Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
aec6be33 by security tracker role at 2020-08-25T08:10:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2020-24613 (wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the
WAIT_CERT_C ...)
+ TODO: check
+CVE-2020-24612 (An issue was discovered in the selinux-policy (aka Reference
Policy) p ...)
+ TODO: check
+CVE-2020-24611
+ RESERVED
+CVE-2020-24610
+ RESERVED
+CVE-2020-24609
+ RESERVED
CVE-2020-24608
RESERVED
CVE-2020-24607
@@ -70,8 +80,8 @@ CVE-2020-24574 (The client (aka GalaxyClientService.exe) in
GOG GALAXY 2.0.19 al
NOT-FOR-US: GOG Galaxy client
CVE-2020-24573
RESERVED
-CVE-2020-24572
- RESERVED
+CVE-2020-24572 (An issue was discovered in includes/webconsole.php in RaspAP
2.5. With ...)
+ TODO: check
CVE-2020-24571 (NexusQA NexusDB before 4.50.23 allows the reading of files via
../ dir ...)
NOT-FOR-US: NexusDB
CVE-2020-24570
@@ -39312,6 +39322,7 @@ CVE-2020-7925
CVE-2020-7924
RESERVED
CVE-2020-7923 (A user authorized to perform database queries may cause denial
of serv ...)
+ {DLA-2344-1}
- mongodb <removed>
NOTE: https://jira.mongodb.org/browse/SERVER-47773
CVE-2020-7922 (X.509 certificates generated by the MongoDB Enterprise
Kubernetes Oper ...)
@@ -40583,10 +40594,10 @@ CVE-2020-7379
RESERVED
CVE-2020-7378
RESERVED
-CVE-2020-7377
- RESERVED
-CVE-2020-7376
- RESERVED
+CVE-2020-7377 (The Metasploit Framework module
"auxiliary/admin/http/telpho10_credent ...)
+ TODO: check
+CVE-2020-7376 (The Metasploit Framework module "post/osx/gather/enum_osx
module" is a ...)
+ TODO: check
CVE-2020-7375
RESERVED
CVE-2020-7374 (Documalis Free PDF Editor version 5.7.2.26 and Documalis Free
PDF Scan ...)
@@ -44994,10 +45005,10 @@ CVE-2020-5622
RESERVED
CVE-2020-5621
RESERVED
-CVE-2020-5620
- RESERVED
-CVE-2020-5619
- RESERVED
+CVE-2020-5620 (Cross-site scripting vulnerability in Exment prior to v3.6.0
allows re ...)
+ TODO: check
+CVE-2020-5619 (Cross-site scripting vulnerability in Exment prior to v3.6.0
allows re ...)
+ TODO: check
CVE-2020-5618
RESERVED
CVE-2020-5617 (Privilege escalation vulnerability in SKYSEA Client View
Ver.12.200.12 ...)
@@ -45152,10 +45163,10 @@ CVE-2020-5543 (TCP function included in the firmware
of Mitsubishi Electric MELQ
NOT-FOR-US: Mitsubishi
CVE-2020-5542 (Buffer error vulnerability in TCP function included in the
firmware of ...)
NOT-FOR-US: Mitsubishi
-CVE-2020-5541
- RESERVED
-CVE-2020-5540
- RESERVED
+CVE-2020-5541 (Open redirect vulnerability in CyberMail Ver.6.x and Ver.7.x
allows re ...)
+ TODO: check
+CVE-2020-5540 (Cross-site scripting vulnerability in CyberMail Ver.6.x and
Ver.7.x al ...)
+ TODO: check
CVE-2020-5539 (GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and
Ver.3.0 do no ...)
NOT-FOR-US: GRANDIT
CVE-2020-5538 (Improper Access Control in PALLET CONTROL Ver. 6.3 and earlier
allows ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec6be330172ab952147aeb060a3128204211570
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aec6be330172ab952147aeb060a3128204211570
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
