From 8766a87ceeef264e0fe8550ab49cc35124dc617a Mon Sep 17 00:00:00 2001 From: security tracker role Date: Sun, 9 Aug 2020 08:10:21 +0000 Subject: automatic update --- data/CVE/list | 66 +++++++++++++++++++++++++++++------------------------------ 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index d419d7f6f1..af50dfef14 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3332,36 +3332,36 @@ CVE-2020-15833 RESERVED CVE-2020-15832 RESERVED -CVE-2020-15831 - RESERVED -CVE-2020-15830 - RESERVED -CVE-2020-15829 - RESERVED -CVE-2020-15828 - RESERVED -CVE-2020-15827 - RESERVED -CVE-2020-15826 - RESERVED -CVE-2020-15825 - RESERVED -CVE-2020-15824 - RESERVED -CVE-2020-15823 - RESERVED +CVE-2020-15831 (JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in t ...) + TODO: check +CVE-2020-15830 (JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the ...) + TODO: check +CVE-2020-15829 (In JetBrains TeamCity before 2019.2.3, password parameters could be di ...) + TODO: check +CVE-2020-15828 (In JetBrains TeamCity before 2020.1.1, project parameter values can be ...) + TODO: check +CVE-2020-15827 (In JetBrains ToolBox version 1.17 before 1.17.6856, the set of signatu ...) + TODO: check +CVE-2020-15826 (In JetBrains TeamCity before 2020.1, users are able to assign more per ...) + TODO: check +CVE-2020-15825 (In JetBrains TeamCity before 2020.1, users with the Modify Group permi ...) + TODO: check +CVE-2020-15824 (In JetBrains Kotlin before 1.4.0, there is a script-cache privilege es ...) + TODO: check +CVE-2020-15823 (JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Wor ...) + TODO: check CVE-2020-15822 RESERVED -CVE-2020-15821 - RESERVED -CVE-2020-15820 - RESERVED -CVE-2020-15819 - RESERVED -CVE-2020-15818 - RESERVED -CVE-2020-15817 - RESERVED +CVE-2020-15821 (In JetBrains YouTrack before 2020.2.6881, a user without permission is ...) + TODO: check +CVE-2020-15820 (In JetBrains YouTrack before 2020.2.6881, the markdown parser could di ...) + TODO: check +CVE-2020-15819 (JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that all ...) + TODO: check +CVE-2020-15818 (In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could ...) + TODO: check +CVE-2020-15817 (In JetBrains YouTrack before 2020.1.1331, an external user could execu ...) + TODO: check CVE-2020-15862 [privilege escalation] RESERVED {DLA-2299-1} @@ -11252,7 +11252,7 @@ CVE-2020-12697 (The direct_mail extension through 5.2.3 for TYPO3 allows Denial CVE-2020-12696 (The iframe plugin before 4.5 for WordPress does not sanitize a URL. ...) NOT-FOR-US: iframe plugin for WordPress CVE-2020-12695 (The Open Connectivity Foundation UPnP specification before 2020-04-17 ...) - {DLA-2315-1} + {DLA-2318-1 DLA-2315-1} - wpa [buster] - wpa (Minor issue) - gupnp 1.2.3-1 @@ -34142,7 +34142,7 @@ CVE-2020-4051 (In Dijit before versions 1.11.11, and greater than or equal to 1. CVE-2020-4045 (SSB-DB version 20.0.0 has an information disclosure vulnerability. The ...) NOT-FOR-US: SSB-DB CVE-2020-4044 (The xrdp-sesman service before version 0.9.13.1 can be crashed by conn ...) - {DSA-4737-1} + {DSA-4737-1 DLA-2319-1} - xrdp 0.9.12-1.1 (bug #964573) NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-j9fv-6fwf-p3g4 NOTE: Fixed by: https://github.com/neutrinolabs/xrdp/commit/e593f58a82bf79b556601ae08e9e25e366a662fb @@ -38804,8 +38804,8 @@ CVE-2019-19706 RESERVED CVE-2019-19705 RESERVED -CVE-2019-19704 - RESERVED +CVE-2019-19704 (In JetBrains Upsource before 2020.1, information disclosure is possibl ...) + TODO: check CVE-2019-19703 (In Ktor through 1.2.6, the client resends data from the HTTP Authoriza ...) NOT-FOR-US: Ktor CVE-2019-19702 (The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an XML Ext ...) @@ -73121,7 +73121,7 @@ CVE-2019-10065 (An issue was discovered in Open Ticket Request System (OTRS) 7.0 - otrs2 (Only affects 7.x series) NOTE: https://otrs.com/release-notes/otrs-security-advisory-2019-07/ CVE-2019-10064 (hostapd before 2.6, in EAP mode, makes calls to the rand() and random( ...) - {DLA-2138-1} + {DLA-2318-1 DLA-2138-1} - wpa 2:2.6-7 NOTE: https://www.openwall.com/lists/oss-security/2020/02/27/1 NOTE: Comment from upstream: https://www.openwall.com/lists/oss-security/2020/02/27/2 -- cgit v1.2.3