From beacee245983daa883e5994add1e822a4f7f8715 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Wed, 8 Jul 2020 08:10:16 +0000 Subject: automatic update --- data/CVE/list | 149 ++++++++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 135 insertions(+), 14 deletions(-) (limited to 'data') diff --git a/data/CVE/list b/data/CVE/list index 3cc9756098..f609b7cbe1 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,123 @@ +CVE-2020-15645 + RESERVED +CVE-2020-15644 + RESERVED +CVE-2020-15643 + RESERVED +CVE-2020-15642 + RESERVED +CVE-2020-15641 + RESERVED +CVE-2020-15640 + RESERVED +CVE-2020-15639 + RESERVED +CVE-2020-15638 + RESERVED +CVE-2020-15637 + RESERVED +CVE-2020-15636 + RESERVED +CVE-2020-15635 + RESERVED +CVE-2020-15634 + RESERVED +CVE-2020-15633 + RESERVED +CVE-2020-15632 + RESERVED +CVE-2020-15631 + RESERVED +CVE-2020-15630 + RESERVED +CVE-2020-15629 + RESERVED +CVE-2020-15628 + RESERVED +CVE-2020-15627 + RESERVED +CVE-2020-15626 + RESERVED +CVE-2020-15625 + RESERVED +CVE-2020-15624 + RESERVED +CVE-2020-15623 + RESERVED +CVE-2020-15622 + RESERVED +CVE-2020-15621 + RESERVED +CVE-2020-15620 + RESERVED +CVE-2020-15619 + RESERVED +CVE-2020-15618 + RESERVED +CVE-2020-15617 + RESERVED +CVE-2020-15616 + RESERVED +CVE-2020-15615 + RESERVED +CVE-2020-15614 + RESERVED +CVE-2020-15613 + RESERVED +CVE-2020-15612 + RESERVED +CVE-2020-15611 + RESERVED +CVE-2020-15610 + RESERVED +CVE-2020-15609 + RESERVED +CVE-2020-15608 + RESERVED +CVE-2020-15607 + RESERVED +CVE-2020-15606 + RESERVED +CVE-2020-15605 + RESERVED +CVE-2020-15604 + RESERVED +CVE-2020-15603 + RESERVED +CVE-2020-15602 + RESERVED +CVE-2020-15601 + RESERVED +CVE-2020-15600 (An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to ...) + TODO: check +CVE-2020-15599 (Victor CMS through 2019-02-28 allows XSS via the register.php user_fir ...) + TODO: check +CVE-2020-15598 + RESERVED +CVE-2020-15597 + RESERVED +CVE-2020-15596 + RESERVED +CVE-2019-20906 + RESERVED +CVE-2019-20905 + RESERVED +CVE-2019-20904 + RESERVED +CVE-2019-20903 + RESERVED +CVE-2019-20902 + RESERVED +CVE-2019-20901 + RESERVED +CVE-2019-20900 + RESERVED +CVE-2019-20899 + RESERVED +CVE-2019-20898 + RESERVED +CVE-2019-20897 + RESERVED CVE-2020-XXXX [veyon-configurator tmp handling] - veyon [buster] - veyon (Minor issue) @@ -124,6 +244,7 @@ CVE-2020-15542 (SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD CVE-2020-15541 (SolarWinds Serv-U FTP server before 15.2.1 allows remote command execu ...) NOT-FOR-US: SolarWinds Serv-U FTP server CVE-2020-15562 (An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x befo ...) + {DSA-4720-1} - roundcube 1.4.7+dfsg.1-1 (bug #964355) [stretch] - roundcube (Minor issue; will be fixed via point release) NOTE: 1.4.x https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82 @@ -1276,8 +1397,8 @@ CVE-2020-15010 RESERVED CVE-2020-15009 RESERVED -CVE-2020-15008 - RESERVED +CVE-2020-15008 (A SQLi exists in the probe code of all Connectwise Automate versions b ...) + TODO: check CVE-2020-15007 (A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ...) - rbdoom3bfg (unimportant) NOTE: https://github.com/AXDOOMER/doom-vanille/commit/8a6d9a02fa991a91ff90ccdc73b5ceabaa6cb9ec @@ -6685,8 +6806,8 @@ CVE-2020-12823 (OpenConnect 8.09 has a buffer overflow, causing a denial of serv NOTE: Only triggerable by local certs, which are under the control of the user CVE-2020-12822 RESERVED -CVE-2020-12821 - RESERVED +CVE-2020-12821 (Gossipsub 1.0 does not properly resist invalid message spam, such as a ...) + TODO: check CVE-2020-12820 RESERVED CVE-2020-12819 @@ -6931,8 +7052,8 @@ CVE-2020-12738 RESERVED CVE-2020-12737 (An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authen ...) NOT-FOR-US: Maxum Rumpus -CVE-2020-12736 - RESERVED +CVE-2020-12736 (Code42 environments with on-premises server versions 7.0.4 and earlier ...) + TODO: check CVE-2020-12735 (reset.php in DomainMOD 4.13.0 uses insufficient entropy for password r ...) NOT-FOR-US: DomainMOD CVE-2020-12734 @@ -17845,8 +17966,8 @@ CVE-2020-8918 RESERVED CVE-2020-8917 RESERVED -CVE-2020-8916 - RESERVED +CVE-2020-8916 (A memory leak in Openthread's wpantund versions up to commit 0e5d1601f ...) + TODO: check CVE-2020-8915 RESERVED CVE-2020-8914 @@ -18794,12 +18915,12 @@ CVE-2020-8523 RESERVED CVE-2020-8522 RESERVED -CVE-2020-8521 - RESERVED -CVE-2020-8520 - RESERVED -CVE-2020-8519 - RESERVED +CVE-2020-8521 (SQL injection with start and length parameters in Records.php for phpz ...) + TODO: check +CVE-2020-8520 (SQL injection in order and column parameters in Records.php for phpzag ...) + TODO: check +CVE-2020-8519 (SQL injection with the search parameter in Records.php for phpzag live ...) + TODO: check CVE-2020-8518 (Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary P ...) {DLA-2174-1} - php-horde-data (bug #951537) -- cgit v1.2.3