[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Tue, 20 Oct 2020 01:11:13 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3f24628c by security tracker role at 2020-10-20T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2020-27344
+       RESERVED
+CVE-2020-27343
+       RESERVED
+CVE-2020-27342
+       RESERVED
+CVE-2020-27341
+       RESERVED
+CVE-2020-27340
+       RESERVED
+CVE-2020-27339
+       RESERVED
+CVE-2020-27338
+       RESERVED
+CVE-2020-27337
+       RESERVED
+CVE-2020-27336
+       RESERVED
 CVE-2020-27335
        RESERVED
 CVE-2020-27334
@@ -6392,10 +6410,10 @@ CVE-2020-24390 (eonweb in EyesOfNetwork before 5.3-7 
does not properly escape th
        NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2020-24389
        RESERVED
-CVE-2020-24388
-       RESERVED
-CVE-2020-24387
-       RESERVED
+CVE-2020-24388 (An issue was discovered in the _send_secure_msg() function of 
yubihsm- ...)
+       TODO: check
+CVE-2020-24387 (An issue was discovered in the yh_create_session() function of 
yubihsm ...)
+       TODO: check
 CVE-2020-24386
        RESERVED
 CVE-2020-24385 (In MidnightBSD before 1.2.6 and 1.3 before August 2020, and 
FreeBSD be ...)
@@ -25405,12 +25423,12 @@ CVE-2020-15265
        RESERVED
 CVE-2020-15264
        RESERVED
-CVE-2020-15263
-       RESERVED
-CVE-2020-15262
-       RESERVED
-CVE-2020-15261
-       RESERVED
+CVE-2020-15263 (In platform before version 9.4.4, inline attributes are not 
properly e ...)
+       TODO: check
+CVE-2020-15262 (In webpack-subresource-integrity before version 1.5.1, all 
dynamically ...)
+       TODO: check
+CVE-2020-15261 (On Windows the Veyon Service before version 4.4.2 contains an 
unquoted ...)
+       TODO: check
 CVE-2020-15260
        RESERVED
 CVE-2020-15259
@@ -25419,8 +25437,8 @@ CVE-2020-15258 (In Wire before 3.20.x, 
`shell.openExternal` was used without che
        NOT-FOR-US: Wire app
 CVE-2020-15257
        RESERVED
-CVE-2020-15256
-       RESERVED
+CVE-2020-15256 (A prototype pollution vulnerability has been found in 
`object-path` &l ...)
+       TODO: check
 CVE-2020-15255 (In Anuko Time Tracker before verion 1.19.23.5325, due to not 
properly  ...)
        NOT-FOR-US: Anuko Time Tracker
 CVE-2020-15254 (Crossbeam is a set of tools for concurrent programming. In 
crossbeam-c ...)
@@ -25443,8 +25461,8 @@ CVE-2020-15247
        RESERVED
 CVE-2020-15246
        RESERVED
-CVE-2020-15245
-       RESERVED
+CVE-2020-15245 (In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may 
registe ...)
+       TODO: check
 CVE-2020-15244
        RESERVED
 CVE-2020-15243 (Affected versions of Smartstore have a missing WebApi 
Authentication a ...)
@@ -29026,8 +29044,8 @@ CVE-2020-13939
        REJECTED
 CVE-2020-13938
        RESERVED
-CVE-2020-13937
-       RESERVED
+CVE-2020-13937 (Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 
2.4.1, 2 ...)
+       TODO: check
 CVE-2020-13936
        RESERVED
 CVE-2020-13935 (The payload length in a WebSocket frame was not correctly 
validated in ...)
@@ -38833,8 +38851,8 @@ CVE-2020-10748 (A flaw was found in Keycloak's data 
filter, in version 10.0.1, w
        NOT-FOR-US: Keycloak
 CVE-2020-10747
        REJECTED
-CVE-2020-10746
-       RESERVED
+CVE-2020-10746 (A flaw was found in Infinispan version 10, where it permits 
local acce ...)
+       TODO: check
 CVE-2020-10745 (A flaw was found in all Samba versions before 4.10.17, before 
4.11.11  ...)
        - samba 2:4.12.5+dfsg-1
        [buster] - samba <postponed> (Minor issue, fix along in next DSA)
@@ -42535,8 +42553,8 @@ CVE-2020-9265 (phpMyChat-Plus 1.98 is vulnerable to 
multiple SQL injections agai
        NOT-FOR-US: phpMyChat-Plus
 CVE-2020-9264 (ESET Archive Support Module before 1296 allows virus-detection 
bypass  ...)
        NOT-FOR-US: ESET
-CVE-2020-9263
-       RESERVED
+CVE-2020-9263 (HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) 
and HUAWE ...)
+       TODO: check
 CVE-2020-9262 (HUAWEI Mate 30 with versions earlier than 
10.1.0.150(C00E136R5P3) have ...)
        NOT-FOR-US: HUAWEI
 CVE-2020-9261 (HUAWEI Mate 30 with versions earlier than 
10.1.0.150(C00E136R5P3) have ...)
@@ -42835,12 +42853,12 @@ CVE-2020-9115
        RESERVED
 CVE-2020-9114
        RESERVED
-CVE-2020-9113
-       RESERVED
-CVE-2020-9112
-       RESERVED
-CVE-2020-9111
-       RESERVED
+CVE-2020-9113 (HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) 
have a buf ...)
+       TODO: check
+CVE-2020-9112 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have 
a priv ...)
+       TODO: check
+CVE-2020-9111 (E6878-370 versions 
10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E ...)
+       TODO: check
 CVE-2020-9110 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have 
an inf ...)
        NOT-FOR-US: Huawei
 CVE-2020-9109 (There is an information disclosure vulnerability in several 
smartphone ...)
@@ -42877,8 +42895,8 @@ CVE-2020-9094
        RESERVED
 CVE-2020-9093
        RESERVED
-CVE-2020-9092
-       RESERVED
+CVE-2020-9092 (HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) 
have a Ja ...)
+       TODO: check
 CVE-2020-9091 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have 
an out ...)
        NOT-FOR-US: Huawei
 CVE-2020-9090 (FusionAccess version 6.5.1 has an improper authorization 
vulnerability ...)
@@ -50541,10 +50559,10 @@ CVE-2020-6087 (An exploitable denial of service 
vulnerability exists in the ENIP
        NOT-FOR-US: Allen-Bradley Flex IO
 CVE-2020-6086 (An exploitable denial of service vulnerability exists in the 
ENIP Requ ...)
        NOT-FOR-US: Allen-Bradley Flex IO
-CVE-2020-6085
-       RESERVED
-CVE-2020-6084
-       RESERVED
+CVE-2020-6085 (An exploitable denial of service vulnerability exists in the 
ENIP Requ ...)
+       TODO: check
+CVE-2020-6084 (An exploitable denial of service vulnerability exists in the 
ENIP Requ ...)
+       TODO: check
 CVE-2020-6083 (An exploitable denial of service vulnerability exists in the 
ENIP Requ ...)
        NOT-FOR-US: Allen-Bradley Flex IO
 CVE-2020-6082 (An exploitable out-of-bounds write vulnerability exists in the 
ico_rea ...)
@@ -83324,8 +83342,8 @@ CVE-2019-13635 (The WP Fastest Cache plugin through 
0.8.9.5 for WordPress allows
        NOT-FOR-US: WP Fastest Cache plugin for WordPress
 CVE-2019-13634
        RESERVED
-CVE-2019-13633
-       RESERVED
+CVE-2019-13633 (Blinger.io v.1.0.2519 is vulnerable to Blind/Persistent XSS. 
An attack ...)
+       TODO: check
 CVE-2019-13632
        RESERVED
 CVE-2019-13631 (In parse_hid_report_descriptor in drivers/input/tablet/gtco.c 
in the L ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f24628c3eda3b0d4e57119537fc9ae0ee5457ee

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f24628c3eda3b0d4e57119537fc9ae0ee5457ee
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to