ...)
+ TODO: check
+CVE-2019-3769 (Dell Wyse Management Suite versions prior to 1.4.1 contain a
stored cr ...)
+ TODO: check
CVE-2019-3768 (RSA Authentication Manager versions prior to 8.4 P7 contain an
XML Ent ...)
NOT-FOR-US: RSA Authentication Manager
CVE-2019-3767 (Dell ImageAssist versions prior to 8.7.15 contain an
information discl ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33aaec07fcd61bafa0c1c6bf4e27b40c52b0a43e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33aaec07fcd61bafa0c1c6bf4e27b40c52b0a43e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
