automatic update

author: security tracker role <sectracker@soriano.debian.org> 2020-04-08 20:10:23 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2020-04-08 20:10:23 +0000
commit: 657c6b6a5737a1894da30a97573daa6f56f7d126 (patch)
tree: ef12f6fa29b2c047bb20aa83bc9adfe4c00e02cd
parent: b9fe0a3e46057ce78b493be9fb50c0b7812fde95 (diff)
4 files changed, 240 insertions, 215 deletions
diff --git a/data/CVE/list.2017 b/data/CVE/list.2017
index 7545400e74..1e2203d000 100644
--- a/data/CVE/list.2017
+++ b/data/CVE/list.2017
@@ -98,14 +98,14 @@ CVE-2017-18648 (An issue was discovered on Samsung mobile devices with KK(4.4.x)
 	NOT-FOR-US: Samsung mobile devices
 CVE-2017-18647 (An issue was discovered on Samsung mobile devices with M(6,x) and N(7. ...)
 	NOT-FOR-US: Samsung mobile devices
-CVE-2017-18646
-	RESERVED
-CVE-2017-18645
-	RESERVED
-CVE-2017-18644
-	RESERVED
-CVE-2017-18643
-	RESERVED
+CVE-2017-18646 (An issue was discovered on Samsung mobile devices with M(6.x) and N(7. ...)
+	TODO: check
+CVE-2017-18645 (An issue was discovered on Samsung mobile devices with M(6.x) and N(7. ...)
+	TODO: check
+CVE-2017-18644 (An issue was discovered on Samsung mobile devices with L(5.1), M(6.x), ...)
+	TODO: check
+CVE-2017-18643 (An issue was discovered on Samsung mobile devices with M(6.x) and N(7. ...)
+	TODO: check
 CVE-2017-18642 (Syska Smart Bulb devices through 2017-08-06 receive RGB parameters ove ...)
 	NOT-FOR-US: Syska Smart Bulb devices
 CVE-2017-18641 (In LXC 2.0, many template scripts download code over cleartext HTTP, a ...)
diff --git a/data/CVE/list.2018 b/data/CVE/list.2018
index 42fb931350..4518479734 100644
--- a/data/CVE/list.2018
+++ b/data/CVE/list.2018
@@ -1,113 +1,113 @@
-CVE-2018-21092
-	RESERVED
-CVE-2018-21091
-	RESERVED
-CVE-2018-21090
-	RESERVED
-CVE-2018-21089
-	RESERVED
-CVE-2018-21088
-	RESERVED
-CVE-2018-21087
-	RESERVED
-CVE-2018-21086
-	RESERVED
-CVE-2018-21085
-	RESERVED
-CVE-2018-21084
-	RESERVED
-CVE-2018-21083
-	RESERVED
-CVE-2018-21082
-	RESERVED
-CVE-2018-21081
-	RESERVED
-CVE-2018-21080
-	RESERVED
-CVE-2018-21079
-	RESERVED
-CVE-2018-21078
-	RESERVED
-CVE-2018-21077
-	RESERVED
-CVE-2018-21076
-	RESERVED
-CVE-2018-21075
-	RESERVED
-CVE-2018-21074
-	RESERVED
-CVE-2018-21073
-	RESERVED
-CVE-2018-21072
-	RESERVED
-CVE-2018-21071
-	RESERVED
-CVE-2018-21070
-	RESERVED
-CVE-2018-21069
-	RESERVED
-CVE-2018-21068
-	RESERVED
-CVE-2018-21067
-	RESERVED
-CVE-2018-21066
-	RESERVED
-CVE-2018-21065
-	RESERVED
-CVE-2018-21064
-	RESERVED
-CVE-2018-21063
-	RESERVED
-CVE-2018-21062
-	RESERVED
-CVE-2018-21061
-	RESERVED
-CVE-2018-21060
-	RESERVED
-CVE-2018-21059
-	RESERVED
-CVE-2018-21058
-	RESERVED
-CVE-2018-21057
-	RESERVED
-CVE-2018-21056
-	RESERVED
-CVE-2018-21055
-	RESERVED
-CVE-2018-21054
-	RESERVED
-CVE-2018-21053
-	RESERVED
-CVE-2018-21052
-	RESERVED
-CVE-2018-21051
-	RESERVED
-CVE-2018-21050
-	RESERVED
-CVE-2018-21049
-	RESERVED
-CVE-2018-21048
-	RESERVED
-CVE-2018-21047
-	RESERVED
-CVE-2018-21046
-	RESERVED
-CVE-2018-21045
-	RESERVED
-CVE-2018-21044
-	RESERVED
-CVE-2018-21043
-	RESERVED
-CVE-2018-21042
-	RESERVED
-CVE-2018-21041
-	RESERVED
-CVE-2018-21040
-	RESERVED
-CVE-2018-21039
-	RESERVED
-CVE-2018-21038
-	RESERVED
+CVE-2018-21092 (An issue was discovered on Samsung mobile devices with M(6.x) and N(7. ...)
+	TODO: check
+CVE-2018-21091 (An issue was discovered on Samsung mobile devices with M(6.x) and N(7. ...)
+	TODO: check
+CVE-2018-21090 (An issue was discovered on Samsung mobile devices with software throug ...)
+	TODO: check
+CVE-2018-21089 (An issue was discovered on Samsung mobile devices with N(7.x) (MT6755/ ...)
+	TODO: check
+CVE-2018-21088 (An issue was discovered on Samsung mobile devices with N(7.x) software ...)
+	TODO: check
+CVE-2018-21087 (An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), ...)
+	TODO: check
+CVE-2018-21086 (An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), ...)
+	TODO: check
+CVE-2018-21085 (An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), ...)
+	TODO: check
+CVE-2018-21084 (An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), ...)
+	TODO: check
+CVE-2018-21083 (An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), ...)
+	TODO: check
+CVE-2018-21082 (An issue was discovered on Samsung mobile devices with N(7.x) software ...)
+	TODO: check
+CVE-2018-21081 (An issue was discovered on Samsung mobile devices with N(7.x) software ...)
+	TODO: check
+CVE-2018-21080 (An issue was discovered on Samsung mobile devices with N(7.x) software ...)
+	TODO: check
+CVE-2018-21079 (An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), ...)
+	TODO: check
+CVE-2018-21078 (An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), ...)
+	TODO: check
+CVE-2018-21077 (An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), ...)
+	TODO: check
+CVE-2018-21076 (An issue was discovered on Samsung mobile devices with N(7.x) (Exynos8 ...)
+	TODO: check
+CVE-2018-21075 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21074 (An issue was discovered on Samsung mobile devices with M(6.x) (Exynos  ...)
+	TODO: check
+CVE-2018-21073 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21072 (An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), ...)
+	TODO: check
+CVE-2018-21071 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
+	TODO: check
+CVE-2018-21070 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.0)  ...)
+	TODO: check
+CVE-2018-21069 (An issue was discovered on Samsung mobile devices with N(7.x) (MediaTe ...)
+	TODO: check
+CVE-2018-21068 (An issue was discovered on Samsung mobile devices with O(8.0) software ...)
+	TODO: check
+CVE-2018-21067 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
+	TODO: check
+CVE-2018-21066 (An issue was discovered on Samsung mobile devices with M(6.0) (Exynos  ...)
+	TODO: check
+CVE-2018-21065 (An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), ...)
+	TODO: check
+CVE-2018-21064 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21063 (An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), ...)
+	TODO: check
+CVE-2018-21062 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21061 (An issue was discovered on Samsung mobile devices with N(7.1) and O(8. ...)
+	TODO: check
+CVE-2018-21060 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21059 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21058 (An issue was discovered on Samsung mobile devices with N(7.0), O(8.0)  ...)
+	TODO: check
+CVE-2018-21057 (An issue was discovered on Samsung mobile devices with N(7.x) O(8.x, a ...)
+	TODO: check
+CVE-2018-21056 (An issue was discovered on Samsung mobile devices with O(8.x) software ...)
+	TODO: check
+CVE-2018-21055 (An issue was discovered on Samsung mobile devices with N(7.0) (Qualcom ...)
+	TODO: check
+CVE-2018-21054 (An issue was discovered on Samsung mobile devices with M(6.0), N(7.x)  ...)
+	TODO: check
+CVE-2018-21053 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
+	TODO: check
+CVE-2018-21052 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21051 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21050 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21049 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21048 (An issue was discovered on Samsung mobile devices with O(8.x) software ...)
+	TODO: check
+CVE-2018-21047 (An issue was discovered on Samsung mobile devices with O(8.x) software ...)
+	TODO: check
+CVE-2018-21046 (An issue was discovered on Samsung mobile devices with O(8.x) software ...)
+	TODO: check
+CVE-2018-21045 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21044 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
+	TODO: check
+CVE-2018-21043 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
+	TODO: check
+CVE-2018-21042 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
+	TODO: check
+CVE-2018-21041 (An issue was discovered on Samsung mobile devices with O(8.x) software ...)
+	TODO: check
+CVE-2018-21040 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
+	TODO: check
+CVE-2018-21039 (An issue was discovered on Samsung mobile devices with N(7.0) software ...)
+	TODO: check
+CVE-2018-21038 (An issue was discovered on Samsung mobile devices with N(7.x) software ...)
+	TODO: check
 CVE-2018-21037 (Subrion CMS 4.1.5 (and possibly earlier versions) allow CSRF to change ...)
 	NOT-FOR-US: Subrion CMS
 CVE-2018-21036
@@ -32509,7 +32509,7 @@ CVE-2018-8813 (Open redirect vulnerability in the login[redirect] parameter logi
 	NOT-FOR-US: WolfCMS
 CVE-2018-8812
 	REJECTED
-CVE-2018-8811 (Cross-site request forgery (CSRF) vulnerability in system/workplace/ad ...)
+CVE-2018-8811 (** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in syst ...)
 	NOT-FOR-US: OpenCMS
 CVE-2018-8810 (In radare2 2.4.0, there is a heap-based buffer over-read in the get_iv ...)
 	- radare2 2.6.0+dfsg-1 (bug #895749)
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index c5c64b4146..d6d159a9a5 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -1,3 +1,5 @@
+CVE-2019-20636 (In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bo ...)
+	TODO: check
 CVE-2019-20635 (codeBeamer before 9.5.0-RC3 does not properly restrict the ability to  ...)
 	NOT-FOR-US: codeBeamer
 CVE-2019-20634 (An issue was discovered in Proofpoint Email Protection through 2019-09 ...)
@@ -41965,8 +41967,8 @@ CVE-2019-4748
 	RESERVED
 CVE-2019-4747
 	RESERVED
-CVE-2019-4746
-	RESERVED
+CVE-2019-4746 (IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulner ...)
+	TODO: check
 CVE-2019-4745 (IBM Maximo Asset Management 7.6.1.0 could allow a remote attacker to d ...)
 	NOT-FOR-US: IBM
 CVE-2019-4744 (IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scri ...)
@@ -41977,14 +41979,14 @@ CVE-2019-4742 (IBM Financial Transaction Manager 3.0 could allow a remote attack
 	NOT-FOR-US: IBM
 CVE-2019-4741 (IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forge ...)
 	NOT-FOR-US: IBM
-CVE-2019-4740
-	RESERVED
+CVE-2019-4740 (IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulner ...)
+	TODO: check
 CVE-2019-4739
 	RESERVED
 CVE-2019-4738
 	RESERVED
-CVE-2019-4737
-	RESERVED
+CVE-2019-4737 (IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulner ...)
+	TODO: check
 CVE-2019-4736 (IBM Financial Transaction Manager 3.0 is vulnerable to cross-site requ ...)
 	NOT-FOR-US: IBM
 CVE-2019-4735
@@ -42251,12 +42253,12 @@ CVE-2019-4605
 	RESERVED
 CVE-2019-4604
 	RESERVED
-CVE-2019-4603
-	RESERVED
-CVE-2019-4602
-	RESERVED
-CVE-2019-4601
-	RESERVED
+CVE-2019-4603 (IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authe ...)
+	TODO: check
+CVE-2019-4602 (IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 is vulnerable to cro ...)
+	TODO: check
+CVE-2019-4601 (IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authe ...)
+	TODO: check
 CVE-2019-4600 (IBM API Connect version V5.0.0.0 through 5.0.8.7 could reveal sensitiv ...)
 	NOT-FOR-US: IBM
 CVE-2019-4599
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index bc2141d933..f3614df422 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -1,3 +1,23 @@
+CVE-2020-11646
+	RESERVED
+CVE-2020-11645
+	RESERVED
+CVE-2020-11644
+	RESERVED
+CVE-2020-11643
+	RESERVED
+CVE-2020-11642
+	RESERVED
+CVE-2020-11641
+	RESERVED
+CVE-2020-11640
+	RESERVED
+CVE-2020-11639
+	RESERVED
+CVE-2020-11638
+	RESERVED
+CVE-2020-11637
+	RESERVED
 CVE-2020-11636
 	RESERVED
 CVE-2020-11635
@@ -70,22 +90,22 @@ CVE-2020-11609 (An issue was discovered in the stv06xx subsystem in the Linux ke
 CVE-2020-11608 (An issue was discovered in the Linux kernel before 5.6.1. drivers/medi ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/998912346c0da53a6dbb71fab3a138586b596b30
-CVE-2020-11607
-	RESERVED
-CVE-2020-11606
-	RESERVED
-CVE-2020-11605
-	RESERVED
-CVE-2020-11604
-	RESERVED
-CVE-2020-11603
-	RESERVED
-CVE-2020-11602
-	RESERVED
-CVE-2020-11601
-	RESERVED
-CVE-2020-11600
-	RESERVED
+CVE-2020-11607 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
+	TODO: check
+CVE-2020-11606 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
+	TODO: check
+CVE-2020-11605 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
+	TODO: check
+CVE-2020-11604 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
+	TODO: check
+CVE-2020-11603 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
+	TODO: check
+CVE-2020-11602 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
+	TODO: check
+CVE-2020-11601 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
+	TODO: check
+CVE-2020-11600 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
+	TODO: check
 CVE-2020-11599 (An issue was discovered in CIPPlanner CIPAce 6.80 Build 2016031401. Ge ...)
 	NOT-FOR-US: CIPPlanner
 CVE-2020-11598 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Upl ...)
@@ -132,8 +152,8 @@ CVE-2020-11578
 	RESERVED
 CVE-2020-11577
 	RESERVED
-CVE-2020-11576
-	RESERVED
+CVE-2020-11576 (Fixed in v1.5.1, Argo version v1.5.0 was vulnerable to a user-enumerat ...)
+	TODO: check
 CVE-2020-11575
 	RESERVED
 CVE-2020-11574
@@ -1329,8 +1349,8 @@ CVE-2020-11002
 	RESERVED
 CVE-2020-11001
 	RESERVED
-CVE-2020-11000
-	RESERVED
+CVE-2020-11000 (GreenBrowser before version 1.2 has a vulnerability where apps that re ...)
+	TODO: check
 CVE-2020-10999
 	RESERVED
 CVE-2020-10998
@@ -1367,20 +1387,20 @@ CVE-2020-10983
 	RESERVED
 CVE-2020-10982
 	RESERVED
-CVE-2020-10981
-	RESERVED
-CVE-2020-10980
-	RESERVED
-CVE-2020-10979
-	RESERVED
-CVE-2020-10978
-	RESERVED
-CVE-2020-10977
-	RESERVED
-CVE-2020-10976
-	RESERVED
-CVE-2020-10975
-	RESERVED
+CVE-2020-10981 (GitLab EE/CE 9.0 to 12.9 allows a maintainer to modify other maintaine ...)
+	TODO: check
+CVE-2020-10980 (GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogB ...)
+	TODO: check
+CVE-2020-10979 (GitLab EE/CE 11.10 to 12.9 is leaking information on restricted CI pip ...)
+	TODO: check
+CVE-2020-10978 (GitLab EE/CE 8.11 to 12.9 is leaking information on Issues opened in a ...)
+	TODO: check
+CVE-2020-10977 (GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when mov ...)
+	TODO: check
+CVE-2020-10976 (GitLab EE/CE 8.17 to 12.9 is vulnerable to information leakage when qu ...)
+	TODO: check
+CVE-2020-10975 (GitLab EE/CE 10.8 to 12.9 is leaking metadata and comments on vulnerab ...)
+	TODO: check
 CVE-2020-10974
 	RESERVED
 CVE-2020-10973
@@ -1741,8 +1761,8 @@ CVE-2020-10816
 	RESERVED
 CVE-2020-10815
 	RESERVED
-CVE-2020-10814
-	RESERVED
+CVE-2020-10814 (A buffer overflow vulnerability in Code::Blocks 17.12 allows an attack ...)
+	TODO: check
 CVE-2020-10813
 	RESERVED
 CVE-2020-10812 (An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ...)
@@ -2956,10 +2976,10 @@ CVE-2020-10265 (Universal Robots Robot Controllers Version CB2 SW Version 1.4 up
 	NOT-FOR-US: Universal Robots+
 CVE-2020-10264 (CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards al ...)
 	NOT-FOR-US: CB3 SW
-CVE-2020-10263
-	RESERVED
-CVE-2020-10262
-	RESERVED
+CVE-2020-10263 (An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Atta ...)
+	TODO: check
+CVE-2020-10262 (An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Att ...)
+	TODO: check
 CVE-2020-10261
 	RESERVED
 CVE-2020-10260
@@ -10451,6 +10471,7 @@ CVE-2020-6826
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6826
 CVE-2020-6825
 	RESERVED
+	{DSA-4655-1 DLA-2170-1}
 	- firefox 75.0-1
 	- firefox-esr 68.7.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6825
@@ -10465,25 +10486,27 @@ CVE-2020-6823
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6823
 CVE-2020-6822
 	RESERVED
+	{DSA-4655-1 DLA-2170-1}
 	- firefox 75.0-1
 	- firefox-esr 68.7.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6822
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6822
 CVE-2020-6821
 	RESERVED
+	{DSA-4655-1 DLA-2170-1}
 	- firefox 75.0-1
 	- firefox-esr 68.7.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6821
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6821
 CVE-2020-6820
 	RESERVED
-	{DSA-4653-1}
+	{DSA-4653-1 DLA-2170-1}
 	- firefox 74.0.1-1
 	- firefox-esr 68.6.1esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/#CVE-2020-6820
 CVE-2020-6819
 	RESERVED
-	{DSA-4653-1}
+	{DSA-4653-1 DLA-2170-1}
 	- firefox 74.0.1-1
 	- firefox-esr 68.6.1esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/#CVE-2020-6819
@@ -12954,10 +12977,10 @@ CVE-2020-5738
 	RESERVED
 CVE-2020-5737
 	RESERVED
-CVE-2020-5736
-	RESERVED
-CVE-2020-5735
-	RESERVED
+CVE-2020-5736 (Amcrest cameras and NVR are vulnerable to a null pointer dereference o ...)
+	TODO: check
+CVE-2020-5735 (Amcrest cameras and NVR are vulnerable to a stack-based buffer overflo ...)
+	TODO: check
 CVE-2020-5734 (Classic buffer overflow in SolarWinds Dameware allows a remote, unauth ...)
 	TODO: check
 CVE-2020-5733
@@ -13326,10 +13349,10 @@ CVE-2020-5552 (Cross-site scripting vulnerability in mailform version 1.04 allow
 	NOT-FOR-US: mailform
 CVE-2020-5551 (Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenti ...)
 	NOT-FOR-US: Toyota
-CVE-2020-5550
-	RESERVED
-CVE-2020-5549
-	RESERVED
+CVE-2020-5550 (Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earli ...)
+	TODO: check
+CVE-2020-5549 (Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver ...)
+	TODO: check
 CVE-2020-5548 (Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and earlier), Yam ...)
 	NOT-FOR-US: Yamaha
 CVE-2020-5547 (Resource Management Errors vulnerability in TCP function included in t ...)
@@ -15989,12 +16012,12 @@ CVE-2020-4293
 	RESERVED
 CVE-2020-4292 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and  ...)
 	NOT-FOR-US: IBM
-CVE-2020-4291
-	RESERVED
-CVE-2020-4290
-	RESERVED
-CVE-2020-4289
-	RESERVED
+CVE-2020-4291 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
+	TODO: check
+CVE-2020-4290 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
+	TODO: check
+CVE-2020-4289 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
+	TODO: check
 CVE-2020-4288
 	RESERVED
 CVE-2020-4287
@@ -16003,12 +16026,12 @@ CVE-2020-4286
 	RESERVED
 CVE-2020-4285
 	RESERVED
-CVE-2020-4284
-	RESERVED
+CVE-2020-4284 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
+	TODO: check
 CVE-2020-4283 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and  ...)
 	NOT-FOR-US: IBM
-CVE-2020-4282
-	RESERVED
+CVE-2020-4282 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
+	TODO: check
 CVE-2020-4281
 	RESERVED
 CVE-2020-4280
@@ -16067,8 +16090,8 @@ CVE-2020-4254
 	RESERVED
 CVE-2020-4253 (IBM Content Navigator 3.0CD does not invalidate session after logout w ...)
 	NOT-FOR-US: IBM
-CVE-2020-4252
-	RESERVED
+CVE-2020-4252 (IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulner ...)
+	TODO: check
 CVE-2020-4251
 	RESERVED
 CVE-2020-4250
@@ -16243,8 +16266,8 @@ CVE-2020-4166
 	RESERVED
 CVE-2020-4165
 	RESERVED
-CVE-2020-4164
-	RESERVED
+CVE-2020-4164 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
+	TODO: check
 CVE-2020-4163 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under special ...)
 	NOT-FOR-US: IBM
 CVE-2020-4162 (IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to cross ...)
@@ -20693,24 +20716,24 @@ CVE-2020-1994
 	RESERVED
 CVE-2020-1993
 	RESERVED
-CVE-2020-1992
-	RESERVED
-CVE-2020-1991
-	RESERVED
-CVE-2020-1990
-	RESERVED
-CVE-2020-1989
-	RESERVED
-CVE-2020-1988
-	RESERVED
-CVE-2020-1987
-	RESERVED
-CVE-2020-1986
-	RESERVED
-CVE-2020-1985
-	RESERVED
-CVE-2020-1984
-	RESERVED
+CVE-2020-1992 (A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-70 ...)
+	TODO: check
+CVE-2020-1991 (An insecure temporary file vulnerability in Palo Alto Networks Traps a ...)
+	TODO: check
+CVE-2020-1990 (A stack-based buffer overflow vulnerability in the management server c ...)
+	TODO: check
+CVE-2020-1989 (An incorrect privilege assignment vulnerability when writing applicati ...)
+	TODO: check
+CVE-2020-1988 (An unquoted search path vulnerability in the Windows release of Global ...)
+	TODO: check
+CVE-2020-1987 (An information exposure vulnerability in the logging component of Palo ...)
+	TODO: check
+CVE-2020-1986 (Improper input validation vulnerability in Secdo allows an authenticat ...)
+	TODO: check
+CVE-2020-1985 (Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in S ...)
+	TODO: check
+CVE-2020-1984 (Secdo tries to execute a script at a hardcoded path if present, which  ...)
+	TODO: check
 CVE-2020-1983
 	RESERVED
 CVE-2020-1982
@@ -20721,8 +20744,8 @@ CVE-2020-1980 (A shell command injection vulnerability in the PAN-OS CLI allows
 	NOT-FOR-US: PAN-OS
 CVE-2020-1979 (A format string vulnerability in the PAN-OS log daemon (logd) on Panor ...)
 	NOT-FOR-US: PAN-OS
-CVE-2020-1978
-	RESERVED
+CVE-2020-1978 (TechSupport files generated on Palo Alto Networks VM Series firewalls  ...)
+	TODO: check
 CVE-2020-1977 (Insufficient Cross-Site Request Forgery (XSRF) protection on Expeditio ...)
 	NOT-FOR-US: Palo Alto
 CVE-2020-1976 (A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalPr ...)
author	security tracker role <sectracker@soriano.debian.org>	2020-04-08 20:10:23 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2020-04-08 20:10:23 +0000
commit	657c6b6a5737a1894da30a97573daa6f56f7d126 (patch)
tree	ef12f6fa29b2c047bb20aa83bc9adfe4c00e02cd
parent	b9fe0a3e46057ce78b493be9fb50c0b7812fde95 (diff)