summaryrefslogtreecommitdiffstats
path: root/data
diff options
context:
space:
mode:
authorsecurity tracker role <sectracker@soriano.debian.org>2020-11-25 20:10:33 +0000
committersecurity tracker role <sectracker@soriano.debian.org>2020-11-25 20:10:33 +0000
commit3d1757f183bb10579d3e6ff9a67a751c25e89bb4 (patch)
tree536b66854ee987883bfc3b68fb6f1152f1de30ac /data
parent245252b665414303472b13abd04730a393db89e5 (diff)
automatic update
Diffstat (limited to 'data')
-rw-r--r--data/CVE/list29
1 files changed, 14 insertions, 15 deletions
diff --git a/data/CVE/list b/data/CVE/list
index e93765a9fe..a424a2c8bf 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4,8 +4,8 @@ CVE-2020-29072 (A Cross-Site Script Inclusion vulnerability was found on LiquidF
NOT-FOR-US: LiquidFiles
CVE-2020-29071 (An XSS issue was found in the Shares feature of LiquidFiles before 3.3 ...)
NOT-FOR-US: LiquidFiles
-CVE-2020-29070
- RESERVED
+CVE-2020-29070 (osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user en ...)
+ TODO: check
CVE-2020-29069 (_get_flag_ip_localdb in server/mhn/ui/utils.py in Modern Honey Network ...)
NOT-FOR-US: Modern Honey Network
CVE-2020-29068
@@ -9519,8 +9519,8 @@ CVE-2020-26245
RESERVED
CVE-2020-26244
RESERVED
-CVE-2020-26243
- RESERVED
+CVE-2020-26243 (Nanopb is a small code-size Protocol Buffers implementation. In Nanopb ...)
+ TODO: check
CVE-2020-26242 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
TODO: check
CVE-2020-26241 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
@@ -9584,8 +9584,8 @@ CVE-2020-26214 (In Alerta before version 8.1.0, users may be able to bypass LDAP
NOT-FOR-US: Alerta
CVE-2020-26213 (In teler before version 0.0.1, if you run teler inside a Docker contai ...)
NOT-FOR-US: Alerta
-CVE-2020-26212
- RESERVED
+CVE-2020-26212 (GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Fr ...)
+ TODO: check
CVE-2020-26211 (In BookStack before version 0.30.4, a user with permissions to edit a ...)
NOT-FOR-US: BookStack app
CVE-2020-26210 (In BookStack before version 0.30.4, a user with permissions to edit a ...)
@@ -10998,8 +10998,7 @@ CVE-2020-25651 [Possible File Transfer DoS and Information Leak via active_xfers
NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/9d35d8a86fb310fc1f29d428c0a96995948d2357
NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/e4bfd1b632b6c14e8411dbe3565115a78cd3d256
NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/b7db1c20c9f80154fb54392eb44add3486d3e427
-CVE-2020-25650 [Memory DoS via Arbitrary Entries in active_xfers Hash Table]
- RESERVED
+CVE-2020-25650 (A flaw was found in the way the spice-vdagentd daemon handled file tra ...)
- spice-vdagent <unfixed> (bug #973769)
NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/1
NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/1a8b93ca6ac0b690339ab7f0afc6fc45d198d332
@@ -168766,7 +168765,7 @@ CVE-2017-18036 (The Github repository importer in Atlassian Bitbucket Server bef
NOT-FOR-US: Atlassian Bitbucket
CVE-2017-18035 (The /rest/review-coverage-chart/1.0/data/&lt;repository_name&gt;/.json ...)
NOT-FOR-US: Atlassian Fisheye and Crucible
-CVE-2017-18034 (The source browse resource in Atlassian FishEye and Crucible before ve ...)
+CVE-2017-18034 (The source browse resource in Atlassian Fisheye and Crucible before ve ...)
NOT-FOR-US: Atlassian Fisheye and Crucible
CVE-2017-18033 (The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allow ...)
NOT-FOR-US: Jira-importers-plugin in Atlassian Jira
@@ -193228,9 +193227,9 @@ CVE-2017-14590 (Bamboo did not check that the name of a branch in a Mercurial re
NOT-FOR-US: Atlassian Bamboo
CVE-2017-14589 (It was possible for double OGNL evaluation in FreeMarker templates thr ...)
NOT-FOR-US: Atlassian Bamboo
-CVE-2017-14588 (Various resources in Atlassian FishEye and Crucible before version 4.4 ...)
+CVE-2017-14588 (Various resources in Atlassian Fisheye and Crucible before version 4.4 ...)
NOT-FOR-US: Atlassian
-CVE-2017-14587 (The administration user deletion resource in Atlassian FishEye and Cru ...)
+CVE-2017-14587 (The administration user deletion resource in Atlassian Fisheye and Cru ...)
NOT-FOR-US: Atlassian
CVE-2017-14586 (The Hipchat for Mac desktop client is vulnerable to client-side remote ...)
NOT-FOR-US: Atlassian
@@ -208275,15 +208274,15 @@ CVE-2017-9514 (Bamboo before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1 h
NOT-FOR-US: Atlassian Bamboo
CVE-2017-9513 (Several rest inline action resources of Atlassian Activity Streams bef ...)
NOT-FOR-US: Atlassian Activity Streams
-CVE-2017-9512 (The mostActiveCommitters.do resource in Atlassian FishEye and Crucible ...)
+CVE-2017-9512 (The mostActiveCommitters.do resource in Atlassian Fisheye and Crucible ...)
NOT-FOR-US: Atlassian
-CVE-2017-9511 (The MultiPathResource class in Atlassian FishEye and Crucible, before ...)
+CVE-2017-9511 (The MultiPathResource class in Atlassian Fisheye and Crucible, before ...)
NOT-FOR-US: Atlassian
-CVE-2017-9510 (The repository changelog resource in Atlassian FishEye before version ...)
+CVE-2017-9510 (The repository changelog resource in Atlassian Fisheye before version ...)
NOT-FOR-US: Atlassian
CVE-2017-9509 (The review file upload resource in Atlassian Crucible before version 4 ...)
NOT-FOR-US: Atlassian
-CVE-2017-9508 (Various resources in Atlassian FishEye and Crucible before version 4.4 ...)
+CVE-2017-9508 (Various resources in Atlassian Fisheye and Crucible before version 4.4 ...)
NOT-FOR-US: Atlassian
CVE-2017-9507 (The review dashboard resource in Atlassian Crucible from version 4.1.0 ...)
NOT-FOR-US: Atlassian

© 2014-2024 Faster IT GmbH | imprint | privacy policy