Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ab8f7334 by security tracker role at 2020-06-15T20:10:41+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,149 @@
+CVE-2020-14162
+ RESERVED
+CVE-2020-14161
+ RESERVED
+CVE-2020-14160
+ RESERVED
+CVE-2020-14159 (By using an Automate API in ConnectWise Automate before
2020.5.178, a ...)
+ TODO: check
+CVE-2020-14158
+ RESERVED
+CVE-2020-14157
+ RESERVED
+CVE-2020-14156 (user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid
before 2020 ...)
+ TODO: check
+CVE-2020-14155 (libpcre in PCRE before 8.44 allows an integer overflow via a
large num ...)
+ TODO: check
+CVE-2020-14154 (Mutt before 1.14.3 proceeds with a connection even if, in
response to ...)
+ TODO: check
+CVE-2020-14153 (In IJG JPEG (aka libjpeg) before 9d, jdhuff.c has an
out-of-bounds arr ...)
+ TODO: check
+CVE-2020-14152 (In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in
jmemnobs. ...)
+ TODO: check
+CVE-2020-14151 (In IJG JPEG (aka libjpeg) before 9d, read_*_pixel() in
rdtarga.c in cj ...)
+ TODO: check
+CVE-2020-14150 (GNU Bison before 3.5.4 allows attackers to cause a denial of
service ( ...)
+ TODO: check
+CVE-2020-14149 (In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the
path provi ...)
+ TODO: check
+CVE-2020-14148 (The Server-Server protocol implementation in ngIRCd before
26~rc2 allo ...)
+ TODO: check
+CVE-2020-14147 (An integer overflow in the getnum function in lua_struct.c in
Redis be ...)
+ TODO: check
+CVE-2020-14146 (KumbiaPHP through 1.1.1, in Development mode, allows XSS via
the publi ...)
+ TODO: check
+CVE-2020-14145
+ RESERVED
+CVE-2020-14144
+ RESERVED
+CVE-2020-14143
+ RESERVED
+CVE-2020-14142
+ RESERVED
+CVE-2020-14141
+ RESERVED
+CVE-2020-14140
+ RESERVED
+CVE-2020-14139
+ RESERVED
+CVE-2020-14138
+ RESERVED
+CVE-2020-14137
+ RESERVED
+CVE-2020-14136
+ RESERVED
+CVE-2020-14135
+ RESERVED
+CVE-2020-14134
+ RESERVED
+CVE-2020-14133
+ RESERVED
+CVE-2020-14132
+ RESERVED
+CVE-2020-14131
+ RESERVED
+CVE-2020-14130
+ RESERVED
+CVE-2020-14129
+ RESERVED
+CVE-2020-14128
+ RESERVED
+CVE-2020-14127
+ RESERVED
+CVE-2020-14126
+ RESERVED
+CVE-2020-14125
+ RESERVED
+CVE-2020-14124
+ RESERVED
+CVE-2020-14123
+ RESERVED
+CVE-2020-14122
+ RESERVED
+CVE-2020-14121
+ RESERVED
+CVE-2020-14120
+ RESERVED
+CVE-2020-14119
+ RESERVED
+CVE-2020-14118
+ RESERVED
+CVE-2020-14117
+ RESERVED
+CVE-2020-14116
+ RESERVED
+CVE-2020-14115
+ RESERVED
+CVE-2020-14114
+ RESERVED
+CVE-2020-14113
+ RESERVED
+CVE-2020-14112
+ RESERVED
+CVE-2020-14111
+ RESERVED
+CVE-2020-14110
+ RESERVED
+CVE-2020-14109
+ RESERVED
+CVE-2020-14108
+ RESERVED
+CVE-2020-14107
+ RESERVED
+CVE-2020-14106
+ RESERVED
+CVE-2020-14105
+ RESERVED
+CVE-2020-14104
+ RESERVED
+CVE-2020-14103
+ RESERVED
+CVE-2020-14102
+ RESERVED
+CVE-2020-14101
+ RESERVED
+CVE-2020-14100
+ RESERVED
+CVE-2020-14099
+ RESERVED
+CVE-2020-14098
+ RESERVED
+CVE-2020-14097
+ RESERVED
+CVE-2020-14096
+ RESERVED
+CVE-2020-14095
+ RESERVED
+CVE-2020-14094
+ RESERVED
+CVE-2019-20838 (libpcre in PCRE before 8.43 allows a subject buffer over-read
in JIT w ...)
