Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 79f18597 by security tracker role at 2020-06-26T08:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,13 @@ +CVE-2020-15306 (An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount a ...) + TODO: check +CVE-2020-15305 (An issue was discovered in OpenEXR before 2.5.2. Invalid input could c ...) + TODO: check +CVE-2020-15304 (An issue was discovered in OpenEXR before 2.5.2. An invalid tiled inpu ...) + TODO: check +CVE-2020-15303 + RESERVED +CVE-2020-15302 (In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A0397 ...) + TODO: check CVE-2020-15301 RESERVED CVE-2020-15300 @@ -793,6 +803,7 @@ CVE-2019-20892 (net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStat CVE-2019-20891 (WooCommerce before 3.6.5, when it handles CSV imports of products, has ...) NOT-FOR-US: WooCommerce CVE-2020-14929 (Alpine before 2.23 silently proceeds to use an insecure connection aft ...) + {DLA-2254-1} - alpine 2.23+dfsg1-1 (bug #963179) NOTE: http://mailman13.u.washington.edu/pipermail/alpine-info/2020-June/008989.html NOTE: https://repo.or.cz/alpine.git/commitdiff/000edd9036b6aea5e6a06900ecd6c58faec665ab @@ -15202,36 +15213,36 @@ CVE-2020-9668 RESERVED CVE-2020-9667 RESERVED -CVE-2020-9666 - RESERVED +CVE-2020-9666 (Adobe Campaign Classic before 20.2 have an out-of-bounds read vulnerab ...) + TODO: check CVE-2020-9665 RESERVED CVE-2020-9664 RESERVED CVE-2020-9663 RESERVED -CVE-2020-9662 - RESERVED -CVE-2020-9661 - RESERVED -CVE-2020-9660 - RESERVED -CVE-2020-9659 - RESERVED -CVE-2020-9658 - RESERVED -CVE-2020-9657 - RESERVED -CVE-2020-9656 - RESERVED -CVE-2020-9655 - RESERVED -CVE-2020-9654 - RESERVED -CVE-2020-9653 - RESERVED -CVE-2020-9652 - RESERVED +CVE-2020-9662 (Adobe After Effects versions 17.1 and earlier have an out-of-bounds wr ...) + TODO: check +CVE-2020-9661 (Adobe After Effects versions 17.1 and earlier have an out-of-bounds re ...) + TODO: check +CVE-2020-9660 (Adobe After Effects versions 17.1 and earlier have an out-of-bounds wr ...) + TODO: check +CVE-2020-9659 (Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write ...) + TODO: check +CVE-2020-9658 (Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write ...) + TODO: check +CVE-2020-9657 (Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds ...) + TODO: check +CVE-2020-9656 (Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds ...) + TODO: check +CVE-2020-9655 (Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds ...) + TODO: check +CVE-2020-9654 (Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds wri ...) + TODO: check +CVE-2020-9653 (Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds wri ...) + TODO: check +CVE-2020-9652 (Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds rea ...) + TODO: check CVE-2020-9651 (Adobe Experience Manager versions 6.5 and earlier have a cross-site sc ...) NOT-FOR-US: Adobe CVE-2020-9650 @@ -15250,18 +15261,18 @@ CVE-2020-9644 (Adobe Experience Manager versions 6.5 and earlier have a cross-si NOT-FOR-US: Adobe CVE-2020-9643 (Adobe Experience Manager versions 6.5 and earlier have a server-side r ...) NOT-FOR-US: Adobe -CVE-2020-9642 - RESERVED -CVE-2020-9641 - RESERVED -CVE-2020-9640 - RESERVED -CVE-2020-9639 - RESERVED -CVE-2020-9638 - RESERVED -CVE-2020-9637 - RESERVED +CVE-2020-9642 (Adobe Illustrator versions 24.1.2 and earlier have a buffer errors vul ...) + TODO: check +CVE-2020-9641 (Adobe Illustrator versions 24.1.2 and earlier have a memory corruption ...) + TODO: check +CVE-2020-9640 (Adobe Illustrator versions 24.1.2 and earlier have a memory corruption ...) + TODO: check +CVE-2020-9639 (Adobe Illustrator versions 24.1.2 and earlier have a memory corruption ...) + TODO: check +CVE-2020-9638 (Adobe After Effects versions 17.1 and earlier have a heap overflow vul ...) + TODO: check +CVE-2020-9637 (Adobe After Effects versions 17.1 and earlier have a heap overflow vul ...) + TODO: check CVE-2020-9636 (Adobe Framemaker versions 2019.0.5 and below have a memory corruption ...) NOT-FOR-US: Adobe CVE-2020-9635 (Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds wri ...) @@ -15298,60 +15309,60 @@ CVE-2020-9620 RESERVED CVE-2020-9619 RESERVED -CVE-2020-9618 - RESERVED +CVE-2020-9618 (Adobe Audition versions 13.0.5 and earlier have an out-of-bounds read ...) + TODO: check CVE-2020-9617 RESERVED CVE-2020-9616 RESERVED -CVE-2020-9615 - RESERVED -CVE-2020-9614 - RESERVED -CVE-2020-9613 - RESERVED -CVE-2020-9612 - RESERVED -CVE-2020-9611 - RESERVED -CVE-2020-9610 - RESERVED -CVE-2020-9609 - RESERVED -CVE-2020-9608 - RESERVED -CVE-2020-9607 - RESERVED -CVE-2020-9606 - RESERVED -CVE-2020-9605 - RESERVED -CVE-2020-9604 - RESERVED -CVE-2020-9603 - RESERVED -CVE-2020-9602 - RESERVED -CVE-2020-9601 - RESERVED -CVE-2020-9600 - RESERVED -CVE-2020-9599 - RESERVED -CVE-2020-9598 - RESERVED -CVE-2020-9597 - RESERVED -CVE-2020-9596 - RESERVED -CVE-2020-9595 - RESERVED -CVE-2020-9594 - RESERVED -CVE-2020-9593 - RESERVED -CVE-2020-9592 - RESERVED +CVE-2020-9615 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9614 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9613 