Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
47d2cc7d by security tracker role at 2020-09-24T20:10:28+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,74 @@
-CVE-2020-26088 [net/nfc/rawsock.c: add CAP_NET_RAW check]
+CVE-2020-26097
+ RESERVED
+CVE-2020-26096
+ RESERVED
+CVE-2020-26095
+ RESERVED
+CVE-2020-26094
+ RESERVED
+CVE-2020-26093
+ RESERVED
+CVE-2020-26092
+ RESERVED
+CVE-2020-26091
+ RESERVED
+CVE-2020-26090
+ RESERVED
+CVE-2020-26089
+ RESERVED
+CVE-2020-26087
+ RESERVED
+CVE-2020-26086
+ RESERVED
+CVE-2020-26085
+ RESERVED
+CVE-2020-26084
+ RESERVED
+CVE-2020-26083
+ RESERVED
+CVE-2020-26082
+ RESERVED
+CVE-2020-26081
+ RESERVED
+CVE-2020-26080
+ RESERVED
+CVE-2020-26079
+ RESERVED
+CVE-2020-26078
+ RESERVED
+CVE-2020-26077
+ RESERVED
+CVE-2020-26076
+ RESERVED
+CVE-2020-26075
+ RESERVED
+CVE-2020-26074
+ RESERVED
+CVE-2020-26073
+ RESERVED
+CVE-2020-26072
+ RESERVED
+CVE-2020-26071
+ RESERVED
+CVE-2020-26070
+ RESERVED
+CVE-2020-26069
+ RESERVED
+CVE-2020-26068
+ RESERVED
+CVE-2020-26067
+ RESERVED
+CVE-2020-26066
+ RESERVED
+CVE-2020-26065
+ RESERVED
+CVE-2020-26064
+ RESERVED
+CVE-2020-26063
+ RESERVED
+CVE-2020-26062
+ RESERVED
+CVE-2020-26088 (A missing CAP_NET_RAW check in NFC socket creation in
net/nfc/rawsock. ...)
- linux 5.7.17-1
NOTE:
https://git.kernel.org/linus/26896f01467a28651f7a536143fe5ac8449d4041
CVE-2020-26061
@@ -3690,8 +3760,8 @@ CVE-2020-24367
RESERVED
CVE-2020-24366
RESERVED
-CVE-2020-24365
- RESERVED
+CVE-2020-24365 (An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and
WRTM-12 ...)
+ TODO: check
CVE-2020-24364 (MineTime through 1.8.5 allows arbitrary command execution via
the note ...)
NOT-FOR-US: MineTime
CVE-2020-24363 (TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an
unauthenticat ...)
@@ -7546,8 +7616,8 @@ CVE-2020-22455
RESERVED
CVE-2020-22454
RESERVED
-CVE-2020-22453
- RESERVED
+CVE-2020-22453 (Untis WebUntis before 2020.9.6 allows XSS in multiple
functions that s ...)
+ TODO: check
CVE-2020-22452
RESERVED
CVE-2020-22451
@@ -13558,8 +13628,8 @@ CVE-2020-19449
RESERVED
CVE-2020-19448
RESERVED
-CVE-2020-19447
- RESERVED
+CVE-2020-19447 (SQL injection exists in the jdownloads 3.2.63 component for
Joomla! co ...)
+ TODO: check
CVE-2020-19446
RESERVED
CVE-2020-19445
@@ -20306,10 +20376,10 @@ CVE-2020-16150 (A Lucky 13 timing side channel in
mbedtls_ssl_decrypt_buf in lib
NOTE:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
CVE-2020-16149
REJECTED
-CVE-2020-16148
- RESERVED
-CVE-2020-16147
- RESERVED
+CVE-2020-16148 (The ping page of the administration panel in Telmat AccessLog
<= 6. ...)
+ TODO: check
+CVE-2020-16147 (The login page in Telmat AccessLog <= 6.0 (TAL_20180415)
allows an ...)
+ TODO: check
CVE-2020-16146
RESERVED
CVE-2020-16145 (Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in
HTML me ...)
@@ -20809,8 +20879,8 @@ CVE-2020-15932 (Overwolf before 0.149.2.30 mishandles
Symbolic Links during upda
NOT-FOR-US: Overwolf
CVE-2020-15931
RESERVED
-CVE-2020-15930
- RESERVED
+CVE-2020-15930 (An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows
arbitrary cod ...)
+ TODO: check
CVE-2020-15929
RESERVED
CVE-2020-15928
@@ -21026,8 +21096,8 @@ CVE-2020-15842 (Liferay Portal before 7.3.0, and
Liferay DXP 7.0 before fix pack
NOT-FOR-US: Liferay
CVE-2020-15841 (Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix
pack 89, 7 ...)
NOT-FOR-US: Liferay
-CVE-2020-15840
- RESERVED
+CVE-2020-15840 (In Liferay Portal before 7.3.1, Liferay Portal 6.2 EE, and
Liferay DXP ...)
+ TODO: check
CVE-2020-15839 (Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix
pack 18 an ...)
NOT-FOR-US: Liferay
CVE-2020-15838
@@ -22643,10 +22713,10 @@ CVE-2020-15225
RESERVED
CVE-2020-15224
RESERVED
-CVE-2020-15223
- RESERVED
-CVE-2020-15222
- RESERVED
+CVE-2020-15223 (In ORY Fosite (the security first OAuth2 & OpenID Connect
framewor ...)
+ TODO: check
+CVE-2020-15222 (In ORY Fosite (the security first OAuth2 & OpenID Connect
framewor ...)
+ TODO: check
CVE-2020-15221
RESERVED
CVE-2020-15220
@@ -27251,8 +27321,8 @@ CVE-2020-13523 (An exploitable information disclosure
vulnerability exists in So
NOT-FOR-US: SoftPerfect
CVE-2020-13522 (An exploitable arbitrary file delete vulnerability exists in
SoftPerfe ...)
NOT-FOR-US: SoftPerfect
-CVE-2020-13521
- RESERVED
+CVE-2020-13521 (Parameter psAttribute in ednareporting.asmx is vulnerable to
unauthent ...)
+ TODO: check
CVE-2020-13520
RESERVED
CVE-2020-13519
@@ -27277,26 +27347,26 @@ CVE-2020-13510
RESERVED
CVE-2020-13509
RESERVED
-CVE-2020-13508
- RESERVED
-CVE-2020-13507
- RESERVED
+CVE-2020-13508 (An SQL injection vulnerability exists in the Alias.asmx Web
Service fu ...)
+ TODO: check
+CVE-2020-13507 (An SQL injection vulnerability exists in the Alias.asmx Web
Service fu ...)
+ TODO: check
CVE-2020-13506
RESERVED
-CVE-2020-13505
- RESERVED
-CVE-2020-13504
- RESERVED
-CVE-2020-13503
- RESERVED
-CVE-2020-13502
- RESERVED
-CVE-2020-13501
- RESERVED
-CVE-2020-13500
- RESERVED
-CVE-2020-13499
- RESERVED
+CVE-2020-13505 (Parameter psClass in ednareporting.asmx is vulnerable to
unauthenticat ...)
+ TODO: check
+CVE-2020-13504 (Parameter AttFilterValue in ednareporting.asmx is vulnerable
to unauth ...)
+ TODO: check
+CVE-2020-13503 (Parameter AttFilterName in ednareporting.asmx is vulnerable to
unauthe ...)
+ TODO: check
+CVE-2020-13502 (An exploitable SQL injection vulnerability exists in the
DNAPoints.asm ...)
+ TODO: check
+CVE-2020-13501 (An SQL injection vulnerability exists in the CHaD.asmx web
service fun ...)
+ TODO: check
+CVE-2020-13500 (SQL injection vulnerability exists in the CHaD.asmx web
service functi ...)
+ TODO: check
+CVE-2020-13499 (An SQL injection vulnerability exists in the CHaD.asmx web
service fun ...)
+ TODO: check
CVE-2020-13498
RESERVED
CVE-2020-13497
@@ -28239,8 +28309,8 @@ CVE-2020-13121 (Submitty through 20.04.01 has an open
redirect via authenticatio
NOT-FOR-US: Submitty
CVE-2020-13120
RESERVED
-CVE-2020-13119
- RESERVED
+CVE-2020-13119 (ismartgate PRO 1.5.9 is vulnerable to clickjacking. ...)
+ TODO: check
CVE-2020-13118 (An issue was discovered in Mikrotik-Router-Monitoring-System
through 2 ...)
NOT-FOR-US: Mikrotik-Router-Monitoring-System
CVE-2020-13117
@@ -28870,20 +28940,20 @@ CVE-2020-12845 (Cherokee 0.4.27 to 1.2.104 is
affected by a denial of service du
- cherokee <removed>
CVE-2020-12844
RESERVED
-CVE-2020-12843
- RESERVED
-CVE-2020-12842
- RESERVED
-CVE-2020-12841
- RESERVED
-CVE-2020-12840
- RESERVED
-CVE-2020-12839
- RESERVED
-CVE-2020-12838
- RESERVED
-CVE-2020-12837
- RESERVED
+CVE-2020-12843 (ismartgate PRO 1.5.9 is vulnerable to malicious file uploads
via the f ...)
+ TODO: check
+CVE-2020-12842 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by
appendin ...)
+ TODO: check
+CVE-2020-12841 (ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote
attacker ...)
+ TODO: check
+CVE-2020-12840 (ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote
attacker ...)
+ TODO: check
+CVE-2020-12839 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by
appendin ...)
+ TODO: check
+CVE-2020-12838 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by
appendin ...)
+ TODO: check
+CVE-2020-12837 (ismartgate PRO 1.5.9 is vulnerable to malicious file uploads
via the f ...)
+ TODO: check
CVE-2020-12836
RESERVED
CVE-2020-12835 (An issue was discovered in SmartBear ReadyAPI SoapUI Pro
3.2.5. Due to ...)
@@ -28940,22 +29010,22 @@ CVE-2020-12820
RESERVED
CVE-2020-12819
RESERVED
-CVE-2020-12818
- RESERVED
-CVE-2020-12817
- RESERVED
-CVE-2020-12816
- RESERVED
-CVE-2020-12815
- RESERVED
+CVE-2020-12818 (An insufficient logging vulnerability in FortiGate before
6.4.1 may al ...)
+ TODO: check
+CVE-2020-12817 (An improper neutralization of input vulnerability in
FortiAnalyzer bef ...)
+ TODO: check
+CVE-2020-12816 (An improper neutralization of input vulnerability in FortiNAC
before 8 ...)
+ TODO: check
+CVE-2020-12815 (An improper neutralization of input vulnerability in
FortiTester befor ...)
+ TODO: check
CVE-2020-12814
RESERVED
CVE-2020-12813
RESERVED
CVE-2020-12812 (An improper authentication vulnerability in SSL VPN in FortiOS
6.4.0, ...)
NOT-FOR-US: Fortinet
-CVE-2020-12811
- RESERVED
+CVE-2020-12811 (An improper neutralization of script-related HTML tags in a
web page i ...)
+ TODO: check
CVE-2020-12810
RESERVED
CVE-2020-12809
@@ -30421,12 +30491,12 @@ CVE-2016-11054 (NETGEAR DGN2200v4 devices before
2017-01-06 are affected by comm
NOT-FOR-US: Netgear
CVE-2020-12283 (Sourcegraph before 3.15.1 has a vulnerable authentication
workflow bec ...)
