[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 23 Oct 2020 13:11:28 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ef83c211 by security tracker role at 2020-10-23T20:10:31+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5161,8 +5161,8 @@ CVE-2020-25485
        RESERVED
 CVE-2020-25484
        RESERVED
-CVE-2020-25483
-       RESERVED
+CVE-2020-25483 (An arbitrary command execution vulnerability exists in the 
fopen() fun ...)
+       TODO: check
 CVE-2020-25482
        RESERVED
 CVE-2020-25481
@@ -5195,8 +5195,8 @@ CVE-2020-25468
        RESERVED
 CVE-2020-25467
        RESERVED
-CVE-2020-25466
-       RESERVED
+CVE-2020-25466 (A SSRF vulnerability exists in the downloadimage interface of 
CRMEB 3. ...)
+       TODO: check
 CVE-2020-25465
        RESERVED
 CVE-2020-25464
@@ -6569,10 +6569,10 @@ CVE-2020-24850
        RESERVED
 CVE-2020-24849
        RESERVED
-CVE-2020-24848
-       RESERVED
-CVE-2020-24847
-       RESERVED
+CVE-2020-24848 (FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL 
: ALL) N ...)
+       TODO: check
+CVE-2020-24847 (A Cross-Site Request Forgery (CSRF) vulnerability is 
identified in Fru ...)
+       TODO: check
 CVE-2020-24846
        RESERVED
 CVE-2020-24845
@@ -27683,6 +27683,7 @@ CVE-2020-14805 (Vulnerability in the Oracle E-Business 
Suite Secure Enterprise S
 CVE-2020-14804 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        - mysql-8.0 <unfixed>
 CVE-2020-14803 (Vulnerability in the Java SE product of Oracle Java SE 
(component: Lib ...)
+       {DLA-2412-1}
        - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
@@ -27695,14 +27696,17 @@ CVE-2020-14800 (Vulnerability in the MySQL Server 
product of Oracle MySQL (compo
 CVE-2020-14799 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        - mysql-8.0 <unfixed>
 CVE-2020-14798 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
+       {DLA-2412-1}
        - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
 CVE-2020-14797 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
+       {DLA-2412-1}
        - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
 CVE-2020-14796 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
+       {DLA-2412-1}
        - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
@@ -27714,6 +27718,7 @@ CVE-2020-14793 (Vulnerability in the MySQL Server 
product of Oracle MySQL (compo
        - mysql-5.7 <unfixed>
        - mysql-8.0 <unfixed>
 CVE-2020-14792 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
+       {DLA-2412-1}
        - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
@@ -27738,16 +27743,19 @@ CVE-2020-14784 (Vulnerability in the Oracle BI 
Publisher product of Oracle Fusio
 CVE-2020-14783 (Vulnerability in the Oracle Hospitality RES 3700 product of 
Oracle Foo ...)
        NOT-FOR-US: Oracle
 CVE-2020-14782 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
+       {DLA-2412-1}
        - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
 CVE-2020-14781 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
+       {DLA-2412-1}
        - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
 CVE-2020-14780 (Vulnerability in the BI Publisher product of Oracle Fusion 
Middleware  ...)
        NOT-FOR-US: Oracle
 CVE-2020-14779 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
+       {DLA-2412-1}
        - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
@@ -52008,8 +52016,8 @@ CVE-2020-5992
        RESERVED
 CVE-2020-5991
        RESERVED
-CVE-2020-5990
-       RESERVED
+CVE-2020-5990 (NVIDIA GeForce Experience, all versions prior to 3.20.5.70, 
contains a ...)
+       TODO: check
 CVE-2020-5989 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU 
plugin ...)
        NOT-FOR-US: NVIDIA Virtual GPU Manager
 CVE-2020-5988 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU 
plugin ...)
@@ -52032,10 +52040,10 @@ CVE-2020-5980 (NVIDIA Windows GPU Display Driver, all 
versions, contains a vulne
        NOT-FOR-US: NVIDIA Windows GPU Display Driver
 CVE-2020-5979 (NVIDIA Windows GPU Display Driver, all versions, contains a 
vulnerabil ...)
        NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2020-5978
-       RESERVED
-CVE-2020-5977
-       RESERVED
+CVE-2020-5978 (NVIDIA GeForce Experience, all versions prior to 3.20.5.70, 
contains a ...)
+       TODO: check
+CVE-2020-5977 (NVIDIA GeForce Experience, all versions prior to 3.20.5.70, 
contains a ...)
+       TODO: check
 CVE-2020-5976 (NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) 
and vers ...)
        NOT-FOR-US: NVIDIA GeForce NOW
 CVE-2020-5975 (NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and 
macOS, con ...)
@@ -56747,10 +56755,10 @@ CVE-2020-4000
        RESERVED
 CVE-2020-3999
        RESERVED
-CVE-2020-3998
-       RESERVED
-CVE-2020-3997
-       RESERVED
+CVE-2020-3998 (VMware Horizon Client for Windows (5.x prior to 5.5.0) contains 
an inf ...)
+       TODO: check
+CVE-2020-3997 (VMware Horizon Server (7.x prior to 7.10.3 or 7.13.0) contains 
a Cross ...)
+       TODO: check
 CVE-2020-3996 (Velero (prior to 1.4.3 and 1.5.2) in some instances 
doesn&#8217;t prop ...)
        NOT-FOR-US: Velero
 CVE-2020-3995 (In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before 
ESXi650-20 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef83c211b817417e86f2edb5f392dfd34bf2af21

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef83c211b817417e86f2edb5f392dfd34bf2af21
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to