Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
50f3f863 by security tracker role at 2020-12-15T08:10:25+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2020-35472
+ RESERVED
+CVE-2020-35471 (Envoy before 1.16.1 mishandles dropped and truncated
datagrams, as dem ...)
+ TODO: check
+CVE-2020-35470 (Envoy before 1.16.1 logs an incorrect downstream address
because it co ...)
+ TODO: check
+CVE-2020-35469
+ RESERVED
+CVE-2020-35468
+ RESERVED
+CVE-2020-35467
+ RESERVED
+CVE-2020-35466
+ RESERVED
+CVE-2020-35465
+ RESERVED
+CVE-2020-35464
+ RESERVED
+CVE-2020-35463
+ RESERVED
+CVE-2020-35462
+ RESERVED
+CVE-2020-35461
+ RESERVED
+CVE-2020-35460 (common/InputStreamHelper.java in Packwood MPXJ before 8.3.5
allows dir ...)
+ TODO: check
+CVE-2020-35459
+ RESERVED
+CVE-2020-35458
+ RESERVED
+CVE-2020-35457 (** DISPUTED ** GNOME GLib before 2.65.3 has an integer
overflow, that ...)
+ TODO: check
+CVE-2020-35456
+ RESERVED
+CVE-2020-35455
+ RESERVED
+CVE-2020-35454
+ RESERVED
+CVE-2020-35453
+ RESERVED
CVE-2020-35452
RESERVED
CVE-2020-35451
@@ -2601,12 +2641,12 @@ CVE-2020-29513
RESERVED
CVE-2020-29512
RESERVED
-CVE-2020-29511
- RESERVED
-CVE-2020-29510
- RESERVED
-CVE-2020-29509
- RESERVED
+CVE-2020-29511 (The encoding/xml package in Go (all versions) does not
correctly prese ...)
+ TODO: check
+CVE-2020-29510 (The encoding/xml package in Go versions 1.15 and earlier does
not corr ...)
+ TODO: check
+CVE-2020-29509 (The encoding/xml package in Go (all versions) does not
correctly prese ...)
+ TODO: check
CVE-2020-29508
RESERVED
CVE-2020-29507
@@ -3289,10 +3329,10 @@ CVE-2020-29306
RESERVED
CVE-2020-29305
RESERVED
-CVE-2020-29304
- RESERVED
-CVE-2020-29303
- RESERVED
+CVE-2020-29304 (A cross-site scripting (XSS) vulnerability exists in the
SabaiApps Wor ...)
+ TODO: check
+CVE-2020-29303 (A cross-site scripting (XSS) vulnerability in the SabaiApp
Directories ...)
+ TODO: check
CVE-2020-29302
RESERVED
CVE-2020-29301
@@ -4265,10 +4305,10 @@ CVE-2020-28863
RESERVED
CVE-2020-28862
RESERVED
-CVE-2020-28861
- RESERVED
-CVE-2020-28860
- RESERVED
+CVE-2020-28861 (OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier
failed to ...)
+ TODO: check
+CVE-2020-28860 (OpenAssetDigital Asset Management (DAM) through 12.0.19 does
not corre ...)
+ TODO: check
CVE-2020-28859 (OpenAsset Digital Asset Management (DAM) through 12.0.19 does
not corr ...)
NOT-FOR-US: OpenAsset Digital Asset Management (DAM)
CVE-2020-28858 (OpenAsset Digital Asset Management (DAM) through 12.0.19 does
not corr ...)
@@ -6371,8 +6411,8 @@ CVE-2020-28398
RESERVED
CVE-2020-28397
RESERVED
-CVE-2020-28396
- RESERVED
+CVE-2020-28396 (A vulnerability has been identified in SICAM A8000 CP-8000
(All versio ...)
+ TODO: check
CVE-2020-28395
RESERVED
CVE-2020-28394
@@ -11166,8 +11206,8 @@ CVE-2020-27254
RESERVED
CVE-2020-27253 (A flaw exists in the Ingress/Egress checks routine of
FactoryTalk Linx ...)