+ TODO: check
+CVE-2018-21246 (Caddy before 0.10.13 mishandles TLS client authentication, as
demonstr ...)
+ TODO: check
+CVE-2018-21245 (Pound before 2.8 allows HTTP request smuggling, a related
issue to CVE ...)
+ TODO: check
+CVE-2017-18869 (A TOCTOU issue in the chownr package before 1.1.0 for Node.js
10.10 co ...)
+ TODO: check
CVE-2020-14093 (Mutt before 1.14.3 allows an IMAP fcc/postpone
man-in-the-middle attac ...)
- mutt <unfixed> (bug #962897)
NOTE:
https://github.com/muttmua/mutt/commit/3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01
@@ -33,8 +179,8 @@ CVE-2020-14078 (TRENDnet TEW-827DRU devices through 2.06B04
contain a stack-base
NOT-FOR-US: TRENDnet
CVE-2020-14077 (TRENDnet TEW-827DRU devices through 2.06B04 contain a
stack-based buff ...)
NOT-FOR-US: TRENDnet
-CVE-2020-14076
- RESERVED
+CVE-2020-14076 (TRENDnet TEW-827DRU devices through 2.06B04 contain a
stack-based buff ...)
+ TODO: check
CVE-2020-14075 (TRENDnet TEW-827DRU devices through 2.06B04 contain multiple
command i ...)
NOT-FOR-US: TRENDnet
CVE-2020-14074 (TRENDnet TEW-827DRU devices through 2.06B04 contain a
stack-based buff ...)
@@ -92,8 +238,8 @@ CVE-2020-14056
RESERVED
CVE-2020-14055
RESERVED
-CVE-2020-14054
- RESERVED
+CVE-2020-14054 (SOKKIA GNR5 Vanguard WEB version 1.2 (build:
91f2b2c3a04d203d79862f87e ...)
+ TODO: check
CVE-2020-14053
RESERVED
CVE-2020-14052
@@ -159,10 +305,10 @@ CVE-2020-14036
RESERVED
CVE-2020-14035
RESERVED
-CVE-2020-14034
- RESERVED
-CVE-2020-14033
- RESERVED
+CVE-2020-14034 (An issue was discovered in janus-gateway (aka Janus WebRTC
Server) thr ...)
+ TODO: check
+CVE-2020-14033 (An issue was discovered in janus-gateway (aka Janus WebRTC
Server) thr ...)
+ TODO: check
CVE-2020-14032
RESERVED
CVE-2020-14031
@@ -205,8 +351,8 @@ CVE-2020-14013
RESERVED
CVE-2020-14012 (scp/categories.php in osTicket 1.14.2 allows XSS via a
Knowledgebase C ...)
NOT-FOR-US: osTicket
-CVE-2020-14011
- RESERVED
+CVE-2020-14011 (Lansweeper 6.0.x through 7.2.x has a default installation in
which the ...)
+ TODO: check
CVE-2020-14010 (The Laborator Xenon theme 1.3 for WordPress allows Reflected
XSS via t ...)
NOT-FOR-US: Laborator Xenon theme for WordPress
CVE-2020-14009
@@ -233,8 +379,8 @@ CVE-2020-14001
RESERVED
CVE-2020-14000
RESERVED
-CVE-2020-13999
- RESERVED
+CVE-2020-13999 (ScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234
Metafile Libr ...)
+ TODO: check
CVE-2020-13998 (** VERSION NOT SUPPORTED WHEN ASSIGNED ** Citrix XenApp 6.5,
when 2FA ...)
NOT-FOR-US: Citrix
CVE-2020-13997
@@ -827,7 +973,7 @@ CVE-2020-13776 (systemd through v245 mishandles numerical
usernames such as ones
- systemd <unfixed> (unimportant)
NOTE: https://github.com/systemd/systemd/issues/15985
NOTE: Issue exists due to an incomplete fix for CVE-2017-1000082.
-CVE-2020-13775 (ZNC 1.8.0 up to 1.8.1-rc1 allows attackers to trigger an
application c ...)
