summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsecurity tracker role <sectracker@soriano.debian.org>2020-04-10 08:10:21 +0000
committersecurity tracker role <sectracker@soriano.debian.org>2020-04-10 08:10:21 +0000
commit43b016f11d91561e2a7901b7398833585f171332 (patch)
tree4c7ee98080f7a94bdc2e8f6c50e751c593f2d129
parent17f44fb29670ed8b84c52bb25b27615b16e6f6a5 (diff)
automatic update
-rw-r--r--data/CVE/list57
1 files changed, 42 insertions, 15 deletions
diff --git a/data/CVE/list b/data/CVE/list
index b72f6b840e..32697cde1b 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,5 +1,36 @@
-CVE-2020-11668 [media: xirlink_cit: add missing descriptor sanity checks]
+CVE-2020-11684
RESERVED
+CVE-2020-11683
+ RESERVED
+CVE-2020-11682
+ RESERVED
+CVE-2020-11681
+ RESERVED
+CVE-2020-11680
+ RESERVED
+CVE-2020-11679
+ RESERVED
+CVE-2020-11678
+ RESERVED
+CVE-2020-11677
+ RESERVED
+CVE-2020-11676
+ RESERVED
+CVE-2020-11675
+ RESERVED
+CVE-2020-11674
+ RESERVED
+CVE-2020-11673
+ RESERVED
+CVE-2020-11672
+ RESERVED
+CVE-2020-11671
+ RESERVED
+CVE-2020-11670
+ RESERVED
+CVE-2020-11669
+ RESERVED
+CVE-2020-11668 (In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit. ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/a246b4d547708f33ff4d4b9a7a5dbac741dc89d8
CVE-2020-11667
@@ -6630,8 +6661,8 @@ CVE-2020-8963 (TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110
NOT-FOR-US: TimeTools devices
CVE-2020-8962 (A stack-based buffer overflow was found on the D-Link DIR-842 REVC wit ...)
NOT-FOR-US: D-Link
-CVE-2020-8961
- RESERVED
+CVE-2020-8961 (An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. ...)
+ TODO: check
CVE-2020-8960 (Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS. ...)
NOT-FOR-US: Western Digital mycloud.com
CVE-2020-8959 (Western Digital WesternDigitalSSDDashboardSetup.exe before 3.0.2.0 all ...)
@@ -6928,16 +6959,14 @@ CVE-2020-8835 (In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf
[stretch] - linux <not-affected> (Vulnerable code introduced later)
[jessie] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://git.kernel.org/linus/f2d67fec0b43edce8c416101cdc52e71145b5fef
-CVE-2020-8834 [Linux kernel Power8 conflicting use of HSTATE_HOST_R1 vulnerability]
- RESERVED
+CVE-2020-8834 (KVM in the Linux kernel on Power8 processors has a conflicting use of ...)
- linux 4.18.6-1
[stretch] - linux <not-affected> (Vulnerable code not present)
[jessie] - linux <not-affected> (Vulnerable code not present)
NOTE: https://www.openwall.com/lists/oss-security/2020/04/06/2
CVE-2020-8833
RESERVED
-CVE-2020-8832 [incomplete fix for CVE-2019-14615 allows for a local information exposure]
- RESERVED
+CVE-2020-8832 (The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 (" ...)
- linux <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1817047
TODO: check (in kernel-sec) if we have incomplete fix
@@ -27106,8 +27135,7 @@ CVE-2020-1635
RESERVED
CVE-2020-1634 (On High-End SRX Series devices, in specific configurations and when sp ...)
NOT-FOR-US: Juniper
-CVE-2020-1633
- RESERVED
+CVE-2020-1633 (Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos ...)
NOT-FOR-US: Juniper
CVE-2020-1632
RESERVED
@@ -30388,10 +30416,10 @@ CVE-2019-18378 (Symantec Messaging Gateway, prior to 10.7.3, may be susceptible
NOT-FOR-US: Symantec
CVE-2019-18377 (Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a p ...)
NOT-FOR-US: Symantec
-CVE-2019-18376
- RESERVED
-CVE-2019-18375
- RESERVED
+CVE-2019-18376 (A CSRF token disclosure vulnerability allows a remote attacker, with a ...)
+ TODO: check
+CVE-2019-18375 (The ASG and ProxySG management consoles are susceptible to a session h ...)
+ TODO: check
CVE-2019-18374 (Symantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 &amp; ...)
NOT-FOR-US: Symantec
CVE-2019-18373 (Norton App Lock, prior to 1.4.0.503, may be susceptible to a bypass ex ...)
@@ -65110,8 +65138,7 @@ CVE-2019-7306 [Apport hook may expose sensitive information]
NOTE: https://bugs.launchpad.net/ubuntu/+source/byobu/+bug/1827202
NOTE: Issue in /usr/share/apport/package-hooks/source_byobu.py hook,
NOTE: non-issue in Debian as Apport not present.
-CVE-2019-7305 [extplorer exposes /usr and /etc/extplorer over HTTP]
- RESERVED
+CVE-2019-7305 (Information Exposure vulnerability in eXtplorer makes the /usr/ and /e ...)
- extplorer <removed>
NOTE: https://bugs.launchpad.net/ubuntu/+source/extplorer/+bug/1822013
CVE-2019-7304 (Canonical snapd before version 2.37.1 incorrectly performed socket own ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy