From 10347f41b64e943d412ef7c38cafdf69839a1559 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Tue, 7 Apr 2020 20:10:25 +0000 Subject: automatic update --- data/CVE/list.2013 | 2 + data/CVE/list.2015 | 4 ++ data/CVE/list.2016 | 59 ++++++++++++++++++++++++ data/CVE/list.2017 | 108 +++++++++++++++++++++++++++++++++++++++++++ data/CVE/list.2018 | 112 +++++++++++++++++++++++++++++++++++++++++++- data/CVE/list.2019 | 20 ++++---- data/CVE/list.2020 | 133 ++++++++++++++++++++++++++++++++--------------------- 7 files changed, 375 insertions(+), 63 deletions(-) diff --git a/data/CVE/list.2013 b/data/CVE/list.2013 index 15d30e8ba7..cbcc5a882e 100644 --- a/data/CVE/list.2013 +++ b/data/CVE/list.2013 @@ -1,3 +1,5 @@ +CVE-2013-7488 (perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 ...) + TODO: check CVE-2013-7487 (On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr ap ...) NOT-FOR-US: Swann CVE-2013-7486 (Cross-site scripting (XSS) vulnerability in the backend in Open-Xchang ...) diff --git a/data/CVE/list.2015 b/data/CVE/list.2015 index 51e514e177..e7d7b2344a 100644 --- a/data/CVE/list.2015 +++ b/data/CVE/list.2015 @@ -1,3 +1,7 @@ +CVE-2015-9545 (An issue was discovered in xdLocalStorage through 2.0.5. The receiveMe ...) + TODO: check +CVE-2015-9544 (An issue was discovered in xdLocalStorage through 2.0.5. The receiveMe ...) + TODO: check CVE-2015-9543 (An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 1 ...) - nova (bug #951635) [buster] - nova (Minor issue) diff --git a/data/CVE/list.2016 b/data/CVE/list.2016 index 936103db6a..b0c240abb0 100644 --- a/data/CVE/list.2016 +++ b/data/CVE/list.2016 @@ -1,3 +1,62 @@ +CVE-2016-11053 (An issue was discovered on Samsung mobile devices with software throug ...) + TODO: check +CVE-2016-11052 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) soft ...) + TODO: check +CVE-2016-11051 (An issue was discovered on Samsung mobile devices with J(4.2) (Qualcom ...) + TODO: check +CVE-2016-11050 (An issue was discovered on Samsung mobile devices with S3(KK), Note2(K ...) + TODO: check +CVE-2016-11049 (An issue was discovered on Samsung mobile devices with software throug ...) + TODO: check +CVE-2016-11048 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) (Spr ...) + TODO: check +CVE-2016-11047 (An issue was discovered on Samsung mobile devices with JBP(4.2) and KK ...) + TODO: check +CVE-2016-11046 (An issue was discovered on Samsung mobile devices with JBP(4.3), KK(4. ...) + TODO: check +CVE-2016-11045 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) soft ...) + TODO: check +CVE-2016-11044 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...) + TODO: check +CVE-2016-11043 (An issue was discovered on Samsung mobile devices with M(6.0) software ...) + TODO: check +CVE-2016-11042 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...) + TODO: check +CVE-2016-11041 (An issue was discovered on Samsung mobile devices with KK(4.4) softwar ...) + TODO: check +CVE-2016-11040 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) (wit ...) + TODO: check +CVE-2016-11039 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2016-11038 (An issue was discovered on Samsung mobile devices with software throug ...) + TODO: check +CVE-2016-11037 + REJECTED + TODO: check +CVE-2016-11036 (An issue was discovered on Samsung mobile devices with M(6.0) software ...) + TODO: check +CVE-2016-11035 (An issue was discovered on Samsung mobile devices with software throug ...) + TODO: check +CVE-2016-11034 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...) + TODO: check +CVE-2016-11033 (An issue was discovered on Samsung mobile devices with M(6.0) software ...) + TODO: check +CVE-2016-11032 (An issue was discovered on Samsung mobile devices with M(6.0) software ...) + TODO: check +CVE-2016-11031 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2016-11030 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2016-11029 (An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6 ...) + TODO: check +CVE-2016-11028 (An issue was discovered on Samsung mobile devices with software throug ...) + TODO: check +CVE-2016-11027 (An issue was discovered on Samsung mobile devices with M(6.0) software ...) + TODO: check +CVE-2016-11026 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2016-11025 (An issue was discovered on Samsung mobile devices with software throug ...) + TODO: check CVE-2016-11024 (odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: ...) NOT-FOR-US: odata4j CVE-2016-11023 (odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE ...) diff --git a/data/CVE/list.2017 b/data/CVE/list.2017 index f32c252ac0..e169f73c09 100644 --- a/data/CVE/list.2017 +++ b/data/CVE/list.2017 @@ -1,3 +1,111 @@ +CVE-2017-18696 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18695 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18694 (An issue was discovered on Samsung mobile devices with software throug ...) + TODO: check +CVE-2017-18693 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18692 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18691 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18690 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18689 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18688 (An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), ...) + TODO: check +CVE-2017-18687 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18686 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18685 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18684 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...) + TODO: check +CVE-2017-18683 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...) + TODO: check +CVE-2017-18682 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18681 (An issue was discovered on Samsung Galaxy S5 mobile devices with softw ...) + TODO: check +CVE-2017-18680 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...) + TODO: check +CVE-2017-18679 (An issue was discovered on Samsung mobile devices with M(6.0) software ...) + TODO: check +CVE-2017-18678 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18677 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18676 (An issue was discovered on Samsung mobile devices with N(7.0) (Qualcom ...) + TODO: check +CVE-2017-18675 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18674 (An issue was discovered on Samsung mobile devices with N(7.0) software ...) + TODO: check +CVE-2017-18673 (An issue was discovered on Samsung mobile devices with N(7.x) software ...) + TODO: check +CVE-2017-18672 (An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6 ...) + TODO: check +CVE-2017-18671 (An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6 ...) + TODO: check +CVE-2017-18670 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18669 (An issue was discovered on Samsung mobile devices with N(7.x) software ...) + TODO: check +CVE-2017-18668 (An issue was discovered on Samsung mobile devices with M(6.0) software ...) + TODO: check +CVE-2017-18667 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18666 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18665 (An issue was discovered on Samsung mobile devices with M(6.0) software ...) + TODO: check +CVE-2017-18664 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18663 (An issue was discovered on Samsung mobile devices with N(7.x) software ...) + TODO: check +CVE-2017-18662 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18661 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18660 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18659 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18658 (An issue was discovered on Samsung mobile devices with M(6.0) software ...) + TODO: check +CVE-2017-18657 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18656 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18655 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18654 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18653 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...) + TODO: check +CVE-2017-18652 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...) + TODO: check +CVE-2017-18651 (An issue was discovered on Samsung mobile devices with M(6.x) and N(7. ...) + TODO: check +CVE-2017-18650 (An issue was discovered on Samsung mobile devices with N(7.x) software ...) + TODO: check +CVE-2017-18649 (An issue was discovered on Samsung mobile devices with N(7.x) software ...) + TODO: check +CVE-2017-18648 (An issue was discovered on Samsung mobile devices with KK(4.4.x), L(5. ...) + TODO: check +CVE-2017-18647 (An issue was discovered on Samsung mobile devices with M(6,x) and N(7. ...) + TODO: check +CVE-2017-18646 + RESERVED +CVE-2017-18645 + RESERVED +CVE-2017-18644 + RESERVED +CVE-2017-18643 + RESERVED CVE-2017-18642 (Syska Smart Bulb devices through 2017-08-06 receive RGB parameters ove ...) NOT-FOR-US: Syska Smart Bulb devices CVE-2017-18641 (In LXC 2.0, many template scripts download code over cleartext HTTP, a ...) diff --git a/data/CVE/list.2018 b/data/CVE/list.2018 index 4cd06fcff3..42fb931350 100644 --- a/data/CVE/list.2018 +++ b/data/CVE/list.2018 @@ -1,3 +1,113 @@ +CVE-2018-21092 + RESERVED +CVE-2018-21091 + RESERVED +CVE-2018-21090 + RESERVED +CVE-2018-21089 + RESERVED +CVE-2018-21088 + RESERVED +CVE-2018-21087 + RESERVED +CVE-2018-21086 + RESERVED +CVE-2018-21085 + RESERVED +CVE-2018-21084 + RESERVED +CVE-2018-21083 + RESERVED +CVE-2018-21082 + RESERVED +CVE-2018-21081 + RESERVED +CVE-2018-21080 + RESERVED +CVE-2018-21079 + RESERVED +CVE-2018-21078 + RESERVED +CVE-2018-21077 + RESERVED +CVE-2018-21076 + RESERVED +CVE-2018-21075 + RESERVED +CVE-2018-21074 + RESERVED +CVE-2018-21073 + RESERVED +CVE-2018-21072 + RESERVED +CVE-2018-21071 + RESERVED +CVE-2018-21070 + RESERVED +CVE-2018-21069 + RESERVED +CVE-2018-21068 + RESERVED +CVE-2018-21067 + RESERVED +CVE-2018-21066 + RESERVED +CVE-2018-21065 + RESERVED +CVE-2018-21064 + RESERVED +CVE-2018-21063 + RESERVED +CVE-2018-21062 + RESERVED +CVE-2018-21061 + RESERVED +CVE-2018-21060 + RESERVED +CVE-2018-21059 + RESERVED +CVE-2018-21058 + RESERVED +CVE-2018-21057 + RESERVED +CVE-2018-21056 + RESERVED +CVE-2018-21055 + RESERVED +CVE-2018-21054 + RESERVED +CVE-2018-21053 + RESERVED +CVE-2018-21052 + RESERVED +CVE-2018-21051 + RESERVED +CVE-2018-21050 + RESERVED +CVE-2018-21049 + RESERVED +CVE-2018-21048 + RESERVED +CVE-2018-21047 + RESERVED +CVE-2018-21046 + RESERVED +CVE-2018-21045 + RESERVED +CVE-2018-21044 + RESERVED +CVE-2018-21043 + RESERVED +CVE-2018-21042 + RESERVED +CVE-2018-21041 + RESERVED +CVE-2018-21040 + RESERVED +CVE-2018-21039 + RESERVED +CVE-2018-21038 + RESERVED CVE-2018-21037 (Subrion CMS 4.1.5 (and possibly earlier versions) allow CSRF to change ...) NOT-FOR-US: Subrion CMS CVE-2018-21036 @@ -1846,7 +1956,7 @@ CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer overflow NOTE: https://github.com/python/cpython/commit/ef4306b24c9034d6b37bb034e2ebe82e745d4b77 (3.7) NOTE: https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc (3.6) NOTE: Negligible security impact -CVE-2018-20405 (BigTree 4.3 allows full path disclosure via authenticated admin/news/ ...) +CVE-2018-20405 (** DISPUTED ** BigTree 4.3 allows full path disclosure via authenticat ...) NOT-FOR-US: BigTree CMS CVE-2018-20404 (ETK_E900.sys, a SmartETK driver for VIA Technologies EPIA-E900 system ...) NOT-FOR-US: ETK_E900.sys (SmartETK driver for VIA Technologies EPIA-E900 system board) diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index 550af309ad..dd2828761b 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -7432,8 +7432,8 @@ CVE-2019-17659 RESERVED CVE-2019-17658 (An unquoted service path vulnerability in the FortiClient FortiTray co ...) NOT-FOR-US: Fortiguard -CVE-2019-17657 - RESERVED +CVE-2019-17657 (An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSw ...) + TODO: check CVE-2019-17656 RESERVED CVE-2019-17655 @@ -18162,8 +18162,8 @@ CVE-2019-13561 (D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote atta NOT-FOR-US: D-Link CVE-2019-13560 (D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers ...) NOT-FOR-US: D-Link -CVE-2019-13559 - RESERVED +CVE-2019-13559 (GE Mark VIe Controller is shipped with pre-configured hard-coded crede ...) + TODO: check CVE-2019-13558 (In WebAccess versions 8.4.1 and prior, an exploit executed over the ne ...) NOT-FOR-US: WebAccess CVE-2019-13557 (In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an ...) @@ -18172,8 +18172,8 @@ CVE-2019-13556 (In WebAccess versions 8.4.1 and prior, multiple stack-based buff NOT-FOR-US: WebAccess CVE-2019-13555 (In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial n ...) NOT-FOR-US: Mitsubishi -CVE-2019-13554 - RESERVED +CVE-2019-13554 (GE Mark VIe Controller has an unsecured Telnet protocol that may allow ...) + TODO: check CVE-2019-13553 (Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb ...) NOT-FOR-US: Rittal Chiller SK 3232-Series CVE-2019-13552 (In WebAccess versions 8.4.1 and prior, multiple command injection vuln ...) @@ -42622,12 +42622,12 @@ CVE-2019-4395 (IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0. NOT-FOR-US: IBM CVE-2019-4394 (IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 con ...) NOT-FOR-US: IBM -CVE-2019-4393 - RESERVED +CVE-2019-4393 (HCL AppScan Standard is vulnerable to excessive authorization attempts ...) + TODO: check CVE-2019-4392 (HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded cred ...) NOT-FOR-US: HCL AppScan -CVE-2019-4391 - RESERVED +CVE-2019-4391 (HCL AppScan Standard is vulnerable to XML External Entity Injection (X ...) + TODO: check CVE-2019-4390 RESERVED CVE-2019-4389 diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 483b6572c8..379c2bd07c 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -1,3 +1,37 @@ +CVE-2020-11616 + RESERVED +CVE-2020-11615 + RESERVED +CVE-2020-11614 + RESERVED +CVE-2020-11613 + RESERVED +CVE-2020-11612 (The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memo ...) + TODO: check +CVE-2020-11611 (An issue was discovered in xdLocalStorage through 2.0.5. The buildMess ...) + TODO: check +CVE-2020-11610 (An issue was discovered in xdLocalStorage through 2.0.5. The postData( ...) + TODO: check +CVE-2020-11609 (An issue was discovered in the stv06xx subsystem in the Linux kernel b ...) + TODO: check +CVE-2020-11608 (An issue was discovered in the Linux kernel before 5.6.1. drivers/medi ...) + TODO: check +CVE-2020-11607 + RESERVED +CVE-2020-11606 + RESERVED +CVE-2020-11605 + RESERVED +CVE-2020-11604 + RESERVED +CVE-2020-11603 + RESERVED +CVE-2020-11602 + RESERVED +CVE-2020-11601 + RESERVED +CVE-2020-11600 + RESERVED CVE-2020-11599 (An issue was discovered in CIPPlanner CIPAce 6.80 Build 2016031401. Ge ...) NOT-FOR-US: CIPPlanner CVE-2020-11598 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Upl ...) @@ -75,10 +109,10 @@ CVE-2020-11563 RESERVED CVE-2020-11562 RESERVED -CVE-2020-11561 - RESERVED -CVE-2020-11560 - RESERVED +CVE-2020-11561 (In NCH Express Invoice 7.25, an authenticated low-privilege user can e ...) + TODO: check +CVE-2020-11560 (NCH Express Invoice 7.25 allows local users to discover the cleartext ...) + TODO: check CVE-2020-11559 RESERVED CVE-2020-11558 (An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by ...) @@ -168,24 +202,24 @@ CVE-2020-11518 (Zoho ManageEngine ADSelfService Plus before 5815 allows unauthen NOT-FOR-US: Zoho CVE-2020-11517 RESERVED -CVE-2020-11516 - RESERVED -CVE-2020-11515 - RESERVED -CVE-2020-11514 - RESERVED +CVE-2020-11516 (Stored XSS in the Contact Form 7 Datepicker plugin through 2.6.0 for W ...) + TODO: check +CVE-2020-11515 (The Rank Math plugin through 1.0.40.2 for WordPress allows unauthentic ...) + TODO: check +CVE-2020-11514 (The Rank Math plugin through 1.0.40.2 for WordPress allows unauthentic ...) + TODO: check CVE-2020-11513 RESERVED -CVE-2020-11512 - RESERVED +CVE-2020-11512 (Stored XSS in the IMPress for IDX Broker WordPress plugin before 2.6.2 ...) + TODO: check CVE-2020-11511 RESERVED CVE-2020-11510 RESERVED -CVE-2020-11509 - RESERVED -CVE-2020-11508 - RESERVED +CVE-2020-11509 (An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for Wor ...) + TODO: check +CVE-2020-11508 (An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for Wor ...) + TODO: check CVE-2020-11507 (An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0. ...) NOT-FOR-US: Malwarebytes AdwCleaner CVE-2020-11506 @@ -4454,8 +4488,8 @@ CVE-2020-9516 RESERVED CVE-2020-9515 RESERVED -CVE-2020-9514 - RESERVED +CVE-2020-9514 (An issue was discovered in the IMPress for IDX Broker plugin before 2. ...) + TODO: check CVE-2020-9513 RESERVED CVE-2020-9512 @@ -4999,8 +5033,8 @@ CVE-2020-9288 RESERVED CVE-2020-9287 (An Unsafe Search Path vulnerability in FortiClient EMS online installe ...) NOT-FOR-US: Fortiguard -CVE-2020-9286 - RESERVED +CVE-2020-9286 (An improper authorization vulnerability in FortiADC may allow a remote ...) + TODO: check CVE-2020-9285 RESERVED CVE-2020-9284 @@ -7563,8 +7597,8 @@ CVE-2020-8098 RESERVED CVE-2020-8097 RESERVED -CVE-2020-8096 - RESERVED +CVE-2020-8096 (Untrusted Search Path vulnerability in Bitdefender High-Level Antimalw ...) + TODO: check CVE-2020-8095 (A vulnerability in the improper handling of junctions before deletion ...) NOT-FOR-US: Bitdefender Total Security CVE-2020-8094 @@ -8563,18 +8597,18 @@ CVE-2020-7620 (pomelo-monitor through 0.3.7 is vulnerable to Command Injection.I NOT-FOR-US: Node pomelo-monitor CVE-2020-7619 (get-git-data through 1.3.1 is vulnerable to Command Injection. It is p ...) NOT-FOR-US: get-git-data node module -CVE-2020-7618 - RESERVED +CVE-2020-7618 (sds through 3.2.0 is vulnerable to Prototype Pollution.The library cou ...) + TODO: check CVE-2020-7617 (ini-parser through 0.0.2 is vulnerable to Prototype Pollution.The libr ...) NOT-FOR-US: Node ini-parser -CVE-2020-7616 - RESERVED -CVE-2020-7615 - RESERVED -CVE-2020-7614 - RESERVED -CVE-2020-7613 - RESERVED +CVE-2020-7616 (express-mock-middleware through 0.0.6 is vulnerable to Prototype Pollu ...) + TODO: check +CVE-2020-7615 (fsa through 0.5.1 is vulnerable to Command Injection. The first argume ...) + TODO: check +CVE-2020-7614 (npm-programmatic through 0.0.12 is vulnerable to Command Injection.The ...) + TODO: check +CVE-2020-7613 (clamscan through 1.2.0 is vulnerable to Command Injection. It is possi ...) + TODO: check CVE-2020-7612 RESERVED CVE-2020-7611 (All versions of io.micronaut:micronaut-http-client before 1.2.11 and a ...) @@ -10010,8 +10044,8 @@ CVE-2020-6976 (Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and pr NOT-FOR-US: Delta Industrial Automation CNCSoft ScreenEditor CVE-2020-6975 (Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (820 ...) NOT-FOR-US: Digi International ConnectPort LTS 32 MEI -CVE-2020-6974 - RESERVED +CVE-2020-6974 (Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a pa ...) + TODO: check CVE-2020-6973 (Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (820 ...) NOT-FOR-US: Digi International ConnectPort LTS 32 MEI CVE-2020-6972 (In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell F ...) @@ -10797,8 +10831,8 @@ CVE-2020-6649 RESERVED CVE-2020-6648 RESERVED -CVE-2020-6647 - RESERVED +CVE-2020-6647 (An improper neutralization of input vulnerability in the dashboard of ...) + TODO: check CVE-2020-6646 (An improper neutralization of input vulnerability in FortiWeb allows a ...) NOT-FOR-US: Fortiguard CVE-2020-6645 @@ -11896,8 +11930,8 @@ CVE-2020-6173 (TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncont - python-tuf (bug #934151) CVE-2020-6172 RESERVED -CVE-2020-6171 - RESERVED +CVE-2020-6171 (A cross-site scripting (XSS) vulnerability in the index page of the CL ...) + TODO: check CVE-2020-6170 (An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P ...) NOT-FOR-US: Genexis CVE-2020-6169 @@ -12794,8 +12828,8 @@ CVE-2020-5736 RESERVED CVE-2020-5735 RESERVED -CVE-2020-5734 - RESERVED +CVE-2020-5734 (Classic buffer overflow in SolarWinds Dameware allows a remote, unauth ...) + TODO: check CVE-2020-5733 RESERVED CVE-2020-5732 @@ -13698,8 +13732,8 @@ CVE-2020-5304 RESERVED CVE-2020-5303 RESERVED -CVE-2020-5302 - RESERVED +CVE-2020-5302 (MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a b ...) + TODO: check CVE-2020-5301 RESERVED CVE-2020-5300 (In Hydra (an OAuth2 Server and OpenID Certified™ OpenID Connect ...) @@ -20160,20 +20194,15 @@ CVE-2020-2178 RESERVED CVE-2020-2177 RESERVED -CVE-2020-2176 - RESERVED +CVE-2020-2176 (Multiple form validation endpoints in Jenkins useMango Runner Plugin 1 ...) NOT-FOR-US: Jenkins plugin -CVE-2020-2175 - RESERVED +CVE-2020-2175 (Jenkins FitNesse Plugin 1.31 and earlier does not correctly escape rep ...) NOT-FOR-US: Jenkins plugin -CVE-2020-2174 - RESERVED +CVE-2020-2174 (Jenkins AWSEB Deployment Plugin 0.3.19 and earlier does not escape var ...) NOT-FOR-US: Jenkins plugin -CVE-2020-2173 - RESERVED +CVE-2020-2173 (Jenkins Gatling Plugin 1.2.7 and earlier prevents Content-Security-Pol ...) NOT-FOR-US: Jenkins plugin -CVE-2020-2172 - RESERVED +CVE-2020-2172 (Jenkins Code Coverage API Plugin 1.1.4 and earlier does not configure ...) NOT-FOR-US: Jenkins plugin CVE-2020-2171 (Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML ...) NOT-FOR-US: Jenkins plugin -- cgit v1.2.3