[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 20 Nov 2020 12:11:01 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
39b1f3ca by security tracker role at 2020-11-20T20:10:38+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,11 @@
+CVE-2020-28974 (A slab-out-of-bounds read in fbcon in the Linux kernel before 
5.9.7 co ...)
+       TODO: check
+CVE-2020-28973
+       RESERVED
+CVE-2020-28972
+       RESERVED
 CVE-2020-26235 [RUSTSEC-2020-0071: time: Potential segfault in the time crate]
+       RESERVED
        - rust-time <not-affected> (Vulnerable methods introduced in v0.2.7)
        NOTE: 
https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396
        NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0071.html
@@ -222,8 +229,8 @@ CVE-2020-28879
        RESERVED
 CVE-2020-28878
        RESERVED
-CVE-2020-28877
-       RESERVED
+CVE-2020-28877 (Buffer overflow in in the copy_msg_element function for the 
devDiscove ...)
+       TODO: check
 CVE-2020-28876
        RESERVED
 CVE-2020-28875
@@ -286,8 +293,8 @@ CVE-2020-28847
        RESERVED
 CVE-2020-28846
        RESERVED
-CVE-2020-28845
-       RESERVED
+CVE-2020-28845 (A CSV injection vulnerability in the Admin portal for Netskope 
75.0 al ...)
+       TODO: check
 CVE-2020-28844
        RESERVED
 CVE-2020-28843
@@ -9143,8 +9150,8 @@ CVE-2020-26238
        RESERVED
 CVE-2020-26237
        RESERVED
-CVE-2020-26236
-       RESERVED
+CVE-2020-26236 (In ScratchVerifier before commit a603769, an attacker can 
hijack the v ...)
+       TODO: check
 CVE-2020-26234
        RESERVED
 CVE-2020-26233
@@ -10031,8 +10038,8 @@ CVE-2020-25841
        RESERVED
 CVE-2020-25840
        RESERVED
-CVE-2020-25839
-       RESERVED
+CVE-2020-25839 (NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are 
affected b ...)
+       TODO: check
 CVE-2020-25838
        RESERVED
 CVE-2020-25837 (Sensitive information disclosure vulnerability in Micro Focus 
Self Ser ...)
@@ -20774,10 +20781,10 @@ CVE-2020-20742
        RESERVED
 CVE-2020-20741
        RESERVED
-CVE-2020-20740
-       RESERVED
-CVE-2020-20739
-       RESERVED
+CVE-2020-20740 (PDFResurrect before 0.20 lack of header validation checks 
causes heap- ...)
+       TODO: check
+CVE-2020-20739 (im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in 
libvips befo ...)
+       TODO: check
 CVE-2020-20738
        RESERVED
 CVE-2020-20737
@@ -22918,10 +22925,10 @@ CVE-2020-19670 (In Niushop B2B2C Multi-Business Basic 
Edition V1.11, authenticat
        NOT-FOR-US: Niushop B2B2C Multi-Business Basic Edition
 CVE-2020-19669
        RESERVED
-CVE-2020-19668
-       RESERVED
-CVE-2020-19667
-       RESERVED
+CVE-2020-19668 (Unverified indexs into the array lead to out of bound access 
in the gi ...)
+       TODO: check
+CVE-2020-19667 (Stack-based buffer overflow and unconditional jump in 
ReadXPMImage in  ...)
+       TODO: check
 CVE-2020-19666
        RESERVED
 CVE-2020-19665
@@ -36993,8 +37000,7 @@ CVE-2020-13673
        RESERVED
 CVE-2020-13672
        RESERVED
-CVE-2020-13671 [SA-CORE-2020-012]
-       RESERVED
+CVE-2020-13671 (Drupal core does not properly sanitize certain filenames on 
uploaded f ...)
        {DLA-2458-1}
        - drupal7 <removed>
        NOTE: https://www.drupal.org/sa-core-2020-012
@@ -53341,8 +53347,8 @@ CVE-2020-7844
        RESERVED
 CVE-2020-7843
        RESERVED
-CVE-2020-7842
-       RESERVED
+CVE-2020-7842 (Improper Input validation vulnerability exists in Netis Korea 
D'live A ...)
+       TODO: check
 CVE-2020-7841 (Improper input validation vulnerability exists in TOBESOFT 
XPLATFORM w ...)
        NOT-FOR-US: TOBESOFT XPLATFORM
 CVE-2020-7840
@@ -60870,8 +60876,8 @@ CVE-2020-4939
        RESERVED
 CVE-2020-4938
        RESERVED
-CVE-2020-4937
-       RESERVED
+CVE-2020-4937 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 
6.0.3.2 u ...)
+       TODO: check
 CVE-2020-4936
        RESERVED
 CVE-2020-4935
@@ -61266,8 +61272,8 @@ CVE-2020-4741 (IBM InfoSphere Information Server 11.5 
and 11.7 is vulnerable to
        NOT-FOR-US: IBM
 CVE-2020-4740 (IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable 
to HTML  ...)
        NOT-FOR-US: IBM
-CVE-2020-4739
-       RESERVED
+CVE-2020-4739 (IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2 for 
Linux, ...)
+       TODO: check
 CVE-2020-4738
        RESERVED
 CVE-2020-4737
@@ -62763,10 +62769,10 @@ CVE-2020-4007
        RESERVED
 CVE-2020-4006
        RESERVED
-CVE-2020-4005
-       RESERVED
-CVE-2020-4004
-       RESERVED
+CVE-2020-4005 (VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before 
ESXi670-2020111 ...)
+       TODO: check
+CVE-2020-4004 (VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before 
ESXi670-2020111 ...)
+       TODO: check
 CVE-2020-4003
        RESERVED
 CVE-2020-4002



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39b1f3ca12dcd4871dc014509169e8c60bb74f6c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39b1f3ca12dcd4871dc014509169e8c60bb74f6c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to