[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Thu, 09 Apr 2020 13:11:07 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4d1e8570 by security tracker role at 2020-04-09T20:10:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2020-11668
+       RESERVED
+CVE-2020-11667
+       RESERVED
+CVE-2020-11666
+       RESERVED
+CVE-2020-11665
+       RESERVED
+CVE-2020-11664
+       RESERVED
+CVE-2020-11663
+       RESERVED
+CVE-2020-11662
+       RESERVED
+CVE-2020-11661
+       RESERVED
+CVE-2020-11660
+       RESERVED
+CVE-2020-11659
+       RESERVED
+CVE-2020-11658
+       RESERVED
 CVE-2020-11657
        RESERVED
 CVE-2020-11656 (In SQLite through 3.31.1, the ALTER TABLE implementation has a 
use-aft ...)
@@ -514,16 +536,16 @@ CVE-2020-11558 (An issue was discovered in libgpac.a in 
GPAC 0.8.0, as demonstra
        NOTE: 
https://github.com/gpac/gpac/commit/6063b1a011c3f80cee25daade18154e15e4c058c
        NOTE: https://github.com/gpac/gpac/issues/1440
        TODO: check
-CVE-2020-11557
-       RESERVED
-CVE-2020-11556
-       RESERVED
-CVE-2020-11555
-       RESERVED
-CVE-2020-11554
-       RESERVED
-CVE-2020-11553
-       RESERVED
+CVE-2020-11557 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 
before 20 ...)
+       TODO: check
+CVE-2020-11556 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 
before 20 ...)
+       TODO: check
+CVE-2020-11555 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 
before 20 ...)
+       TODO: check
+CVE-2020-11554 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 
before 20 ...)
+       TODO: check
+CVE-2020-11553 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 
before 20 ...)
+       TODO: check
 CVE-2020-11552
        RESERVED
 CVE-2020-11551
@@ -2818,36 +2840,36 @@ CVE-2020-10633 (A non-persistent XSS (cross-site 
scripting) vulnerability exists
        NOT-FOR-US: eWON Flexy and Cosy
 CVE-2020-10632
        RESERVED
-CVE-2020-10631
-       RESERVED
+CVE-2020-10631 (An attacker could use a specially crafted URL to delete or 
read files  ...)
+       TODO: check
 CVE-2020-10630
        RESERVED
-CVE-2020-10629
-       RESERVED
+CVE-2020-10629 (WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML 
input. S ...)
+       TODO: check
 CVE-2020-10628
        RESERVED
 CVE-2020-10627
        RESERVED
 CVE-2020-10626
        RESERVED
-CVE-2020-10625
-       RESERVED
+CVE-2020-10625 (WebAccess/NMS (versions prior to 3.0.2) allows an 
unauthenticated remo ...)
+       TODO: check
 CVE-2020-10624
        RESERVED
-CVE-2020-10623
-       RESERVED
+CVE-2020-10623 (Multiple vulnerabilities could allow an attacker with low 
privileges t ...)
+       TODO: check
 CVE-2020-10622
        RESERVED
-CVE-2020-10621
-       RESERVED
+CVE-2020-10621 (Multiple issues exist that allow files to be uploaded and 
executed on  ...)
+       TODO: check
 CVE-2020-10620
        RESERVED
-CVE-2020-10619
-       RESERVED
+CVE-2020-10619 (An attacker could use a specially crafted URL to delete files 
outside  ...)
+       TODO: check
 CVE-2020-10618
        RESERVED
-CVE-2020-10617
-       RESERVED
+CVE-2020-10617 (There are multiple ways an unauthenticated attacker could 
perform SQL  ...)
+       TODO: check
 CVE-2020-10616
        RESERVED
 CVE-2020-10615
@@ -2874,8 +2896,8 @@ CVE-2020-10605
        RESERVED
 CVE-2020-10604
        RESERVED
-CVE-2020-10603
-       RESERVED
+CVE-2020-10603 (WebAccess/NMS (versions prior to 3.0.2) does not properly 
sanitize use ...)
