Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2853adea by security tracker role at 2020-05-06T20:10:32+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2020-12674
+ RESERVED
+CVE-2020-12673
+ RESERVED
CVE-2020-XXXX [OSSA-2020-004: EC2 and credential endpoints are not protected
from a scoped context]
- keystone <unfixed> (bug #959900)
NOTE: https://bugs.launchpad.net/keystone/+bug/1872735
@@ -8,8 +12,8 @@ CVE-2020-12671
RESERVED
CVE-2020-12670
RESERVED
-CVE-2020-12669
- RESERVED
+CVE-2020-12669 (core/get_menudiv.php in Dolibarr before 11.0.4 allows remote
authentic ...)
+ TODO: check
CVE-2020-12668
RESERVED
CVE-2020-12667
@@ -1233,11 +1237,11 @@ CVE-2020-12146
RESERVED
CVE-2020-12145
RESERVED
-CVE-2020-12144 (Details The certificate used to identify the Silver Peak Cloud
Portal ...)
+CVE-2020-12144 (The certificate used to identify the Silver Peak Cloud Portal
to EdgeC ...)
NOT-FOR-US: Silver Peak Cloud Portal
-CVE-2020-12143 (Summary - The certificate used to identify Orchestrator to
EdgeConnect ...)
+CVE-2020-12143 (The certificate used to identify Orchestrator to EdgeConnect
devices i ...)
NOT-FOR-US: EdgeConnect
-CVE-2020-12142 (a. IPSec UDP key material can be retrieved from
machine-to-machine int ...)
+CVE-2020-12142 (1. IPSec UDP key material can be retrieved from
machine-to-machine int ...)
NOT-FOR-US: EdgeConnect
CVE-2020-12141
RESERVED
@@ -1305,8 +1309,7 @@ CVE-2020-12110 (Certain TP-Link devices have a Hardcoded
Encryption Key. This af
NOT-FOR-US: TP-Link
CVE-2020-12109 (Certain TP-Link devices allow Command Injection. This affects
NC200 2. ...)
NOT-FOR-US: TP-Link
-CVE-2020-12108 [Arbitrary Content Injection via the options login page]
- RESERVED
+CVE-2020-12108 (/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary
Content ...)
- mailman <removed>
NOTE: https://bugs.launchpad.net/mailman/+bug/1873722
CVE-2020-12107
@@ -2434,9 +2437,9 @@ CVE-2020-11879 (An issue was discovered in GNOME
Evolution before 3.35.91. By us
NOTE:
https://gitlab.gnome.org/GNOME/evolution/-/commit/6489f20d6905cc797e2b2581c415e558c457caa7
CVE-2020-11878 (The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before
stable-4 ...)
- jitsi-meet <itp> (bug #760485)
-CVE-2020-11877 (airhost.exe in Zoom Client for Meetings 4.6.11 uses
3423423432325249 a ...)
+CVE-2020-11877 (** DISPUTED ** airhost.exe in Zoom Client for Meetings 4.6.11
uses 342 ...)
NOT-FOR-US: Zoom Client for Meetings
-CVE-2020-11876 (airhost.exe in Zoom Client for Meetings 4.6.11 uses the
SHA-256 hash o ...)
+CVE-2020-11876 (** DISPUTED ** airhost.exe in Zoom Client for Meetings 4.6.11
uses the ...)
NOT-FOR-US: Zoom Client for Meetings
CVE-2020-11875 (An issue was discovered on LG mobile devices with Android OS
8.0, 8.1, ...)
NOT-FOR-US: LG mobile devices
@@ -3111,8 +3114,8 @@ CVE-2020-11728 (An issue was discovered in DAViCal
Andrew's Web Libraries (AWL)
- awl 0.61-1 (bug #956650)
NOTE: https://gitlab.com/davical-project/awl/-/issues/19
NOTE:
https://gitlab.com/davical-project/awl/-/commit/c2e808cc2420f8d870ac0a4aa9cc1f2c90562428
-CVE-2020-11727
- RESERVED
+CVE-2020-11727 (A cross-site scripting (XSS) vulnerability in the AlgolPlus
Advanced O ...)
