diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-07-02 08:10:21 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-07-02 08:10:21 +0000 |
commit | 5080947cff7f70a0c2bc6e4617fd626b04905047 (patch) | |
tree | 2f53b653a23d67b22ad626dcc2daf7f98f66d243 /data | |
parent | 134a059bb254ba304f2c0645bd03c5bddf475cfa (diff) |
automatic update
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 123 |
1 files changed, 99 insertions, 24 deletions
diff --git a/data/CVE/list b/data/CVE/list index 6700f67c37..de4eeef9fe 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,11 @@ +CVE-2020-15501 + RESERVED +CVE-2020-15500 (An issue was discovered in server.js in TileServer GL through 3.0.0. T ...) + TODO: check +CVE-2020-15499 + RESERVED +CVE-2020-15498 + RESERVED CVE-2020-15497 RESERVED CVE-2020-15496 @@ -12,10 +20,10 @@ CVE-2020-15492 RESERVED CVE-2020-15491 RESERVED -CVE-2020-15490 - RESERVED -CVE-2020-15489 - RESERVED +CVE-2020-15490 (An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 dev ...) + TODO: check +CVE-2020-15489 (An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 dev ...) + TODO: check CVE-2020-15488 RESERVED CVE-2020-15487 @@ -19979,8 +19987,8 @@ CVE-2019-20419 RESERVED CVE-2019-20418 RESERVED -CVE-2019-20417 - RESERVED +CVE-2019-20417 (Affected versions of Atlassian Jira Server and Data Center allow remot ...) + TODO: check CVE-2019-20416 (Affected versions of Atlassian Jira Server and Data Center allow remot ...) NOT-FOR-US: Atlassian CVE-2019-20415 (Atlassian Jira Server and Data Center in affected versions allows remo ...) @@ -22517,7 +22525,7 @@ CVE-2019-20378 (ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS CVE-2019-20377 (TopList before 2019-09-03 allows XSS via a title. ...) NOT-FOR-US: TopList CVE-2020-6831 (A buffer overflow could occur when parsing and validating SCTP chunks ...) - {DSA-4683-1 DSA-4678-1 DLA-2206-1 DLA-2205-1} + {DSA-4714-1 DSA-4683-1 DSA-4678-1 DLA-2206-1 DLA-2205-1} - firefox 76.0-1 - firefox-esr 68.8.0esr-1 - thunderbird 1:68.8.0-1 @@ -23357,20 +23365,24 @@ CVE-2020-6510 RESERVED CVE-2020-6509 RESERVED + {DSA-4714-1} - chromium 83.0.4103.116-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6508 RESERVED CVE-2020-6507 RESERVED + {DSA-4714-1} - chromium 83.0.4103.106-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6506 RESERVED + {DSA-4714-1} - chromium 83.0.4103.106-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6505 RESERVED + {DSA-4714-1} - chromium 83.0.4103.106-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6504 (Insufficient policy enforcement in notifications in Google Chrome prio ...) @@ -23398,136 +23410,179 @@ CVE-2020-6499 (Inappropriate implementation in AppCache in Google Chrome prior t - chromium 80.0.3987.106-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6498 (Incorrect implementation in user interface in Google Chrome on iOS pri ...) + {DSA-4714-1} - chromium 83.0.4103.106-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6497 (Insufficient policy enforcement in Omnibox in Google Chrome on iOS pri ...) + {DSA-4714-1} - chromium 83.0.4103.106-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6496 (Use after free in payments in Google Chrome on MacOS prior to 83.0.410 ...) + {DSA-4714-1} - chromium 83.0.4103.106-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6495 (Insufficient policy enforcement in developer tools in Google Chrome pr ...) + {DSA-4714-1} - chromium 83.0.4103.106-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6494 (Incorrect security UI in payments in Google Chrome on Android prior to ...) + {DSA-4714-1} - chromium 83.0.4103.106-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6493 (Use after free in WebAuthentication in Google Chrome prior to 83.0.410 ...) + {DSA-4714-1} - chromium 83.0.4103.106-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6492 RESERVED CVE-2020-6491 (Insufficient data validation in site information in Google Chrome prio ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6490 (Insufficient data validation in loader in Google Chrome prior to 83.0. ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6489 (Inappropriate implementation in developer tools in Google Chrome prior ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6488 (Insufficient policy enforcement in downloads in Google Chrome prior to ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6487 (Insufficient policy enforcement in downloads in Google Chrome prior to ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6486 (Insufficient policy enforcement in navigations in Google Chrome prior ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6485 (Insufficient data validation in media router in Google Chrome prior to ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6484 (Insufficient data validation in ChromeDriver in Google Chrome prior to ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6483 (Insufficient policy enforcement in payments in Google Chrome prior to ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6482 (Insufficient policy enforcement in developer tools in Google Chrome pr ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6481 (Insufficient policy enforcement in URL formatting in Google Chrome pri ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6480 (Insufficient policy enforcement in enterprise in Google Chrome prior t ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6479 (Inappropriate implementation in sharing in Google Chrome prior to 83.0 ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6478 (Inappropriate implementation in full screen in Google Chrome prior to ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6477 (Inappropriate implementation in installer in Google Chrome on OS X pri ...) - chromium <not-affected> (Only affects installer) CVE-2020-6476 (Insufficient policy enforcement in tab strip in Google Chrome prior to ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6475 (Incorrect implementation in full screen in Google Chrome prior to 83.0 ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6474 (Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6473 (Insufficient policy enforcement in Blink in Google Chrome prior to 83. ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6472 (Insufficient policy enforcement in developer tools in Google Chrome pr ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6471 (Insufficient policy enforcement in developer tools in Google Chrome pr ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6470 (Insufficient validation of untrusted input in clipboard in Google Chro ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6469 (Insufficient policy enforcement in developer tools in Google Chrome pr ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6468 (Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6467 (Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowe ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6466 (Use after free in media in Google Chrome prior to 83.0.4103.61 allowed ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6465 (Use after free in reader mode in Google Chrome on Android prior to 83. ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6464 (Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowe ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6463 (Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowe ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6462 (Use after free in task scheduling in Google Chrome prior to 81.0.4044. ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6461 (Use after free in storage in Google Chrome prior to 81.0.4044.129 allo ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6460 (Insufficient data validation in URL formatting in Google Chrome prior ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6459 (Use after free in payments in Google Chrome prior to 81.0.4044.122 all ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6458 (Out of bounds read and write in PDFium in Google Chrome prior to 81.0. ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6457 (Use after free in speech recognizer in Google Chrome prior to 81.0.404 ...) + {DSA-4714-1} - chromium 83.0.4103.83-1 (bug #958450) [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6456 (Insufficient validation of untrusted input in clipboard in Google Chro ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6455 (Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 al ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6454 (Use after free in extensions in Google Chrome prior to 81.0.4044.92 al ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6453 (Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987 ...) @@ -23551,60 +23606,79 @@ CVE-2020-6449 (Use after free in audio in Google Chrome prior to 80.0.3987.149 a - chromium 80.0.3987.149-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6448 (Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6447 (Inappropriate implementation in developer tools in Google Chrome prior ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6446 (Insufficient policy enforcement in trusted types in Google Chrome prio ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6445 (Insufficient policy enforcement in trusted types in Google Chrome prio ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6444 (Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 all ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6443 (Insufficient data validation in developer tools in Google Chrome prior ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6442 (Inappropriate implementation in cache in Google Chrome prior to 81.0.4 ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6441 (Insufficient policy enforcement in omnibox in Google Chrome prior to 8 ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6440 (Inappropriate implementation in extensions in Google Chrome prior to 8 ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6439 (Insufficient