diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-02-11 20:10:22 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-02-11 20:10:22 +0000 |
commit | e95a8caae8184b079ad9caa59f6170d953c71cb8 (patch) | |
tree | b4b401acebe7218f3072e855ea7e883ad1f35b23 /data/CVE | |
parent | 1d18dbced9c85a4909d2101a8c624ecb3f317956 (diff) |
automatic update
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/list.2009 | 3 | ||||
-rw-r--r-- | data/CVE/list.2011 | 2 | ||||
-rw-r--r-- | data/CVE/list.2012 | 3 | ||||
-rw-r--r-- | data/CVE/list.2013 | 65 | ||||
-rw-r--r-- | data/CVE/list.2014 | 37 | ||||
-rw-r--r-- | data/CVE/list.2015 | 4 | ||||
-rw-r--r-- | data/CVE/list.2016 | 4 | ||||
-rw-r--r-- | data/CVE/list.2017 | 4 | ||||
-rw-r--r-- | data/CVE/list.2018 | 4 | ||||
-rw-r--r-- | data/CVE/list.2019 | 78 | ||||
-rw-r--r-- | data/CVE/list.2020 | 276 |
11 files changed, 263 insertions, 217 deletions
diff --git a/data/CVE/list.2009 b/data/CVE/list.2009 index f1fdc1297f..40adf14735 100644 --- a/data/CVE/list.2009 +++ b/data/CVE/list.2009 @@ -2546,8 +2546,7 @@ CVE-2009-4069 (Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5 - gforge 4.7.3-2 CVE-2009-4068 RESERVED -CVE-2009-4067 - RESERVED +CVE-2009-4067 (Buffer overflow in the auerswald_probe function in the Auerswald Linux ...) {DSA-2310-1} - linux-2.6 2.6.28-1 (low) NOTE: Driver was removed in 2.6.27 diff --git a/data/CVE/list.2011 b/data/CVE/list.2011 index 5dbfe54f32..98b257cac9 100644 --- a/data/CVE/list.2011 +++ b/data/CVE/list.2011 @@ -9787,7 +9787,7 @@ CVE-2011-1598 (The bcm_release function in net/can/bcm.c in the Linux kernel bef CVE-2011-1597 (OpenVAS Manager v2.0.3 allows plugin remote code execution. ...) NOT-FOR-US: OpenVAS Manager CVE-2011-1596 - RESERVED + REJECTED NOT-FOR-US: ** REJECT ** (regular bug in gnome-screensaver-dialog) CVE-2011-1595 (Directory traversal vulnerability in the disk_create function in disk. ...) - rdesktop 1.7.0-1 (low; bug #623552) diff --git a/data/CVE/list.2012 b/data/CVE/list.2012 index e7f90fac54..05409377e6 100644 --- a/data/CVE/list.2012 +++ b/data/CVE/list.2012 @@ -5335,8 +5335,7 @@ CVE-2012-4521 [rejected dupe assignment] CVE-2012-4520 (The django.http.HttpRequest.get_host function in Django 1.3.x before 1 ...) {DSA-2634-1} - python-django 1.4.2-1 (bug #691145) -CVE-2012-4519 - RESERVED +CVE-2012-4519 (Zenphoto before 1.4.3.4 admin-news-articles.php date parameter XSS. ...) NOT-FOR-US: Zenphoto CVE-2012-4518 (ibacm 1.0.7 creates files with world-writable permissions, which allow ...) NOT-FOR-US: ibacm diff --git a/data/CVE/list.2013 b/data/CVE/list.2013 index c8a989b92c..95443f5fde 100644 --- a/data/CVE/list.2013 +++ b/data/CVE/list.2013 @@ -2722,7 +2722,7 @@ CVE-2013-6501 (The default soap.wsdl_cache_dir setting in (1) php.ini-production CVE-2013-6500 REJECTED CVE-2013-6499 [loading a module relative to the cwd] - RESERVED + REJECTED - libmp3-info-perl <unfixed> (bug #777230; unimportant) [jessie] - libmp3-info-perl <no-dsa> (Minor issue) [wheezy] - libmp3-info-perl <no-dsa> (Minor issue) @@ -4069,8 +4069,8 @@ CVE-2013-5990 (Unspecified vulnerability in JustSystems Ichitaro 2006 through 20 NOT-FOR-US: JustSystems Ichitaro CVE-2013-5989 REJECTED -CVE-2013-5988 - RESERVED +CVE-2013-5988 (A Cross-site Scripting (XSS) vulnerability exists in the All in One SE ...) + TODO: check CVE-2013-5987 (Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, ...) - nvidia-graphics-drivers 304.117-1 (bug #735271) [squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported) @@ -4159,8 +4159,8 @@ CVE-2013-5947 RESERVED CVE-2013-5946 (The runShellCmd function in systemCheck.htm in D-Link DSR-150 with fir ...) NOT-FOR-US: D-Link -CVE-2013-5945 - RESERVED +CVE-2013-5945 (Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware ...) + TODO: check CVE-2013-5944 (The integrated web server on Siemens SCALANCE X-200 switches with firm ...) NOT-FOR-US: web server on Siemens switches CVE-2013-5959 (Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 ...) @@ -5183,8 +5183,7 @@ CVE-2013-5584 RESERVED CVE-2013-5583 (Cross-site scripting (XSS) vulnerability in libraries/idna_convert/exa ...) NOT-FOR-US: Joomla! -CVE-2013-5582 - RESERVED +CVE-2013-5582 (Ammyy Admin 3.2 and earlier stores the client ID at a fixed memory loc ...) NOT-FOR-US: Ammyy Admin CVE-2013-5581 RESERVED @@ -7540,8 +7539,7 @@ CVE-2013-4536 [wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice) - qemu-kvm <removed> (low) [squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice) -CVE-2013-4535 - RESERVED +CVE-2013-4535 (The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7 ...) - qemu 2.1+dfsg-1 (low; bug #739589) [wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice) [squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice) @@ -7893,8 +7891,8 @@ CVE-2013-4449 (The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not [squeeze] - openldap <no-dsa> (Minor issue) NOTE: http://www.openldap.org/its/index.cgi/Incoming?id=7723 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1019490 -CVE-2013-4448 - RESERVED +CVE-2013-4448 (echoping through 6.0.2 has buffer overflow vulnerabilities ...) + TODO: check CVE-2013-4447 (Cross-site scripting (XSS) vulnerability in the API in the Simplenews ...) NOT-FOR-US: Simplenews Drupal contributed module CVE-2013-4446 (The _json_decode function in plugins/context_reaction_block.inc in the ...) @@ -8527,13 +8525,12 @@ CVE-2013-4270 (The net_ctl_permissions function in net/sysctl_net.c in the Linux NOTE: Introduced with http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cff109768b2d9c03095848f4cd4b0754117262aa NOTE: Fixed by http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2433c8f094a008895e66f25bd1773cdb01c91d01 CVE-2013-4269 - RESERVED + REJECTED - ajaxplorer <itp> (bug #668381) CVE-2013-4268 - RESERVED + REJECTED - ajaxplorer <itp> (bug #668381) -CVE-2013-4267 - RESERVED +CVE-2013-4267 (Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary ...) - ajaxplorer <itp> (bug #668381) CVE-2013-4266 REJECTED @@ -9463,8 +9460,8 @@ CVE-2013-3944 (Stack-based buffer overflow in the MrSID plugin (MrSID.dll) befor NOT-FOR-US: MrSID plugin (MrSID.dll) for IrfanView CVE-2013-3943 (Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6. ...) NOT-FOR-US: DotNetNukeDot -CVE-2013-3942 - RESERVED +CVE-2013-3942 (Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vul ...) + TODO: check CVE-2013-3941 (Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbi ...) NOT-FOR-US: XnView CVE-2013-3940 (Integer overflow in the Graphics Device Interface (GDI) in Microsoft W ...) @@ -10063,8 +10060,8 @@ CVE-2013-3686 (cgi-bin/operator/param in AirLive WL2600CAM and possibly other ca CVE-2013-3685 RESERVED NOT-FOR-US: Sprite Software's backup softare for Android -CVE-2013-3684 - RESERVED +CVE-2013-3684 (NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php fil ...) + TODO: check CVE-2013-3683 RESERVED CVE-2013-3682 @@ -13976,8 +13973,7 @@ CVE-2013-2122 (The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not NOT-FOR-US: Edit Limit Drupal contributed module CVE-2013-2121 (Eval injection vulnerability in the create method in the Bookmarks con ...) - foreman <itp> (bug #663101) -CVE-2013-2120 [weak generated passwords] - RESERVED +CVE-2013-2120 (The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste ...) - kdeplasma-addons 4:5.3.2-2 (low; bug #710497) [jessie] - kdeplasma-addons <no-dsa> (Minor issue) [wheezy] - kdeplasma-addons <no-dsa> (Minor issue) @@ -14207,8 +14203,7 @@ CVE-2013-2058 (The host_start function in drivers/usb/chipidea/host.c in the Lin - linux 3.8-1 [wheezy] - linux <not-affected> (Vulnerable code not present) NOTE: http://www.openwall.com/lists/oss-security/2013/05/03/2 -CVE-2013-2057 - RESERVED +CVE-2013-2057 (YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Includ ...) NOT-FOR-US: YaBB CVE-2013-2056 (The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Sate ...) NOT-FOR-US: RHN Satellite @@ -15180,8 +15175,8 @@ CVE-2013-1762 (stunnel 4.21 through 4.54, when CONNECT protocol negotiation and - stunnel4 3:4.53-1.1 (bug #702267) CVE-2013-1761 RESERVED -CVE-2013-1760 - RESERVED +CVE-2013-1760 (The Bug Genie before 3.2.6 has Multiple XSS and HTML Injection Vulnera ...) + TODO: check CVE-2013-1759 (Cross-site scripting (XSS) vulnerability in the Responsive Logo Slides ...) NOT-FOR-US: WordPress plugin responsive-logo-slideshow CVE-2013-1758 (Cross-site scripting (XSS) vulnerability in the Marekkis Watermark plu ...) @@ -15839,8 +15834,8 @@ CVE-2013-1609 (Multiple unquoted Windows search path vulnerabilities in the (1) NOT-FOR-US: Symantec CVE-2013-1608 (Directory traversal vulnerability in the Management Console on the Sym ...) NOT-FOR-US: Symantec -CVE-2013-1607 - RESERVED +CVE-2013-1607 (Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability ...) + TODO: check CVE-2013-1606 (Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT ...) NOT-FOR-US: Ubiquiti UBNT AirCam CVE-2013-1605 (Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22 ...) @@ -16575,10 +16570,10 @@ CVE-2013-1362 (Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plu [squeeze] - nagios-nrpe <no-dsa> (Minor issue) CVE-2013-1361 (Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with ...) NOT-FOR-US: Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software -CVE-2013-1360 - RESERVED -CVE-2013-1359 - RESERVED +CVE-2013-1360 (An Authentication Bypass vulnerability exists in DELL SonicWALL Global ...) + TODO: check +CVE-2013-1359 (An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyz ...) + TODO: check CVE-2013-1358 RESERVED CVE-2013-1357 @@ -17898,8 +17893,8 @@ CVE-2013-0805 (Multiple cross-site scripting (XSS) vulnerabilities in the search NOT-FOR-US: IT Operations Portal CVE-2013-0804 (The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP ...) NOT-FOR-US: GroupWise -CVE-2013-0803 - RESERVED +CVE-2013-0803 (A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload ...) + TODO: check CVE-2013-0802 RESERVED CVE-2013-0801 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) @@ -18691,8 +18686,8 @@ CVE-2013-0519 (IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Inter NOT-FOR-US: IBM CVE-2013-0518 (IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fi ...) NOT-FOR-US: IBM -CVE-2013-0517 - RESERVED +CVE-2013-0517 (A Command Execution Vulnerability exists in IBM Sterling External Auth ...) + TODO: check CVE-2013-0516 REJECTED CVE-2013-0515 diff --git a/data/CVE/list.2014 b/data/CVE/list.2014 index 4353ec75e4..fabcdf60cb 100644 --- a/data/CVE/list.2014 +++ b/data/CVE/list.2014 @@ -1790,8 +1790,8 @@ CVE-2014-9756 (The psf_fwrite function in file_io.c in libsndfile allows attacke - libsndfile 1.0.25-10 (bug #804447) [jessie] - libsndfile 1.0.25-9.1+deb8u1 NOTE: https://github.com/erikd/libsndfile/commit/725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6 -CVE-2014-9753 - RESERVED +CVE-2014-9753 (confirm.php in ATutor 2.2 and earlier allows remote attackers to bypas ...) + TODO: check CVE-2014-9752 (Unrestricted file upload vulnerability in mods/_core/properties/lib/co ...) NOT-FOR-US: ATutor CVE-2014-9751 (The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before ...) @@ -1810,8 +1810,7 @@ CVE-2014-9749 (Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest NOTE: http://bugs.squid-cache.org/show_bug.cgi?id=4066 NOTE: http://bazaar.launchpad.net/~squid/squid/3.4/revision/13211 (Squid 3.4) NOTE: http://bazaar.launchpad.net/~squid/squid/3.5/revision/13735 (Squid 3.5) -CVE-2014-9748 - RESERVED +CVE-2014-9748 (The uv_rwlock_t fallback implementation for Windows XP and Server 2003 ...) - libuv 1.7.4-1 (unimportant) - nodejs 4.0.0~dfsg-1 (unimportant) NOTE: Only affects Windows @@ -5966,8 +5965,8 @@ CVE-2014-8349 (Cross-site scripting (XSS) vulnerability in Liferay Portal Enterp NOT-FOR-US: Liferay Portal CVE-2014-8348 RESERVED -CVE-2014-8347 - RESERVED +CVE-2014-8347 (An Authentication Bypass vulnerability exists in the MatchPasswordData ...) + TODO: check CVE-2014-8346 (The Remote Controls feature on Samsung mobile devices does not validat ...) NOT-FOR-US: Samsung mobile devices CVE-2014-8345 @@ -7095,7 +7094,7 @@ CVE-2014-7972 CVE-2014-7971 RESERVED CVE-2014-7969 - RESERVED + REJECTED CVE-2014-7966 RESERVED CVE-2014-7965 @@ -10673,8 +10672,8 @@ CVE-2014-6449 (Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, NOT-FOR-US: Juniper Junos OS CVE-2014-6448 (Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before ...) NOT-FOR-US: Juniper -CVE-2014-6447 - RESERVED +CVE-2014-6447 (Multiple vulnerabilities exist in Juniper Junos J-Web error handling t ...) + TODO: check CVE-2014-6446 (The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPre ...) NOT-FOR-US: WordPress plugin Infusionsoft Gravity Forms CVE-2014-6445 (Multiple cross-site scripting (XSS) vulnerabilities in includes/toAdmi ...) @@ -16867,10 +16866,10 @@ CVE-2014-3829 (displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterpris - centreon-web <itp> (bug #913903) CVE-2014-3828 (Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon ...) - centreon-web <itp> (bug #913903) -CVE-2014-3827 - RESERVED -CVE-2014-3826 - RESERVED +CVE-2014-3827 (Multiple cross-site scripting (XSS) vulnerabilities in the MyBB (aka M ...) + TODO: check +CVE-2014-3826 (Cross-site scripting (XSS) vulnerability in MyBB before 1.6.13 allows ...) + TODO: check CVE-2014-3825 (The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1 ...) NOT-FOR-US: Juniper Junos CVE-2014-3824 (Cross-site scripting (XSS) vulnerability in the web server in the Juni ...) @@ -21734,8 +21733,7 @@ CVE-2014-2053 (getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 a NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/ - wordpress 3.9.2+dfsg-1 (bug #757312) NOTE: https://core.trac.wordpress.org/changeset/29390 -CVE-2014-2052 - RESERVED +CVE-2014-2052 (Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x bef ...) - owncloud 6.0.2+dfsg-1 NOTE: owncloud advisory does not mention details for ZendFramework NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/ @@ -26251,14 +26249,12 @@ CVE-2014-0150 (Integer overflow in the virtio_net_handle_mac function in hw/net/ - qemu-kvm <removed> CVE-2014-0149 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss W ...) NOT-FOR-US: JBoss Seam -CVE-2014-0148 - RESERVED +CVE-2014-0148 (Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to ...) - qemu 2.0.0+dfsg-1 (bug #742730) [squeeze] - qemu <not-affected> (vhdx support introduced in 1.5) [wheezy] - qemu <not-affected> (vhdx support introduced in 1.5) - qemu-kvm <not-affected> (vhdx support introduced in 1.5) -CVE-2014-0147 - RESERVED +CVE-2014-0147 (Qemu before 1.6.2 block diver for the various disk image formats used ...) {DSA-3045-1 DSA-3044-1} - qemu 2.0.0+dfsg-1 (bug #742730) - qemu-kvm <removed> @@ -26277,8 +26273,7 @@ CVE-2014-0145 (Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0 - qemu-kvm <removed> [squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts) [squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts) -CVE-2014-0144 - RESERVED +CVE-2014-0144 (QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various ...) {DSA-3045-1 DSA-3044-1} - qemu 2.0.0+dfsg-1 (bug #742730) - qemu-kvm <removed> diff --git a/data/CVE/list.2015 b/data/CVE/list.2015 index ae921ec735..7351df43cb 100644 --- a/data/CVE/list.2015 +++ b/data/CVE/list.2015 @@ -1,3 +1,5 @@ +CVE-2015-9542 + RESERVED CVE-2015-9541 (Qt through 5.14 allows an exponential XML entity expansion attack via ...) - qtbase-opensource-src <unfixed> (low; bug #951066) [buster] - qtbase-opensource-src <no-dsa> (Minor issue) @@ -20822,7 +20824,7 @@ CVE-2015-2296 (The resolve_redirects function in sessions.py in requests 2.1.0 t CVE-2015-2289 (Cross-site scripting (XSS) vulnerability in templates/2k11/admin/entri ...) - serendipity <removed> CVE-2015-2287 - RESERVED + REJECTED CVE-2015-2286 (lms/templates/footer-edx-new.html in Open edX edx-platform before 2015 ...) NOT-FOR-US: Open edX CVE-2015-2285 (The logrotation script (/etc/cron.daily/upstart) in the Ubuntu Upstart ...) diff --git a/data/CVE/list.2016 b/data/CVE/list.2016 index 39199f98e4..edbe86c345 100644 --- a/data/CVE/list.2016 +++ b/data/CVE/list.2016 @@ -15975,8 +15975,8 @@ CVE-2016-5712 RESERVED CVE-2016-5711 (NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a ...) NOT-FOR-US: NetApp -CVE-2016-5710 - RESERVED +CVE-2016-5710 (NetApp Snap Creator Framework before 4.3P1 allows remote authenticated ...) + TODO: check CVE-2016-5709 (SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encrypti ...) NOT-FOR-US: SolarWinds CVE-2016-5708 diff --git a/data/CVE/list.2017 b/data/CVE/list.2017 index a479b7ce39..056c8be5d3 100644 --- a/data/CVE/list.2017 +++ b/data/CVE/list.2017 @@ -1,5 +1,5 @@ -CVE-2017-18642 - RESERVED +CVE-2017-18642 (Syska Smart Bulb devices through 2017-08-06 receive RGB parameters ove ...) + TODO: check CVE-2017-18641 (In LXC 2.0, many template scripts download code over cleartext HTTP, a ...) - lxc-templates <unfixed> - lxc 1:3.0.3-1 diff --git a/data/CVE/list.2018 b/data/CVE/list.2018 index c377eb5678..d2a1d4d2b0 100644 --- a/data/CVE/list.2018 +++ b/data/CVE/list.2018 @@ -17416,8 +17416,8 @@ CVE-2018-14555 RESERVED CVE-2018-14554 RESERVED -CVE-2018-14553 - RESERVED +CVE-2018-14553 (gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL point ...) + TODO: check CVE-2018-14552 RESERVED CVE-2018-14551 (The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 use ...) diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index bbf4966088..c0cb7aac68 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -3342,12 +3342,12 @@ CVE-2019-19197 (IOCTL Handling in the kyrld.sys driver in Kyrol Internet Securit NOT-FOR-US: Kyrol Internet Security CVE-2019-19196 RESERVED -CVE-2019-19195 - RESERVED +CVE-2019-19195 (The Bluetooth Low Energy implementation on Microchip Technology BluSDK ...) + TODO: check