+ TODO: check
CVE-2020-11726
RESERVED
CVE-2020-11724 (An issue was discovered in OpenResty before 1.15.8.4.
ngx_http_lua_sub ...)
@@ -5998,8 +6001,7 @@ CVE-2020-10706
RESERVED
CVE-2020-10705
RESERVED
-CVE-2020-10704
- RESERVED
+CVE-2020-10704 (A flaw was found when using samba as an Active Directory
Domain Contro ...)
- samba <unfixed>
[buster] - samba <postponed> (Can be fixed along in future DSA)
[stretch] - samba <postponed> (Can be fixed along in future DSA)
@@ -6057,8 +6059,8 @@ CVE-2020-10695
NOTE: Red Hat specific CVE assignment for openshift/redhat-sso-7
container
CVE-2020-10694
RESERVED
-CVE-2020-10693
- RESERVED
+CVE-2020-10693 (A flaw was found in Hibernate Validator version 6.1.2.Final. A
bug in ...)
+ TODO: check
CVE-2020-10692
RESERVED
CVE-2020-10691 (An archive traversal flaw was found in all ansible-engine
versions 2.9 ...)
@@ -10208,8 +10210,8 @@ CVE-2020-8901
RESERVED
CVE-2020-8900
RESERVED
-CVE-2020-8899
- RESERVED
+CVE-2020-8899 (There is a buffer overwrite vulnerability in the Quram qmg
library of ...)
+ TODO: check
CVE-2020-8898
RESERVED
CVE-2020-8897
@@ -12491,8 +12493,8 @@ CVE-2020-7923
RESERVED
CVE-2020-7922 (X.509 certificates generated by the MongoDB Enterprise
Kubernetes Oper ...)
NOT-FOR-US: MongoDB Enterprise
-CVE-2020-7921
- RESERVED
+CVE-2020-7921 (Improper serialization of internal state in the authorization
subsyste ...)
+ TODO: check
CVE-2019-20419
RESERVED
CVE-2019-20418
@@ -12818,8 +12820,8 @@ CVE-2020-7808
RESERVED
CVE-2020-7807
RESERVED
-CVE-2020-7806
- RESERVED
+CVE-2020-7806 (Tobesoft Xplatform 9.2.2.250 and earlier version have an
arbitrary cod ...)
+ TODO: check
CVE-2020-7805
RESERVED
CVE-2020-7804 (ActiveX Control(HShell.dll) in Handy Groupware 1.7.3.1 for
Windows 7, ...)
@@ -14927,8 +14929,8 @@ CVE-2020-6863 (ZTE E8820V3 router product is impacted
by a permission and access
NOT-FOR-US: ZTE
CVE-2020-6862 (V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by
Informati ...)
NOT-FOR-US: ZTE F6x2W
-CVE-2020-6861
- RESERVED
+CVE-2020-6861 (A flawed protocol design in the Ledger Monero app before 1.5.1
for Led ...)
+ TODO: check
CVE-2020-6860 (libmysofa 0.9.1 has a stack-based buffer overflow in
readDataVar in hd ...)
- libmysofa 1.0~dfsg0-1 (bug #949325)
[buster] - libmysofa <no-dsa> (Minor issue)
@@ -16856,8 +16858,8 @@ CVE-2020-6095 (An exploitable denial of service
vulnerability exists in the GstR
[stretch] - gst-rtsp-server1.0 <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1018
NOTE:
https://gitlab.freedesktop.org/gstreamer/gst-rtsp-server/-/commit/44ccca3086dd81081d72ca0b21d0ecdde962fb1a
-CVE-2020-6094
- RESERVED
+CVE-2020-6094 (An exploitable code execution vulnerability exists in the TIFF
fillinr ...)
+ TODO: check
CVE-2020-6093
RESERVED
CVE-2020-6092
@@ -16880,8 +16882,8 @@ CVE-2020-6084
RESERVED
CVE-2020-6083
RESERVED
-CVE-2020-6082
- RESERVED
+CVE-2020-6082 (An exploitable out-of-bounds write vulnerability exists in the
ico_rea ...)
+ TODO: check
CVE-2020-6081
RESERVED
CVE-2020-6080 (An exploitable denial-of-service vulnerability exists in the
resource ...)
@@ -16920,10 +16922,10 @@ CVE-2020-6077 (An exploitable denial-of-service
vulnerability exists in the mess
[jessie] - vlc <end-of-life> (Not supported in jessie LTS)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1000
NOTE: These were addressed on the source level in 3.0.9, but 3.0.8-4
disables the plugin
-CVE-2020-6076
- RESERVED
-CVE-2020-6075
- RESERVED
+CVE-2020-6076 (An exploitable out-of-bounds write vulnerability exists in the
igcore1 ...)
+ TODO: check
+CVE-2020-6075 (An exploitable out-of-bounds write vulnerability exists in the
store_d ...)
+ TODO: check
CVE-2020-6074
RESERVED
CVE-2020-6073 (An exploitable denial-of-service vulnerability exists in the
TXT recor ...)
@@ -20881,8 +20883,8 @@ CVE-2020-4448
RESERVED
CVE-2020-4447
RESERVED
-CVE-2020-4446
- RESERVED
+CVE-2020-4446 (IBM Business Process Manager 8.0, 8.5, and 8.6 and IBM Business
Automa ...)
+ TODO: check
CVE-2020-4445
RESERVED
CVE-2020-4444
@@ -20931,8 +20933,8 @@ CVE-2020-4423
RESERVED
CVE-2020-4422
RESERVED
-CVE-2020-4421
- RESERVED
+CVE-2020-4421 (IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4
could allo ...)
+ TODO: check
CVE-2020-4420
RESERVED
CVE-2020-4419
@@ -21005,8 +21007,8 @@ CVE-2020-4386
RESERVED
CVE-2020-4385
RESERVED
-CVE-2020-4384
- RESERVED
+CVE-2020-4384 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is
vulnerable t ...)
+ TODO: check
CVE-2020-4383
RESERVED
CVE-2020-4382
@@ -21589,8 +21591,8 @@ CVE-2020-4094
RESERVED
CVE-2020-4093
RESERVED
-CVE-2020-4092
- RESERVED
+CVE-2020-4092 ("If port encryption is not enabled on the Domino Server, HCL
Nomad on ...)
+ TODO: check
CVE-2020-4091
RESERVED
CVE-2020-4090
@@ -24257,8 +24259,8 @@ CVE-2020-3336
RESERVED
CVE-2020-3335
RESERVED
-CVE-2020-3334
- RESERVED
+CVE-2020-3334 (A vulnerability in the ARP packet processing of Cisco Adaptive
Securit ...)
+ TODO: check
CVE-2020-3333
RESERVED
CVE-2020-3332
@@ -24267,8 +24269,8 @@ CVE-2020-3331
RESERVED
CVE-2020-3330
RESERVED
-CVE-2020-3329
- RESERVED
+CVE-2020-3329 (A vulnerability in role-based access control of Cisco
Integrated Manag ...)
+ TODO: check
CVE-2020-3328
RESERVED
CVE-2020-3327
@@ -24289,48 +24291,48 @@ CVE-2020-3320
RESERVED
CVE-2020-3319
RESERVED
-CVE-2020-3318
- RESERVED
+CVE-2020-3318 (Multiple vulnerabilities in Cisco Firepower Management Center
(FMC) So ...)
+ TODO: check
CVE-2020-3317
RESERVED
CVE-2020-3316
RESERVED
-CVE-2020-3315
- RESERVED
+CVE-2020-3315 (Multiple Cisco products are affected by a vulnerability in the
Snort d ...)
+ TODO: check
CVE-2020-3314
RESERVED
-CVE-2020-3313
- RESERVED
-CVE-2020-3312
- RESERVED
-CVE-2020-3311
- RESERVED
-CVE-2020-3310
- RESERVED
-CVE-2020-3309
- RESERVED
-CVE-2020-3308
- RESERVED
-CVE-2020-3307
- RESERVED
-CVE-2020-3306
- RESERVED
-CVE-2020-3305
- RESERVED
+CVE-2020-3313 (A vulnerability in the web UI of Cisco Firepower Management
Center (FM ...)
+ TODO: check
+CVE-2020-3312 (A vulnerability in the application policy configuration of
Cisco Firep ...)
+ TODO: check
+CVE-2020-3311 (A vulnerability in the web interface of Cisco Firepower
Management Cen ...)
+ TODO: check
+CVE-2020-3310 (A vulnerability in the XML parser code of Cisco Firepower
Device Manag ...)
+ TODO: check
+CVE-2020-3309 (A vulnerability in Cisco Firepower Device Manager (FDM) On-Box
softwar ...)
+ TODO: check
+CVE-2020-3308 (A vulnerability in the Image Signature Verification feature of
Cisco F ...)
+ TODO: check
+CVE-2020-3307 (A vulnerability in the web UI of Cisco Firepower Management
Center (FM ...)
+ TODO: check
+CVE-2020-3306 (A vulnerability in the DHCP module of Cisco Adaptive Security
Applianc ...)
+ TODO: check
+CVE-2020-3305 (A vulnerability in the implementation of the Border Gateway
Protocol ( ...)
+ TODO: check
CVE-2020-3304
RESERVED
-CVE-2020-3303
- RESERVED
-CVE-2020-3302
- RESERVED
-CVE-2020-3301
- RESERVED
+CVE-2020-3303 (A vulnerability in the Internet Key Exchange version 1 (IKEv1)
feature ...)
+ TODO: check
+CVE-2020-3302 (A vulnerability in the web UI of Cisco Firepower Management
Center (FM ...)
+ TODO: check
+CVE-2020-3301 (Multiple vulnerabilities in Cisco Firepower Management Center
(FMC) So ...)
+ TODO: check
CVE-2020-3300
RESERVED
CVE-2020-3299
RESERVED
-CVE-2020-3298
- RESERVED
+CVE-2020-3298 (A vulnerability in the Open Shortest Path First (OSPF)
implementation ...)
+ TODO: check
CVE-2020-3297
RESERVED
CVE-2020-3296
@@ -24355,12 +24357,12 @@ CVE-2020-3287
RESERVED
CVE-2020-3286
RESERVED
-CVE-2020-3285
- RESERVED
+CVE-2020-3285 (A vulnerability in the Transport Layer Security version 1.3
(TLS 1.3) ...)
+ TODO: check
CVE-2020-3284
RESERVED
-CVE-2020-3283
- RESERVED
+CVE-2020-3283 (A vulnerability in the Secure Sockets Layer (SSL)/Transport
Layer Secu ...)
+ TODO: check
CVE-2020-3282
RESERVED
CVE-2020-3281
@@ -24407,20 +24409,20 @@ CVE-2020-3261 (A vulnerability in the web-based
management interface of Cisco Mo
NOT-FOR-US: Cisco
CVE-2020-3260 (A vulnerability in Cisco Aironet Series Access Points Software
could a ...)
NOT-FOR-US: Cisco
-CVE-2020-3259
- RESERVED
+CVE-2020-3259 (A vulnerability in the web services interface of Cisco Adaptive
Securi ...)
+ TODO: check
CVE-2020-3258
RESERVED
CVE-2020-3257
RESERVED
-CVE-2020-3256
- RESERVED
-CVE-2020-3255
- RESERVED
-CVE-2020-3254
- RESERVED
-CVE-2020-3253
- RESERVED
+CVE-2020-3256 (A vulnerability in the web-based management interface of Cisco
Hosted ...)
+ TODO: check
+CVE-2020-3255 (A vulnerability in the packet processing functionality of Cisco
Firepo ...)
+ TODO: check
+CVE-2020-3254 (Multiple vulnerabilities in the Media Gateway Control Protocol
(MGCP) ...)
+ TODO: check
+CVE-2020-3253 (A vulnerability in the support tunnel feature of Cisco
Firepower Threa ...)
+ TODO: check
CVE-2020-3252 (Multiple vulnerabilities in the REST API of Cisco UCS Director
and Cis ...)
NOT-FOR-US: Cisco
CVE-2020-3251 (Multiple vulnerabilities in the REST API of Cisco UCS Director
and Cis ...)
@@ -24433,8 +24435,8 @@ CVE-2020-3248 (Multiple vulnerabilities in the REST API
of Cisco UCS Director an
NOT-FOR-US: Cisco
CVE-2020-3247 (Multiple vulnerabilities in the REST API of Cisco UCS Director
and Cis ...)
NOT-FOR-US: Cisco
-CVE-2020-3246
- RESERVED
+CVE-2020-3246 (A vulnerability in the web server of Cisco Umbrella could allow
an una ...)
+ TODO: check
CVE-2020-3245
RESERVED
CVE-2020-3244
@@ -24533,28 +24535,28 @@ CVE-2020-3198
RESERVED
CVE-2020-3197
RESERVED
-CVE-2020-3196
- RESERVED
-CVE-2020-3195
- RESERVED
+CVE-2020-3196 (A vulnerability in the Secure Sockets Layer (SSL)/Transport
Layer Secu ...)
+ TODO: check
+CVE-2020-3195 (A vulnerability in the Open Shortest Path First (OSPF)
implementation ...)
+ TODO: check
CVE-2020-3194 (A vulnerability in Cisco Webex Network Recording Player for
Microsoft ...)
NOT-FOR-US: Cisco
CVE-2020-3193 (A vulnerability in the web-based management interface of Cisco
Prime C ...)
NOT-FOR-US: Cisco
CVE-2020-3192 (A vulnerability in the web-based management interface of Cisco
Prime C ...)
NOT-FOR-US: Cisco
-CVE-2020-3191
- RESERVED
+CVE-2020-3191 (A vulnerability in DNS over IPv6 packet processing for Cisco
Adaptive ...)
+ TODO: check
CVE-2020-3190 (A vulnerability in the IPsec packet processor of Cisco IOS XR
Software ...)
NOT-FOR-US: Cisco
-CVE-2020-3189
- RESERVED
-CVE-2020-3188
- RESERVED
-CVE-2020-3187
- RESERVED
-CVE-2020-3186
- RESERVED
+CVE-2020-3189 (A vulnerability in the VPN System Logging functionality for
Cisco Fire ...)
+ TODO: check
+CVE-2020-3188 (A vulnerability in how Cisco Firepower Threat Defense (FTD)
Software h ...)
+ TODO: check
+CVE-2020-3187 (A vulnerability in the web services interface of Cisco Adaptive
Securi ...)
+ TODO: check
+CVE-2020-3186 (A vulnerability in the management access list configuration of
Cisco F ...)
+ TODO: check
CVE-2020-3185 (A vulnerability in the web-based management interface of Cisco
TelePre ...)
NOT-FOR-US: Cisco
CVE-2020-3184
@@ -24567,10 +24569,10 @@ CVE-2020-3181 (A vulnerability in the malware
detection functionality in Cisco A
NOT-FOR-US: Cisco
CVE-2020-3180
RESERVED
-CVE-2020-3179
- RESERVED
-CVE-2020-3178
- RESERVED
+CVE-2020-3179 (A vulnerability in the generic routing encapsulation (GRE)
tunnel deca ...)
+ TODO: check
+CVE-2020-3178 (Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS
Softwar ...)
+ TODO: check
CVE-2020-3177 (A vulnerability in the Tool for Auto-Registered Phones Support
(TAPS) ...)
NOT-FOR-US: Cisco
CVE-2020-3176 (A vulnerability in Cisco Remote PHY Device Software could allow
an aut ...)
@@ -24675,8 +24677,8 @@ CVE-2020-3127 (Multiple vulnerabilities in Cisco Webex
Network Recording Player
NOT-FOR-US: Cisco
CVE-2020-3126 (vulnerability within the Multimedia Viewer feature of Cisco
Webex Meet ...)
NOT-FOR-US: Cisco
-CVE-2020-3125
- RESERVED
+CVE-2020-3125 (A vulnerability in the Kerberos authentication feature of Cisco
Adapti ...)
+ TODO: check
CVE-2020-3124
RESERVED
CVE-2020-3123 (A vulnerability in the Data-Loss-Prevention (DLP) module in
Clam AntiV ...)
