summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsecurity tracker role <sectracker@soriano.debian.org>2020-04-09 20:10:28 +0000
committersecurity tracker role <sectracker@soriano.debian.org>2020-04-09 20:10:28 +0000
commit9a76645e8c66626365f181d1a2866fdd94831e65 (patch)
tree8590c0505b89ed87e59831052b592d54088ebd67
parenta0135079ca9bf75b22da99593a49b2b9424eb3e9 (diff)
automatic update
-rw-r--r--data/CVE/list.20184
-rw-r--r--data/CVE/list.202099
2 files changed, 63 insertions, 40 deletions
diff --git a/data/CVE/list.2018 b/data/CVE/list.2018
index 085de13df2..8503bf611b 100644
--- a/data/CVE/list.2018
+++ b/data/CVE/list.2018
@@ -119,8 +119,8 @@ CVE-2018-21035 (In Qt through 5.14.1, the WebSocket implementation accepts up to
[jessie] - qtwebsockets-opensource-src <no-dsa> (Minor issue)
NOTE: https://bugreports.qt.io/browse/QTBUG-70693
NOTE: https://codereview.qt-project.org/c/qt/qtwebsockets/+/284735
-CVE-2018-21034
- RESERVED
+CVE-2018-21034 (In Argo versions prior to v1.5.0-rc1, it was possible for authenticate ...)
+ TODO: check
CVE-2018-21033 (A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Au ...)
NOT-FOR-US: Hitachi
CVE-2018-21032 (A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi ...)
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index 038024f8ed..43158cca85 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -1,3 +1,25 @@
+CVE-2020-11668
+ RESERVED
+CVE-2020-11667
+ RESERVED
+CVE-2020-11666
+ RESERVED
+CVE-2020-11665
+ RESERVED
+CVE-2020-11664
+ RESERVED
+CVE-2020-11663
+ RESERVED
+CVE-2020-11662
+ RESERVED
+CVE-2020-11661
+ RESERVED
+CVE-2020-11660
+ RESERVED
+CVE-2020-11659
+ RESERVED
+CVE-2020-11658
+ RESERVED
CVE-2020-11657
RESERVED
CVE-2020-11656 (In SQLite through 3.31.1, the ALTER TABLE implementation has a use-aft ...)
@@ -220,16 +242,16 @@ CVE-2020-11558 (An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstra
NOTE: https://github.com/gpac/gpac/commit/6063b1a011c3f80cee25daade18154e15e4c058c
NOTE: https://github.com/gpac/gpac/issues/1440
TODO: check
-CVE-2020-11557
- RESERVED
-CVE-2020-11556
- RESERVED
-CVE-2020-11555
- RESERVED
-CVE-2020-11554
- RESERVED
-CVE-2020-11553
- RESERVED
+CVE-2020-11557 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...)
+ TODO: check
+CVE-2020-11556 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...)
+ TODO: check
+CVE-2020-11555 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...)
+ TODO: check
+CVE-2020-11554 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...)
+ TODO: check
+CVE-2020-11553 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...)
+ TODO: check
CVE-2020-11552
RESERVED
CVE-2020-11551
@@ -2239,36 +2261,36 @@ CVE-2020-10633 (A non-persistent XSS (cross-site scripting) vulnerability exists
NOT-FOR-US: eWON Flexy and Cosy
CVE-2020-10632
RESERVED
-CVE-2020-10631
- RESERVED
+CVE-2020-10631 (An attacker could use a specially crafted URL to delete or read files ...)
+ TODO: check
CVE-2020-10630
RESERVED
-CVE-2020-10629
- RESERVED
+CVE-2020-10629 (WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. S ...)
+ TODO: check
CVE-2020-10628
RESERVED
CVE-2020-10627
RESERVED
CVE-2020-10626
RESERVED
-CVE-2020-10625
- RESERVED
+CVE-2020-10625 (WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remo ...)
+ TODO: check
CVE-2020-10624
RESERVED
-CVE-2020-10623
- RESERVED
+CVE-2020-10623 (Multiple vulnerabilities could allow an attacker with low privileges t ...)
+ TODO: check
CVE-2020-10622
RESERVED
-CVE-2020-10621
- RESERVED
+CVE-2020-10621 (Multiple issues exist that allow files to be uploaded and executed on ...)
+ TODO: check
CVE-2020-10620
RESERVED
-CVE-2020-10619
- RESERVED
+CVE-2020-10619 (An attacker could use a specially crafted URL to delete files outside ...)
+ TODO: check
CVE-2020-10618
RESERVED
-CVE-2020-10617
- RESERVED
+CVE-2020-10617 (There are multiple ways an unauthenticated attacker could perform SQL ...)
+ TODO: check
CVE-2020-10616
RESERVED
CVE-2020-10615
@@ -2295,8 +2317,8 @@ CVE-2020-10605
RESERVED
CVE-2020-10604
RESERVED
-CVE-2020-10603
- RESERVED
+CVE-2020-10603 (WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize use ...)
+ TODO: check
CVE-2020-10602
RESERVED
CVE-2020-10601 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow ...)
@@ -2416,8 +2438,8 @@ CVE-2020-10553
RESERVED
CVE-2020-10552
RESERVED
-CVE-2020-10551
- RESERVED
+CVE-2020-10551 (QQBrowser before 10.5.3870.400 installs a Windows service TsService.ex ...)
+ TODO: check
CVE-2020-10550
RESERVED
CVE-2020-10549
@@ -4638,10 +4660,10 @@ CVE-2020-9502
RESERVED
CVE-2020-9501
RESERVED
-CVE-2020-9500
- RESERVED
-CVE-2020-9499
- RESERVED
+CVE-2020-9500 (Some products of Dahua have Denial of Service vulnerabilities. After t ...)
+ TODO: check
+CVE-2020-9499 (Some Dahua products have buffer overflow vulnerabilities. After the su ...)
+ TODO: check
CVE-2020-9498
RESERVED
CVE-2020-9497
@@ -8105,8 +8127,8 @@ CVE-2020-7924
RESERVED
CVE-2020-7923
RESERVED
-CVE-2020-7922
- RESERVED
+CVE-2020-7922 (X.509 certificates generated by the MongoDB Enterprise Kubernetes Oper ...)
+ TODO: check
CVE-2020-7921
RESERVED
CVE-2020-7920 (pmm-server in Percona Monitoring and Management (PMM) 2.2.x before 2.2 ...)
@@ -14009,8 +14031,8 @@ CVE-2020-5265
RESERVED
CVE-2020-5264
RESERVED
-CVE-2020-5263
- RESERVED
+CVE-2020-5263 (auth0.js (NPM package auth0-js) greater than version 8.0.0 and before ...)
+ TODO: check
CVE-2020-5262 (In EasyBuild before version 4.1.2, the GitHub Personal Access Token (P ...)
NOT-FOR-US: EasyBuild
CVE-2020-5261 (Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Sa ...)
@@ -20990,8 +21012,8 @@ CVE-2020-1897
RESERVED
CVE-2020-1896
RESERVED
-CVE-2020-1895
- RESERVED
+CVE-2020-1895 (A large heap overflow could occur in Instagram for Android when attemp ...)
+ TODO: check
CVE-2020-1894
RESERVED
CVE-2020-1893 (Insufficient boundary checks when decoding JSON in TryParse reads out ...)
@@ -21312,6 +21334,7 @@ CVE-2020-1761
NOT-FOR-US: OpenShift
CVE-2020-1760 [header-splitting in RGW GetObject has a possible XSS]
RESERVED
+ {DLA-2171-1}
- ceph <unfixed> (bug #956142)
NOTE: Introduced with: https://github.com/ceph/ceph-ci/commit/f4a0b2d9260a4523745875e3977a8a1ef9dc5e2e
NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/8aa1f77363ec32bdc57744a143035033291ab5e1

© 2014-2024 Faster IT GmbH | imprint | privacy policy