[Git][security-tracker-team/security-tracker][master] automatic update

Mon, 25 May 2020 01:10:53 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6a5cecd1 by security tracker role at 2020-05-25T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2020-13440 (ffjpeg through 2020-02-24 has an invalid write in bmp_load in 
bmp.c. ...)
+       TODO: check
+CVE-2020-13439 (ffjpeg through 2020-02-24 has a heap-based buffer over-read in 
jfif_de ...)
+       TODO: check
+CVE-2020-13438 (ffjpeg through 2020-02-24 has an invalid read in jfif_encode 
in jfif.c ...)
+       TODO: check
+CVE-2020-13437
+       RESERVED
+CVE-2020-13436
+       RESERVED
+CVE-2020-13435 (SQLite through 3.32.0 has a segmentation fault in 
sqlite3ExprCodeTarge ...)
+       TODO: check
+CVE-2020-13434 (SQLite through 3.32.0 has an integer overflow in 
sqlite3_str_vappendf  ...)
+       TODO: check
+CVE-2020-13433 (Jason2605 AdminPanel 4.0 allows SQL Injection via the 
editPlayer.php h ...)
+       TODO: check
+CVE-2020-13432
+       RESERVED
+CVE-2020-13431
+       RESERVED
 CVE-2020-13430 (Grafana before 7.0.0 allows tag value XSS via the OpenTSDB 
datasource. ...)
        - grafana <removed>
        NOTE: https://github.com/grafana/grafana/pull/24539
@@ -19949,8 +19969,8 @@ CVE-2020-5539 (GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, 
Ver.2.2, Ver.2.3, and Ver.3.0
        NOT-FOR-US: GRANDIT
 CVE-2020-5538 (Improper Access Control in PALLET CONTROL Ver. 6.3 and earlier 
allows  ...)
        NOT-FOR-US: PALLET CONTROL
-CVE-2020-5537
-       RESERVED
+CVE-2020-5537 (Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code 
executi ...)
+       TODO: check
 CVE-2020-5536 (OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an 
attacke ...)
        NOT-FOR-US: OpenBlocks IoT VX2
 CVE-2020-5535 (OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an 
attacke ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a5cecd1e67e0ed3fbc99596f0fbe389125e94c2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a5cecd1e67e0ed3fbc99596f0fbe389125e94c2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to