Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1b541bb9 by security tracker role at 2020-09-21T20:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2020-25801
+ RESERVED
+CVE-2020-25800
+ RESERVED
+CVE-2020-25799
+ RESERVED
+CVE-2020-25798
+ RESERVED
+CVE-2020-25797
+ RESERVED
CVE-2020-25790 (** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to
upload ...)
NOT-FOR-US: Typesetter CMS
CVE-2020-25789 (An issue was discovered in Tiny Tiny RSS (aka tt-rss) before
2020-09-1 ...)
@@ -19654,8 +19664,8 @@ CVE-2020-16173
RESERVED
CVE-2020-16172
RESERVED
-CVE-2020-16171
- RESERVED
+CVE-2020-16171 (An issue was discovered in Acronis Cyber Backup before 12.5
Build 1634 ...)
+ TODO: check
CVE-2020-16170 (Use of Hard-coded Credentials in temi Robox OS prior to 120,
temi Andr ...)
NOT-FOR-US: Temi application fo Android
CVE-2020-16169 (Authentication Bypass Using an Alternate Path or Channel in
temi Robox ...)
@@ -20098,22 +20108,21 @@ CVE-2020-15968
RESERVED
CVE-2020-15967
RESERVED
-CVE-2020-15966
- RESERVED
-CVE-2020-15965
- RESERVED
-CVE-2020-15964
- RESERVED
-CVE-2020-15963
- RESERVED
-CVE-2020-15962
- RESERVED
-CVE-2020-15961
- RESERVED
-CVE-2020-15960
- RESERVED
-CVE-2020-15959
- RESERVED
+CVE-2020-15966 (Insufficient policy enforcement in extensions in Google Chrome
prior t ...)
+ TODO: check
+CVE-2020-15965 (Type confusion in V8 in Google Chrome prior to 85.0.4183.121
allowed a ...)
+ TODO: check
+CVE-2020-15964 (Insufficient data validation in media in Google Chrome prior
to 85.0.4 ...)
+ TODO: check
+CVE-2020-15963 (Insufficient policy enforcement in extensions in Google Chrome
prior t ...)
+ TODO: check
+CVE-2020-15962 (Insufficient policy validation in serial in Google Chrome
prior to 85. ...)
+ TODO: check
+CVE-2020-15961 (Insufficient policy validation in extensions in Google Chrome
prior to ...)
+ TODO: check
+CVE-2020-15960 (Heap buffer overflow in storage in Google Chrome prior to
85.0.4183.12 ...)
+ TODO: check
+CVE-2020-15959 (Insufficient policy enforcement in networking in Google Chrome
prior t ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15958 (An issue was discovered in 1CRM System through 8.6.7. An
insecure dire ...)
@@ -45474,164 +45483,126 @@ CVE-2020-6578
RESERVED
CVE-2020-6577
RESERVED
-CVE-2020-6576
- RESERVED
+CVE-2020-6576 (Use after free in offscreen canvas in Google Chrome prior to
85.0.4183 ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6575
- RESERVED
+CVE-2020-6575 (Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a
remote ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6574
- RESERVED
+CVE-2020-6574 (Insufficient policy enforcement in installer in Google Chrome
on OS X ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6573
- RESERVED
+CVE-2020-6573 (Use after free in video in Google Chrome on Android prior to
85.0.4183 ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6572
RESERVED
-CVE-2020-6571
- RESERVED
+CVE-2020-6571 (Insufficient data validation in Omnibox in Google Chrome prior
to 85.0 ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6570
- RESERVED
+CVE-2020-6570 (Information leakage in WebRTC in Google Chrome prior to
85.0.4183.83 a ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6569
- RESERVED
+CVE-2020-6569 (Integer overflow in WebUSB in Google Chrome prior to
85.0.4183.83 allo ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6568
- RESERVED
+CVE-2020-6568 (Insufficient policy enforcement in intent handling in Google
Chrome on ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6567
- RESERVED
+CVE-2020-6567 (Insufficient validation of untrusted input in command line
handling in ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6566
- RESERVED
+CVE-2020-6566 (Insufficient policy enforcement in media in Google Chrome prior
to 85. ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6565
- RESERVED
+CVE-2020-6565 (Inappropriate implementation in Omnibox in Google Chrome on iOS
prior ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6564
- RESERVED
+CVE-2020-6564 (Inappropriate implementation in permissions in Google Chrome
prior to ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6563
- RESERVED
+CVE-2020-6563 (Insufficient policy enforcement in intent handling in Google
Chrome on ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6562
- RESERVED
+CVE-2020-6562 (Insufficient policy enforcement in Blink in Google Chrome prior
to 85. ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6561
- RESERVED
+CVE-2020-6561 (Inappropriate implementation in Content Security Policy in
Google Chro ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6560
- RESERVED
+CVE-2020-6560 (Insufficient policy enforcement in autofill in Google Chrome
prior to ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6559
- RESERVED
+CVE-2020-6559 (Use after free in presentation API in Google Chrome prior to
85.0.4183 ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6558
- RESERVED
+CVE-2020-6558 (Insufficient policy enforcement in iOSWeb in Google Chrome on
iOS prio ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6557
RESERVED
-CVE-2020-6556
- RESERVED
+CVE-2020-6556 (Heap buffer overflow in SwiftShader in Google Chrome prior to
84.0.414 ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6555
- RESERVED
+CVE-2020-6555 (Out of bounds read in WebGL in Google Chrome prior to
84.0.4147.125 al ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6554
- RESERVED
+CVE-2020-6554 (Use after free in extensions in Google Chrome prior to
84.0.4147.125 a ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6553
- RESERVED
+CVE-2020-6553 (Use after free in offline mode in Google Chrome on iOS prior to
84.0.4 ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6552
- RESERVED
+CVE-2020-6552 (Use after free in Blink in Google Chrome prior to 84.0.4147.125
allowe ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6551
- RESERVED
+CVE-2020-6551 (Use after free in WebXR in Google Chrome prior to 84.0.4147.125
allowe ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6550
- RESERVED
+CVE-2020-6550 (Use after free in IndexedDB in Google Chrome prior to
84.0.4147.125 al ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6549
- RESERVED
+CVE-2020-6549 (Use after free in media in Google Chrome prior to 84.0.4147.125
allowe ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6548
- RESERVED
+CVE-2020-6548 (Heap buffer overflow in Skia in Google Chrome prior to
84.0.4147.125 a ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6547
- RESERVED
+CVE-2020-6547 (Incorrect security UI in media in Google Chrome prior to
84.0.4147.125 ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6546
- RESERVED
+CVE-2020-6546 (Inappropriate implementation in installer in Google Chrome
prior to 84 ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6545
- RESERVED
+CVE-2020-6545 (Use after free in audio in Google Chrome prior to 84.0.4147.125
allowe ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6544
- RESERVED
+CVE-2020-6544 (Use after free in media in Google Chrome prior to 84.0.4147.125
allowe ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6543
- RESERVED
+CVE-2020-6543 (Use after free in task scheduling in Google Chrome prior to
84.0.4147. ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6542
- RESERVED
+CVE-2020-6542 (Use after free in ANGLE in Google Chrome prior to 84.0.4147.125
allowe ...)
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6541
- RESERVED
+CVE-2020-6541 (Use after free in WebUSB in Google Chrome prior to
84.0.4147.105 allow ...)
[experimental] - chromium 84.0.4147.105-1
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6540
- RESERVED
+CVE-2020-6540 (Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105
allowe ...)
[experimental] - chromium 84.0.4147.105-1
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6539
- RESERVED
+CVE-2020-6539 (Use after free in CSS in Google Chrome prior to 84.0.4147.105
allowed ...)
[experimental] - chromium 84.0.4147.105-1
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6538
- RESERVED
+CVE-2020-6538 (Inappropriate implementation in WebView in Google Chrome on
Android pr ...)
[experimental] - chromium 84.0.4147.105-1
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6537
- RESERVED
+CVE-2020-6537 (Type confusion in V8 in Google Chrome prior to 84.0.4147.105
allowed a ...)
[experimental] - chromium 84.0.4147.105-1
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -45651,8 +45622,7 @@ CVE-2020-6533 (Type Confusion in V8 in Google Chrome
prior to 84.0.4147.89 allow
[experimental] - chromium 84.0.4147.89-1
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6532
- RESERVED
+CVE-2020-6532 (Use after free in SCTP in Google Chrome prior to 84.0.4147.105
allowed ...)
[experimental] - chromium 84.0.4147.105-1
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -50373,8 +50343,8 @@ CVE-2020-4733
RESERVED
CVE-2020-4732
RESERVED
-CVE-2020-4731
- RESERVED
+CVE-2020-4731 (IBM Aspera Web Application 1.9.14 PL1 is vulnerable to
cross-site scri ...)
+ TODO: check
CVE-2020-4730
RESERVED
CVE-2020-4729
@@ -50549,8 +50519,8 @@ CVE-2020-4645 (IBM Planning Analytics Local 2.0.0
through 2.0.9.1 is vulnerable
NOT-FOR-US: IBM
CVE-2020-4644 (IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow
a remot ...)
NOT-FOR-US: IBM
-CVE-2020-4643
- RESERVED
+CVE-2020-4643 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is
vulnerable ...)
+ TODO: check
CVE-2020-4642
RESERVED
CVE-2020-4641
@@ -50655,8 +50625,8 @@ CVE-2020-4592
RESERVED
CVE-2020-4591 (IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could
disclos ...)
NOT-FOR-US: IBM
-CVE-2020-4590
- RESERVED
+CVE-2020-4590 (IBM WebSphere Application Server Liberty 17.0.0.3 through
20.0.0.9 run ...)
+ TODO: check
CVE-2020-4589 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could
allow a ...)
NOT-FOR-US: IBM
CVE-2020-4588
@@ -50673,12 +50643,12 @@ CVE-2020-4583
RESERVED
CVE-2020-4582
RESERVED
-CVE-2020-4581
- RESERVED
-CVE-2020-4580
- RESERVED
-CVE-2020-4579
- RESERVED
+CVE-2020-4581 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could
allow a rem ...)
+ TODO: check
+CVE-2020-4580 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could
allow a rem ...)
+ TODO: check
+CVE-2020-4579 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could
allow a rem ...)
+ TODO: check
CVE-2020-4578 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is
vulnerable ...)
NOT-FOR-US: IBM
CVE-2020-4577
@@ -51205,8 +51175,8 @@ CVE-2020-4317 (IBM Intelligent Operations Center for
Emergency Management, Intel
NOT-FOR-US: IBM
CVE-2020-4316 (IBM Publishing Engine 6.0.6, 6.0.6.1, and 7.0 does not set the
secure ...)
NOT-FOR-US: IBM
-CVE-2020-4315
- RESERVED
+CVE-2020-4315 (IBM Business Automation Content Analyzer on Cloud 1.0 does not
set the ...)
+ TODO: check
CVE-2020-4314
RESERVED
CVE-2020-4313
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b541bb9cfed18508390b3090d329f030cc74638
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b541bb9cfed18508390b3090d329f030cc74638
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
