Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
beacee24 by security tracker role at 2020-07-08T08:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,123 @@
+CVE-2020-15645
+ RESERVED
+CVE-2020-15644
+ RESERVED
+CVE-2020-15643
+ RESERVED
+CVE-2020-15642
+ RESERVED
+CVE-2020-15641
+ RESERVED
+CVE-2020-15640
+ RESERVED
+CVE-2020-15639
+ RESERVED
+CVE-2020-15638
+ RESERVED
+CVE-2020-15637
+ RESERVED
+CVE-2020-15636
+ RESERVED
+CVE-2020-15635
+ RESERVED
+CVE-2020-15634
+ RESERVED
+CVE-2020-15633
+ RESERVED
+CVE-2020-15632
+ RESERVED
+CVE-2020-15631
+ RESERVED
+CVE-2020-15630
+ RESERVED
+CVE-2020-15629
+ RESERVED
+CVE-2020-15628
+ RESERVED
+CVE-2020-15627
+ RESERVED
+CVE-2020-15626
+ RESERVED
+CVE-2020-15625
+ RESERVED
+CVE-2020-15624
+ RESERVED
+CVE-2020-15623
+ RESERVED
+CVE-2020-15622
+ RESERVED
+CVE-2020-15621
+ RESERVED
+CVE-2020-15620
+ RESERVED
+CVE-2020-15619
+ RESERVED
+CVE-2020-15618
+ RESERVED
+CVE-2020-15617
+ RESERVED
+CVE-2020-15616
+ RESERVED
+CVE-2020-15615
+ RESERVED
+CVE-2020-15614
+ RESERVED
+CVE-2020-15613
+ RESERVED
+CVE-2020-15612
+ RESERVED
+CVE-2020-15611
+ RESERVED
+CVE-2020-15610
+ RESERVED
+CVE-2020-15609
+ RESERVED
+CVE-2020-15608
+ RESERVED
+CVE-2020-15607
+ RESERVED
+CVE-2020-15606
+ RESERVED
+CVE-2020-15605
+ RESERVED
+CVE-2020-15604
+ RESERVED
+CVE-2020-15603
+ RESERVED
+CVE-2020-15602
+ RESERVED
+CVE-2020-15601
+ RESERVED
+CVE-2020-15600 (An issue was discovered in CMSUno before 1.6.1. uno.php allows
CSRF to ...)
+ TODO: check
+CVE-2020-15599 (Victor CMS through 2019-02-28 allows XSS via the register.php
user_fir ...)
+ TODO: check
+CVE-2020-15598
+ RESERVED
+CVE-2020-15597
+ RESERVED
+CVE-2020-15596
+ RESERVED
+CVE-2019-20906
+ RESERVED
+CVE-2019-20905
+ RESERVED
+CVE-2019-20904
+ RESERVED
+CVE-2019-20903
+ RESERVED
+CVE-2019-20902
+ RESERVED
+CVE-2019-20901
+ RESERVED
+CVE-2019-20900
+ RESERVED
+CVE-2019-20899
+ RESERVED
+CVE-2019-20898
+ RESERVED
+CVE-2019-20897
+ RESERVED
CVE-2020-XXXX [veyon-configurator tmp handling]
- veyon <unfixed>
[buster] - veyon <no-dsa> (Minor issue)
@@ -124,6 +244,7 @@ CVE-2020-15542 (SolarWinds Serv-U FTP server before 15.2.1
mishandles the CHMOD
CVE-2020-15541 (SolarWinds Serv-U FTP server before 15.2.1 allows remote
command execu ...)
NOT-FOR-US: SolarWinds Serv-U FTP server
CVE-2020-15562 (An issue was discovered in Roundcube Webmail before 1.2.11,
1.3.x befo ...)
+ {DSA-4720-1}
- roundcube 1.4.7+dfsg.1-1 (bug #964355)
[stretch] - roundcube <no-dsa> (Minor issue; will be fixed via point
release)
NOTE: 1.4.x
https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82
@@ -1276,8 +1397,8 @@ CVE-2020-15010
RESERVED
CVE-2020-15009
RESERVED
-CVE-2020-15008
- RESERVED
+CVE-2020-15008 (A SQLi exists in the probe code of all Connectwise Automate
versions b ...)
+ TODO: check
CVE-2020-15007 (A buffer overflow in the M_LoadDefaults function in m_misc.c
in id Tec ...)
- rbdoom3bfg <unfixed> (unimportant)
NOTE:
https://github.com/AXDOOMER/doom-vanille/commit/8a6d9a02fa991a91ff90ccdc73b5ceabaa6cb9ec
@@ -6685,8 +6806,8 @@ CVE-2020-12823 (OpenConnect 8.09 has a buffer overflow,
causing a denial of serv
NOTE: Only triggerable by local certs, which are under the control of
the user
CVE-2020-12822
RESERVED
-CVE-2020-12821
- RESERVED
+CVE-2020-12821 (Gossipsub 1.0 does not properly resist invalid message spam,
such as a ...)
+ TODO: check
CVE-2020-12820
RESERVED
CVE-2020-12819
@@ -6931,8 +7052,8 @@ CVE-2020-12738
RESERVED
CVE-2020-12737 (An issue was discovered in Maxum Rumpus before 8.2.12 on
macOS. Authen ...)
NOT-FOR-US: Maxum Rumpus
-CVE-2020-12736
- RESERVED
+CVE-2020-12736 (Code42 environments with on-premises server versions 7.0.4 and
earlier ...)
+ TODO: check
CVE-2020-12735 (reset.php in DomainMOD 4.13.0 uses insufficient entropy for
password r ...)
NOT-FOR-US: DomainMOD
CVE-2020-12734
@@ -17845,8 +17966,8 @@ CVE-2020-8918
RESERVED
CVE-2020-8917
RESERVED
-CVE-2020-8916
- RESERVED
+CVE-2020-8916 (A memory leak in Openthread's wpantund versions up to commit
0e5d1601f ...)
+ TODO: check
CVE-2020-8915
RESERVED
CVE-2020-8914
@@ -18794,12 +18915,12 @@ CVE-2020-8523
RESERVED
CVE-2020-8522
RESERVED
-CVE-2020-8521
- RESERVED
-CVE-2020-8520
- RESERVED
-CVE-2020-8519
- RESERVED
+CVE-2020-8521 (SQL injection with start and length parameters in Records.php
for phpz ...)
+ TODO: check
+CVE-2020-8520 (SQL injection in order and column parameters in Records.php for
phpzag ...)
+ TODO: check
+CVE-2020-8519 (SQL injection with the search parameter in Records.php for
phpzag live ...)
+ TODO: check
CVE-2020-8518 (Horde Groupware Webmail Edition 5.2.22 allows injection of
arbitrary P ...)
{DLA-2174-1}
- php-horde-data <unfixed> (bug #951537)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/beacee245983daa883e5994add1e822a4f7f8715
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/beacee245983daa883e5994add1e822a4f7f8715
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
