[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Wed, 18 Nov 2020 12:10:50 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
24dcd49c by security tracker role at 2020-11-18T20:10:30+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2020-28934
+       RESERVED
+CVE-2020-28933
+       RESERVED
+CVE-2020-28932
+       RESERVED
+CVE-2020-28931
+       RESERVED
+CVE-2020-28930
+       RESERVED
+CVE-2020-28929
+       RESERVED
+CVE-2020-28928
+       RESERVED
+CVE-2020-28927
+       RESERVED
+CVE-2020-28926
+       RESERVED
+CVE-2020-28925
+       RESERVED
+CVE-2020-28924
+       RESERVED
+CVE-2020-28923
+       RESERVED
+CVE-2020-28922
+       RESERVED
+CVE-2020-28921
+       RESERVED
+CVE-2020-28920
+       RESERVED
+CVE-2020-28919
+       RESERVED
+CVE-2020-28918
+       RESERVED
+CVE-2020-28917 (An issue was discovered in the view_statistics (aka View 
frontend stat ...)
+       TODO: check
+CVE-2020-28916
+       RESERVED
+CVE-2020-28915 (A buffer over-read (at the framebuffer layer) in the fbcon 
code in the ...)
+       TODO: check
 CVE-2020-28914 (An improper file permissions vulnerability affects Kata 
Containers pri ...)
        TODO: check
 CVE-2020-28913
@@ -378,8 +418,8 @@ CVE-2020-28726
        RESERVED
 CVE-2020-28725
        RESERVED
-CVE-2020-28724
-       RESERVED
+CVE-2020-28724 (Open redirect vulnerability in werkzeug before 0.11.6 via a 
double sla ...)
+       TODO: check
 CVE-2020-28723 (Memory leak in IPv6Param::setAddress in CloudAvid PParam 
1.3.1. ...)
        NOT-FOR-US: CloudAvid
 CVE-2020-28722
@@ -1669,14 +1709,14 @@ CVE-2020-28583
        RESERVED
 CVE-2020-28582
        RESERVED
-CVE-2020-28581
-       RESERVED
-CVE-2020-28580
-       RESERVED
-CVE-2020-28579
-       RESERVED
-CVE-2020-28578
-       RESERVED
+CVE-2020-28581 (A command injection vulnerability in ModifyVLANItem of Trend 
Micro Int ...)
+       TODO: check
+CVE-2020-28580 (A command injection vulnerability in AddVLANItem of Trend 
Micro InterS ...)
+       TODO: check
+CVE-2020-28579 (A vulnerability in Trend Micro InterScan Web Security Virtual 
Applianc ...)
+       TODO: check
+CVE-2020-28578 (A vulnerability in Trend Micro InterScan Web Security Virtual 
Applianc ...)
+       TODO: check
 CVE-2020-28577
        RESERVED
 CVE-2021-1125
@@ -1833,12 +1873,12 @@ CVE-2020-28576
        RESERVED
 CVE-2020-28575
        RESERVED
-CVE-2020-28574
-       RESERVED
+CVE-2020-28574 (A unauthenticated path traversal arbitrary remote file 
deletion vulner ...)
+       TODO: check
 CVE-2020-28573
        RESERVED
-CVE-2020-28572
-       RESERVED
+CVE-2020-28572 (A vulnerability in Trend Micro Apex One could allow an 
unprivileged us ...)
+       TODO: check
 CVE-2020-28571
        RESERVED
 CVE-2020-28570
@@ -2261,8 +2301,7 @@ CVE-2020-28368 (Xen through 4.14.x allows guest OS 
administrators to obtain sens
        - xen <unfixed>
        [stretch] - xen <end-of-life> (DSA 4602-1)
        NOTE: https://xenbits.xen.org/xsa/advisory-351.html
-CVE-2020-28367
-       RESERVED
+CVE-2020-28367 (Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument 
Injection. ...)
        - golang-1.15 1.15.5-1
        - golang-1.11 <removed>
        - golang-1.8 <removed>
@@ -2270,8 +2309,7 @@ CVE-2020-28367
        [stretch] - golang-1.7 <ignored> (validation of cgo flags first 
introduced in golang-1.8)
        NOTE: 
https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM/m/fLguyiM2CAAJ
        NOTE: https://github.com/golang/go/issues/42556
-CVE-2020-28366
-       RESERVED
+CVE-2020-28366 (Go before 1.14.12 and 1.15.x before 1.15.5 allows Code 
Injection. ...)
        - golang-1.15 1.15.5-1
        - golang-1.11 <removed>
        - golang-1.8 <removed>
@@ -2286,8 +2324,7 @@ CVE-2020-28364 (A stored cross-site scripting (XSS) 
vulnerability affects the We
        NOT-FOR-US: Locust
 CVE-2020-28363
        RESERVED
-CVE-2020-28362
-       RESERVED
+CVE-2020-28362 (Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of 
Service. ...)
        - golang-1.15 1.15.5-1
        - golang-1.11 <removed>
        - golang-1.8 <removed>
@@ -2300,8 +2337,8 @@ CVE-2020-XXXX [slab-out-of-bounds Read in fbcon]
        - linux <unfixed>
        NOTE: 
https://git.kernel.org/linus/3c4e0dff2095c579b142d5a0693257f1c58b4804
        NOTE: https://www.openwall.com/lists/oss-security/2020/11/09/2
-CVE-2020-28361
-       RESERVED
+CVE-2020-28361 (Kamailio before 5.4.0, as used in Sip Express Router (SER) in 
Sippy So ...)
+       TODO: check
 CVE-2020-28360
        RESERVED
 CVE-2020-28359
@@ -4364,8 +4401,8 @@ CVE-2020-28093
        RESERVED
 CVE-2020-28092 (PESCMS Team 2.3.2 has multiple reflected XSS via the id 
parameter:?g=T ...)
        NOT-FOR-US: PESCMS Team
-CVE-2020-28091
-       RESERVED
+CVE-2020-28091 (cxuucms v3 has a SQL injection vulnerability, which can lead 
to the le ...)
+       TODO: check
 CVE-2020-28090
        RESERVED
 CVE-2020-28089
@@ -4585,8 +4622,8 @@ CVE-2020-25692 [vulnerability with slapd normalization 
handling with modrdn]
        NOTE: 
https://git.openldap.org/openldap/openldap/-/commit/4c774220a752bf8e3284984890dc0931fe73165d
 CVE-2020-28006
        RESERVED
-CVE-2020-28005
-       RESERVED
+CVE-2020-28005 (httpd on TP-Link TL-WPA4220 devices (hardware versions 2 
through 4) al ...)
+       TODO: check
 CVE-2020-28004
        RESERVED
 CVE-2020-28003
@@ -5429,12 +5466,12 @@ CVE-2020-27699
        RESERVED
 CVE-2020-27698
        RESERVED
-CVE-2020-27697
-       RESERVED
-CVE-2020-27696
-       RESERVED
-CVE-2020-27695
-       RESERVED
+CVE-2020-27697 (Trend Micro Security 2020 (Consumer) contains a vulnerability 
in the i ...)
+       TODO: check
+CVE-2020-27696 (Trend Micro Security 2020 (Consumer) contains a vulnerability 
in the i ...)
+       TODO: check
+CVE-2020-27695 (Trend Micro Security 2020 (Consumer) contains a vulnerability 
in the i ...)
+       TODO: check
 CVE-2020-27694 (Trend Micro InterScan Messaging Security Virtual Appliance 
(IMSVA) 9.1 ...)
        NOT-FOR-US: Trend Micro
 CVE-2020-27693 (Trend Micro InterScan Messaging Security Virtual Appliance 
(IMSVA) 9.1 ...)
@@ -7042,8 +7079,8 @@ CVE-2020-27128 (A vulnerability in the application data 
endpoints of Cisco SD-WA
        NOT-FOR-US: Cisco
 CVE-2020-27127
        RESERVED
-CVE-2020-27126
-       RESERVED
+CVE-2020-27126 (A vulnerability in an API of Cisco Webex Meetings could allow 
an unaut ...)
+       TODO: check
 CVE-2020-27125 (A vulnerability in Cisco Security Manager could allow an 
unauthenticat ...)
        NOT-FOR-US: Cisco
 CVE-2020-27124
@@ -7362,6 +7399,7 @@ CVE-2020-26969
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26969
 CVE-2020-26968
        RESERVED
+       {DSA-4793-1}
        - firefox 83.0-1
        - firefox-esr 78.5.0esr-1
        - thunderbird <unfixed>
@@ -7382,6 +7420,7 @@ CVE-2020-26966
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26966
 CVE-2020-26965
        RESERVED
+       {DSA-4793-1}
        - firefox 83.0-1
        - firefox-esr 78.5.0esr-1
        - thunderbird <unfixed>
@@ -7402,6 +7441,7 @@ CVE-2020-26962
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26962
 CVE-2020-26961
        RESERVED
+       {DSA-4793-1}
        - firefox 83.0-1
        - firefox-esr 78.5.0esr-1
        - thunderbird <unfixed>
@@ -7410,6 +7450,7 @@ CVE-2020-26961
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26961
 CVE-2020-26960
        RESERVED
+       {DSA-4793-1}
        - firefox 83.0-1
        - firefox-esr 78.5.0esr-1
        - thunderbird <unfixed>
@@ -7418,6 +7459,7 @@ CVE-2020-26960
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26960
 CVE-2020-26959
        RESERVED
+       {DSA-4793-1}
        - firefox 83.0-1
        - firefox-esr 78.5.0esr-1
        - thunderbird <unfixed>
@@ -7426,6 +7468,7 @@ CVE-2020-26959
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26959
 CVE-2020-26958
        RESERVED
+       {DSA-4793-1}
        - firefox 83.0-1
        - firefox-esr 78.5.0esr-1
        - thunderbird <unfixed>
@@ -7438,6 +7481,7 @@ CVE-2020-26957
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26957
 CVE-2020-26956
        RESERVED
+       {DSA-4793-1}
        - firefox 83.0-1
        - firefox-esr 78.5.0esr-1
        - thunderbird <unfixed>
@@ -7454,6 +7498,7 @@ CVE-2020-26954
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26954
 CVE-2020-26953
        RESERVED
+       {DSA-4793-1}
        - firefox 83.0-1
        - firefox-esr 78.5.0esr-1
        - thunderbird <unfixed>
@@ -7466,6 +7511,7 @@ CVE-2020-26952
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26952
 CVE-2020-26951
        RESERVED
+       {DSA-4793-1}
        - firefox 83.0-1
        - firefox-esr 78.5.0esr-1
        - thunderbird <unfixed>
@@ -7520,8 +7566,8 @@ CVE-2020-26934 (phpMyAdmin before 4.9.6 and 5.x before 
5.0.3 allows XSS through
        - phpmyadmin 4:4.9.7+dfsg1-1 (bug #971999)
        NOTE: https://www.phpmyadmin.net/security/PMASA-2020-5/
        NOTE: 
https://github.com/phpmyadmin/phpmyadmin/commit/19df63b0365621427697edc185ff7c9c5707c523
-CVE-2020-26933
-       RESERVED
+CVE-2020-26933 (Trusted Computing Group (TCG) Trusted Platform Module Library 
Family 2 ...)
+       TODO: check
 CVE-2020-26931 (Certain NETGEAR devices are affected by disclosure of 
sensitive inform ...)
        NOT-FOR-US: Netgear
 CVE-2020-26930 (NETGEAR EX7700 devices before 1.0.0.210 are affected by 
incorrect conf ...)
@@ -7618,8 +7664,8 @@ CVE-2020-26886
        RESERVED
 CVE-2020-26885
        RESERVED
-CVE-2020-26884
-       RESERVED
+CVE-2020-26884 (RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL 
injection vulner ...)
+       TODO: check
 CVE-2020-26883 (In Play Framework 2.6.0 through 2.8.2, stack consumption can 
occur bec ...)
        NOT-FOR-US: Play Framework
 CVE-2020-26882 (In Play Framework 2.6.0 through 2.8.2, data amplification can 
occur wh ...)
@@ -8338,8 +8384,8 @@ CVE-2020-26556
        RESERVED
 CVE-2020-26555
        RESERVED
-CVE-2020-26554
-       RESERVED
+CVE-2020-26554 (REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an 
incoming HTML  ...)
+       TODO: check
 CVE-2020-26553 (An issue was discovered in Aviatrix Controller before 
R6.0.2483. Sever ...)
        NOT-FOR-US: Aviatrix
 CVE-2020-26552 (An issue was discovered in Aviatrix Controller before 
R6.0.2483. Multi ...)
@@ -9335,8 +9381,8 @@ CVE-2020-26098 (cPanel before 88.0.3 mishandles the Exim 
filter path, leading to
 CVE-2016-11086 (lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for 
Ruby doe ...)
        - ruby-oauth <unfixed> (bug #970932)
        NOTE: https://github.com/oauth-xx/oauth-ruby/issues/137
-CVE-2020-26097
-       RESERVED
+CVE-2020-26097 (** UNSUPPORTED WHEN ASSIGNED ** The firmware of the PLANET 
Technology  ...)
+       TODO: check
 CVE-2020-26096
        RESERVED
 CVE-2020-26095
@@ -9365,34 +9411,34 @@ CVE-2020-26083 (A vulnerability in the web-based 
management interface of Cisco I
        NOT-FOR-US: Cisco
 CVE-2020-26082
        RESERVED
-CVE-2020-26081
-       RESERVED
-CVE-2020-26080
-       RESERVED
-CVE-2020-26079
-       RESERVED
-CVE-2020-26078
-       RESERVED
-CVE-2020-26077
-       RESERVED
-CVE-2020-26076
-       RESERVED
-CVE-2020-26075
-       RESERVED
+CVE-2020-26081 (Multiple vulnerabilities in the web UI of Cisco IoT Field 
Network Dire ...)
+       TODO: check
+CVE-2020-26080 (A vulnerability in the user management functionality of Cisco 
IoT Fiel ...)
+       TODO: check
+CVE-2020-26079 (A vulnerability in the web UI of Cisco IoT Field Network 
Director (FND ...)
+       TODO: check
+CVE-2020-26078 (A vulnerability in the file system of Cisco IoT Field Network 
Director ...)
+       TODO: check
+CVE-2020-26077 (A vulnerability in the access control functionality of Cisco 
IoT Field ...)
+       TODO: check
+CVE-2020-26076 (A vulnerability in Cisco IoT Field Network Director (FND) 
could allow  ...)
+       TODO: check
+CVE-2020-26075 (A vulnerability in the REST API of Cisco IoT Field Network 
Director (F ...)
+       TODO: check
 CVE-2020-26074
        RESERVED
 CVE-2020-26073
        RESERVED
-CVE-2020-26072
-       RESERVED
+CVE-2020-26072 (A vulnerability in the SOAP API of Cisco IoT Field Network 
Director (F ...)
+       TODO: check
 CVE-2020-26071
        RESERVED
 CVE-2020-26070 (A vulnerability in the ingress packet processing function of 
Cisco IOS ...)
        NOT-FOR-US: Cisco
 CVE-2020-26069
        RESERVED
-CVE-2020-26068
-       RESERVED
+CVE-2020-26068 (A vulnerability in the xAPI service of Cisco Telepresence CE 
Software  ...)
+       TODO: check
 CVE-2020-26067
        RESERVED
 CVE-2020-26066
@@ -9556,7 +9602,7 @@ CVE-2020-25990 (WebsiteBaker 2.12.2 allows SQL Injection 
via parameter 'display_
        NOT-FOR-US: WebsiteBaker
 CVE-2020-25989
        RESERVED
-CVE-2020-25988 (UPNP/Freeciv Service on port 5555 in Genexis Platinum 4410 
Router V2.1 ...)
+CVE-2020-25988 (UPNP Service listening on port 5555 in Genexis Platinum 4410 
Router V2 ...)
        TODO: check
 CVE-2020-25987 (MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml 
file in ...)
        NOT-FOR-US: MonoCMS Blog
@@ -10988,8 +11034,8 @@ CVE-2020-25408
        RESERVED
 CVE-2020-25407
        RESERVED
-CVE-2020-25406
-       RESERVED
+CVE-2020-25406 (app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows 
users to  ...)
+       TODO: check
 CVE-2020-25405
        RESERVED
 CVE-2020-25404
@@ -12500,8 +12546,8 @@ CVE-2020-24725
        RESERVED
 CVE-2020-24724
        RESERVED
-CVE-2020-24723
-       RESERVED
+CVE-2020-24723 (Cross Site Scripting (XSS) vulnerability in the Registration 
page of t ...)
+       TODO: check
 CVE-2020-24722 (** DISPUTED ** An issue was discovered in the GAEN (aka 
Google/Apple E ...)
        NOT-FOR-US: GAEN (Google Apple Encounter Notification) protocol
 CVE-2020-24721 (An issue was discovered in the GAEN (aka Google/Apple Exposure 
Notific ...)
@@ -13462,8 +13508,8 @@ CVE-2020-24299
        RESERVED
 CVE-2020-24298
        RESERVED
-CVE-2020-24297
-       RESERVED
+CVE-2020-24297 (httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) 
allows remo ...)
+       TODO: check
 CVE-2020-24296
        RESERVED
 CVE-2020-24295
@@ -30312,6 +30358,7 @@ CVE-2020-16013
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-16012
        RESERVED
+       {DSA-4793-1}
        - firefox 83.0-1
        - firefox-esr 78.5.0esr-1
        - thunderbird <unfixed>
@@ -53786,12 +53833,12 @@ CVE-2020-7566
        RESERVED
 CVE-2020-7565
        RESERVED
-CVE-2020-7564
-       RESERVED
-CVE-2020-7563
-       RESERVED
-CVE-2020-7562
-       RESERVED
+CVE-2020-7564 (A CWE-120: Buffer Copy without Checking Size of Input ('Classic 
Buffer ...)
+       TODO: check
+CVE-2020-7563 (A CWE-787: Out-of-bounds Write vulnerability exists in the Web 
Server  ...)
+       TODO: check
+CVE-2020-7562 (A CWE-125: Out-of-Bounds Read vulnerability exists in the Web 
Server o ...)
+       TODO: check
 CVE-2020-7561
        RESERVED
 CVE-2020-7560
@@ -57796,8 +57843,8 @@ CVE-2020-6018
        RESERVED
 CVE-2020-6017
        RESERVED
-CVE-2020-6016
-       RESERVED
+CVE-2020-6016 (Valve's Game Networking Sockets prior to version v1.2.0 
improperly han ...)
+       TODO: check
 CVE-2020-6015 (Check Point Endpoint Security for Windows before E84.10 can 
reach deni ...)
        NOT-FOR-US: Check Point Endpoint Security Client
 CVE-2020-6014 (Check Point Endpoint Security Client for Windows, with Anti-Bot 
or Thr ...)
@@ -61378,8 +61425,8 @@ CVE-2020-4594
        RESERVED
 CVE-2020-4593 (IBM Security Guardium Insights 2.0.1 stores user credentials in 
plain  ...)
        NOT-FOR-US: IBM
-CVE-2020-4592
-       RESERVED
+CVE-2020-4592 (IBM MQ Appliance 9.1.CD and LTS could allow an authenticated 
user, und ...)
+       TODO: check
 CVE-2020-4591 (IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could 
disclos ...)
        NOT-FOR-US: IBM
 CVE-2020-4590 (IBM WebSphere Application Server Liberty 17.0.0.3 through 
20.0.0.9 run ...)
@@ -64584,8 +64631,8 @@ CVE-2020-3588 (A vulnerability in virtualization 
channel messaging in Cisco Webe
        NOT-FOR-US: Cisco
 CVE-2020-3587 (A vulnerability in the web-based management interface of the 
Cisco SD- ...)
        NOT-FOR-US: Cisco
-CVE-2020-3586
-       RESERVED
+CVE-2020-3586 (A vulnerability in the web-based management interface of Cisco 
DNA Spa ...)
+       TODO: check
 CVE-2020-3585 (A vulnerability in the TLS handler of Cisco Adaptive Security 
Applianc ...)
        NOT-FOR-US: Cisco
 CVE-2020-3584
@@ -64694,8 +64741,8 @@ CVE-2020-3533 (A vulnerability in the Simple Network 
Management Protocol (SNMP)
        NOT-FOR-US: Cisco
 CVE-2020-3532
        RESERVED
-CVE-2020-3531
-       RESERVED
+CVE-2020-3531 (A vulnerability in the REST API of Cisco IoT Field Network 
Director (F ...)
+       TODO: check
 CVE-2020-3530 (A vulnerability in task group assignment for a specific CLI 
command in ...)
        NOT-FOR-US: Cisco
 CVE-2020-3529 (A vulnerability in the SSL VPN negotiation process for Cisco 
Adaptive  ...)
@@ -64792,8 +64839,8 @@ CVE-2020-3484 (A vulnerability in the web-based 
management interface of Cisco Vi
        NOT-FOR-US: Cisco
 CVE-2020-3483 (Duo has identified and fixed an issue with the Duo Network 
Gateway (DN ...)
        NOT-FOR-US: Duo
-CVE-2020-3482
-       RESERVED
+CVE-2020-3482 (A vulnerability in the Traversal Using Relays around NAT (TURN) 
server ...)
+       TODO: check
 CVE-2020-3481 (A vulnerability in the EGG archive parsing module in Clam 
AntiVirus (C ...)
        {DLA-2314-1}
        - clamav 0.102.4+dfsg-1
@@ -64817,10 +64864,10 @@ CVE-2020-3473 (A vulnerability in task group 
assignment for a specific CLI comma
        NOT-FOR-US: Cisco
 CVE-2020-3472 (A vulnerability in the contacts feature of Cisco Webex Meetings 
could  ...)
        NOT-FOR-US: Cisco
-CVE-2020-3471
-       RESERVED
-CVE-2020-3470
-       RESERVED
+CVE-2020-3471 (A vulnerability in Cisco Webex Meetings and Cisco Webex 
Meetings Serve ...)
+       TODO: check
+CVE-2020-3470 (Multiple vulnerabilities in the API subsystem of Cisco 
Integrated Mana ...)
+       TODO: check
 CVE-2020-3469
        RESERVED
 CVE-2020-3468 (A vulnerability in the web-based management interface of Cisco 
SD-WAN  ...)
@@ -64877,8 +64924,8 @@ CVE-2020-3443 (A vulnerability in Cisco Smart Software 
Manager On-Prem (SSM On-P
        NOT-FOR-US: Cisco
 CVE-2020-3442 (The DuoConnect client enables users to establish SSH 
connections to ho ...)
        NOT-FOR-US: DuoConnect
-CVE-2020-3441
-       RESERVED
+CVE-2020-3441 (A vulnerability in Cisco Webex Meetings and Cisco Webex 
Meetings Serve ...)
+       TODO: check
 CVE-2020-3440 (A vulnerability in Cisco Webex Meetings Desktop App for Windows 
could  ...)
        NOT-FOR-US: Cisco
 CVE-2020-3439 (A vulnerability in the web-based management interface of Cisco 
Data Ce ...)
@@ -64921,8 +64968,8 @@ CVE-2020-3421 (Multiple vulnerabilities in the 
Zone-Based Firewall feature of Ci
        NOT-FOR-US: Cisco
 CVE-2020-3420
        RESERVED
-CVE-2020-3419
-       RESERVED
+CVE-2020-3419 (A vulnerability in Cisco Webex Meetings and Cisco Webex 
Meetings Serve ...)
+       TODO: check
 CVE-2020-3418 (A vulnerability in Cisco IOS XE Wireless Controller Software 
for Cisco ...)
        NOT-FOR-US: Cisco
 CVE-2020-3417 (A vulnerability in Cisco IOS XE Software could allow an 
authenticated, ...)
@@ -64975,8 +65022,8 @@ CVE-2020-3394 (A vulnerability in the Enable Secret 
feature of Cisco Nexus 3000
        NOT-FOR-US: Cisco
 CVE-2020-3393 (A vulnerability in the application-hosting subsystem of Cisco 
IOS XE S ...)
        NOT-FOR-US: Cisco
-CVE-2020-3392
-       RESERVED
+CVE-2020-3392 (A vulnerability in the API of Cisco IoT Field Network Director 
(FND) c ...)
+       TODO: check
 CVE-2020-3391 (A vulnerability in Cisco Digital Network Architecture (DNA) 
Center cou ...)
        NOT-FOR-US: Cisco
 CVE-2020-3390 (A vulnerability in Simple Network Management Protocol (SNMP) 
trap gene ...)
@@ -65025,8 +65072,8 @@ CVE-2020-3369 (A vulnerability in the deep packet 
inspection (DPI) engine of Cis
        NOT-FOR-US: Cisco
 CVE-2020-3368 (A vulnerability in the antispam protection mechanisms of Cisco 
AsyncOS ...)
        NOT-FOR-US: Cisco
-CVE-2020-3367
-       RESERVED
+CVE-2020-3367 (A vulnerability in the log subscription subsystem of Cisco 
AsyncOS for ...)
+       TODO: check
 CVE-2020-3366
        RESERVED
 CVE-2020-3365 (A vulnerability in the directory permissions of Cisco 
Enterprise NFV I ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24dcd49cc28684483d9e185e6fb43414e0f58652

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24dcd49cc28684483d9e185e6fb43414e0f58652
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to