@@ -27202,32 +27204,23 @@ CVE-2020-2191
RESERVED
CVE-2020-2190
RESERVED
-CVE-2020-2189
- RESERVED
+CVE-2020-2189 (Jenkins SCM Filter Jervis Plugin 0.2.1 and earlier does not
configure ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2188
- RESERVED
+CVE-2020-2188 (A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1
and ear ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2187
- RESERVED
+CVE-2020-2187 (Jenkins Amazon EC2 Plugin 1.50.1 and earlier unconditionally
accepts s ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2186
- RESERVED
+CVE-2020-2186 (A cross-site request forgery vulnerability in Jenkins Amazon
EC2 Plugi ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2185
- RESERVED
+CVE-2020-2185 (Jenkins Amazon EC2 Plugin 1.50.1 and earlier does not validate
SSH hos ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2184
- RESERVED
+CVE-2020-2184 (A cross-site request forgery vulnerability in Jenkins CVS
Plugin 2.15 ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2183
- RESERVED
+CVE-2020-2183 (Jenkins Copy Artifact Plugin 1.43.1 and earlier performs
improper perm ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2182
- RESERVED
+CVE-2020-2182 (Jenkins Credentials Binding Plugin 1.22 and earlier does not
mask (i.e ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2181
- RESERVED
+CVE-2020-2181 (Jenkins Credentials Binding Plugin 1.22 and earlier does not
mask (i.e ...)
NOT-FOR-US: Jenkins plugin
CVE-2020-2180 (Jenkins AWS SAM Plugin 1.2.2 and earlier does not configure its
YAML p ...)
NOT-FOR-US: Jenkins plugin
@@ -29644,14 +29637,14 @@ CVE-2019-19171
RESERVED
CVE-2019-19170
RESERVED
-CVE-2019-19169
- RESERVED
-CVE-2019-19168
- RESERVED
-CVE-2019-19167
- RESERVED
-CVE-2019-19166
- RESERVED
+CVE-2019-19169 (Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a
vulnerabili ...)
+ TODO: check
+CVE-2019-19168 (Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a
vulnerabili ...)
+ TODO: check
+CVE-2019-19167 (Tobesoft Nexacro v2019.9.25.1 and earlier version have an
arbitrary co ...)
+ TODO: check
+CVE-2019-19166 (Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a
vulnerability t ...)
+ TODO: check
CVE-2019-19165 (AxECM.cab(ActiveX Control) in Inogard Ebiz4u contains a
vulnerability ...)
NOT-FOR-US: Inogard Ebiz4u
CVE-2019-19164
@@ -76152,8 +76145,8 @@ CVE-2019-4268 (IBM WebSphere Application Server 7.0,
8.0, 8.5, and 9.0 could all
NOT-FOR-US: IBM
CVE-2019-4267 (The IBM Spectrum Protect 7.1 and 8.1 Backup-Archive Client is
vulnerab ...)
NOT-FOR-US: IBM
-CVE-2019-4266
- RESERVED
+CVE-2019-4266 (IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 does
not ha ...)
+ TODO: check
CVE-2019-4265 (IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not
have devic ...)
NOT-FOR-US: IBM
CVE-2019-4264 (IBM QRadar SIEM 7.2.8 WinCollect could allow an attacker to
obtain sen ...)
@@ -117100,8 +117093,8 @@ CVE-2018-8958
RESERVED
CVE-2018-8957 (CoverCMS v1.1.6 has XSS via the fourth input box to index.php,
related ...)
NOT-FOR-US: CoverCMS
-CVE-2018-8956
- RESERVED
+CVE-2018-8956 (ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow
remote att ...)
+ TODO: check
CVE-2018-8955 (The installer for BitDefender GravityZone relies on an encoded
string ...)
NOT-FOR-US: BitDefender GravityZone
CVE-2018-8954 (CA Workload Control Center before r11.4 SP6 allows remote
attackers to ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2853adeab8a940b81d3224f40f6c03ecdd62af9b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2853adeab8a940b81d3224f40f6c03ecdd62af9b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