policy enforcement in navigations in Google Chrome prior ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6438 (Insufficient policy enforcement in extensions in Google Chrome prior t ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6437 (Inappropriate implementation in WebView in Google Chrome prior to 81.0 ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6436 (Use after free in window management in Google Chrome prior to 81.0.404 ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6435 (Insufficient policy enforcement in extensions in Google Chrome prior t ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6434 (Use after free in devtools in Google Chrome prior to 81.0.4044.92 allo ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6433 (Insufficient policy enforcement in extensions in Google Chrome prior t ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6432 (Insufficient policy enforcement in navigations in Google Chrome prior ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6431 (Insufficient policy enforcement in full screen in Google Chrome prior ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6430 (Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6429 (Use after free in audio in Google Chrome prior to 80.0.3987.149 allowe ...) @@ -23632,6 +23706,7 @@ CVE-2020-6424 (Use after free in media in Google Chrome prior to 80.0.3987.149 a - chromium 80.0.3987.149-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6423 (Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed ...) + {DSA-4714-1} - chromium 81.0.4044.92-1 [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6422 (Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowe ...) @@ -26377,8 +26452,8 @@ CVE-2020-5240 (In wagtail-2fa before 1.4.1, any user with access to the CMS can NOT-FOR-US: wagtail-2fa CVE-2020-5239 (In Mailu before version 1.7, an authenticated user can exploit a vulne ...) NOT-FOR-US: Mailu -CVE-2020-5238 - RESERVED +CVE-2020-5238 (The table extension in GitHub Flavored Markdown before version 0.29.0. ...) + TODO: check CVE-2020-5237 (Multiple relative path traversal vulnerabilities in the oneup/uploader ...) NOT-FOR-US: oneup/uploader-bundle CVE-2020-5236 (Waitress version 1.4.2 allows a DOS attack When waitress receives a he ...) @@ -31720,8 +31795,8 @@ CVE-2020-3404 RESERVED CVE-2020-3403 RESERVED -CVE-2020-3402 - RESERVED +CVE-2020-3402 (A vulnerability in the Java Remote Method Invocation (RMI) interface o ...) + TODO: check CVE-2020-3401 RESERVED CVE-2020-3400 @@ -31742,8 +31817,8 @@ CVE-2020-3393 RESERVED CVE-2020-3392 RESERVED -CVE-2020-3391 - RESERVED +CVE-2020-3391 (A vulnerability in Cisco Digital Network Architecture (DNA) Center cou ...) + TODO: check CVE-2020-3390 RESERVED CVE-2020-3389 @@ -31848,8 +31923,8 @@ CVE-2020-3341 (A vulnerability in the PDF archive parsing module in Clam AntiVir [buster] - clamav <no-dsa> (ClamAV is updated via -updates) [stretch] - clamav <no-dsa> (ClamAV is updated via -updates) NOTE: https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html -CVE-2020-3340 - RESERVED +CVE-2020-3340 (Multiple vulnerabilities in the web-based management interface of Cisc ...) + TODO: check CVE-2020-3339 (A vulnerability in the web-based management interface of Cisco Prime I ...) NOT-FOR-US: Cisco CVE-2020-3338 @@ -31938,8 +32013,8 @@ CVE-2020-3299 RESERVED CVE-2020-3298 (A vulnerability in the Open Shortest Path First (OSPF) implementation ...) NOT-FOR-US: Cisco -CVE-2020-3297 - RESERVED +CVE-2020-3297 (A vulnerability in session management for the web-based interface of C ...) + TODO: check CVE-2020-3296 (Multiple vulnerabilities in the web-based management interface of Cisc ...) NOT-FOR-US: Cisco CVE-2020-3295 (Multiple vulnerabilities in the web-based management interface of Cisc ...) @@ -51214,12 +51289,12 @@ CVE-2019-15314 (tiki/tiki-upload_file.php in Tiki 18.4 allows remote attackers t - tikiwiki <removed> CVE-2019-15313 (In Zimbra Collaboration before 8.8.15 Patch 1, there is a non-persiste ...) NOT-FOR-US: Zimbra Collaboration -CVE-2019-15312 - RESERVED -CVE-2019-15311 - RESERVED -CVE-2019-15310 - RESERVED +CVE-2019-15312 (An issue was discovered on Zolo Halo devices via the Linkplay firmware ...) + TODO: check +CVE-2019-15311 (An issue was discovered on Zolo Halo devices via the Linkplay firmware ...) + TODO: check +CVE-2019-15310 (An issue was discovered on various devices via the Linkplay firmware. ...) + TODO: check CVE-2019-15309 RESERVED CVE-2019-15308 @@ -58909,7 +58984,7 @@ CVE-2019-13307 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at Mag NOTE: https://github.com/ImageMagick/ImageMagick6/commit/e6d26d4e2f07375ddbf46a857d309d51eeff7ee1 NOTE: https://github.com/ImageMagick/ImageMagick6/commit/643921ca69a20b203faebd0b287d8b7012dc749d CVE-2019-13306 (ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/p ...) - {DLA-1888-1} + {DSA-4712-1 DLA-1888-1} - imagemagick <unfixed> (bug #931449) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1612 NOTE: initial fix: |