NOT-FOR-US: Sourcegraph
-CVE-2020-12282
- RESERVED
-CVE-2020-12281
- RESERVED
-CVE-2020-12280
- RESERVED
+CVE-2020-12282 (iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca
parameter in ...)
+ TODO: check
+CVE-2020-12281 (iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote
attacker ...)
+ TODO: check
+CVE-2020-12280 (iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote
attacker ...)
+ TODO: check
CVE-2020-12279 (An issue was discovered in libgit2 before 0.28.4 and 0.9x
before 0.99. ...)
- libgit2 0.28.4+dfsg.1-2
[buster] - libgit2 <no-dsa> (Minor issue; only problematic when used on
NTFS like filesystem)
@@ -44791,7 +44861,7 @@ CVE-2020-7070
RESERVED
CVE-2020-7069
RESERVED
-CVE-2020-7068 (In PHP versions 7.2.x below 7.3.21, 7.3.x below 7.3.21 and
7.4.x below ...)
+CVE-2020-7068 (In PHP versions 7.2.x below 7.2.23, 7.3.x below 7.3.21 and
7.4.x below ...)
{DLA-2345-1}
- php7.4 7.4.9-1
- php7.3 <removed>
@@ -47357,8 +47427,8 @@ CVE-2020-6155
RESERVED
CVE-2020-6154
RESERVED
-CVE-2020-6153
- RESERVED
+CVE-2020-6153 (An exploitable SQL injection vulnerability exists in the
FavoritesServ ...)
+ TODO: check
CVE-2020-6152 (A code execution vulnerability exists in the DICOM
parse_dicom_meta_in ...)
NOT-FOR-US: Accusoft
CVE-2020-6151 (A memory corruption vulnerability exists in the TIFF
handle_COMPRESSIO ...)
@@ -47681,8 +47751,8 @@ CVE-2020-6022
RESERVED
CVE-2020-6021
RESERVED
-CVE-2020-6020
- RESERVED
+CVE-2020-6020 (Check Point Security Management's Internal CA web management
before Ju ...)
+ TODO: check
CVE-2020-6019
RESERVED
CVE-2020-6018
@@ -54513,10 +54583,10 @@ CVE-2020-3562
RESERVED
CVE-2020-3561
RESERVED
-CVE-2020-3560
- RESERVED
-CVE-2020-3559
- RESERVED
+CVE-2020-3560 (A vulnerability in Cisco Aironet Access Points (APs) could
allow an un ...)
+ TODO: check
+CVE-2020-3559 (A vulnerability in Cisco Aironet Access Point (AP) Software
could allo ...)
+ TODO: check
CVE-2020-3558
RESERVED
CVE-2020-3557
@@ -54529,8 +54599,8 @@ CVE-2020-3554
RESERVED
CVE-2020-3553
RESERVED
-CVE-2020-3552
- RESERVED
+CVE-2020-3552 (A vulnerability in the Ethernet packet handling of Cisco
Aironet Acces ...)
+ TODO: check
CVE-2020-3551
RESERVED
CVE-2020-3550
@@ -54579,14 +54649,14 @@ CVE-2020-3529
RESERVED
CVE-2020-3528
RESERVED
-CVE-2020-3527
- RESERVED
-CVE-2020-3526
- RESERVED
+CVE-2020-3527 (A vulnerability in the Polaris kernel of Cisco Catalyst 9200
Series Sw ...)
+ TODO: check
+CVE-2020-3526 (A vulnerability in the Common Open Policy Service (COPS) engine
of Cis ...)
+ TODO: check
CVE-2020-3525
RESERVED
-CVE-2020-3524
- RESERVED
+CVE-2020-3524 (A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON)
Software for ...)
+ TODO: check
CVE-2020-3523 (A vulnerability in the web-based management interface of Cisco
Data Ce ...)
NOT-FOR-US: Cisco
CVE-2020-3522 (A vulnerability in the web-based management interface of Cisco
Data Ce ...)
@@ -54601,24 +54671,24 @@ CVE-2020-3518 (A vulnerability in the web-based
management interface of Cisco Da
NOT-FOR-US: Cisco
CVE-2020-3517 (A vulnerability in the Cisco Fabric Services component of Cisco
FXOS S ...)
NOT-FOR-US: Cisco
-CVE-2020-3516
- RESERVED
+CVE-2020-3516 (A vulnerability in the web server authentication of Cisco IOS
XE Softw ...)
+ TODO: check
CVE-2020-3515
RESERVED
CVE-2020-3514
RESERVED
-CVE-2020-3513
- RESERVED
-CVE-2020-3512
- RESERVED
-CVE-2020-3511
- RESERVED
-CVE-2020-3510
- RESERVED
-CVE-2020-3509
- RESERVED
-CVE-2020-3508
- RESERVED
+CVE-2020-3513 (Multiple vulnerabilities in the initialization routines that
are execu ...)
+ TODO: check
+CVE-2020-3512 (A vulnerability in the PROFINET handler for Link Layer
Discovery Proto ...)
+ TODO: check
+CVE-2020-3511 (A vulnerability in the ISDN subsystem of Cisco IOS Software and
Cisco ...)
+ TODO: check
+CVE-2020-3510 (A vulnerability in the Umbrella Connector component of Cisco
IOS XE So ...)
+ TODO: check
+CVE-2020-3509 (A vulnerability in the DHCP message handler of Cisco IOS XE
Software f ...)
+ TODO: check
+CVE-2020-3508 (A vulnerability in the IP Address Resolution Protocol (ARP)
feature of ...)
+ TODO: check
CVE-2020-3507 (Multiple vulnerabilities in the Cisco Discovery Protocol
implementatio ...)
NOT-FOR-US: Cisco
CVE-2020-3506 (Multiple vulnerabilities in the Cisco Discovery Protocol
implementatio ...)
@@ -54627,8 +54697,8 @@ CVE-2020-3505 (A vulnerability in the Cisco Discovery
Protocol of Cisco Video Su
NOT-FOR-US: Cisco
CVE-2020-3504 (A vulnerability in the local management (local-mgmt) CLI of
Cisco UCS ...)
NOT-FOR-US: Cisco
-CVE-2020-3503
- RESERVED
+CVE-2020-3503 (A vulnerability in the file system permissions of Cisco IOS XE
Softwar ...)
+ TODO: check
CVE-2020-3502 (Multiple vulnerabilities in the user interface of Cisco Webex
Meetings ...)
NOT-FOR-US: Cisco
CVE-2020-3501 (Multiple vulnerabilities in the user interface of Cisco Webex
Meetings ...)
@@ -54639,30 +54709,30 @@ CVE-2020-3499
RESERVED
CVE-2020-3498 (A vulnerability in Cisco Jabber software could allow an
authenticated, ...)
NOT-FOR-US: Cisco
-CVE-2020-3497
- RESERVED
+CVE-2020-3497 (Multiple vulnerabilities in the Control and Provisioning of
Wireless A ...)
+ TODO: check
CVE-2020-3496 (A vulnerability in the IPv6 packet processing engine of Cisco
Small Bu ...)
NOT-FOR-US: Cisco
CVE-2020-3495 (A vulnerability in Cisco Jabber for Windows could allow an
authenticat ...)
NOT-FOR-US: Cisco
-CVE-2020-3494
- RESERVED
-CVE-2020-3493
- RESERVED
-CVE-2020-3492
- RESERVED
+CVE-2020-3494 (Multiple vulnerabilities in the Control and Provisioning of
Wireless A ...)
+ TODO: check
+CVE-2020-3493 (Multiple vulnerabilities in the Control and Provisioning of
Wireless A ...)
+ TODO: check
+CVE-2020-3492 (A vulnerability in the Flexible NetFlow Version 9 packet
processor of ...)
+ TODO: check
CVE-2020-3491 (A vulnerability in the web-based management interface of Cisco
Vision ...)