+CVE-2020-13775 (ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to
trigger an app ...)
- znc 1.8.1-1 (bug #962105)
[buster] - znc <not-affected> (Vulnerable code introduced later)
[stretch] - znc <not-affected> (Vulnerable code introduced later)
@@ -1109,12 +1255,12 @@ CVE-2020-13654
RESERVED
CVE-2020-13653
RESERVED
-CVE-2020-13652
- RESERVED
-CVE-2020-13651
- RESERVED
-CVE-2020-13650
- RESERVED
+CVE-2020-13652 (An issue was discovered in DigDash 2018R2 before p20200528,
2019R1 bef ...)
+ TODO: check
+CVE-2020-13651 (An issue was discovered in DigDash 2018R2 before p20200528,
2019R1 bef ...)
+ TODO: check
+CVE-2020-13650 (An issue was discovered in DigDash 2018R2 before p20200210 and
2019R1 ...)
+ TODO: check
CVE-2020-13649 (parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors
during c ...)
NOT-FOR-US: JerryScript
CVE-2020-13648
@@ -2240,8 +2386,8 @@ CVE-2020-13152 (A remote user can create a specially
crafted M3U file, media pla
NOTE: Elevated resource usage in client application, no security impact
CVE-2020-13151
RESERVED
-CVE-2020-13150
- RESERVED
+CVE-2020-13150 (D-link DSL-2750U ISL2750UEME3.V1E devices allow approximately
90 secon ...)
+ TODO: check
CVE-2020-13149 (Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center"
folder in Dr ...)
NOT-FOR-US: Dragon Center
CVE-2020-13148
@@ -5012,8 +5158,8 @@ CVE-2020-12021
RESERVED
CVE-2020-12020
RESERVED
-CVE-2020-12019
- RESERVED
+CVE-2020-12019 (WebAccess Node Version 8.4.4 and prior is vulnerable to a
stack-based ...)
+ TODO: check
CVE-2020-12018 (Advantech WebAccess Node, Version 8.4.4 and prior, Version
9.0.0. An o ...)
NOT-FOR-US: Advantech WebAccess Node
CVE-2020-12017 (GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434,
all firmw ...)
@@ -5112,8 +5258,8 @@ CVE-2020-11971 (Apache Camel's JMX is vulnerable to
Rebind Flaw. Apache Camel 2.
NOT-FOR-US: Apache Camel
CVE-2020-11970
REJECTED
-CVE-2020-11969
- RESERVED
+CVE-2020-11969 (If Apache TomEE is configured to use the embedded ActiveMQ
broker, and ...)
+ TODO: check
CVE-2020-11968 (In the web-panel in IQrouter through 3.3.1, remote attackers
can read ...)
NOT-FOR-US: IQrouter
CVE-2020-11967 (In IQrouter through 3.3.1, remote attackers can control the
device (re ...)
@@ -12753,10 +12899,10 @@ CVE-2020-9433 (openssl_x509_check_email in
lua-openssl 0.7.7-1 mishandles X.509
NOT-FOR-US: lua-openssl (different from lua-luaossl)
CVE-2020-9432 (openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509
certif ...)
NOT-FOR-US: lua-openssl (different from lua-luaossl)
-CVE-2020-9427
- RESERVED
-CVE-2020-9426
- RESERVED
+CVE-2020-9427 (OX Guard 2.10.3 and earlier allows SSRF. ...)
+ TODO: check
+CVE-2020-9426 (OX Guard 2.10.3 and earlier allows XSS. ...)
+ TODO: check
CVE-2020-9425 (An issue was discovered in includes/head.inc.php in rConfig
before 3.9 ...)
NOT-FOR-US: rConfig
CVE-2020-9424
@@ -13614,10 +13760,10 @@ CVE-2020-9078
RESERVED
CVE-2020-9077
RESERVED
-CVE-2020-9076
- RESERVED
-CVE-2020-9075
- RESERVED
+CVE-2020-9076 (HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions
earlier ...)
+ TODO: check
+CVE-2020-9075 (Huawei products Secospace USG6300;USG6300E with versions of
V500R001C3 ...)
+ TODO: check
CVE-2020-9074 (Huawei Smartphones HONOR 20 PRO;Honor View 20;HONOR 20 have an
imprope ...)