CVE-2019-19194 RESERVED -CVE-2019-19193 - RESERVED +CVE-2019-19193 (The Bluetooth Low Energy peripheral implementation on Texas Instrument ...) + TODO: check CVE-2019-19192 RESERVED CVE-2019-19191 (Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file ...) @@ -5796,8 +5796,8 @@ CVE-2019-18212 (XMLLanguageService.java in XML Language Server (aka lsp4xml) bef NOT-FOR-US: XML Language Server (aka lsp4xml) CVE-2019-18211 (An issue was discovered in Orckestra C1 CMS through 6.6. The EntityTok ...) NOT-FOR-US: Orckestra C1 CMS -CVE-2019-18210 - RESERVED +CVE-2019-18210 (** DISPUTED ** Persistent XSS in /course/modedit.php of Moodle through ...) + TODO: check CVE-2019-18209 (templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser doe ...) - etherpad-lite <itp> (bug #576998) CVE-2019-18208 @@ -7354,14 +7354,14 @@ CVE-2019-17522 (A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 v NOT-FOR-US: Hotaru CMS CVE-2019-17521 (An issue was discovered in Landing-CMS 0.0.6. There is a CSRF vulnerab ...) NOT-FOR-US: Landing-CMS -CVE-2019-17520 - RESERVED +CVE-2019-17520 (The Bluetooth Low Energy implementation on Texas Instruments SDK throu ...) + TODO: check CVE-2019-17519 RESERVED -CVE-2019-17518 - RESERVED -CVE-2019-17517 - RESERVED +CVE-2019-17518 (The Bluetooth Low Energy implementation on Dialog Semiconductor SDK th ...) + TODO: check +CVE-2019-17517 (The Bluetooth Low Energy implementation on Dialog Semiconductor SDK th ...) + TODO: check CVE-2019-17516 RESERVED CVE-2019-17515 (The CleanTalk cleantalk-spam-protect plugin before 5.127.4 for WordPre ...) @@ -8186,8 +8186,8 @@ CVE-2019-17139 (This vulnerability allows remote attackers to execute arbitrary NOT-FOR-US: Foxit CVE-2019-17138 (This vulnerability allows remote attackers to disclose sensitive infor ...) NOT-FOR-US: Foxit -CVE-2019-17137 - RESERVED +CVE-2019-17137 (This vulnerability allows network-adjacent attackers to bypass authent ...) + TODO: check CVE-2019-17136 (This vulnerability allows remote attackers to execute arbitrary code o ...) NOT-FOR-US: Foxit PhantomPDF CVE-2019-17135 (This vulnerability allows remote attackers to execute arbitrary code o ...) @@ -8362,10 +8362,10 @@ CVE-2019-17063 (In Snowtide PDFxStream before 3.7.1 (for Java), a crafted PDF fi NOT-FOR-US: Snowtide PDFxStream CVE-2019-17062 (An issue was discovered in OXID eShop 6.x before 6.0.6 and 6.1.x befor ...) NOT-FOR-US: OXID eShop -CVE-2019-17061 - RESERVED -CVE-2019-17060 - RESERVED +CVE-2019-17061 (The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4 ...) + TODO: check +CVE-2019-17060 (The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z ( ...) + TODO: check CVE-2019-17059 (A shell injection vulnerability on the Sophos Cyberoam firewall applia ...) NOT-FOR-US: Sophos CVE-2019-17058 (Footy Tipping Software AFL Web Edition 2019 allows arbitrary file uplo ...) @@ -14986,8 +14986,8 @@ CVE-2019-14516 (The mAadhaar application 1.2.7 for Android lacks SSL Certificate NOT-FOR-US: mAadhaar application for Android CVE-2019-14515 RESERVED -CVE-2019-14514 - RESERVED +CVE-2019-14514 (An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. ...) + TODO: check CVE-2019-14513 (Improper bounds checking in Dnsmasq before 2.76 allows an attacker con ...) {DLA-1921-1} - dnsmasq 2.76-1 @@ -16501,8 +16501,8 @@ CVE-2019-13948 (SyGuestBook A5 Version 1.2 allows stored XSS because the isValid NOT-FOR-US: SyGuestBook A5 CVE-2019-13947 (A vulnerability has been identified in SiNVR 3 Central Control Server ...) NOT-FOR-US: Siemens -CVE-2019-13946 - RESERVED +CVE-2019-13946 (A vulnerability has been identified in Development/Evaluation Kits for ...) + TODO: check CVE-2019-13945 (A vulnerability has been identified in SIMATIC S7-1200 CPU family (inc ...) NOT-FOR-US: Siemens CVE-2019-13944 (A vulnerability has been identified in EN100 Ethernet module DNP3 vari ...) @@ -16511,10 +16511,10 @@ CVE-2019-13943 (A vulnerability has been identified in EN100 Ethernet module DNP NOT-FOR-US: Siemens CVE-2019-13942 (A vulnerability has been identified in EN100 Ethernet module DNP3 vari ...) NOT-FOR-US: Siemens -CVE-2019-13941 - RESERVED -CVE-2019-13940 - RESERVED +CVE-2019-13941 (A vulnerability has been identified in OZW672 (All versions < V10.0 ...) + TODO: check +CVE-2019-13940 (A vulnerability has been identified in SIMATIC S7-1200 CPU family (inc ...) + TODO: check CVE-2019-13939 (A vulnerability has been identified in Nucleus NET (All versions), Nuc ...) NOT-FOR-US: Nucleus