NOT-FOR-US: FactoryTalk
-CVE-2020-27252
- RESERVED
+CVE-2020-27252 (Medtronic MyCareLink Smart 25000 all versions are vulnerable
to a race ...)
+ TODO: check
CVE-2020-27251 (A heap overflow vulnerability exists within FactoryTalk Linx
Version 6 ...)
NOT-FOR-US: FactoryTalk
CVE-2020-27250
@@ -15863,22 +15903,22 @@ CVE-2020-25237
RESERVED
CVE-2020-25236
RESERVED
-CVE-2020-25235
- RESERVED
-CVE-2020-25234
- RESERVED
-CVE-2020-25233
- RESERVED
-CVE-2020-25232
- RESERVED
-CVE-2020-25231
- RESERVED
-CVE-2020-25230
- RESERVED
-CVE-2020-25229
- RESERVED
-CVE-2020-25228
- RESERVED
+CVE-2020-25235 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
+ TODO: check
+CVE-2020-25234 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
+ TODO: check
+CVE-2020-25233 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
+ TODO: check
+CVE-2020-25232 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
+ TODO: check
+CVE-2020-25231 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
+ TODO: check
+CVE-2020-25230 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
+ TODO: check
+CVE-2020-25229 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
+ TODO: check
+CVE-2020-25228 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
+ TODO: check
CVE-2020-25227
RESERVED
CVE-2020-25226
@@ -16016,16 +16056,16 @@ CVE-2020-25189 (The affected product is vulnerable to
three stack-based buffer o
NOT-FOR-US: Paradox IP150
CVE-2020-25188 (An attacker who convinces a valid user to open a specially
crafted pro ...)
NOT-FOR-US: LAquis SCADA
-CVE-2020-25187
- RESERVED
+CVE-2020-25187 (Medtronic MyCareLink Smart 25000 all versions are vulnerable
when an a ...)
+ TODO: check
CVE-2020-25186 (An XXE vulnerability exists within LeviStudioU Release Build
2019-09-2 ...)
NOT-FOR-US: LeviStudioU Release
CVE-2020-25185 (The affected product is vulnerable to five post-authentication
buffer ...)
NOT-FOR-US: Paradox IP150
CVE-2020-25184
RESERVED
-CVE-2020-25183
- RESERVED
+CVE-2020-25183 (Medtronic MyCareLink Smart 25000 all versions contain an
authenticatio ...)
+ TODO: check
CVE-2020-25182
RESERVED
CVE-2020-25181 (WECON PLC Editor Versions 1.3.8 and prior has a heap-based
buffer over ...)
@@ -26219,8 +26259,8 @@ CVE-2020-20191
RESERVED
CVE-2020-20190
RESERVED
-CVE-2020-20189
- RESERVED
+CVE-2020-20189 (SQL Injection vulnerability in NewPK 1.1 via the title
parameter to ad ...)
+ TODO: check
CVE-2020-20188
RESERVED
CVE-2020-20187
@@ -26229,10 +26269,10 @@ CVE-2020-20186
RESERVED
CVE-2020-20185
RESERVED
-CVE-2020-20184
- RESERVED
-CVE-2020-20183
- RESERVED
+CVE-2020-20184 (GateOne allows remote attackers to execute arbitrary commands
via shel ...)
+ TODO: check
+CVE-2020-20183 (Insecure direct object reference vulnerability in
Zyxel’s P1302- ...)
+ TODO: check
CVE-2020-20182
RESERVED
CVE-2020-20181
@@ -34648,12 +34688,12 @@ CVE-2020-16106
RESERVED
CVE-2020-16105
RESERVED
-CVE-2020-16104
- RESERVED
-CVE-2020-16103
- RESERVED
-CVE-2020-16102
- RESERVED
+CVE-2020-16104 (SQL Injection vulnerability in Enterprise Data Interface of
Gallagher ...)
+ TODO: check
+CVE-2020-16103 (Type confusion in Gallagher Command Centre Server allows a
remote atta ...)
+ TODO: check
+CVE-2020-16102 (Improper Authentication vulnerability in Gallagher Command
Centre Serv ...)
+ TODO: check
CVE-2020-16101 (It is possible for an unauthenticated remote DCOM websocket
connection ...)
NOT-FOR-US: Gallagher Command Centre Server
CVE-2020-16100 (It is possible for an unauthenticated remote DCOM websocket
connection ...)
@@ -35512,8 +35552,8 @@ CVE-2020-15798
RESERVED
CVE-2020-15797 (A vulnerability has been identified in DCA Vantage Analyzer
(All versi ...)
NOT-FOR-US: DCA Vantage Analyzer
-CVE-2020-15796
- RESERVED
+CVE-2020-15796 (A vulnerability has been identified in SIMATIC ET 200SP Open
Controlle ...)
+ TODO: check
CVE-2020-15795
RESERVED
CVE-2020-15794 (A vulnerability has been identified in Desigo Insight (All
versions). ...)
@@ -35530,7 +35570,7 @@ CVE-2020-15789 (A vulnerability has been identified in
Polarion Subversion Webcl
NOT-FOR-US: Siemens
CVE-2020-15788 (A vulnerability has been identified in Polarion Subversion
Webclient ( ...)
NOT-FOR-US: Siemens
-CVE-2020-15787 (A vulnerability has been identified in SIMATIC HMI United
Comfort Pane ...)
+CVE-2020-15787 (A vulnerability has been identified in SIMATIC HMI Unified
Comfort Pan ...)
NOT-FOR-US: Siemens
CVE-2020-15786 (A vulnerability has been identified in SIMATIC HMI Basic
Panels 2nd Ge ...)
NOT-FOR-US: Siemens
@@ -39406,8 +39446,7 @@ CVE-2020-14370 (An information disclosure vulnerability
was found in containers/
NOTE:
https://github.com/containers/podman/commit/a7e864e6e7de894d4edde4fff00e53dc6a0b5074
CVE-2020-14369 (This release fixes a Cross Site Request Forgery vulnerability
was foun ...)
NOT-FOR-US: Red Hat CloudForm
-CVE-2020-14368
- RESERVED
+CVE-2020-14368 (A flaw was found in Eclipse Che in versions prior to 7.14.0
that impac ...)
NOT-FOR-US: Eclipse Che
CVE-2020-14367 (A flaw was found in chrony versions before 3.5.1 when creating
the PID ...)
- chrony 3.5.1-1 (unimportant)
@@ -56561,26 +56600,23 @@ CVE-2020-8288
RESERVED
CVE-2020-8287
RESERVED
-CVE-2020-8286 [Inferior OCSP verification]
- RESERVED
+CVE-2020-8286 (curl 7.41.0 through 7.73.0 is vulnerable to an improper check
for cert ...)
- curl <unfixed> (bug #977161)
NOTE: https://curl.se/docs/CVE-2020-8286.html
NOTE:
https://github.com/curl/curl/commit/d9d01672785b8ac04aab1abb6de95fe3072ae199
(curl-7_74_0)
-CVE-2020-8285 [FTP wildcard stack overflow]
- RESERVED
+CVE-2020-8285 (curl 7.21.0 to and including 7.73.0 is vulnerable to
uncontrolled recu ...)
- curl <unfixed> (bug #977162)
NOTE: https://curl.se/docs/CVE-2020-8285.html
NOTE: https://github.com/curl/curl/issues/6255
NOTE:
https://github.com/curl/curl/commit/69a358f2186e04cf44698b5100332cbf1ee7f01d
(curl-7_74_0)
-CVE-2020-8284 [trusting FTP PASV responses]
- RESERVED
+CVE-2020-8284 (A malicious server can use the FTP PASV response to trick curl
7.73.0 ...)
