Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1d246654 by security tracker role at 2020-08-27T08:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,79 @@
+CVE-2020-24699
+ RESERVED
+CVE-2020-24698
+ RESERVED
+CVE-2020-24697
+ RESERVED
+CVE-2020-24696
+ RESERVED
+CVE-2020-24695
+ RESERVED
+CVE-2020-24694
+ RESERVED
+CVE-2020-24693
+ RESERVED
+CVE-2020-24692
+ RESERVED
+CVE-2020-24691
+ RESERVED
+CVE-2020-24690
+ RESERVED
+CVE-2020-24689
+ RESERVED
+CVE-2020-24688
+ RESERVED
+CVE-2020-24687
+ RESERVED
+CVE-2020-24686
+ RESERVED
+CVE-2020-24685
+ RESERVED
+CVE-2020-24684
+ RESERVED
+CVE-2020-24683
+ RESERVED
+CVE-2020-24682
+ RESERVED
+CVE-2020-24681
+ RESERVED
+CVE-2020-24680
+ RESERVED
+CVE-2020-24679
+ RESERVED
+CVE-2020-24678
+ RESERVED
+CVE-2020-24677
+ RESERVED
+CVE-2020-24676
+ RESERVED
+CVE-2020-24675
+ RESERVED
+CVE-2020-24674
+ RESERVED
+CVE-2020-24673
+ RESERVED
+CVE-2020-24672
+ RESERVED
+CVE-2020-24671
+ RESERVED
+CVE-2020-24670
+ RESERVED
+CVE-2020-24669
+ RESERVED
+CVE-2020-24668
+ RESERVED
+CVE-2020-24667
+ RESERVED
+CVE-2020-24666
+ RESERVED
+CVE-2020-24665
+ RESERVED
+CVE-2020-24664
+ RESERVED
+CVE-2020-24663
+ RESERVED
+CVE-2020-24662
+ RESERVED
CVE-2020-24661 (GNOME Geary before 3.36.3 mishandles pinned TLS certificate
verificati ...)
- geary <unfixed>
NOTE: https://gitlab.gnome.org/GNOME/geary/-/issues/866
@@ -124,10 +200,10 @@ CVE-2020-24601
RESERVED
CVE-2020-24600
RESERVED
-CVE-2020-24599
- RESERVED
-CVE-2020-24598
- RESERVED
+CVE-2020-24599 (An issue was discovered in Joomla! before 3.9.21. Lack of
escaping in ...)
+ TODO: check
+CVE-2020-24598 (An issue was discovered in Joomla! before 3.9.21. Lack of
input valida ...)
+ TODO: check
CVE-2020-24597
RESERVED
CVE-2020-24596
@@ -176,7 +252,7 @@ CVE-2020-24576
RESERVED
CVE-2020-24575
RESERVED
-CVE-2020-24574 (The client (aka GalaxyClientService.exe) in GOG GALAXY 2.0.19
allows l ...)
+CVE-2020-24574 (The client (aka GalaxyClientService.exe) in GOG GALAXY through
2.0.20 ...)
NOT-FOR-US: GOG Galaxy client
CVE-2020-24573
RESERVED
@@ -18898,8 +18974,8 @@ CVE-2020-15487
RESERVED
CVE-2020-15486 (An issue was discovered on Dr Trust ECG Pen 2.00.08 devices.
Because t ...)
NOT-FOR-US: Dr Trust ECG Pen 2.00.08 devices
-CVE-2020-15485
- RESERVED
+CVE-2020-15485 (An issue was discovered on Nescomed Multipara Monitor M1000
devices. T ...)
+ TODO: check
CVE-2020-15484 (An issue was discovered on Nescomed Multipara Monitor M1000
devices. T ...)
NOT-FOR-US: Nescomed Multipara Monitor M1000 devices
CVE-2020-15483 (An issue was discovered on Nescomed Multipara Monitor M1000
devices. T ...)
@@ -19632,8 +19708,8 @@ CVE-2020-15158 (In libIEC61850 before version 1.4.3,
when a message with COTP me
NOT-FOR-US: libIEC61850
CVE-2020-15157
RESERVED
-CVE-2020-15156
- RESERVED
+CVE-2020-15156 (In nodebb-plugin-blog-comments before version 0.7.0, a logged
in user ...)
+ TODO: check
CVE-2020-15155
RESERVED
CVE-2020-15154
@@ -20595,10 +20671,10 @@ CVE-2020-14731
RESERVED
CVE-2020-14730
RESERVED
-CVE-2020-14729
- RESERVED
-CVE-2020-14728
- RESERVED
+CVE-2020-14729 (Vulnerability in SuiteCommerce Advanced (SCA) Sites component
of Oracl ...)
+ TODO: check
+CVE-2020-14728 (Vulnerability in the SuiteCommerce Advanced (SCA) component of
Oracle ...)
+ TODO: check
CVE-2020-14727
RESERVED
CVE-2020-14726
@@ -101596,10 +101672,10 @@ CVE-2019-5323 (There are command injection
vulnerabilities present in the AirWav
NOT-FOR-US: Aruba Airwave
CVE-2019-5322 (A remotely exploitable information disclosure vulnerability is
present ...)
NOT-FOR-US: Edge Switch models
-CVE-2019-5321
- RESERVED
-CVE-2019-5320
- RESERVED
+CVE-2019-5321 (Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M,
2920, 5 ...)
+ TODO: check
+CVE-2019-5320 (Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M,
2920, 5 ...)
+ TODO: check
CVE-2019-5319
RESERVED
CVE-2019-5318
@@ -103000,8 +103076,8 @@ CVE-2019-4697 (IBM Security Guardium Data Encryption
(GDE) 3.0.0.2 stores user c
NOT-FOR-US: IBM
CVE-2019-4696
RESERVED
-CVE-2019-4695
- RESERVED
+CVE-2019-4695 (IBM Security Guardium Data Encryption (GDE) 3.0.0.2 allows web
pages t ...)
+ TODO: check
CVE-2019-4694 (IBM Security Guardium Data Encryption (GDE) 3.0.0.2 contains
hard-code ...)
NOT-FOR-US: IBM
CVE-2019-4693 (IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user
creden ...)
@@ -340212,8 +340288,8 @@ CVE-2011-4822 (Multiple cross-site scripting (XSS)
vulnerabilities in the user p
NOT-FOR-US: Atlassian FishEye
CVE-2011-4821 (Directory traversal vulnerability in the TFTP server in D-Link
DIR-601 ...)
NOT-FOR-US: D-Link router
-CVE-2011-4820
- RESERVED
+CVE-2011-4820 (IBM Rational Asset Manager 7.5 could allow a remote attacker to
bypass ...)
+ TODO: check
CVE-2011-4819 (Multiple cross-site scripting (XSS) vulnerabilities in IBM
Maximo Asse ...)
NOT-FOR-US: IBM Maximo Asset Management
CVE-2011-4818 (Open redirect vulnerability in IBM Maximo Asset Management and
Asset M ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d246654a7b24cc0ac75305f3625d8fdb211bc3a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d246654a7b24cc0ac75305f3625d8fdb211bc3a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