+       TODO: check
 CVE-2020-10602
        RESERVED
 CVE-2020-10601 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote 
Module allow  ...)
@@ -2999,8 +3021,8 @@ CVE-2020-10553
        RESERVED
 CVE-2020-10552
        RESERVED
-CVE-2020-10551
-       RESERVED
+CVE-2020-10551 (QQBrowser before 10.5.3870.400 installs a Windows service 
TsService.ex ...)
+       TODO: check
 CVE-2020-10550
        RESERVED
 CVE-2020-10549
@@ -5284,10 +5306,10 @@ CVE-2020-9502
        RESERVED
 CVE-2020-9501
        RESERVED
-CVE-2020-9500
-       RESERVED
-CVE-2020-9499
-       RESERVED
+CVE-2020-9500 (Some products of Dahua have Denial of Service vulnerabilities. 
After t ...)
+       TODO: check
+CVE-2020-9499 (Some Dahua products have buffer overflow vulnerabilities. After 
the su ...)
+       TODO: check
 CVE-2020-9498
        RESERVED
 CVE-2020-9497
@@ -6938,8 +6960,8 @@ CVE-2020-8815 (Improper connection handling in the base 
connection handler in IK
        NOT-FOR-US: BearFTP
 CVE-2020-8814
        RESERVED
-CVE-2018-21034
-       RESERVED
+CVE-2018-21034 (In Argo versions prior to v1.5.0-rc1, it was possible for 
authenticate ...)
+       TODO: check
 CVE-2017-18641 (In LXC 2.0, many template scripts download code over cleartext 
HTTP, a ...)
        - lxc-templates <unfixed>
        - lxc 1:3.0.3-1 (low)
@@ -8986,8 +9008,8 @@ CVE-2020-7924
        RESERVED
 CVE-2020-7923
        RESERVED
-CVE-2020-7922
-       RESERVED
+CVE-2020-7922 (X.509 certificates generated by the MongoDB Enterprise 
Kubernetes Oper ...)
+       TODO: check
 CVE-2020-7921
        RESERVED
 CVE-2019-20419
@@ -15147,8 +15169,8 @@ CVE-2020-5265
        RESERVED
 CVE-2020-5264
        RESERVED
-CVE-2020-5263
-       RESERVED
+CVE-2020-5263 (auth0.js (NPM package auth0-js) greater than version 8.0.0 and 
before  ...)
+       TODO: check
 CVE-2020-5262 (In EasyBuild before version 4.1.2, the GitHub Personal Access 
Token (P ...)
        NOT-FOR-US: EasyBuild
 CVE-2020-5261 (Saml2 Authentication services for ASP.NET (NuGet package 
Sustainsys.Sa ...)
@@ -24394,8 +24416,8 @@ CVE-2020-1897
        RESERVED
 CVE-2020-1896
        RESERVED
-CVE-2020-1895
-       RESERVED
+CVE-2020-1895 (A large heap overflow could occur in Instagram for Android when 
attemp ...)
+       TODO: check
 CVE-2020-1894
        RESERVED
 CVE-2020-1893 (Insufficient boundary checks when decoding JSON in TryParse 
reads out  ...)
@@ -25054,6 +25076,7 @@ CVE-2020-1761
        NOT-FOR-US: OpenShift
 CVE-2020-1760 [header-splitting in RGW GetObject has a possible XSS]
        RESERVED
+       {DLA-2171-1}
        - ceph <unfixed> (bug #956142)
        NOTE: Introduced with: 
https://github.com/ceph/ceph-ci/commit/f4a0b2d9260a4523745875e3977a8a1ef9dc5e2e
        NOTE: Fixed by: 
https://github.com/ceph/ceph-ci/commit/8aa1f77363ec32bdc57744a143035033291ab5e1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d1e8570d60909a9cdbdf200cb353c95e64447e5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d1e8570d60909a9cdbdf200cb353c95e64447e5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to