CVE-2019-13938 @@ -16541,12 +16541,12 @@ CVE-2019-13928 RESERVED CVE-2019-13927 (A vulnerability has been identified in Desigo PX automation controller ...) NOT-FOR-US: Siemens -CVE-2019-13926 - RESERVED -CVE-2019-13925 - RESERVED -CVE-2019-13924 - RESERVED +CVE-2019-13926 (A vulnerability has been identified in SCALANCE S602 (All versions > ...) + TODO: check +CVE-2019-13925 (A vulnerability has been identified in SCALANCE S602 (All versions > ...) + TODO: check +CVE-2019-13924 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...) + TODO: check CVE-2019-13923 (A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gat ...) NOT-FOR-US: Siemens CVE-2019-13922 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...) @@ -18169,10 +18169,10 @@ CVE-2019-13324 (This vulnerability allows remote attackers to execute arbitrary NOT-FOR-US: Foxit Studio Photo CVE-2019-13323 (This vulnerability allows remote attackers to execute arbitrary code o ...) NOT-FOR-US: Foxit Studio Photo -CVE-2019-13322 - RESERVED -CVE-2019-13321 - RESERVED +CVE-2019-13322 (This vulnerability allows remote attackers to execute arbitrary code o ...) + TODO: check +CVE-2019-13321 (This vulnerability allows network adjacent attackers to execute arbitr ...) + TODO: check CVE-2019-13320 (This vulnerability allows remote attackers to execute arbitrary code o ...) NOT-FOR-US: Foxit Reader CVE-2019-13319 (This vulnerability allows remote attackers to execute arbitrary code o ...) @@ -36625,8 +36625,8 @@ CVE-2019-6746 (This vulnerability allows remote attackers to disclose sensitive NOT-FOR-US: Foxit Studio Photo CVE-2019-6745 REJECTED -CVE-2019-6744 - RESERVED +CVE-2019-6744 (This vulnerability allows local attackers to disclose sensitive inform ...) + TODO: check CVE-2019-6743 (This vulnerability allows remote attackers to execute arbitrary code o ...) NOT-FOR-US: Xiaomi Mi6 Browser CVE-2019-6742 (This vulnerability allows remote attackers to execute arbitrary code o ...) @@ -36976,7 +36976,7 @@ CVE-2019-6577 (A vulnerability has been identified in SIMATIC HMI Comfort Panels NOT-FOR-US: Siemens CVE-2019-6576 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...) NOT-FOR-US: Siemens -CVE-2019-6575 (A vulnerability has been identified in SIMATIC CP443-1 OPC UA (incl. S ...) +CVE-2019-6575 (A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All ve ...) NOT-FOR-US: Siemens CVE-2019-6574 (A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 ...) NOT-FOR-US: Siemens diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index e36f40df31..ab0bba1739 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -1,3 +1,95 @@ +CVE-2020-8884 + RESERVED +CVE-2020-8883 + RESERVED +CVE-2020-8882 + RESERVED +CVE-2020-8881 + RESERVED +CVE-2020-8880 + RESERVED +CVE-2020-8879 + RESERVED +CVE-2020-8878 + RESERVED +CVE-2020-8877 + RESERVED +CVE-2020-8876 + RESERVED +CVE-2020-8875 + RESERVED +CVE-2020-8874 + RESERVED +CVE-2020-8873 + RESERVED +CVE-2020-8872 + RESERVED +CVE-2020-8871 + RESERVED +CVE-2020-8870 + RESERVED +CVE-2020-8869 + RESERVED +CVE-2020-8868 + RESERVED +CVE-2020-8867 + RESERVED +CVE-2020-8866 + RESERVED +CVE-2020-8865 + RESERVED +CVE-2020-8864 + RESERVED +CVE-2020-8863 + RESERVED +CVE-2020-8862 + RESERVED +CVE-2020-8861 + RESERVED +CVE-2020-8860 + RESERVED +CVE-2020-8859 + RESERVED +CVE-2020-8858 + RESERVED +CVE-2020-8857 + RESERVED +CVE-2020-8856 + RESERVED +CVE-2020-8855 + RESERVED +CVE-2020-8854 + RESERVED +CVE-2020-8853 + RESERVED +CVE-2020-8852 + RESERVED +CVE-2020-8851 + RESERVED +CVE-2020-8850 + RESERVED +CVE-2020-8849 + RESERVED +CVE-2020-8848 + RESERVED +CVE-2020-8847 + RESERVED +CVE-2020-8846 + RESERVED +CVE-2020-8845 + RESERVED +CVE-2020-8844 + RESERVED +CVE-2020-8843 + RESERVED +CVE-2020-8842 + RESERVED +CVE-2020-8841 (An issue was discovered in TestLink 1.9.19. The relation_type paramete ...) + TODO: check +CVE-2020-8840 (FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean- ...) + TODO: check +CVE-2020-8839 + RESERVED CVE-2020-8838 RESERVED CVE-2020-8837 @@ -494,8 +586,8 @@ CVE-2020-8597 (eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer {DLA-2097-1} - ppp <unfixed> (bug #950618) NOTE: https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426 -CVE-2020-8596 - RESERVED +CVE-2020-8596 (participants-database.php in the Participants Database plugin 1.9.5.5 ...) + TODO: check CVE-2020-8595 RESERVED CVE-2020-8594 @@ -859,8 +951,8 @@ CVE-2020-8431 RESERVED CVE-2020-8430 RESERVED -CVE-2020-8429 - RESERVED +CVE-2020-8429 (The Admin web application in Kinetica 7.0.9.2.20191118151947 does not ...) + TODO: check CVE-2020-8427 RESERVED CVE-2020-8426 (The Elementor plugin before 2.8.5 for WordPress suffers from a reflect ...) @@ -3361,8 +3453,8 @@ CVE-2020-7219 (HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC servi CVE-2020-7218 (HashiCorp Nomad and Nomad Enterprise before 0.10.3 allow unbounded res ...) - nomad 0.10.3+dfsg1-1 NOTE: https://github.com/hashicorp/nomad/issues/7002 -CVE-2020-7217 - RESERVED +CVE-2020-7217 (An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0. ...) + TODO: check CVE-2020-7216 (An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and e ...) NOT-FOR-US: openSUSE wicked CVE-2020-7215 (An issue was discovered in Gallagher Command Centre 7.x before 7.90.99 ...) @@ -5108,160 +5200,124 @@ CVE-2020-6419 RESERVED CVE-2020-6418 RESERVED -CVE-2020-6417 - RESERVED +CVE-2020-6417 (Inappropriate implementation in installer in Google Chrome prior to 80 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6416 - RESERVED +CVE-2020-6416 (Insufficient data validation in streams in Google Chrome prior to 80.0 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6415 - RESERVED +CVE-2020-6415 (Inappropriate implementation in JavaScript in Google Chrome prior to 8 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6414 - RESERVED +CVE-2020-6414 (Insufficient policy enforcement in Safe Browsing in Google Chrome prio ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6413 - RESERVED +CVE-2020-6413 (Inappropriate implementation in Blink in Google Chrome prior to 80.0.3 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6412 - RESERVED +CVE-2020-6412 (Insufficient validation of untrusted input in Omnibox in Google Chrome ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6411 - RESERVED +CVE-2020-6411 (Insufficient validation of untrusted input in Omnibox in Google Chrome ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6410 - RESERVED +CVE-2020-6410 (Insufficient policy enforcement in navigation in Google Chrome prior t ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6409 - RESERVED +CVE-2020-6409 (Inappropriate implementation in Omnibox in Google Chrome prior to 80.0 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6408 - RESERVED +CVE-2020-6408 (Insufficient policy enforcement in CORS in Google Chrome prior to 80.0 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6407 RESERVED -CVE-2020-6406 - RESERVED +CVE-2020-6406 (Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6405 - RESERVED +CVE-2020-6405 (Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 al ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6404 - RESERVED +CVE-2020-6404 (Inappropriate implementation in Blink in Google Chrome prior to 80.0.3 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6403 - RESERVED +CVE-2020-6403 (Incorrect implementation in Omnibox in Google Chrome on iOS prior to 8 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6402 - RESERVED +CVE-2020-6402 (Insufficient policy enforcement in downloads in Google Chrome on OS X ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6401 - RESERVED +CVE-2020-6401 (Insufficient validation of untrusted input in Omnibox in Google Chrome ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6400 - RESERVED +CVE-2020-6400 (Inappropriate implementation in CORS in Google Chrome prior to 80.0.39 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6399 - RESERVED +CVE-2020-6399 (Insufficient policy enforcement in AppCache in Google Chrome prior to ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6398 - RESERVED +CVE-2020-6398 (Use of uninitialized data in PDFium in Google Chrome prior to 80.0.398 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6397 - RESERVED +CVE-2020-6397 (Inappropriate implementation in sharing in Google Chrome prior to 80.0 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6396 - RESERVED +CVE-2020-6396 (Inappropriate implementation in Skia in Google Chrome prior to 80.0.39 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6395 - RESERVED +CVE-2020-6395 (Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.8 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6394 - RESERVED +CVE-2020-6394 (Insufficient policy enforcement in Blink in Google Chrome prior to 80. ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6393 - RESERVED +CVE-2020-6393 (Insufficient policy enforcement in Blink in Google Chrome prior to 80. ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6392 - RESERVED +CVE-2020-6392 (Insufficient policy enforcement in extensions in Google Chrome prior t ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6391 - RESERVED +CVE-2020-6391 (Insufficient validation of untrusted input in Blink in Google Chrome p ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6390 - RESERVED +CVE-2020-6390 (Out of bounds memory access in streams in Google Chrome prior to 80.0. ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6389 - RESERVED +CVE-2020-6389 (Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 a ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6388 - RESERVED +CVE-2020-6388 (Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.8 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6387 - RESERVED +CVE-2020-6387 (Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 a ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6386 RESERVED -CVE-2020-6385 - RESERVED +CVE-2020-6385 (Insufficient policy enforcement in storage in Google Chrome prior to 8 ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) CVE-2020-6384 RESERVED CVE-2020-6383 RESERVED -CVE-2020-6382 - RESERVED +CVE-2020-6382 (Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 al ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6381 - RESERVED +CVE-2020-6381 (Integer overflow in JavaScript in Google Chrome on ChromeOS and Androi ...) - chromium <unfixed> [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6380 - RESERVED +CVE-2020-6380 (Insufficient policy enforcement in extensions in Google Chrome prior t ...) {DSA-4606-1} - chromium 79.0.3945.130-1 [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6379 - RESERVED +CVE-2020-6379 (Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a ...) {DSA-4606-1} - chromium 79.0.3945.130-1 [stretch] - chromium <end-of-life> (see DSA 4562) -CVE-2020-6378 - RESERVED +CVE-2020-6378 (Use after free in speech in Google Chrome prior to 79.0.3945.130 allow ...) {DSA-4606-1} - chromium 79.0.3945.130-1 [stretch] - chromium <end-of-life> (see DSA 4562) @@ -6359,30 +6415,30 @@ CVE-2020-5833 RESERVED CVE-2020-5832 RESERVED -CVE-2020-5831 - RESERVED -CVE-2020-5830 - RESERVED -CVE-2020-5829 - RESERVED -CVE-2020-5828 - RESERVED -CVE-2020-5827 - RESERVED -CVE-2020-5826 - RESERVED -CVE-2020-5825 - RESERVED -CVE-2020-5824 - RESERVED -CVE-2020-5823 - RESERVED -CVE-2020-5822 - RESERVED -CVE-2020-5821 - RESERVED -CVE-2020-5820 - RESERVED +CVE-2020-5831 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...) + TODO: check +CVE-2020-5830 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...) + TODO: check +CVE-2020-5829 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...) + TODO: check +CVE-2020-5828 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...) + TODO: check +CVE-2020-5827 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...) + TODO: check +CVE-2020-5826 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...) + TODO: check +CVE-2020-5825 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...) + TODO: check +CVE-2020-5824 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...) + TODO: check +CVE-2020-5823 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...) + TODO: check +CVE-2020-5822 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...) + TODO: check +CVE-2020-5821 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...) + TODO: check +CVE-2020-5820 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...) + TODO: check CVE-2020-5819 RESERVED CVE-2020-5818 @@ -6963,8 +7019,8 @@ CVE-2020-5531 RESERVED CVE-2020-5530 RESERVED -CVE-2020-5529 - RESERVED +CVE-2020-5529 (HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. Html ...) + TODO: check CVE-2020-5528 (Cross-site scripting vulnerability in Movable Type series (Movable Typ ...) - movabletype-opensource <removed> CVE-2020-5527 @@ -10224,12 +10280,12 @@ CVE-2020-3937 (SQL Injection in SysJust Syuan-Gu-Da-Shih, versions before 201912 NOT-FOR-US: SysJust Syuan-Gu-Da-Shih CVE-2020-3936 RESERVED -CVE-2020-3935 - RESERVED -CVE-2020-3934 - RESERVED -CVE-2020-3933 - RESERVED +CVE-2020-3935 (Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Manage ...) + TODO: check +CVE-2020-3934 (Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Manage ...) + TODO: check +CVE-2020-3933 (Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Manage ...) + TODO: check CVE-2020-3932 RESERVED CVE-2020-3931 |