NOT-FOR-US: Huawei
CVE-2020-9073 (Huawei P20 smartphones with versions earlier than
10.0.0.156(C00E156R1 ...)
@@ -14576,11 +14722,9 @@ CVE-2020-8677
RESERVED
CVE-2020-8676
RESERVED
-CVE-2020-8675
- RESERVED
+CVE-2020-8675 (Insufficient control flow management in firmware build and
signing too ...)
NOT-FOR-US: Intel
-CVE-2020-8674
- RESERVED
+CVE-2020-8674 (Out-of-bounds read in DHCPv6 subsystem in Intel(R) AMT and
Intel(R)ISM ...)
NOT-FOR-US: Intel
CVE-2020-8673
RESERVED
@@ -24747,8 +24891,8 @@ CVE-2020-4496
RESERVED
CVE-2020-4495
RESERVED
-CVE-2020-4494
- RESERVED
+CVE-2020-4494 (IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and
Windows ...)
+ TODO: check
CVE-2020-4493
RESERVED
CVE-2020-4492
@@ -24781,8 +24925,8 @@ CVE-2020-4479
RESERVED
CVE-2020-4478
RESERVED
-CVE-2020-4477
- RESERVED
+CVE-2020-4477 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 discloses
highly sensi ...)
+ TODO: check
CVE-2020-4476
RESERVED
CVE-2020-4475
@@ -24793,12 +24937,12 @@ CVE-2020-4473
RESERVED
CVE-2020-4472
RESERVED
-CVE-2020-4471
- RESERVED
-CVE-2020-4470
- RESERVED
-CVE-2020-4469
- RESERVED
+CVE-2020-4471 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an
unauthe ...)
+ TODO: check
+CVE-2020-4470 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 Administrative
Console ...)
+ TODO: check
+CVE-2020-4469 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a
remote a ...)
+ TODO: check
CVE-2020-4468 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote
attacke ...)
NOT-FOR-US: IBM
CVE-2020-4467 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote
attacke ...)
@@ -24923,8 +25067,8 @@ CVE-2020-4408
RESERVED
CVE-2020-4407
RESERVED
-CVE-2020-4406
- RESERVED
+CVE-2020-4406 (IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and
Windows ...)
+ TODO: check
CVE-2020-4405
RESERVED
CVE-2020-4404
@@ -25303,8 +25447,8 @@ CVE-2020-4218
RESERVED
CVE-2020-4217 (The IBM Spectrum Scale 4.2 and 5.0 file system component is
affected b ...)
NOT-FOR-US: IBM
-CVE-2020-4216
- RESERVED
+CVE-2020-4216 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains
hard-coded cr ...)
+ TODO: check
CVE-2020-4215
RESERVED
CVE-2020-4214 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a
remote a ...)
@@ -25803,8 +25947,8 @@ CVE-2020-3963
RESERVED
CVE-2020-3962
RESERVED
-CVE-2020-3961
- RESERVED
+CVE-2020-3961 (VMware Horizon Client for Windows (prior to 5.4.3) contains a
privileg ...)
+ TODO: check
CVE-2020-3960
RESERVED
CVE-2020-3959 (VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before
ESXi650-20 ...)
@@ -32382,8 +32526,8 @@ CVE-2020-1827 (Huawei NIP6800 versions V500R001C30,
V500R001C60SPC500, and V500R
NOT-FOR-US: Huawei
CVE-2020-1826 (Huawei Honor Magic2 mobile phones with versions earlier than
10.0.0.17 ...)
NOT-FOR-US: Huawei
-CVE-2020-1825
- RESERVED
+CVE-2020-1825 (Huawei FusionAccess products with versions earlier than
6.5.1.SPC002 h ...)
+ TODO: check
CVE-2020-1824
RESERVED
CVE-2020-1823
@@ -32406,8 +32550,8 @@ CVE-2020-1815 (Huawei NIP6800 versions V500R001C30,
V500R001C60SPC500, and V500R
NOT-FOR-US: Huawei
CVE-2020-1814 (Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and
V500R005C0 ...)
NOT-FOR-US: Huawei
-CVE-2020-1813
- RESERVED
+CVE-2020-1813 (HUAWEI P30 smart phone with versions earlier than
10.1.0.135(C00E135R2 ...)
