automatic update

author: security tracker role <sectracker@soriano.debian.org> 2020-01-25 20:10:26 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2020-01-25 20:10:26 +0000
commit: 3ce12aac9b6b8fafe80824a4ee154dfef6e9fe09 (patch)
tree: c670f06336e668d97ad5109d219ab5502dcc7997 /data/CVE/list
parent: 3164209750a093e4fa5024ebce9ac3b45d1bc66c (diff)
1 files changed, 21 insertions, 21 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 47da00daa7..10f5dc44ce 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,5 @@
+CVE-2020-7980 (Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary  ...)
+	TODO: check
 CVE-2020-7979
 	RESERVED
 CVE-2020-7978
@@ -849,8 +851,8 @@ CVE-2020-7598
 	RESERVED
 CVE-2020-7597
 	RESERVED
-CVE-2020-7596
-	RESERVED
+CVE-2020-7596 (Codecov npm module before 3.6.2 allows remote attackers to execute arb ...)
+	TODO: check
 CVE-2020-7595 (xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infini ...)
 	- libxml2 <unfixed> (bug #949582)
 	[jessie] - libxml2 <no-dsa> (Minor issue)
@@ -60034,8 +60036,8 @@ CVE-2019-5185
 	RESERVED
 CVE-2019-5184
 	RESERVED
-CVE-2019-5183
-	RESERVED
+CVE-2019-5183 (An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL ...)
+	TODO: check
 CVE-2019-5182
 	RESERVED
 CVE-2019-5181
@@ -60117,10 +60119,10 @@ CVE-2019-5149
 	RESERVED
 CVE-2019-5148
 	RESERVED
-CVE-2019-5147
-	RESERVED
-CVE-2019-5146
-	RESERVED
+CVE-2019-5147 (An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64 ...)
+	TODO: check
+CVE-2019-5146 (An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64 ...)
+	TODO: check
 CVE-2019-5145 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
 	NOT-FOR-US: Foxit PDF Reader
 CVE-2019-5144 (An exploitable heap underflow vulnerability exists in the derive_taps_ ...)
@@ -60163,8 +60165,8 @@ CVE-2019-5126 (An exploitable use-after-free vulnerability exists in the JavaScr
 	NOT-FOR-US: Foxit PDF Reader
 CVE-2019-5125 (An exploitable heap overflow vulnerability exists in the JPEG2000 pars ...)
 	NOT-FOR-US: LEADTOOLS
-CVE-2019-5124
-	RESERVED
+CVE-2019-5124 (An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64 ...)
+	TODO: check
 CVE-2019-5123 (Specially crafted web requests can cause SQL injections in YouPHPTube  ...)
 	NOT-FOR-US: YouPHPTube
 CVE-2019-5122 (SQL injection vulnerabilities exists in the authenticated part of YouP ...)
@@ -75340,7 +75342,7 @@ CVE-2019-0143 (Unhandled exception in Kernel-mode drivers for Intel(R) Ethernet
 CVE-2019-0142 (Insufficient access control in ilp60x64.sys driver for Intel(R) Ethern ...)
 	NOT-FOR-US: ilp60x64.sys driver for Intel
 CVE-2019-0141
-	RESERVED
+	REJECTED
 CVE-2019-0140 (Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controlle ...)
 	NOT-FOR-US: Intel firmware for Ethernet 700 Series
 CVE-2019-0139 (Insufficient access control in firmware for Intel(R) Ethernet 700 Seri ...)
@@ -261114,8 +261116,8 @@ CVE-2013-7003 (Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla
 	NOT-FOR-US: LiveZilla
 CVE-2012-6614
 	RESERVED
-CVE-2012-6613
-	RESERVED
+CVE-2012-6613 (D-Link DSR-250N devices with firmware 1.05B73_WW allow Persistent Root ...)
+	TODO: check
 CVE-2014-0365
 	RESERVED
 CVE-2014-0364 (The ParseRoster component in the Ignite Realtime Smack XMPP API before ...)
@@ -276435,8 +276437,8 @@ CVE-2013-1746
 	RESERVED
 CVE-2013-1745
 	RESERVED
-CVE-2013-1744
-	RESERVED
+CVE-2013-1744 (IRIS citations management tool through 1.3 allows remote attackers to  ...)
+	TODO: check
 CVE-2013-1743 (Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in B ...)
 	- bugzilla <not-affected> (Only affects 4.1 to 4.4)
 	- bugzilla4 <itp> (bug #669643)
@@ -279625,8 +279627,8 @@ CVE-2012-6495 (Multiple directory traversal vulnerabilities in the (1) twikidraw
 	{DSA-2593-1}
 	- moin 1.9.5-3
 	[wheezy] - moin 1.9.4-8+deb7u1
-CVE-2012-6494
-	RESERVED
+CVE-2012-6494 (Rapid7 Nexpose before 5.5.4 contains a session hijacking vulnerability ...)
+	TODO: check
 CVE-2012-6493 (Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Secu ...)
 	NOT-FOR-US: Rapid7 Nexpose Security Console
 CVE-2012-6492
@@ -280472,11 +280474,9 @@ CVE-2012-6347 (Multiple cross-site scripting (XSS) vulnerabilities in Java numbe
 	NOT-FOR-US: FortiGate
 CVE-2012-6346 (Multiple cross-site scripting (XSS) vulnerabilities in FortiWeb before ...)
 	NOT-FOR-US: FortiWeb
-CVE-2012-6345
-	RESERVED
+CVE-2012-6345 (Novell ZENworks Configuration Management before 11.2.4 allows obtainin ...)
 	NOT-FOR-US: CyberArk Vault
-CVE-2012-6344
-	RESERVED
+CVE-2012-6344 (Novell ZENworks Configuration Management before 11.2.4 allows XSS. ...)
 	NOT-FOR-US: CyberArk Vault
 CVE-2012-6343
 	RESERVED
author	security tracker role <sectracker@soriano.debian.org>	2020-01-25 20:10:26 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2020-01-25 20:10:26 +0000
commit	3ce12aac9b6b8fafe80824a4ee154dfef6e9fe09 (patch)
tree	c670f06336e668d97ad5109d219ab5502dcc7997 /data/CVE/list
parent	3164209750a093e4fa5024ebce9ac3b45d1bc66c (diff)