From 91e443d5b9629243e306928b6bd820e17e9e1bde Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20M=C3=BChlenhoff?= Date: Thu, 29 Oct 2020 19:52:21 +0100 Subject: various bugs --- data/CVE/list | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'data/CVE/list') diff --git a/data/CVE/list b/data/CVE/list index 206032dd01..e34995af63 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -698,13 +698,13 @@ CVE-2020-27743 (libtac in pam_tacplus through 1.5.1 lacks a check for a failure - libpam-tacplus (bug #973250) NOTE: https://github.com/kravietz/pam_tacplus/pull/163 CVE-2020-27742 (An Insecure Direct Object Reference vulnerability in Citadel WebCit th ...) - - webcit + - webcit (bug #973385) CVE-2020-27741 (Multiple cross-site scripting (XSS) vulnerabilities in Citadel WebCit ...) - - webcit + - webcit (bug #973385) CVE-2020-27740 (Citadel WebCit through 926 allows unauthenticated remote attackers to ...) - - webcit + - webcit (bug #973385) CVE-2020-27739 (A Weak Session Management vulnerability in Citadel WebCit through 926 ...) - - webcit + - webcit (bug #973385) CVE-2020-27738 RESERVED CVE-2020-27737 @@ -20855,10 +20855,10 @@ CVE-2020-18187 CVE-2020-18186 RESERVED CVE-2020-18185 (class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrar ...) - - pluxml + - pluxml (bug #973382) NOTE: https://github.com/pluxml/PluXml/issues/321 CVE-2020-18184 (In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_ ...) - - pluxml + - pluxml (bug #973382) NOTE: https://github.com/pluxml/PluXml/issues/320 CVE-2020-18183 RESERVED @@ -52570,19 +52570,19 @@ CVE-2020-6110 (An exploitable partial path traversal vulnerability exists in the CVE-2020-6109 (An exploitable path traversal vulnerability exists in the Zoom client, ...) NOT-FOR-US: Zoom CVE-2020-6108 (An exploitable code execution vulnerability exists in the fsck_chk_orp ...) - - f2fs-tools + - f2fs-tools (bug #973380) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1050 CVE-2020-6107 (An exploitable information disclosure vulnerability exists in the dev_ ...) - - f2fs-tools + - f2fs-tools (bug #973380) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1049 CVE-2020-6106 (An exploitable information disclosure vulnerability exists in the init ...) - - f2fs-tools + - f2fs-tools (bug #973380) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1048 CVE-2020-6105 (An exploitable code execution vulnerability exists in the multiple dev ...) - - f2fs-tools + - f2fs-tools (bug #973380) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1047 CVE-2020-6104 (An exploitable information disclosure vulnerability exists in the get_ ...) - - f2fs-tools + - f2fs-tools (bug #973380) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1046 CVE-2020-6103 (An exploitable code execution vulnerability exists in the Shader funct ...) NOT-FOR-US: AMD Radeon DirectX 11 Driver atidxx64.dll @@ -54101,7 +54101,7 @@ CVE-2020-5423 CVE-2020-5422 (BOSH System Metrics Server releases prior to 0.1.0 exposed the UAA pas ...) NOT-FOR-US: BOSH System Metrics Server CVE-2020-5421 (In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5. ...) - - libspring-java + - libspring-java (bug #973381) [buster] - libspring-java (Minor issue) [stretch] - libspring-java (Minor issue) NOTE: https://tanzu.vmware.com/security/cve-2020-5421 @@ -93816,7 +93816,7 @@ CVE-2019-11029 (Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the D CVE-2019-11028 (GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing ...) NOT-FOR-US: GAT-Ship Web Module CVE-2015-9284 (The request phase of the OmniAuth Ruby gem (1.9.1 and earlier) is vuln ...) - - ruby-omniauth + - ruby-omniauth (bug #973384) [buster] - ruby-omniauth (Minor issue) [stretch] - ruby-omniauth (Minor issue) [jessie] - ruby-omniauth (Fix is in additional gem and needs CSRF protection in apps) -- cgit v1.2.3