+ TODO: check
CVE-2020-1812 (HUAWEI P30 smartphones with versions earlier than
10.0.0.173(C00E73R1P ...)
NOT-FOR-US: Huawei
CVE-2020-1811 (GaussDB 200 with version of 6.5.1 have a command injection
vulnerabili ...)
@@ -33769,14 +33913,14 @@ CVE-2019-19114
RESERVED
CVE-2019-19113 (main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall
(aka Ne ...)
NOT-FOR-US: newbee-mall
-CVE-2019-19112
- RESERVED
-CVE-2019-19111
- RESERVED
-CVE-2019-19110
- RESERVED
-CVE-2019-19109
- RESERVED
+CVE-2019-19112 (The wpForo plugin 1.6.5 for WordPress allows XSS involving the
wpf-dw- ...)
+ TODO: check
+CVE-2019-19111 (The wpForo plugin 1.6.5 for WordPress allows XSS via the
wp-admin/admi ...)
+ TODO: check
+CVE-2019-19110 (The wpForo plugin 1.6.5 for WordPress allows XSS via the
wp-admin/admi ...)
+ TODO: check
+CVE-2019-19109 (The wpForo plugin 1.6.5 for WordPress allows
wp-admin/admin.php?page=w ...)
+ TODO: check
CVE-2019-19108 (An authentication weakness in the SNMP service in B&R
Automation R ...)
NOT-FOR-US: B&R Automation Runtime
CVE-2019-19107 (The Configuration pages in ABB Telephone Gateway TG/S 3.2 and
Busch-Ja ...)
@@ -37420,17 +37564,13 @@ CVE-2020-0599
RESERVED
CVE-2020-0598 (Uncontrolled search path in the installer for the Intel(R)
Binary Conf ...)
NOT-FOR-US: Intel
-CVE-2020-0597
- RESERVED
+CVE-2020-0597 (Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and
Intel(R) ISM ...)
NOT-FOR-US: Intel
-CVE-2020-0596
- RESERVED
+CVE-2020-0596 (Improper input validation in DHCPv6 subsystem in Intel(R) AMT
and Inte ...)
NOT-FOR-US: Intel
-CVE-2020-0595
- RESERVED
+CVE-2020-0595 (Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R)
ISM vers ...)
NOT-FOR-US: Intel
-CVE-2020-0594
- RESERVED
+CVE-2020-0594 (Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and
Intel(R) ISM ...)
NOT-FOR-US: Intel
CVE-2020-0593
RESERVED
@@ -37446,8 +37586,7 @@ CVE-2020-0588
RESERVED
CVE-2020-0587
RESERVED
-CVE-2020-0586
- RESERVED
+CVE-2020-0586 (Improper initialization in subsystem for Intel(R) SPS versions
before ...)
NOT-FOR-US: Intel
CVE-2020-0585
RESERVED
@@ -37498,8 +37637,7 @@ CVE-2020-0568 (Race condition in the Intel(R) Driver
and Support Assistant befor
NOT-FOR-US: Intel
CVE-2020-0567 (Improper input validation in Intel(R) Graphics Drivers before
version ...)
NOT-FOR-US: Intel graphics driver for Windows
-CVE-2020-0566
- RESERVED
+CVE-2020-0566 (Improper Access Control in subsystem for Intel(R) TXE versions
before ...)
NOT-FOR-US: Intel
CVE-2020-0565 (Uncontrolled search path in Intel(R) Graphics Drivers before
version 2 ...)
NOT-FOR-US: Intel graphics driver for Windows
@@ -37568,64 +37706,48 @@ CVE-2020-0547 (Incorrect default permissions in the
installer for Intel(R) Data
NOT-FOR-US: Intel
CVE-2020-0546 (Unquoted service path in Intel(R) Optane(TM) DC Persistent
Memory Modu ...)
NOT-FOR-US: Intel
-CVE-2020-0545
- RESERVED
+CVE-2020-0545 (Integer overflow in subsystem for Intel(R) CSME versions before
11.8.7 ...)
NOT-FOR-US: Intel
CVE-2020-0544
RESERVED
-CVE-2020-0543 [Special Register Buffer Data Sampling]
- RESERVED
+CVE-2020-0543 (Incomplete cleanup from specific special register read
operations in s ...)
