summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsecurity tracker role <sectracker@soriano.debian.org>2020-01-30 08:10:18 +0000
committersecurity tracker role <sectracker@soriano.debian.org>2020-01-30 08:10:18 +0000
commitd5152cb34cd67353898260bcd76bfaa1631d589f (patch)
treeb10cede0f0775e3ca8389499e83084665d974736
parent183537ebd736151ded43af86bff9137b62571c1b (diff)
automatic update
-rw-r--r--data/CVE/list72
1 files changed, 56 insertions, 16 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 0063426a28..817bb817c2 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,39 @@
+CVE-2020-8448 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for ...)
+ TODO: check
+CVE-2020-8447 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for ...)
+ TODO: check
+CVE-2020-8446 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for ...)
+ TODO: check
+CVE-2020-8445 (In OSSEC-HIDS 2.7 through 3.5.0, the OS_CleanMSG function in ossec-ana ...)
+ TODO: check
+CVE-2020-8444 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for ...)
+ TODO: check
+CVE-2020-8443 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for ...)
+ TODO: check
+CVE-2020-8442 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for ...)
+ TODO: check
+CVE-2020-8441
+ RESERVED
+CVE-2020-8440
+ RESERVED
+CVE-2020-8439
+ RESERVED
+CVE-2020-8438 (Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated att ...)
+ TODO: check
+CVE-2020-8437
+ RESERVED
+CVE-2020-8436
+ RESERVED
+CVE-2020-8435
+ RESERVED
+CVE-2020-8434
+ RESERVED
+CVE-2020-8433
+ RESERVED
+CVE-2019-20445 (HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length ...)
+ TODO: check
+CVE-2019-20444 (HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header th ...)
+ TODO: check
CVE-2020-8432 (In Das U-Boot through 2020.01, a double free has been found in the cmd ...)
- u-boot <unfixed> (low)
[buster] - u-boot <no-dsa> (Minor issue)
@@ -10425,6 +10461,7 @@ CVE-2019-19955
CVE-2019-19954 (Signal Desktop before 1.29.1 on Windows allows local users to gain pri ...)
- signal-desktop <itp> (bug #842943)
CVE-2019-19953 (In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buff ...)
+ {DLA-2084-1}
- graphicsmagick 1.4+really1.3.34-1 (bug #947311)
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/28f8bacd4bbf
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/617/
@@ -10437,10 +10474,12 @@ CVE-2019-19952 (In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the fun
NOTE: https://github.com/ImageMagick/ImageMagick/commit/916d7bbd2c66a286d379dbd94bc6035c8fab937c (7.x)
NOTE: https://github.com/ImageMagick/ImageMagick6/commit/7ef923841437bb57bd9b55fc0bf40ddc99b93c2b (6.x)
CVE-2019-19951 (In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buff ...)
+ {DLA-2084-1}
- graphicsmagick 1.4~hg16039-1
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/bc99af93614d
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/608/
CVE-2019-19950 (In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free ...)
+ {DLA-2084-1}
- graphicsmagick 1.4~hg16039-1
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/44ab7f6c20b4
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/603/
@@ -12545,8 +12584,8 @@ CVE-2020-3149
RESERVED
CVE-2020-3148
RESERVED
-CVE-2020-3147
- RESERVED
+CVE-2020-3147 (A vulnerability in the web UI of Cisco Small Business Switches could a ...)
+ TODO: check
CVE-2020-3146
RESERVED
CVE-2020-3145
@@ -45338,8 +45377,8 @@ CVE-2019-10785
RESERVED
CVE-2019-10784
RESERVED
-CVE-2019-10783
- RESERVED
+CVE-2019-10783 (All versions including 0.0.4 of lsof npm module are vulnerable to Comm ...)
+ TODO: check
CVE-2019-10782
RESERVED
CVE-2019-10781 (In schema-inspector before 1.6.9, a maliciously crafted JavaScript obj ...)
@@ -174112,7 +174151,7 @@ CVE-2016-9845 (QEMU (aka Quick Emulator) built with the Virtio GPU Device emulat
- qemu-kvm <not-affected> (Vulnerable code not present)
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2016-11/msg00019.html
CVE-2016-9843 (The crc32_big function in crc32.c in zlib 1.2.8 might allow context-de ...)
- {DLA-1725-1}
+ {DLA-2085-1 DLA-1725-1}
- zlib 1:1.2.8.dfsg-3 (bug #847275)
[wheezy] - zlib <no-dsa> (Minor issue)
- rsync 3.1.3-6 (bug #924509)
@@ -174120,7 +174159,7 @@ CVE-2016-9843 (The crc32_big function in crc32.c in zlib 1.2.8 might allow conte
NOTE: https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811
NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
CVE-2016-9842 (The inflateMark function in inflate.c in zlib 1.2.8 might allow contex ...)
- {DLA-1725-1}
+ {DLA-2085-1 DLA-1725-1}
- zlib 1:1.2.8.dfsg-3 (bug #847274)
[wheezy] - zlib <no-dsa> (Minor issue)
- rsync 3.1.3-6 (bug #924509)
@@ -174128,7 +174167,7 @@ CVE-2016-9842 (The inflateMark function in inflate.c in zlib 1.2.8 might allow c
NOTE: https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958
NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
CVE-2016-9841 (inffast.c in zlib 1.2.8 might allow context-dependent attackers to hav ...)
- {DLA-1725-1}
+ {DLA-2085-1 DLA-1725-1}
- zlib 1:1.2.8.dfsg-4 (bug #847270)
[wheezy] - zlib <no-dsa> (Minor issue)
- rsync 3.1.3-6 (bug #924509)
@@ -174136,7 +174175,7 @@ CVE-2016-9841 (inffast.c in zlib 1.2.8 might allow context-dependent attackers t
NOTE: https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb
NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
CVE-2016-9840 (inftrees.c in zlib 1.2.8 might allow context-dependent attackers to ha ...)
- {DLA-1725-1}
+ {DLA-2085-1 DLA-1725-1}
- zlib 1:1.2.8.dfsg-3 (bug #847270)
[wheezy] - zlib <no-dsa> (Minor issue)
- rsync 3.1.3-6 (bug #924509)
@@ -188907,6 +188946,7 @@ CVE-2016-7092 (The get_page_from_l3e function in arch/x86/mm.c in Xen allows loc
CVE-2016-7090 (The integrated web server on Siemens SCALANCE M-800 and S615 modules w ...)
NOT-FOR-US: Siemens
CVE-2016-7098 (Race condition in wget 1.17 and earlier, when used in recursive or mir ...)
+ {DLA-2086-1}
- wget 1.18-4 (low; bug #836503)
[wheezy] - wget <no-dsa> (Minor issue)
NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=9ffb64ba6a8121909b01e984deddce8d096c498d
@@ -272984,18 +273024,18 @@ CVE-2013-3323
RESERVED
CVE-2013-3322
RESERVED
-CVE-2013-3321
- RESERVED
-CVE-2013-3320
- RESERVED
+CVE-2013-3321 (NetApp OnCommand System Manager 2.1 and earlier allows remote attacker ...)
+ TODO: check
+CVE-2013-3320 (Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Ma ...)
+ TODO: check
CVE-2013-3319 (The GetComputerSystem method in the HostControl service in SAP Netweav ...)
NOT-FOR-US: SAP Netweaver
CVE-2013-3318
REJECTED
-CVE-2013-3317
- RESERVED
-CVE-2013-3316
- RESERVED
+CVE-2013-3317 (Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentica ...)
+ TODO: check
+CVE-2013-3316 (Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentica ...)
+ TODO: check
CVE-2013-3315 (The server in TIBCO Silver Mobile 1.1.0 does not properly verify acces ...)
NOT-FOR-US: TIBCO
CVE-2013-3314 (The Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) I ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy