Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ed7480c3 by security tracker role at 2020-06-24T20:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,55 @@ +CVE-2020-15027 + RESERVED +CVE-2020-15026 (Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ ...) + TODO: check +CVE-2020-15025 (ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remo ...) + TODO: check +CVE-2020-15024 + RESERVED +CVE-2020-15023 + RESERVED +CVE-2020-15022 + RESERVED +CVE-2020-15021 + RESERVED +CVE-2020-15020 + RESERVED +CVE-2020-15019 + RESERVED +CVE-2020-15018 (playSMS through 1.4.3 is vulnerable to session fixation. ...) + TODO: check +CVE-2020-15017 + RESERVED +CVE-2020-15016 + RESERVED +CVE-2020-15015 (The FileExplorer component in GleamTech FileUltimate 6.1.5.0 allows XS ...) + TODO: check +CVE-2020-15014 (pramodmahato BlogCMS through 2019-12-31 has admin/changepass.php CSRF. ...) + TODO: check +CVE-2020-15013 + RESERVED +CVE-2020-15012 + RESERVED +CVE-2020-15011 (GNU Mailman before 2.1.33 allows arbitrary content injection via the C ...) + TODO: check +CVE-2020-15010 + RESERVED +CVE-2020-15009 + RESERVED +CVE-2020-15008 + RESERVED +CVE-2020-15007 (A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ...) + TODO: check +CVE-2020-15006 (Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document ...) + TODO: check +CVE-2020-15005 + RESERVED +CVE-2020-15004 + RESERVED +CVE-2020-15003 + RESERVED +CVE-2020-15002 + RESERVED CVE-2020-15001 RESERVED CVE-2020-15000 @@ -1074,10 +1126,10 @@ CVE-2020-14475 (A reflected cross-site scripting (XSS) vulnerability in Dolibarr NOTE: https://github.com/Dolibarr/dolibarr/commit/22ca5e067189bffe8066df26df923a386f044c08 CVE-2020-14474 RESERVED -CVE-2020-14473 - RESERVED -CVE-2020-14472 - RESERVED +CVE-2020-14473 (Stack-based buffer overflow vulnerability in Vigor3900, Vigor2960, and ...) + TODO: check +CVE-2020-14472 (DrayTek Vigor3900, Vigor2960, and Vigor300B with firmware before 1.5.1 ...) + TODO: check CVE-2020-14471 RESERVED CVE-2020-14470 (In Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2, an authent ...) @@ -2213,10 +2265,10 @@ CVE-2020-14097 RESERVED CVE-2020-14096 RESERVED -CVE-2020-14095 - RESERVED -CVE-2020-14094 - RESERVED +CVE-2020-14095 (In Xiaomi router R3600, ROM version<1.0.20, a connect service suffe ...) + TODO: check +CVE-2020-14094 (In Xiaomi router R3600, ROM version<1.0.20, the connection service ...) + TODO: check CVE-2019-20838 (libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT w ...) - pcre3 <unfixed> (unimportant) NOTE: Fixed by: https://vcs.pcre.org/pcre?view=revision&revision=1740 (8.43) @@ -2444,16 +2496,16 @@ CVE-2020-14020 CVE-2020-14019 (Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/targ ...) - python-rtslib-fb <unfixed> NOTE: https://github.com/open-iscsi/rtslib-fb/pull/162 -CVE-2020-14018 - RESERVED -CVE-2020-14017 - RESERVED -CVE-2020-14016 - RESERVED -CVE-2020-14015 - RESERVED -CVE-2020-14014 - RESERVED +CVE-2020-14018 (An issue was discovered in Navigate CMS 2.9 r1433. There is a stored X ...) + TODO: check +CVE-2020-14017 (An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well a ...) + TODO: check +CVE-2020-14016 (An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password ...) + TODO: check +CVE-2020-14015 (An issue was discovered in Navigate CMS 2.9 r1433. When performing a p ...) + TODO: check +CVE-2020-14014 (An issue was discovered in Navigate CMS 2.9 r1433. The query parameter ...) + TODO: check CVE-2020-14013 RESERVED CVE-2020-14012 (scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase C ...) @@ -2466,12 +2518,12 @@ CVE-2020-14009 RESERVED CVE-2020-14008 RESERVED -CVE-2020-14007 - RESERVED -CVE-2020-14006 - RESERVED -CVE-2020-14005 - RESERVED +CVE-2020-14007 (Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF ...) + TODO: check +CVE-2020-14006 (Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF ...) + TODO: check +CVE-2020-14005 (Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF ...) + TODO: check CVE-2020-14004 (An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dir ...) - icinga2 <unfixed> [jessie] - icinga2 <not-affected> (prepare-dirs script not shipped) @@ -3273,8 +3325,8 @@ CVE-2020-13702 (** DISPUTED ** The Rolling Proximity Identifier used in the Appl NOT-FOR-US: Apple/Google Exposure Notification API CVE-2020-13701 RESERVED -CVE-2020-13700 - RESERVED +CVE-2020-13700 (An issue was discovered in the acf-to-rest-api plugin through 3.1.0 fo ...) + TODO: check CVE-2020-13699 RESERVED CVE-2020-13698 @@ -3769,10 +3821,10 @@ CVE-2020-13486 (The Knock Knock plugin before 1.2.8 for Craft CMS allows malicio NOT-FOR-US: Craft CMS plugin CVE-2020-13485 (The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist ...) NOT-FOR-US: Craft CMS plugin -CVE-2020-13484 - RESERVED -CVE-2020-13483 - RESERVED +CVE-2020-13484 (Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in th ...) + TODO: check +CVE-2020-13483 (The Web Application Firewall in Bitrix24 through 20.0.0 allows XSS via ...) + TODO: check CVE-2020-13482 (EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way ...) NOT-FOR-US: EM-HTTP-Request CVE-2020-13481 @@ -3851,8 +3903,8 @@ CVE-2020-13445 (In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pa NOT-FOR-US: Liferay CVE-2020-13444 (Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 9 ...) NOT-FOR-US: Liferay -CVE-2020-13443 - RESERVED +CVE-2020-13443 (ExpressionEngine before 5.3.2 allows remote attackers to upload and ex ...) + TODO: check CVE-2020-13442 (A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 t ...) NOT-FOR-US: DEXT5 CVE-2020-13441 @@ -4314,8 +4366,8 @@ CVE-2020-13249 (libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 doe - mariadb-10.1 <not-affected> (Vulnerable code introduced later) NOTE: Fixed by: https://github.com/mariadb-corporation/mariadb-connector-c/commit/2759b87d72926b7c9b5426437a7c8dd15ff57945 (v3.1.8) NOTE: Introduced around: https://github.com/mariadb-corporation/mariadb-connector-c/commit/b4efe73c9e725f97b3550371f8a78a10a20bf2fd (v3.0-cc-server-integ-0) -CVE-2020-13248 - RESERVED +CVE-2020-13248 (BooleBox Secure File Sharing Utility (potentially all versions) allows ...) + TODO: check CVE-2020-13247 RESERVED CVE-2020-13246 (An issue was discovered in Gitea through 1.11.5. An attacker can trigg ...) @@ -5130,55 +5182,49 @@ CVE-2020-12869 RESERVED CVE-2020-12868 RESERVED -CVE-2020-12867 (A NULL pointer dereference in sanei_epson_net_read in SANE Backends th ...) +CVE-2020-12867 (A NULL pointer dereference in sanei_epson_net_read in SANE Backends be ...) {DLA-2231-1} [experimental] - sane-backends 1.0.30-1~experimental1 - sane-backends <unfixed> (bug #961302) NOTE: https://gitlab.com/sane-project/backends/-/issues/279 NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-1-ghsl-2020-075-null-pointer-dereference-in-sanei_epson_net_read NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html -CVE-2020-12866 - RESERVED +CVE-2020-12866 (A NULL pointer dereference in SANE Backends before 1.0.30 allows a mal ...) [experimental] - sane-backends 1.0.30-1~experimental1 - sane-backends <unfixed> (bug #961302) [jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25) NOTE: https://gitlab.com/sane-project/backends/-/issues/279 NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-2-ghsl-2020-079-null-pointer-dereference-in-epsonds_net_read NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html -CVE-2020-12865 - RESERVED +CVE-2020-12865 (A heap buffer overflow in SANE Backends before 1.0.30 may allow a mali ...) [experimental] - sane-backends 1.0.30-1~experimental1 - sane-backends <unfixed> (bug #961302) [jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25) NOTE: https://gitlab.com/sane-project/backends/-/issues/279 NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-9-ghsl-2020-084-buffer-overflow-in-esci2_img NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html -CVE-2020-12864 - RESERVED +CVE-2020-12864 (An out-of-bounds read in SANE Backends before 1.0.30 may allow a malic ...) [experimental] - sane-backends 1.0.30-1~experimental1 - sane-backends <unfixed> (bug #961302) [jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25) NOTE: https://gitlab.com/sane-project/backends/-/issues/279 NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-4-ghsl-2020-081-reading-uninitialized-data-in-epsonds_net_read NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html -CVE-2020-12863 - RESERVED +CVE-2020-12863 (An out-of-bounds read in SANE Backends before 1.0.30 may allow a malic ...) [experimental] - sane-backends 1.0.30-1~experimental1 - sane-backends <unfixed> (bug #961302) [jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25) NOTE: https://gitlab.com/sane-project/backends/-/issues/279 NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-7-ghsl-2020-083-out-of-bounds-read-in-esci2_check_header NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html -CVE-2020-12862 - RESERVED +CVE-2020-12862 (An out-of-bounds read in SANE Backends before 1.0.30 may allow a malic ...) [experimental] - sane-backends 1.0.30-1~experimental1 - sane-backends <unfixed> (bug #961302) [jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25) NOTE: https://gitlab.com/sane-project/backends/-/issues/279 NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-5-ghsl-2020-082-out-of-bounds-read-in-decode_binary NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html -CVE-2020-12861 - RESERVED +CVE-2020-12861 (A heap buffer overflow in SANE Backends before 1.0.30 allows a malicio ...) [experimental] - sane-backends 1.0.30-1~experimental1 - sane-backends <unfixed> (bug #961302) [jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25) @@ -7418,12 +7464,12 @@ CVE-2020-11963 (IQrouter through 3.3.1, when unconfigured, has multiple remote c NOT-FOR-US: IQrouter CVE-2020-11962 RESERVED -CVE-2020-11961 - RESERVED -CVE-2020-11960 - RESERVED -CVE-2020-11959 - RESERVED +CVE-2020-11961 (Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive infor ...) + TODO: check +CVE-2020-11960 (Xiaomi router R3600 ROM before 1.0.50 is affected by a vulnerability w ...) + TODO: check +CVE-2020-11959 (An unsafe configuration of nginx lead to information leak in Xiaomi ro ...) + TODO: check CVE-2020-11958 (re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/sc ...) - re2c <unfixed> (bug #963158) [buster] - re2c <not-affected> (Vulnerability introduced later) @@ -12585,8 +12631,8 @@ CVE-2020-10563 (An issue was discovered in DEVOME GRR before 3.4.1c. frmcontactl NOT-FOR-US: DEVOME GRR CVE-2020-10562 (An issue was discovered in DEVOME GRR before 3.4.1c. admin_edit_room.p ...) NOT-FOR-US: DEVOME GRR -CVE-2020-10561 - RESERVED +CVE-2020-10561 (An issue was discovered on Xiaomi Mi Jia ink-jet printer < 3.4.6_01 ...) + TODO: check CVE-2020-10560 (An issue was discovered in Open Source Social Network (OSSN) through 5 ...) NOT-FOR-US: Open Source Social Network (OSSN) CVE-2020-10559 @@ -14920,8 +14966,8 @@ CVE-2020-9496 RESERVED CVE-2020-9495 (Apache Archiva login service before 2.2.5 is vulnerable to LDAP inject ...) NOT-FOR-US: Apache Archiva -CVE-2020-9494 - RESERVED +CVE-2020-9494 (Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8. ...) + TODO: check CVE-2020-9493 RESERVED CVE-2020-9492 @@ -19356,8 +19402,8 @@ CVE-2020-7669 RESERVED CVE-2020-7668 (The ExtractTo function doesn't securely escape file paths in zip archi ...) TODO: check -CVE-2020-7667 - RESERVED +CVE-2020-7667 (The CPIO extraction functionality doesn't sanitize the paths of the ar ...) + TODO: check CVE-2020-7666 RESERVED CVE-2020-7665 @@ -21180,8 +21226,8 @@ CVE-2020-6872 RESERVED CVE-2020-6871 RESERVED -CVE-2020-6870 - RESERVED +CVE-2020-6870 (The version V12.17.20T115 of ZTE U31R20 product is impacted by a desig ...) + TODO: check CVE-2020-6869 (All versions up to 10.06 of ZTEMarket APK are impacted by an informati ...) TODO: check CVE-2020-6868 (ZTE's PON terminal product is impacted by the access control vulnerabi ...) @@ -27275,8 +27321,8 @@ CVE-2020-4415 (IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack- NOT-FOR-US: IBM CVE-2020-4414 RESERVED -CVE-2020-4413 - RESERVED +CVE-2020-4413 (IBM Security Secret Server 10.7 could allow a remote attacker to obtai ...) + TODO: check CVE-2020-4412 (The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4. ...) NOT-FOR-US: IBM CVE-2020-4411 (The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4. ...) @@ -27417,10 +27463,10 @@ CVE-2020-4344 RESERVED CVE-2020-4343 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacke ...) NOT-FOR-US: IBM -CVE-2020-4342 - RESERVED -CVE-2020-4341 - RESERVED +CVE-2020-4342 (IBM Security Secret Server 10.7 could disclose sensitive information i ...) + TODO: check +CVE-2020-4341 (IBM Security Secret Server 10.7 could allow a remote attacker to obtai ...) + TODO: check CVE-2020-4340 RESERVED CVE-2020-4339 @@ -27447,18 +27493,18 @@ CVE-2020-4329 (IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 1 NOT-FOR-US: IBM CVE-2020-4328 RESERVED -CVE-2020-4327 - RESERVED +CVE-2020-4327 (IBM Security Secret Server 10.7 could allow a remote attacker to obtai ...) + TODO: check CVE-2020-4326 RESERVED CVE-2020-4325 (The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0 ...) NOT-FOR-US: IBM CVE-2020-4324 RESERVED -CVE-2020-4323 - RESERVED -CVE-2020-4322 - RESERVED +CVE-2020-4323 (IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. ...) + TODO: check +CVE-2020-4322 (IBM Security Secret Server 10.7 could allow a remote attacker to hijac ...) + TODO: check CVE-2020-4321 RESERVED CVE-2020-4320 (IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9 ...) @@ -27959,8 +28005,8 @@ CVE-2020-4073 RESERVED CVE-2020-4072 RESERVED -CVE-2020-4071 - RESERVED +CVE-2020-4071 (In django-basic-auth-ip-whitelist before 0.3.4, a potential timing att ...) + TODO: check CVE-2020-4070 (In CSS Validator less than or equal to commit 54d68a1, there is a cros ...) TODO: check CVE-2020-4069 @@ -28173,8 +28219,8 @@ CVE-2020-3971 RESERVED CVE-2020-3970 RESERVED -CVE-2020-3969 - RESERVED +CVE-2020-3969 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-2 ...) + TODO: check CVE-2020-3968 RESERVED CVE-2020-3967 @@ -28187,8 +28233,8 @@ CVE-2020-3964 RESERVED CVE-2020-3963 RESERVED -CVE-2020-3962 - RESERVED +CVE-2020-3962 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-2 ...) + TODO: check CVE-2020-3961 (VMware Horizon Client for Windows (prior to 5.4.3) contains a privileg ...) NOT-FOR-US: VMware CVE-2020-3960 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed7480c3ba12f46c5f6141dc5113251b9aeb26e4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed7480c3ba12f46c5f6141dc5113251b9aeb26e4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits