diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2020-08-01 08:10:18 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2020-08-01 08:10:18 +0000 |
| commit | 258a725e6c18987728f112ee6533fc3f14bba2ec (patch) | |
| tree | 0a2769bb2a0d08c7e0887be624d95bc1d7e346f2 /data/CVE | |
| parent | b2e9c9c168acf35c5d406a8d696bdbada633e3df (diff) | |
automatic update
Diffstat (limited to 'data/CVE')
| -rw-r--r-- | data/CVE/list | 54 |
1 files changed, 36 insertions, 18 deletions
diff --git a/data/CVE/list b/data/CVE/list index 03b259b699..a760651adf 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,21 @@ +CVE-2020-16263 + RESERVED +CVE-2020-16262 + RESERVED +CVE-2020-16261 + RESERVED +CVE-2020-16260 + RESERVED +CVE-2020-16259 + RESERVED +CVE-2020-16258 + RESERVED +CVE-2020-16257 + RESERVED +CVE-2020-16256 + RESERVED +CVE-2020-16255 + RESERVED CVE-2020-16254 RESERVED CVE-2020-16253 @@ -238,6 +256,7 @@ CVE-2020-16137 CVE-2020-16136 (In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permis ...) TODO: check CVE-2020-16135 (libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buf ...) + {DLA-2303-1} - libssh <unfixed> (bug #966560) NOTE: https://bugs.libssh.org/T232 NOTE: https://bugs.libssh.org/rLIBSSHe631ebb3e2247dd25e9678e6827c20dc73b73238 @@ -289,6 +308,7 @@ CVE-2020-16117 (In GNOME evolution-data-server before 3.35.91, a malicious serve NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/-/issues/189 CVE-2020-16116 RESERVED + {DSA-4738-1} - ark 4:20.04.3-1 NOTE: https://kde.org/info/security/advisory-20200730-1.txt NOTE: https://invent.kde.org/utilities/ark/-/commit/0df592524fed305d6fbe74ddf8a196bc9ffdb92f @@ -832,12 +852,12 @@ CVE-2020-15873 (In LibreNMS before 1.65.1, an authenticated attacker can achieve NOT-FOR-US: LibreNMS CVE-2020-15872 RESERVED -CVE-2020-15871 - RESERVED -CVE-2020-15870 - RESERVED -CVE-2020-15869 - RESERVED +CVE-2020-15871 (Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows ...) + TODO: check +CVE-2020-15870 (Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow ...) + TODO: check +CVE-2020-15869 (Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow ...) + TODO: check CVE-2020-15868 RESERVED CVE-2020-15867 @@ -4750,15 +4770,13 @@ CVE-2020-14312 RESERVED - dnsmasq 2.69-1 (bug #732610) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1851342 -CVE-2020-14311 - RESERVED +CVE-2020-14311 (There is an issue with grub2 before version 2.06 while handling symlin ...) {DSA-4735-1} - grub2 2.04-9 [stretch] - grub2 <ignored> (No SecureBoot support in stretch) NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3 NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3f05d693d1274965ffbe4ba99080dc2c570944c6 -CVE-2020-14310 - RESERVED +CVE-2020-14310 (There is an issue on grub2 before version 2.06 at function read_sectio ...) {DSA-4735-1} - grub2 2.04-9 [stretch] - grub2 <ignored> (No SecureBoot support in stretch) @@ -28233,10 +28251,10 @@ CVE-2020-5416 RESERVED CVE-2020-5415 RESERVED -CVE-2020-5414 - RESERVED -CVE-2020-5413 - RESERVED +CVE-2020-5414 (VMware Tanzu Application Service for VMs (2.7.x versions prior to 2.7. ...) + TODO: check +CVE-2020-5413 (Spring Integration framework provides Kryo Codec implementations as an ...) + TODO: check CVE-2020-5412 RESERVED CVE-2020-5411 (When configured to enable default typing, Jackson contained a deserial ...) @@ -28278,8 +28296,8 @@ CVE-2020-5397 (Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to NOTE: https://pivotal.io/security/cve-2020-5397 NOTE: https://github.com/spring-projects/spring-framework/issues/24327 NOTE: https://github.com/spring-projects/spring-framework/commit/bc7d01048579430b4b2df668178809b63d3f1929 -CVE-2020-5396 - RESERVED +CVE-2020-5396 (VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 9.7.6, and ...) + TODO: check CVE-2020-5395 (FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd. ...) - fontforge <unfixed> (bug #948231) [buster] - fontforge <no-dsa> (Minor issue) @@ -67059,8 +67077,8 @@ CVE-2019-11287 (Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior [stretch] - rabbitmq-server <no-dsa> (Minor issue) [jessie] - rabbitmq-server <postponed> (Minor issue) NOTE: https://pivotal.io/security/cve-2019-11287 -CVE-2019-11286 - RESERVED +CVE-2019-11286 (VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.5, and ...) + TODO: check CVE-2019-11285 REJECTED CVE-2019-11284 (Pivotal Reactor Netty, versions prior to 0.8.11, passes headers throug ...) |