- curl <unfixed> (bug #977163)
NOTE: https://curl.se/docs/CVE-2020-8284.html
NOTE:
https://github.com/curl/curl/commit/ec9cc725d598ac77de7b6df8afeec292b3c8ad46
(curl-7_74_0)
-CVE-2020-8283
- RESERVED
-CVE-2020-8282
- RESERVED
+CVE-2020-8283 (An authorised user on a Windows host running Citrix Universal
Print Se ...)
+ TODO: check
+CVE-2020-8282 (A security issue was found in EdgePower 24V/54V firmware v1.7.0
and ea ...)
+ TODO: check
CVE-2020-8281
RESERVED
CVE-2020-8280
@@ -56636,10 +56672,10 @@ CVE-2020-8260 (A vulnerability in the Pulse Connect
Secure < 9.1R9 admin web
NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2020-8259 (Insufficient protection of the server-side encryption keys in
Nextclou ...)
- nextcloud-server <itp> (bug #941708)
-CVE-2020-8258
- RESERVED
-CVE-2020-8257
- RESERVED
+CVE-2020-8258 (Improper privilege management on services run by Citrix Gateway
Plug-i ...)
+ TODO: check
+CVE-2020-8257 (Improper privilege management on services run by Citrix Gateway
Plug-i ...)
+ TODO: check
CVE-2020-8256 (A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin
web int ...)
NOT-FOR-US: Pulse Connect Secure
CVE-2020-8255 (A vulnerability in the Pulse Connect Secure < 9.1R9 admin
web inter ...)
@@ -56705,8 +56741,7 @@ CVE-2020-8233 (A command injection vulnerability exists
in EdgeSwitch firmware &
NOT-FOR-US: Edgeswitch
CVE-2020-8232 (An information disclosure vulnerability exists in EdgeMax
EdgeSwitch f ...)
NOT-FOR-US: Edgeswitch
-CVE-2020-8231
- RESERVED
+CVE-2020-8231 (Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1
can us ...)
{DLA-2382-1}
- curl 7.72.0-1 (bug #968831)
[buster] - curl <no-dsa> (Minor issue)
@@ -56845,8 +56880,7 @@ CVE-2020-8178 (Insufficient input validation in npm
package `jison` <= 0.4.18
- node-jison <not-affected> (Vulnerable code not included in Debian
source)
NOTE: https://hackerone.com/reports/690010
NOTE: ports/ is stripped/excluded in the src:node-jison source package.
-CVE-2020-8177
- RESERVED
+CVE-2020-8177 (curl 7.20.0 through 7.70.0 is vulnerable to improper
restriction of na ...)
{DLA-2295-1}
- curl 7.72.0-1 (bug #965281)
[buster] - curl <no-dsa> (Minor issue)
@@ -56871,8 +56905,7 @@ CVE-2020-8171 (We have recently released new version of
AirMax AirOS firmware v6
NOT-FOR-US: AirMax AirOS
CVE-2020-8170 (We have recently released new version of AirMax AirOS firmware
v6.3.0 ...)
NOT-FOR-US: AirMax AirOS
-CVE-2020-8169
- RESERVED
+CVE-2020-8169 (curl 7.62.0 through 7.70.0 is vulnerable to an information
disclosure ...)
- curl 7.72.0-1 (bug #965280)
[buster] - curl <no-dsa> (Minor issue)
[stretch] - curl <not-affected> (Vulnerable code introduced later)
@@ -58428,7 +58461,7 @@ CVE-2020-7591 (A vulnerability has been identified in
SIPORT MP (All versions &l
NOT-FOR-US: Siemens
CVE-2020-7590 (A vulnerability has been identified in DCA Vantage Analyzer
(All versi ...)
NOT-FOR-US: DCA Vantage Analyzer
-CVE-2020-7589 (A vulnerability has been identified in LOGO!8 BM (incl. SIPLUS
variant ...)
+CVE-2020-7589 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS
varian ...)
NOT-FOR-US: Siemens
CVE-2020-7588 (A vulnerability has been identified in Opcenter Execution
Discrete (Al ...)
NOT-FOR-US: Siemens
@@ -74921,20 +74954,20 @@ CVE-2019-19291 (A vulnerability has been identified
in SiNVR 3 Central Control S
NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19290 (A vulnerability has been identified in SiNVR 3 Central Control
Server ...)
NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
-CVE-2019-19289
- RESERVED
-CVE-2019-19288
- RESERVED
-CVE-2019-19287
- RESERVED
-CVE-2019-19286
- RESERVED
-CVE-2019-19285
- RESERVED
-CVE-2019-19284
- RESERVED
-CVE-2019-19283
- RESERVED
+CVE-2019-19289 (A vulnerability has been identified in XHQ (All Versions <
6.1). Th ...)
+ TODO: check
+CVE-2019-19288 (A vulnerability has been identified in XHQ (All Versions <
6.1). Th ...)
+ TODO: check
+CVE-2019-19287 (A vulnerability has been identified in XHQ (All Versions <
6.1). Th ...)
+ TODO: check
+CVE-2019-19286 (A vulnerability has been identified in XHQ (All Versions <
6.1). Th ...)
+ TODO: check
+CVE-2019-19285 (A vulnerability has been identified in XHQ (All Versions <
6.1). Th ...)
+ TODO: check
+CVE-2019-19284 (A vulnerability has been identified in XHQ (All Versions <
6.1). Th ...)
+ TODO: check
+CVE-2019-19283 (A vulnerability has been identified in XHQ (All Versions <
6.1). Th ...)
+ TODO: check
CVE-2019-19282 (A vulnerability has been identified in OpenPCS 7 V8.1 (All
versions), ...)
NOT-FOR-US: Siemens
CVE-2019-19281 (A vulnerability has been identified in SIMATIC ET 200SP Open
Controlle ...)
@@ -80296,48 +80329,46 @@ CVE-2020-0472
RESERVED
CVE-2020-0471
RESERVED
-CVE-2020-0470
- RESERVED
-CVE-2020-0469
- RESERVED
-CVE-2020-0468
- RESERVED
-CVE-2020-0467
- RESERVED
-CVE-2020-0466
- RESERVED
+CVE-2020-0470 (In extend_frame_highbd of restoration.c, there is a possible
out of bo ...)
+ TODO: check
+CVE-2020-0469 (In addEscrowToken of LockSettingsService.java, there is a
possible los ...)
+ TODO: check
+CVE-2020-0468 (In listen() and related functions of TelephonyRegistry.java,
there is ...)
+ TODO: check
+CVE-2020-0467 (In onUserStopped of Vpn.java, there is a possible resetting of
user pr ...)
+ TODO: check
+CVE-2020-0466 (In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is
a poss ...)
- linux 5.8.7-1
[buster] - linux 4.19.146-1
[stretch] - linux 4.9.240-1
NOTE:
https://git.kernel.org/linus/52c479697c9b73f628140dcdfcd39ea302d05482
NOTE:
https://git.kernel.org/linus/a9ed4a6560b8562b7e2e2bed9527e88001f7b682
-CVE-2020-0465
- RESERVED
+CVE-2020-0465 (In various methods of hid-multitouch.c, there is a possible out
of bou ...)
- linux 5.8.7-1
[buster] - linux 4.19.146-1
[stretch] - linux 4.9.240-1
NOTE:
https://git.kernel.org/linus/35556bed836f8dc07ac55f69c8d17dce3e7f0e25
NOTE:
https://git.kernel.org/linus/bce1305c0ece3dc549663605e567655dd701752c
-CVE-2020-0464
- RESERVED
-CVE-2020-0463
- RESERVED
+CVE-2020-0464 (In resolv_cache_lookup of res_cache.cpp, there is a possible
side chan ...)
+ TODO: check
+CVE-2020-0463 (In sdp_server_handle_client_req of sdp_server.cc, there is a
possible ...)
+ TODO: check
CVE-2020-0462
RESERVED
CVE-2020-0461
RESERVED
-CVE-2020-0460
- RESERVED
-CVE-2020-0459
- RESERVED
-CVE-2020-0458
- RESERVED
-CVE-2020-0457
- RESERVED
-CVE-2020-0456
- RESERVED
-CVE-2020-0455
- RESERVED
+CVE-2020-0460 (In createNameCredentialDialog of CertInstaller.java, there
exists the ...)
+ TODO: check
+CVE-2020-0459 (In sendConfiguredNetworkChangedBroadcast of
WifiConfigManager.java, th ...)
+ TODO: check
+CVE-2020-0458 (In SPDIFEncoder::writeBurstBufferBytes and related methods of
SPDIFEnc ...)
+ TODO: check
+CVE-2020-0457 (There is a possible out of bounds write due to a missing bounds
check. ...)
+ TODO: check
+CVE-2020-0456 (There is a possible out of bounds write due to a missing bounds
check. ...)
+ TODO: check
+CVE-2020-0455 (There is a possible out of bounds write due to a missing bounds
check. ...)
+ TODO: check
CVE-2020-0454 (In callCallbackForRequest of ConnectivityService.java, there is
a poss ...)
NOT-FOR-US: Android
CVE-2020-0453 (In updateNotification of BeamTransferManager.java, there is a
possible ...)
@@ -80360,8 +80391,7 @@ CVE-2020-0446 (There is a possible out of bounds write
due to a missing bounds c
NOT-FOR-US: MediaTek components for Android
CVE-2020-0445 (There is a possible out of bounds write due to a missing bounds
check. ...)
NOT-FOR-US: MediaTek components for Android
-CVE-2020-0444
- RESERVED
+CVE-2020-0444 (In audit_free_lsm_field of auditfilter.c, there is a possible
bad kfre ...)
- linux 5.5.13-1
[buster] - linux 4.19.118-1
[stretch] - linux 4.9.228-1
@@ -80372,8 +80402,8 @@ CVE-2020-0442 (In Message and toBundle of
Notification.java, there is a possible
NOT-FOR-US: Android
CVE-2020-0441 (In Message and toBundle of Notification.java, there is a
possible reso ...)
NOT-FOR-US: Android
-CVE-2020-0440
- RESERVED
+CVE-2020-0440 (In createVirtualDisplay of DisplayManagerService.java, there is
a poss ...)
+ TODO: check
CVE-2020-0439 (In generatePackageInfo of PackageManagerService.java, there is
a possi ...)
NOT-FOR-US: Android
CVE-2020-0438 (In the AIBinder_Class constructor of ibinder.cpp, there is a
possible ...)
@@ -80698,7 +80728,7 @@ CVE-2020-0296 (In ADB server and USB server, there is a
possible permission bypa
NOT-FOR-US: Android
CVE-2020-0295 (In Telecom, there is a possible permission bypass due to an
unsafe Pen ...)
NOT-FOR-US: Android
-CVE-2020-0294 (In the wallpaper manager, there is a possible permission bypass
due to ...)
+CVE-2020-0294 (In bindWallpaperComponentLocked of
WallpaperManagerService.java, there ...)
NOT-FOR-US: Android
CVE-2020-0293 (In Java network APIs, there is possible access to sensitive
network st ...)
NOT-FOR-US: Android
@@ -81105,8 +81135,8 @@ CVE-2020-0101 (In BnCrypto::onTransact of ICrypto.cpp,
there is a possible infor
NOT-FOR-US: Android media framework
CVE-2020-0100 (In onTransact of IHDCP.cpp, there is a possible out of bounds
read due ...)
NOT-FOR-US: Android media framework
-CVE-2020-0099
- RESERVED
+CVE-2020-0099 (In addWindow of WindowManagerService.java, there is a possible
window ...)
+ TODO: check
CVE-2020-0098 (In navigateUpToLocked of ActivityStack.java, there is a
possible permi ...)
NOT-FOR-US: Android
CVE-2020-0097 (In various methods of PackageManagerService.java, there is a
possible ...)
@@ -81285,14 +81315,14 @@ CVE-2020-0021 (In removeUnusedPackagesLPw of
PackageManagerService.java, there i
NOT-FOR-US: Android
CVE-2020-0020 (In getAttributeRange of ExifInterface.java, there is a possible
failur ...)
NOT-FOR-US: Android
-CVE-2020-0019
- RESERVED
+CVE-2020-0019 (In the Broadcom Nexus firmware, there is an insecure default
password. ...)
+ TODO: check
CVE-2020-0018 (In MotionEntry::appendDescription of InputDispatcher.cpp, there
is a p ...)
NOT-FOR-US: Android
CVE-2020-0017 (In multiple places, it was possible for the primary
user’s dicti ...)
NOT-FOR-US: Android
-CVE-2020-0016
- RESERVED
+CVE-2020-0016 (In the Broadcom Nexus firmware, there is an insecure default
password. ...)
+ TODO: check
CVE-2020-0015 (In onCreate of CertInstaller.java, there is a possible way to
overlay ...)
NOT-FOR-US: Android
CVE-2020-0014 (It is possible for a malicious application to construct a
TYPE_TOAST w ...)
@@ -103792,11 +103822,11 @@ CVE-2019-10923 (A vulnerability has been identified
in Development/Evaluation Ki
NOT-FOR-US: Siemens
CVE-2019-10922 (A vulnerability has been identified in SIMATIC PCS 7 V8.0 and
earlier ...)
NOT-FOR-US: Siemens
-CVE-2019-10921 (A vulnerability has been identified in LOGO!8 BM (All
versions). Unenc ...)
+CVE-2019-10921 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
NOT-FOR-US: Siemens
-CVE-2019-10920 (A vulnerability has been identified in LOGO!8 BM (All
versions). Proje ...)
+CVE-2019-10920 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
NOT-FOR-US: Siemens
-CVE-2019-10919 (A vulnerability has been identified in LOGO!8 BM (All
versions). Attac ...)
+CVE-2019-10919 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
NOT-FOR-US: Siemens
CVE-2019-10918 (A vulnerability has been identified in SIMATIC PCS 7 V8.0 and
earlier ...)
NOT-FOR-US: Siemens
@@ -175549,7 +175579,7 @@ CVE-2018-4835 (A vulnerability has been identified in
TeleControl Server Basic &
NOT-FOR-US: Siemens / TeleControl Server Basic
CVE-2018-4834 (A vulnerability has been identified in Desigo Automation
Controllers P ...)
NOT-FOR-US: Desigo
-CVE-2018-4833 (A vulnerability has been identified in RFID 181-EIP (All
versions), RU ...)
+CVE-2018-4833 (A vulnerability has been identified in RFID 181EIP (All
versions), RUG ...)
NOT-FOR-US: Siemens
CVE-2018-4832 (A vulnerability has been identified in OpenPCS 7 V7.1 and
earlier (All ...)
NOT-FOR-US: Siemens
@@ -203045,9 +203075,9 @@ CVE-2017-12737 (An issue was discovered on Siemens
SICAM RTUs SM-2556 COM Module
NOT-FOR-US: Siemens
CVE-2017-12736 (A vulnerability has been identified in RUGGEDCOM ROS for
RSL910 device ...)
NOT-FOR-US: Siemens
-CVE-2017-12735 (A vulnerability has been identified in Siemens LOGO! devices.
An attac ...)
+CVE-2017-12735 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
NOT-FOR-US: Siemens
-CVE-2017-12734 (A vulnerability has been identified in Siemens LOGO! devices
before V1 ...)
+CVE-2017-12734 (A vulnerability has been identified in LOGO! 8 BM (incl.
SIPLUS varian ...)
NOT-FOR-US: Siemens
CVE-2017-12733 (A Missing Authentication for Critical Function issue was
discovered in ...)
NOT-FOR-US: SiteSentinel
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50f3f8638faa39d8cf15bbe52de77a2bcdd89590
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50f3f8638faa39d8cf15bbe52de77a2bcdd89590
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