{DSA-4701-1 DSA-4699-1 DSA-4698-1 DLA-2248-1 DLA-2242-1 DLA-2241-1}
- intel-microcode 3.20200609.1
- linux 5.6.14-2
NOTE: https://www.vusec.net/projects/crosstalk/
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html
NOTE:
https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling
-CVE-2020-0542
- RESERVED
+CVE-2020-0542 (Improper buffer restrictions in subsystem for Intel(R) CSME
versions b ...)
NOT-FOR-US: Intel
-CVE-2020-0541
- RESERVED
+CVE-2020-0541 (Out-of-bounds write in subsystem for Intel(R) CSME versions
before 12. ...)
NOT-FOR-US: Intel
-CVE-2020-0540
- RESERVED
+CVE-2020-0540 (Insufficiently protected credentials in Intel(R) AMT versions
before 1 ...)
NOT-FOR-US: Intel
-CVE-2020-0539
- RESERVED
+CVE-2020-0539 (Path traversal in subsystem for Intel(R) DAL software for
Intel(R) CSM ...)
NOT-FOR-US: Intel
-CVE-2020-0538
- RESERVED
+CVE-2020-0538 (Improper input validation in subsystem for Intel(R) AMT
versions befor ...)
NOT-FOR-US: Intel
-CVE-2020-0537
- RESERVED
+CVE-2020-0537 (Improper input validation in subsystem for Intel(R) AMT
versions befor ...)
NOT-FOR-US: Intel
-CVE-2020-0536
- RESERVED
+CVE-2020-0536 (Improper input validation in the DAL subsystem for Intel(R)
CSME versi ...)
NOT-FOR-US: Intel
-CVE-2020-0535
- RESERVED
+CVE-2020-0535 (Improper input validation in Intel(R) AMT versions before
11.8.76, 11. ...)
NOT-FOR-US: Intel
-CVE-2020-0534
- RESERVED
-CVE-2020-0533
- RESERVED
+CVE-2020-0534 (Improper input validation in the DAL subsystem for Intel(R)
CSME versi ...)
+ TODO: check
+CVE-2020-0533 (Reversible one-way hash in Intel(R) CSME versions before
11.8.76, 11.1 ...)
NOT-FOR-US: Intel
-CVE-2020-0532
- RESERVED
+CVE-2020-0532 (Improper input validation in subsystem for Intel(R) AMT
versions befor ...)
NOT-FOR-US: Intel
-CVE-2020-0531
- RESERVED
+CVE-2020-0531 (Improper input validation in Intel(R) AMT versions before
11.8.77, 11. ...)
NOT-FOR-US: Intel
CVE-2020-0530 (Improper buffer restrictions in firmware for Intel(R) NUC may
allow an ...)
NOT-FOR-US: Intel
-CVE-2020-0529
- RESERVED
+CVE-2020-0529 (Improper initialization in BIOS firmware for 8th, 9th and 10th
Generat ...)
NOT-FOR-US: Intel
-CVE-2020-0528
- RESERVED
+CVE-2020-0528 (Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th
and 10 ...)
NOT-FOR-US: Intel
-CVE-2020-0527
- RESERVED
+CVE-2020-0527 (Insufficient control flow management in firmware for some
Intel(R) Dat ...)
NOT-FOR-US: Intel
CVE-2020-0526 (Improper input validation in firmware for Intel(R) NUC may
allow a pri ...)
NOT-FOR-US: Intel
@@ -100128,8 +100250,7 @@ CVE-2018-16849 (A flaw was found in
openstack-mistral. By manipulating the SSH p
- mistral 7.0.0-2 (low; bug #912714)
[stretch] - mistral 3.0.0-4+deb9u1
NOTE: https://bugs.launchpad.net/mistral/+bug/1783708
-CVE-2018-16848
- RESERVED
+CVE-2018-16848 (A Denial of Service (DoS) condition is possible in OpenStack
Mistral i ...)
- mistral <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1645332
CVE-2018-16847 (An OOB heap buffer r/w access issue was found in the NVM
Express Contr ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab8f7334307df4f7dae0de2ce240f4c16f75b362
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab8f7334307df4f7dae0de2ce240f4c16f75b362
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
