[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Tue, 19 May 2020 01:11:12 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1b0144e3 by security tracker role at 2020-05-19T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2020-13162
+       RESERVED
+CVE-2020-13161
+       RESERVED
+CVE-2020-13160
+       RESERVED
+CVE-2020-13159
+       RESERVED
+CVE-2020-13158
+       RESERVED
+CVE-2020-13157
+       RESERVED
+CVE-2020-13156
+       RESERVED
+CVE-2020-13155
+       RESERVED
+CVE-2020-13154 (Zoho ManageEngine Service Plus before 11.1 build 11112 allows 
low-priv ...)
+       TODO: check
+CVE-2020-13153 (app/View/Events/resolved_attributes.ctp in MISP before 2.4.126 
has XSS ...)
+       TODO: check
+CVE-2020-13152
+       RESERVED
+CVE-2020-13151
+       RESERVED
+CVE-2020-13150
+       RESERVED
+CVE-2020-13149 (Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" 
folder in Dr ...)
+       TODO: check
+CVE-2020-13148
+       RESERVED
+CVE-2020-13147
+       RESERVED
 CVE-2020-13146 (Studio in Open edX Ironwood 2.5 allows CSV injection because 
an added  ...)
        TODO: check
 CVE-2020-13145 (Studio in Open edX Ironwood 2.5 allows users to upload SVG 
files via t ...)
@@ -118,8 +150,8 @@ CVE-2020-13096
        RESERVED
 CVE-2020-13095
        RESERVED
-CVE-2020-13094
-       RESERVED
+CVE-2020-13094 (Dolibarr before 11.0.4 allows XSS. ...)
+       TODO: check
 CVE-2020-13093 (iSpyConnect.com Agent DVR before 2.7.1.0 allows directory 
traversal. ...)
        NOT-FOR-US: iSpyConnect.com Agent DVR
 CVE-2020-13092 (** DISPUTED ** scikit-learn (aka sklearn) through 0.23.0 can 
unseriali ...)
@@ -29380,8 +29412,8 @@ CVE-2020-1899
        RESERVED
 CVE-2020-1898
        RESERVED
-CVE-2020-1897
-       RESERVED
+CVE-2020-1897 (A use-after-free is possible due to an error in lifetime 
management in ...)
+       TODO: check
 CVE-2020-1896
        RESERVED
 CVE-2020-1895 (A large heap overflow could occur in Instagram for Android when 
attemp ...)
@@ -39601,8 +39633,8 @@ CVE-2019-17068 (PuTTY before 0.73 mishandles the 
"bracketed paste mode" protecti
 CVE-2019-17067 (PuTTY before 0.73 on Windows improperly opens port-forwarding 
listenin ...)
        - putty <not-affected> (Windows-specific)
        NOTE: 
https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html
-CVE-2019-17066
-       RESERVED
+CVE-2019-17066 (In Ivanti WorkSpace Control before 10.4.40.0, a user can 
elevate right ...)
+       TODO: check
 CVE-2019-17065
        RESERVED
 CVE-2019-17064 (Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because 
Catalog ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b0144e3131b13a01066599a32997f69c6f4a558

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b0144e3131b13a01066599a32997f69c6f4a558
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to