From 9c0e707cbec562f722ea6c3d02039c68904b4418 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Wed, 21 Oct 2020 08:10:16 +0000 Subject: automatic update --- data/CVE/list.2016 | 2 +- data/CVE/list.2020 | 571 +++++++++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 531 insertions(+), 42 deletions(-) diff --git a/data/CVE/list.2016 b/data/CVE/list.2016 index aa525cee62..f72b953426 100644 --- a/data/CVE/list.2016 +++ b/data/CVE/list.2016 @@ -2140,7 +2140,7 @@ CVE-2016-10229 (udp.c in the Linux kernel before 4.5 allows remote attackers to [jessie] - linux 3.16.7-ckt20-1+deb8u2 [wheezy] - linux 3.2.73-2+deb7u2 NOTE: Fixed by: https://git.kernel.org/linus/197c949e7798fbf28cfadc69d9ca0c2abbf93191 (v4.5-rc1) -CVE-2016-10228 (The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and e ...) +CVE-2016-10228 (The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and e ...) - glibc 2.31-3 (low; bug #856503) [buster] - glibc (Minor issue) [stretch] - glibc (Minor issue) diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index e3a32b1677..90043dacac 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -1,3 +1,493 @@ +CVE-2020-27600 + RESERVED +CVE-2020-27599 + RESERVED +CVE-2020-27598 + RESERVED +CVE-2020-27597 + RESERVED +CVE-2020-27596 + RESERVED +CVE-2020-27595 + RESERVED +CVE-2020-27594 + RESERVED +CVE-2020-27593 + RESERVED +CVE-2020-27592 + RESERVED +CVE-2020-27591 + RESERVED +CVE-2020-27590 + RESERVED +CVE-2020-27589 + RESERVED +CVE-2020-27588 + RESERVED +CVE-2020-27587 + RESERVED +CVE-2020-27586 + RESERVED +CVE-2020-27585 + RESERVED +CVE-2020-27584 + RESERVED +CVE-2020-27583 + RESERVED +CVE-2020-27582 + RESERVED +CVE-2020-27581 + RESERVED +CVE-2020-27580 + RESERVED +CVE-2020-27579 + RESERVED +CVE-2020-27578 + RESERVED +CVE-2020-27577 + RESERVED +CVE-2020-27576 + RESERVED +CVE-2020-27575 + RESERVED +CVE-2020-27574 + RESERVED +CVE-2020-27573 + RESERVED +CVE-2020-27572 + RESERVED +CVE-2020-27571 + RESERVED +CVE-2020-27570 + RESERVED +CVE-2020-27569 + RESERVED +CVE-2020-27568 + RESERVED +CVE-2020-27567 + RESERVED +CVE-2020-27566 + RESERVED +CVE-2020-27565 + RESERVED +CVE-2020-27564 + RESERVED +CVE-2020-27563 + RESERVED +CVE-2020-27562 + RESERVED +CVE-2020-27561 + RESERVED +CVE-2020-27560 + RESERVED +CVE-2020-27559 + RESERVED +CVE-2020-27558 + RESERVED +CVE-2020-27557 + RESERVED +CVE-2020-27556 + RESERVED +CVE-2020-27555 + RESERVED +CVE-2020-27554 + RESERVED +CVE-2020-27553 + RESERVED +CVE-2020-27552 + RESERVED +CVE-2020-27551 + RESERVED +CVE-2020-27550 + RESERVED +CVE-2020-27549 + RESERVED +CVE-2020-27548 + RESERVED +CVE-2020-27547 + RESERVED +CVE-2020-27546 + RESERVED +CVE-2020-27545 + RESERVED +CVE-2020-27544 + RESERVED +CVE-2020-27543 + RESERVED +CVE-2020-27542 + RESERVED +CVE-2020-27541 + RESERVED +CVE-2020-27540 + RESERVED +CVE-2020-27539 + RESERVED +CVE-2020-27538 + RESERVED +CVE-2020-27537 + RESERVED +CVE-2020-27536 + RESERVED +CVE-2020-27535 + RESERVED +CVE-2020-27534 + RESERVED +CVE-2020-27533 + RESERVED +CVE-2020-27532 + RESERVED +CVE-2020-27531 + RESERVED +CVE-2020-27530 + RESERVED +CVE-2020-27529 + RESERVED +CVE-2020-27528 + RESERVED +CVE-2020-27527 + RESERVED +CVE-2020-27526 + RESERVED +CVE-2020-27525 + RESERVED +CVE-2020-27524 + RESERVED +CVE-2020-27523 + RESERVED +CVE-2020-27522 + RESERVED +CVE-2020-27521 + RESERVED +CVE-2020-27520 + RESERVED +CVE-2020-27519 + RESERVED +CVE-2020-27518 + RESERVED +CVE-2020-27517 + RESERVED +CVE-2020-27516 + RESERVED +CVE-2020-27515 + RESERVED +CVE-2020-27514 + RESERVED +CVE-2020-27513 + RESERVED +CVE-2020-27512 + RESERVED +CVE-2020-27511 + RESERVED +CVE-2020-27510 + RESERVED +CVE-2020-27509 + RESERVED +CVE-2020-27508 + RESERVED +CVE-2020-27507 + RESERVED +CVE-2020-27506 + RESERVED +CVE-2020-27505 + RESERVED +CVE-2020-27504 + RESERVED +CVE-2020-27503 + RESERVED +CVE-2020-27502 + RESERVED +CVE-2020-27501 + RESERVED +CVE-2020-27500 + RESERVED +CVE-2020-27499 + RESERVED +CVE-2020-27498 + RESERVED +CVE-2020-27497 + RESERVED +CVE-2020-27496 + RESERVED +CVE-2020-27495 + RESERVED +CVE-2020-27494 + RESERVED +CVE-2020-27493 + RESERVED +CVE-2020-27492 + RESERVED +CVE-2020-27491 + RESERVED +CVE-2020-27490 + RESERVED +CVE-2020-27489 + RESERVED +CVE-2020-27488 + RESERVED +CVE-2020-27487 + RESERVED +CVE-2020-27486 + RESERVED +CVE-2020-27485 + RESERVED +CVE-2020-27484 + RESERVED +CVE-2020-27483 + RESERVED +CVE-2020-27482 + RESERVED +CVE-2020-27481 + RESERVED +CVE-2020-27480 + RESERVED +CVE-2020-27479 + RESERVED +CVE-2020-27478 + RESERVED +CVE-2020-27477 + RESERVED +CVE-2020-27476 + RESERVED +CVE-2020-27475 + RESERVED +CVE-2020-27474 + RESERVED +CVE-2020-27473 + RESERVED +CVE-2020-27472 + RESERVED +CVE-2020-27471 + RESERVED +CVE-2020-27470 + RESERVED +CVE-2020-27469 + RESERVED +CVE-2020-27468 + RESERVED +CVE-2020-27467 + RESERVED +CVE-2020-27466 + RESERVED +CVE-2020-27465 + RESERVED +CVE-2020-27464 + RESERVED +CVE-2020-27463 + RESERVED +CVE-2020-27462 + RESERVED +CVE-2020-27461 + RESERVED +CVE-2020-27460 + RESERVED +CVE-2020-27459 + RESERVED +CVE-2020-27458 + RESERVED +CVE-2020-27457 + RESERVED +CVE-2020-27456 + RESERVED +CVE-2020-27455 + RESERVED +CVE-2020-27454 + RESERVED +CVE-2020-27453 + RESERVED +CVE-2020-27452 + RESERVED +CVE-2020-27451 + RESERVED +CVE-2020-27450 + RESERVED +CVE-2020-27449 + RESERVED +CVE-2020-27448 + RESERVED +CVE-2020-27447 + RESERVED +CVE-2020-27446 + RESERVED +CVE-2020-27445 + RESERVED +CVE-2020-27444 + RESERVED +CVE-2020-27443 + RESERVED +CVE-2020-27442 + RESERVED +CVE-2020-27441 + RESERVED +CVE-2020-27440 + RESERVED +CVE-2020-27439 + RESERVED +CVE-2020-27438 + RESERVED +CVE-2020-27437 + RESERVED +CVE-2020-27436 + RESERVED +CVE-2020-27435 + RESERVED +CVE-2020-27434 + RESERVED +CVE-2020-27433 + RESERVED +CVE-2020-27432 + RESERVED +CVE-2020-27431 + RESERVED +CVE-2020-27430 + RESERVED +CVE-2020-27429 + RESERVED +CVE-2020-27428 + RESERVED +CVE-2020-27427 + RESERVED +CVE-2020-27426 + RESERVED +CVE-2020-27425 + RESERVED +CVE-2020-27424 + RESERVED +CVE-2020-27423 + RESERVED +CVE-2020-27422 + RESERVED +CVE-2020-27421 + RESERVED +CVE-2020-27420 + RESERVED +CVE-2020-27419 + RESERVED +CVE-2020-27418 + RESERVED +CVE-2020-27417 + RESERVED +CVE-2020-27416 + RESERVED +CVE-2020-27415 + RESERVED +CVE-2020-27414 + RESERVED +CVE-2020-27413 + RESERVED +CVE-2020-27412 + RESERVED +CVE-2020-27411 + RESERVED +CVE-2020-27410 + RESERVED +CVE-2020-27409 + RESERVED +CVE-2020-27408 + RESERVED +CVE-2020-27407 + RESERVED +CVE-2020-27406 + RESERVED +CVE-2020-27405 + RESERVED +CVE-2020-27404 + RESERVED +CVE-2020-27403 + RESERVED +CVE-2020-27402 + RESERVED +CVE-2020-27401 + RESERVED +CVE-2020-27400 + RESERVED +CVE-2020-27399 + RESERVED +CVE-2020-27398 + RESERVED +CVE-2020-27397 + RESERVED +CVE-2020-27396 + RESERVED +CVE-2020-27395 + RESERVED +CVE-2020-27394 + RESERVED +CVE-2020-27393 + RESERVED +CVE-2020-27392 + RESERVED +CVE-2020-27391 + RESERVED +CVE-2020-27390 + RESERVED +CVE-2020-27389 + RESERVED +CVE-2020-27388 + RESERVED +CVE-2020-27387 + RESERVED +CVE-2020-27386 + RESERVED +CVE-2020-27385 + RESERVED +CVE-2020-27384 + RESERVED +CVE-2020-27383 + RESERVED +CVE-2020-27382 + RESERVED +CVE-2020-27381 + RESERVED +CVE-2020-27380 + RESERVED +CVE-2020-27379 + RESERVED +CVE-2020-27378 + RESERVED +CVE-2020-27377 + RESERVED +CVE-2020-27376 + RESERVED +CVE-2020-27375 + RESERVED +CVE-2020-27374 + RESERVED +CVE-2020-27373 + RESERVED +CVE-2020-27372 + RESERVED +CVE-2020-27371 + RESERVED +CVE-2020-27370 + RESERVED +CVE-2020-27369 + RESERVED +CVE-2020-27368 + RESERVED +CVE-2020-27367 + RESERVED +CVE-2020-27366 + RESERVED +CVE-2020-27365 + RESERVED +CVE-2020-27364 + RESERVED +CVE-2020-27363 + RESERVED +CVE-2020-27362 + RESERVED +CVE-2020-27361 + RESERVED +CVE-2020-27360 + RESERVED +CVE-2020-27359 + RESERVED +CVE-2020-27358 + RESERVED +CVE-2020-27357 + RESERVED +CVE-2020-27356 + RESERVED CVE-2020-27355 RESERVED CVE-2020-27354 @@ -928,10 +1418,10 @@ CVE-2020-26898 (NETGEAR RAX40 devices before 1.0.3.80 are affected by incorrect NOT-FOR-US: Netgear CVE-2020-26897 (Certain NETGEAR devices are affected by disclosure of administrative c ...) NOT-FOR-US: Netgear -CVE-2020-26896 - RESERVED -CVE-2020-26895 - RESERVED +CVE-2020-26896 (Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerabili ...) + TODO: check +CVE-2020-26895 (Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accept ...) + TODO: check CVE-2020-26894 (Faulkner Wildlife Issues in the New Millennium 18.0.160 on Windows all ...) NOT-FOR-US: New Millennium CVE-2020-26893 (An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor c ...) @@ -3585,8 +4075,7 @@ CVE-2020-25649 - jackson-databind 2.11.1-1 NOTE: https://github.com/FasterXML/jackson-databind/issues/2589 NOTE: https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59 (jackson-databind-2.11.0.rc1) -CVE-2020-25648 [Tighten CCS handling for middlebox compatibility mode] - RESERVED +CVE-2020-25648 (A flaw was found in the way NSS handled CCS (ChangeCipherSpec) message ...) - nss 2:3.58-1 NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1641480 (private) @@ -4688,8 +5177,8 @@ CVE-2020-25159 RESERVED CVE-2020-25158 RESERVED -CVE-2020-25157 - RESERVED +CVE-2020-25157 (The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection ...) + TODO: check CVE-2020-25156 RESERVED CVE-2020-25155 @@ -5528,8 +6017,8 @@ CVE-2020-24767 RESERVED CVE-2020-24766 RESERVED -CVE-2020-24765 - RESERVED +CVE-2020-24765 (InterMind iMind Server through 3.13.65 allows remote unauthenticated a ...) + TODO: check CVE-2020-24764 RESERVED CVE-2020-24763 @@ -6290,22 +6779,22 @@ CVE-2020-24418 RESERVED CVE-2020-24417 RESERVED -CVE-2020-24416 - RESERVED -CVE-2020-24415 - RESERVED -CVE-2020-24414 - RESERVED -CVE-2020-24413 - RESERVED -CVE-2020-24412 - RESERVED -CVE-2020-24411 - RESERVED -CVE-2020-24410 - RESERVED -CVE-2020-24409 - RESERVED +CVE-2020-24416 (Marketo Sales Insight plugin version 1.4355 (and earlier) is affected ...) + TODO: check +CVE-2020-24415 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...) + TODO: check +CVE-2020-24414 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...) + TODO: check +CVE-2020-24413 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...) + TODO: check +CVE-2020-24412 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...) + TODO: check +CVE-2020-24411 (Adobe Illustrator version 24.2 (and earlier) is affected by an out-of- ...) + TODO: check +CVE-2020-24410 (Adobe Illustrator version 24.2 (and earlier) is affected by an out-of- ...) + TODO: check +CVE-2020-24409 (Adobe Illustrator version 24.2 (and earlier) is affected by an out-of- ...) + TODO: check CVE-2020-24408 (Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by a per ...) NOT-FOR-US: Magento CVE-2020-24407 @@ -23610,8 +24099,8 @@ CVE-2020-15933 RESERVED CVE-2020-15932 (Overwolf before 0.149.2.30 mishandles Symbolic Links during updates, c ...) NOT-FOR-US: Overwolf -CVE-2020-15931 - RESERVED +CVE-2020-15931 (Netwrix Account Lockout Examiner before 5.1 allows remote attackers to ...) + TODO: check CVE-2020-15930 (An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary cod ...) NOT-FOR-US: Joplin desktop CVE-2020-15929 @@ -25286,8 +25775,8 @@ CVE-2020-15271 RESERVED CVE-2020-15270 RESERVED -CVE-2020-15269 - RESERVED +CVE-2020-15269 (In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens ...) + TODO: check CVE-2020-15268 RESERVED CVE-2020-15267 @@ -25296,8 +25785,8 @@ CVE-2020-15266 RESERVED CVE-2020-15265 RESERVED -CVE-2020-15264 - RESERVED +CVE-2020-15264 (The Boxstarter installer before version 2.13.0 configures C:\ProgramDa ...) + TODO: check CVE-2020-15263 (In platform before version 9.4.4, inline attributes are not properly e ...) NOT-FOR-US: Laravel Orchid Platform CVE-2020-15262 (In webpack-subresource-integrity before version 1.5.1, all dynamically ...) @@ -25475,7 +25964,7 @@ CVE-2020-15181 (The Alfresco Reset Password add-on before version 1.2.0 relies o NOT-FOR-US: Alfresco Reset Password add-on CVE-2020-15180 RESERVED - {DSA-4776-1} + {DSA-4776-1 DLA-2409-1} - mariadb-10.5 1:10.5.6-1 - mariadb-10.3 - mariadb-10.1 @@ -39856,8 +40345,8 @@ CVE-2020-9429 (In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a2530f740d67d41908e84434bb5ec99480c2ac2e CVE-2020-9418 (An untrusted search path vulnerability in the installer of PDFescape D ...) NOT-FOR-US: PDFescape -CVE-2020-9417 - RESERVED +CVE-2020-9417 (The Transaction Insight reporting component of TIBCO Software Inc.'s T ...) + TODO: check CVE-2020-9416 (The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire ...) NOT-FOR-US: TIBCO CVE-2020-9415 (The TIBCO Data Virtualization Server component of TIBCO Software Inc.' ...) @@ -48535,12 +49024,12 @@ CVE-2020-5794 RESERVED CVE-2020-5793 RESERVED -CVE-2020-5792 - RESERVED -CVE-2020-5791 - RESERVED -CVE-2020-5790 - RESERVED +CVE-2020-5792 (Improper neutralization of argument delimiters in a command in Nagios ...) + TODO: check +CVE-2020-5791 (Improper neutralization of special elements used in an OS command in N ...) + TODO: check +CVE-2020-5790 (Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker ...) + TODO: check CVE-2020-5789 (Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows ...) NOT-FOR-US: Teltonika CVE-2020-5788 (Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows ...) -- cgit v1.2.3