Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1b0144e3 by security tracker role at 2020-05-19T08:10:14+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,35 @@ +CVE-2020-13162 + RESERVED +CVE-2020-13161 + RESERVED +CVE-2020-13160 + RESERVED +CVE-2020-13159 + RESERVED +CVE-2020-13158 + RESERVED +CVE-2020-13157 + RESERVED +CVE-2020-13156 + RESERVED +CVE-2020-13155 + RESERVED +CVE-2020-13154 (Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-priv ...) + TODO: check +CVE-2020-13153 (app/View/Events/resolved_attributes.ctp in MISP before 2.4.126 has XSS ...) + TODO: check +CVE-2020-13152 + RESERVED +CVE-2020-13151 + RESERVED +CVE-2020-13150 + RESERVED +CVE-2020-13149 (Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dr ...) + TODO: check +CVE-2020-13148 + RESERVED +CVE-2020-13147 + RESERVED CVE-2020-13146 (Studio in Open edX Ironwood 2.5 allows CSV injection because an added ...) TODO: check CVE-2020-13145 (Studio in Open edX Ironwood 2.5 allows users to upload SVG files via t ...) @@ -118,8 +150,8 @@ CVE-2020-13096 RESERVED CVE-2020-13095 RESERVED -CVE-2020-13094 - RESERVED +CVE-2020-13094 (Dolibarr before 11.0.4 allows XSS. ...) + TODO: check CVE-2020-13093 (iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. ...) NOT-FOR-US: iSpyConnect.com Agent DVR CVE-2020-13092 (** DISPUTED ** scikit-learn (aka sklearn) through 0.23.0 can unseriali ...) @@ -29380,8 +29412,8 @@ CVE-2020-1899 RESERVED CVE-2020-1898 RESERVED -CVE-2020-1897 - RESERVED +CVE-2020-1897 (A use-after-free is possible due to an error in lifetime management in ...) + TODO: check CVE-2020-1896 RESERVED CVE-2020-1895 (A large heap overflow could occur in Instagram for Android when attemp ...) @@ -39601,8 +39633,8 @@ CVE-2019-17068 (PuTTY before 0.73 mishandles the "bracketed paste mode" protecti CVE-2019-17067 (PuTTY before 0.73 on Windows improperly opens port-forwarding listenin ...) - putty <not-affected> (Windows-specific) NOTE: https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html -CVE-2019-17066 - RESERVED +CVE-2019-17066 (In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate right ...) + TODO: check CVE-2019-17065 RESERVED CVE-2019-17064 (Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b0144e3131b13a01066599a32997f69c6f4a558 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b0144e3131b13a01066599a32997f69c6f4a558 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits