[Git][security-tracker-team/security-tracker][master] automatic update

Wed, 18 Nov 2020 00:10:36 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
62bad4a3 by security tracker role at 2020-11-18T08:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2020-28914 (An improper file permissions vulnerability affects Kata 
Containers pri ...)
+       TODO: check
+CVE-2020-28913
+       RESERVED
+CVE-2020-28912
+       RESERVED
 CVE-2020-28911
        RESERVED
 CVE-2020-28910
@@ -4170,8 +4176,8 @@ CVE-2020-28185
        RESERVED
 CVE-2020-28184
        RESERVED
-CVE-2020-28183
-       RESERVED
+CVE-2020-28183 (SQL injection vulnerability in SourceCodester Water Billing 
System 1.0 ...)
+       TODO: check
 CVE-2020-28182
        RESERVED
 CVE-2020-28181
@@ -4277,10 +4283,10 @@ CVE-2020-28132
        RESERVED
 CVE-2020-28131
        RESERVED
-CVE-2020-28130
-       RESERVED
-CVE-2020-28129
-       RESERVED
+CVE-2020-28130 (An Arbitrary File Upload in the Upload Image component in 
SourceCodest ...)
+       TODO: check
+CVE-2020-28129 (Stored Cross-site scripting (XSS) vulnerability in 
SourceCodester Gym  ...)
+       TODO: check
 CVE-2020-28128
        RESERVED
 CVE-2020-28127
@@ -4353,8 +4359,8 @@ CVE-2020-28094
        RESERVED
 CVE-2020-28093
        RESERVED
-CVE-2020-28092
-       RESERVED
+CVE-2020-28092 (PESCMS Team 2.3.2 has multiple reflected XSS via the id 
parameter:?g=T ...)
+       TODO: check
 CVE-2020-28091
        RESERVED
 CVE-2020-28090
@@ -8325,18 +8331,18 @@ CVE-2020-26555
        RESERVED
 CVE-2020-26554
        RESERVED
-CVE-2020-26553
-       RESERVED
-CVE-2020-26552
-       RESERVED
-CVE-2020-26551
-       RESERVED
-CVE-2020-26550
-       RESERVED
-CVE-2020-26549
-       RESERVED
-CVE-2020-26548
-       RESERVED
+CVE-2020-26553 (An issue was discovered in Aviatrix Controller before 
R6.0.2483. Sever ...)
+       TODO: check
+CVE-2020-26552 (An issue was discovered in Aviatrix Controller before 
R6.0.2483. Multi ...)
+       TODO: check
+CVE-2020-26551 (An issue was discovered in Aviatrix Controller before 
R5.3.1151. Encry ...)
+       TODO: check
+CVE-2020-26550 (An issue was discovered in Aviatrix Controller before 
R5.3.1151. An en ...)
+       TODO: check
+CVE-2020-26549 (An issue was discovered in Aviatrix Controller before 
R5.4.1290. The h ...)
+       TODO: check
+CVE-2020-26548 (An issue was discovered in Aviatrix Controller before 
R5.4.1290. There ...)
+       TODO: check
 CVE-2020-26547
        RESERVED
 CVE-2020-26546 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in 
HelpDeskZ 1 ...)
@@ -9012,8 +9018,8 @@ CVE-2020-26217 (XStream before version 1.4.14 is 
vulnerable to Remote Code Execu
        NOTE: https://x-stream.github.io/CVE-2020-26217.html
        NOTE: 
https://github.com/x-stream/xstream/security/advisories/GHSA-mw36-7c6c-q4q2
        NOTE: 
https://github.com/x-stream/xstream/commit/0fec095d534126931c99fd38e9c6d41f5c685c1a
-CVE-2020-26216
-       RESERVED
+CVE-2020-26216 (TYPO3 Fluid before versions 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 
2.5.11  ...)
+       TODO: check
 CVE-2020-26215
        RESERVED
 CVE-2020-26214 (In Alerta before version 8.1.0, users may be able to bypass 
LDAP authe ...)
@@ -9541,8 +9547,8 @@ CVE-2020-25990 (WebsiteBaker 2.12.2 allows SQL Injection 
via parameter 'display_
        NOT-FOR-US: WebsiteBaker
 CVE-2020-25989
        RESERVED
-CVE-2020-25988
-       RESERVED
+CVE-2020-25988 (UPNP/Freeciv Service on port 5555 in Genexis Platinum 4410 
Router V2.1 ...)
+       TODO: check
 CVE-2020-25987 (MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml 
file in ...)
        NOT-FOR-US: MonoCMS Blog
 CVE-2020-25986 (A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS 
Blog 1.0  ...)
@@ -9737,8 +9743,8 @@ CVE-2020-25892
        RESERVED
 CVE-2020-25891
        RESERVED
-CVE-2020-25890
-       RESERVED
+CVE-2020-25890 (The web application of Kyocera printer (ECOSYS M2640IDW) is 
affected b ...)
+       TODO: check
 CVE-2020-25889
        RESERVED
 CVE-2020-25888



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62bad4a32c1e060a61bcb3c1cf889f870c2f95df

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62bad4a32c1e060a61bcb3c1cf889f870c2f95df
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to