NOT-FOR-US: Cisco
CVE-2020-3490 (A vulnerability in the web-based management interface of Cisco
Vision ...)
NOT-FOR-US: Cisco
-CVE-2020-3489
- RESERVED
-CVE-2020-3488
- RESERVED
-CVE-2020-3487
- RESERVED
-CVE-2020-3486
- RESERVED
+CVE-2020-3489 (Multiple vulnerabilities in the Control and Provisioning of
Wireless A ...)
+ TODO: check
+CVE-2020-3488 (Multiple vulnerabilities in the Control and Provisioning of
Wireless A ...)
+ TODO: check
+CVE-2020-3487 (Multiple vulnerabilities in the Control and Provisioning of
Wireless A ...)
+ TODO: check
+CVE-2020-3486 (Multiple vulnerabilities in the Control and Provisioning of
Wireless A ...)
+ TODO: check
CVE-2020-3485 (A vulnerability in the role-based access control (RBAC)
functionality ...)
NOT-FOR-US: Cisco
CVE-2020-3484 (A vulnerability in the web-based management interface of Cisco
Vision ...)
@@ -54676,20 +54746,20 @@ CVE-2020-3481 (A vulnerability in the EGG archive
parsing module in Clam AntiVir
- clamav 0.102.4+dfsg-1
[buster] - clamav 0.102.4+dfsg-0+deb10u1
NOTE:
https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html
-CVE-2020-3480
- RESERVED
-CVE-2020-3479
- RESERVED
+CVE-2020-3480 (Multiple vulnerabilities in the Zone-Based Firewall feature of
Cisco I ...)
+ TODO: check
+CVE-2020-3479 (A vulnerability in the implementation of Multiprotocol Border
Gateway ...)
+ TODO: check
CVE-2020-3478 (A vulnerability in the REST API of Cisco Enterprise NFV
Infrastructure ...)
NOT-FOR-US: Cisco
-CVE-2020-3477
- RESERVED
-CVE-2020-3476
- RESERVED
-CVE-2020-3475
- RESERVED
-CVE-2020-3474
- RESERVED
+CVE-2020-3477 (A vulnerability in the CLI parser of Cisco IOS Software and
Cisco IOS ...)
+ TODO: check
+CVE-2020-3476 (A vulnerability in the CLI implementation of a specific command
of Cis ...)
+ TODO: check
+CVE-2020-3475 (Multiple vulnerabilities in the web management framework of
Cisco IOS ...)
+ TODO: check
+CVE-2020-3474 (Multiple vulnerabilities in the web management framework of
Cisco IOS ...)
+ TODO: check
CVE-2020-3473 (A vulnerability in task group assignment for a specific CLI
command in ...)
NOT-FOR-US: Cisco
CVE-2020-3472 (A vulnerability in the contacts feature of Cisco Webex Meetings
could ...)
@@ -54706,8 +54776,8 @@ CVE-2020-3467
RESERVED
CVE-2020-3466 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
NOT-FOR-US: Cisco
-CVE-2020-3465
- RESERVED
+CVE-2020-3465 (A vulnerability in Cisco IOS XE Software could allow an
unauthenticate ...)
+ TODO: check
CVE-2020-3464 (A vulnerability in the web-based management interface of Cisco
UCS Dir ...)
NOT-FOR-US: Cisco
CVE-2020-3463 (A vulnerability in the web-based management interface of Cisco
Webex M ...)
@@ -54778,38 +54848,38 @@ CVE-2020-3431
RESERVED
CVE-2020-3430 (A vulnerability in the application protocol handling features
of Cisco ...)
NOT-FOR-US: Cisco
-CVE-2020-3429
- RESERVED
-CVE-2020-3428
- RESERVED
+CVE-2020-3429 (A vulnerability in the WPA2 and WPA3 security implementation of
Cisco ...)
+ TODO: check
+CVE-2020-3428 (A vulnerability in the WLAN Local Profiling feature of Cisco
IOS XE Wi ...)
+ TODO: check
CVE-2020-3427
RESERVED
-CVE-2020-3426
- RESERVED
-CVE-2020-3425
- RESERVED
+CVE-2020-3426 (A vulnerability in the implementation of the Low Power, Wide
Area (LPW ...)
+ TODO: check
+CVE-2020-3425 (Multiple vulnerabilities in the web management framework of
Cisco IOS ...)
+ TODO: check
CVE-2020-3424
RESERVED
-CVE-2020-3423
- RESERVED
-CVE-2020-3422
- RESERVED
-CVE-2020-3421
- RESERVED
+CVE-2020-3423 (A vulnerability in the implementation of the Lua interpreter
that is i ...)
+ TODO: check
+CVE-2020-3422 (A vulnerability in the IP Service Level Agreement (SLA)
responder feat ...)
+ TODO: check
+CVE-2020-3421 (Multiple vulnerabilities in the Zone-Based Firewall feature of
Cisco I ...)
+ TODO: check
CVE-2020-3420
RESERVED
CVE-2020-3419
RESERVED
-CVE-2020-3418
- RESERVED
-CVE-2020-3417
- RESERVED
-CVE-2020-3416
- RESERVED
+CVE-2020-3418 (A vulnerability in Cisco IOS XE Wireless Controller Software
for Cisco ...)
+ TODO: check
+CVE-2020-3417 (A vulnerability in Cisco IOS XE Software could allow an
authenticated, ...)
+ TODO: check
+CVE-2020-3416 (Multiple vulnerabilities in the initialization routines that
are execu ...)
+ TODO: check
CVE-2020-3415 (A vulnerability in the Data Management Engine (DME) of Cisco
NX-OS Sof ...)
NOT-FOR-US: Cisco
-CVE-2020-3414
- RESERVED
+CVE-2020-3414 (A vulnerability in the packet processing of Cisco IOS XE
Software for ...)
+ TODO: check
CVE-2020-3413 (A vulnerability in the scheduled meeting template feature of
Cisco Web ...)
NOT-FOR-US: Cisco
CVE-2020-3412 (A vulnerability in the scheduled meeting template feature of
Cisco Web ...)
@@ -54818,46 +54888,46 @@ CVE-2020-3411 (A vulnerability in Cisco DNA Center
software could allow an unaut
NOT-FOR-US: Cisco
CVE-2020-3410
RESERVED
-CVE-2020-3409
- RESERVED
-CVE-2020-3408
- RESERVED
-CVE-2020-3407
- RESERVED
+CVE-2020-3409 (A vulnerability in the PROFINET feature of Cisco IOS Software
and Cisc ...)
+ TODO: check
+CVE-2020-3408 (A vulnerability in the Split DNS feature of Cisco IOS Software
and Cis ...)
+ TODO: check
+CVE-2020-3407 (A vulnerability in the RESTCONF and NETCONF-YANG access control
list ( ...)
+ TODO: check
CVE-2020-3406 (A vulnerability in the web-based management interface of the
Cisco SD- ...)
NOT-FOR-US: Cisco
CVE-2020-3405 (A vulnerability in the web UI of Cisco SD-WAN vManage Software
could a ...)
NOT-FOR-US: Cisco
-CVE-2020-3404
- RESERVED
-CVE-2020-3403
- RESERVED
+CVE-2020-3404 (A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI
of Cis ...)
+ TODO: check
+CVE-2020-3403 (A vulnerability in the CLI of Cisco IOS XE Software could allow
an aut ...)
+ TODO: check
CVE-2020-3402 (A vulnerability in the Java Remote Method Invocation (RMI)
interface o ...)
NOT-FOR-US: Cisco
CVE-2020-3401 (A vulnerability in the web-based management interface of Cisco
SD-WAN ...)
NOT-FOR-US: Cisco
-CVE-2020-3400
- RESERVED
-CVE-2020-3399
- RESERVED
+CVE-2020-3400 (A vulnerability in the web UI feature of Cisco IOS XE Software
could a ...)
+ TODO: check
+CVE-2020-3399 (A vulnerability in the Control and Provisioning of Wireless
Access Poi ...)
+ TODO: check
CVE-2020-3398 (A vulnerability in the Border Gateway Protocol (BGP) Multicast
VPN (MV ...)
NOT-FOR-US: Cisco
CVE-2020-3397 (A vulnerability in the Border Gateway Protocol (BGP) Multicast
VPN (MV ...)
NOT-FOR-US: Cisco
-CVE-2020-3396
- RESERVED
+CVE-2020-3396 (A vulnerability in the file system on the pluggable USB 3.0
Solid Stat ...)
+ TODO: check
CVE-2020-3395
RESERVED
CVE-2020-3394 (A vulnerability in the Enable Secret feature of Cisco Nexus
3000 Serie ...)
NOT-FOR-US: Cisco
-CVE-2020-3393
- RESERVED
+CVE-2020-3393 (A vulnerability in the application-hosting subsystem of Cisco
IOS XE S ...)
+ TODO: check
CVE-2020-3392
RESERVED
CVE-2020-3391 (A vulnerability in Cisco Digital Network Architecture (DNA)
Center cou ...)
NOT-FOR-US: Cisco
-CVE-2020-3390
- RESERVED
+CVE-2020-3390 (A vulnerability in Simple Network Management Protocol (SNMP)
trap gene ...)
+ TODO: check
CVE-2020-3389 (A vulnerability in the installation component of Cisco
Hyperflex HX-Se ...)
NOT-FOR-US: Cisco
CVE-2020-3388 (A vulnerability in the CLI of Cisco SD-WAN vManage Software
could allo ...)
@@ -54918,8 +54988,8 @@ CVE-2020-3361 (A vulnerability in Cisco Webex Meetings
and Cisco Webex Meetings
NOT-FOR-US: Cisco
CVE-2020-3360 (A vulnerability in the Web Access feature of Cisco IP Phones
Series 78 ...)
NOT-FOR-US: Cisco
-CVE-2020-3359
- RESERVED
+CVE-2020-3359 (A vulnerability in the multicast DNS (mDNS) feature of Cisco
IOS XE So ...)
+ TODO: check
CVE-2020-3358 (A vulnerability in the Secure Sockets Layer (SSL) VPN feature
for Cisc ...)
NOT-FOR-US: Cisco
CVE-2020-3357 (A vulnerability in the Secure Sockets Layer (SSL) VPN feature
of Cisco ...)
@@ -55366,8 +55436,8 @@ CVE-2020-3143 (A vulnerability in the video endpoint
API (xAPI) of Cisco TelePre
NOT-FOR-US: Cisco
CVE-2020-3142 (A vulnerability in Cisco Webex Meetings Suite sites and Cisco
Webex Me ...)
NOT-FOR-US: Cisco
-CVE-2020-3141
- RESERVED
+CVE-2020-3141 (Multiple vulnerabilities in the web management framework of
Cisco IOS ...)
+ TODO: check
CVE-2020-3140 (A vulnerability in the web management interface of Cisco Prime
License ...)
NOT-FOR-US: Cisco
CVE-2020-3139 (A vulnerability in the out of band (OOB) management interface
IP table ...)
@@ -65503,7 +65573,8 @@ CVE-2020-0437
RESERVED
CVE-2020-0436
RESERVED
-CVE-2020-0435 (In inline_data_addr of f2fs.h, there is a possible out of
bounds write ...)
+CVE-2020-0435
+ REJECTED
- linux 4.19.9-1
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: git.kernel.org/linus/18dd6470c2d14d10f5a2dd926925dc80dbd3abfd
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47d2cc7d24d7b2d511f864f668c83dbf42ea0352
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47d2cc7d24d7b2d511f864f668c83dbf42ea0352
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