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9612 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9611 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9610 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9609 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9608 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9607 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9606 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9605 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9604 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9603 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9602 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9601 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9600 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9599 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9598 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9597 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9596 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9595 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9594 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9593 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check +CVE-2020-9592 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...) + TODO: check CVE-2020-9591 RESERVED CVE-2020-9590 @@ -15384,8 +15395,8 @@ CVE-2020-9577 RESERVED CVE-2020-9576 RESERVED -CVE-2020-9575 - RESERVED +CVE-2020-9575 (Adobe Illustrator versions 24.1.2 and earlier have a memory corruption ...) + TODO: check CVE-2020-9574 RESERVED CVE-2020-9573 @@ -15727,8 +15738,8 @@ CVE-2020-9439 RESERVED CVE-2020-9438 (Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a d ...) NOT-FOR-US: Tinxy Door Lock -CVE-2020-9437 - RESERVED +CVE-2020-9437 (SecureAuth.aspx in SecureAuth IdP 9.3.0 suffers from a client-side tem ...) + TODO: check CVE-2020-9436 (PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G ...) NOT-FOR-US: PHOENIX CVE-2020-9435 (PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G ...) @@ -24148,10 +24159,10 @@ CVE-2020-5969 RESERVED CVE-2020-5968 RESERVED -CVE-2020-5967 - RESERVED -CVE-2020-5966 - RESERVED +CVE-2020-5967 (NVIDIA Linux GPU Display Driver, all versions, contains a vulnerabilit ...) + TODO: check +CVE-2020-5966 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...) + TODO: check CVE-2020-5965 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...) NOT-FOR-US: NVIDIA Windows GPU Display Driver CVE-2020-5964 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...) @@ -28617,8 +28628,8 @@ CVE-2020-4074 RESERVED CVE-2020-4073 RESERVED -CVE-2020-4072 - RESERVED +CVE-2020-4072 (In generator-jhipster-kotlin version 1.6.0 log entries are created for ...) + TODO: check CVE-2020-4071 (In django-basic-auth-ip-whitelist before 0.3.4, a potential timing att ...) TODO: check CVE-2020-4070 (In CSS Validator less than or equal to commit 54d68a1, there is a cros ...) @@ -33571,13 +33582,13 @@ CVE-2019-19615 (Multiple XSS vulnerabilities exist in the Backup & Restore m NOT-FOR-US: FreePBX CVE-2019-19614 (An issue was discovered in Halvotec RAQuest 10.23.10801.0. The login p ...) NOT-FOR-US: Halvotec RAQuest -CVE-2019-19613 (** DISPUTED ** An issue was discovered in Halvotec RaQuest 10.23.10801 ...) +CVE-2019-19613 (An issue was discovered in Halvotec RaQuest 10.23.10801.0. The login p ...) NOT-FOR-US: Halvotec RaQuest -CVE-2019-19612 (** DISPUTED ** An issue was discovered in Halvotec RaQuest 10.23.10801 ...) +CVE-2019-19612 (An issue was discovered in Halvotec RaQuest 10.23.10801.0. Several fea ...) NOT-FOR-US: Halvotec RaQuest CVE-2019-19611 (An issue was discovered in Halvotec RaQuest 10.23.10801.0. One of the ...) NOT-FOR-US: Halvotec RaQuest -CVE-2019-19610 (** DISPUTED ** An issue was discovered in Halvotec RaQuest 10.23.10801 ...) +CVE-2019-19610 (An issue was discovered in Halvotec RaQuest 10.23.10801.0. It allows s ...) NOT-FOR-US: Halvotec RaQuest CVE-2019-19609 (The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Co ...) NOT-FOR-US: Strapi @@ -35209,10 +35220,10 @@ CVE-2019-19508 RESERVED CVE-2019-19507 (In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can ...) NOT-FOR-US: Json Pattern Validator -CVE-2019-19506 - RESERVED -CVE-2019-19505 - RESERVED +CVE-2019-19506 (Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial ...) + TODO: check +CVE-2019-19505 (Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-b ...) + TODO: check CVE-2019-19504 RESERVED CVE-2019-19503 @@ -47984,8 +47995,8 @@ CVE-2019-16215 (The Markdown parser in Zulip server before 2.0.5 used a regular - zulip-server <itp> (bug #800052) CVE-2019-16214 (Libra Core before 2019-09-03 has an erroneous regular expression for i ...) NOT-FOR-US: Libra -CVE-2019-16213 - RESERVED +CVE-2019-16213 (Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authe ...) + TODO: check CVE-2019-16212 RESERVED CVE-2019-16211 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79f18597b25738f20c25cffa93c023e4d61c78e2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79f18597b25738f20c25cffa93c023e4d61c78e2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits