automatic update

author: security tracker role <sectracker@soriano.debian.org> 2020-05-22 20:10:21 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2020-05-22 20:10:21 +0000
commit: 88fd4da2b2ff95c1b744ca1d10621dae88f615cf (patch)
tree: a766bb355ffcbd40d5293c507a8788c9b7109623 /data
parent: 40aae2ba2dc0f8671feb7ffe3fdc59e34168c960 (diff)
4 files changed, 353 insertions, 256 deletions
diff --git a/data/CVE/list.2017 b/data/CVE/list.2017
index 8ef1c79f9e..40c226e574 100644
--- a/data/CVE/list.2017
+++ b/data/CVE/list.2017
@@ -1,3 +1,5 @@
+CVE-2017-18868 (Digi XBee 2 devices do not have an effective protection mechanism agai ...)
+	TODO: check
 CVE-2017-18867 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
 	NOT-FOR-US: Netgear
 CVE-2017-18866 (Certain NETGEAR devices are affected by stored XSS. This affects R9000 ...)
diff --git a/data/CVE/list.2018 b/data/CVE/list.2018
index 55b2b86a54..7cba93d1cc 100644
--- a/data/CVE/list.2018
+++ b/data/CVE/list.2018
@@ -1,3 +1,5 @@
+CVE-2018-21234 (Jodd before 5.0.4 performs Deserialization of Untrusted JSON Data when ...)
+	TODO: check
 CVE-2018-21233 (TensorFlow before 1.7.0 has an integer overflow that causes an out-of- ...)
 	- tensorflow <itp> (bug #804612)
 CVE-2018-21232 (re2c before 2.0 has uncontrolled recursion that causes stack consumpti ...)
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index 8f062ad734..26125a333c 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -1,3 +1,9 @@
+CVE-2019-20805
+	RESERVED
+CVE-2019-20804 (Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/th ...)
+	TODO: check
+CVE-2019-20803 (Gila CMS before 1.11.6 has reflected XSS via the admin/content/postcat ...)
+	TODO: check
 CVE-2019-20802 (An issue was discovered in the Readdle Documents app before 6.9.7 for  ...)
 	NOT-FOR-US: Readdle Documents
 CVE-2019-20801 (An issue was discovered in the Readdle Documents app before 6.9.7 for  ...)
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index db2467cf74..218f79faed 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -1,3 +1,93 @@
+CVE-2020-13405
+	RESERVED
+CVE-2020-13404
+	RESERVED
+CVE-2020-13403
+	RESERVED
+CVE-2020-13402
+	RESERVED
+CVE-2020-13401
+	RESERVED
+CVE-2020-13400
+	RESERVED
+CVE-2020-13399
+	RESERVED
+CVE-2020-13398 (An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB ...)
+	TODO: check
+CVE-2020-13397 (An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB ...)
+	TODO: check
+CVE-2020-13396 (An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB ...)
+	TODO: check
+CVE-2020-13395
+	RESERVED
+CVE-2020-13394 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
+	TODO: check
+CVE-2020-13393 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
+	TODO: check
+CVE-2020-13392 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
+	TODO: check
+CVE-2020-13391 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
+	TODO: check
+CVE-2020-13390 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
+	TODO: check
+CVE-2020-13389 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
+	TODO: check
+CVE-2020-13388 (An exploitable vulnerability exists in the configuration-loading funct ...)
+	TODO: check
+CVE-2020-13387
+	RESERVED
+CVE-2020-13386
+	RESERVED
+CVE-2020-13385
+	RESERVED
+CVE-2020-13384 (Monstra CMS 3.0.4 allows remote authenticated users to upload and exec ...)
+	TODO: check
+CVE-2020-13383
+	RESERVED
+CVE-2020-13382
+	RESERVED
+CVE-2020-13381
+	RESERVED
+CVE-2020-13380
+	RESERVED
+CVE-2020-13379
+	RESERVED
+CVE-2020-13378
+	RESERVED
+CVE-2020-13377
+	RESERVED
+CVE-2020-13376
+	RESERVED
+CVE-2020-13375
+	RESERVED
+CVE-2020-13374
+	RESERVED
+CVE-2020-13373
+	RESERVED
+CVE-2020-13372
+	RESERVED
+CVE-2020-13371
+	RESERVED
+CVE-2020-13370
+	RESERVED
+CVE-2020-13369
+	RESERVED
+CVE-2020-13368
+	RESERVED
+CVE-2020-13367
+	RESERVED
+CVE-2020-13366
+	RESERVED
+CVE-2020-13365
+	RESERVED
+CVE-2020-13364
+	RESERVED
+CVE-2020-13363
+	RESERVED
+CVE-2020-13362
+	RESERVED
+CVE-2020-13361
+	RESERVED
 CVE-2020-13360
 	RESERVED
 CVE-2020-13359
@@ -1419,8 +1509,7 @@ CVE-2020-12695
 	RESERVED
 CVE-2020-12694
 	RESERVED
-CVE-2020-12693
-	RESERVED
+CVE-2020-12693 (Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare c ...)
 	- slurm-llnl <unfixed>
 	[buster] - slurm-llnl <no-dsa> (Minor issue)
 	[stretch] - slurm-llnl <no-dsa> (Minor issue)
@@ -2087,8 +2176,7 @@ CVE-2020-12399 [Force a fixed length for DSA exponentiation]
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1631576 (non-public)
 CVE-2020-12398
 	RESERVED
-CVE-2020-12397
-	RESERVED
+CVE-2020-12397 (By encoding Unicode whitespace characters within the From email header ...)
 	{DSA-4683-1 DLA-2206-1}
 	- thunderbird 1:68.8.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12397
@@ -2468,6 +2556,7 @@ CVE-2020-12245 (Grafana before 6.7.3 allows table-panel XSS via column.title or
 	- grafana <removed>
 	NOTE: https://github.com/grafana/grafana/pull/23816
 CVE-2020-12244 (An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where ...)
+	{DSA-4691-1}
 	- pdns-recursor 4.3.1-1
 	[stretch] - pdns-recursor <end-of-life> (No longer supported, see DSA 4691)
 	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-02.html
@@ -5114,10 +5203,10 @@ CVE-2020-11079
 	RESERVED
 CVE-2020-11078 (In httplib2 before version 0.18.0, an attacker controlling unescaped p ...)
 	TODO: check
-CVE-2020-11077
-	RESERVED
-CVE-2020-11076
-	RESERVED
+CVE-2020-11077 (In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a re ...)
+	TODO: check
+CVE-2020-11076 (In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle a ...)
+	TODO: check
 CVE-2020-11075
 	RESERVED
 CVE-2020-11074
@@ -5387,6 +5476,7 @@ CVE-2020-10997 (Percona XtraBackup before 2.4.20 unintentionally writes the comm
 CVE-2020-10996 (An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41. ...)
 	NOT-FOR-US: Percona XtraDB Cluster
 CVE-2020-10995 (PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not suffic ...)
+	{DSA-4691-1}
 	- pdns-recursor 4.3.1-1
 	[stretch] - pdns-recursor <end-of-life> (No longer supported, see DSA 4691)
 	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-01.html
@@ -6119,8 +6209,7 @@ CVE-2020-10713
 	RESERVED
 CVE-2020-10712 (A flaw was found in OpenShift Container Platform version 4.1 and later ...)
 	NOT-FOR-US: image registry operator in OpenShift Container Platform
-CVE-2020-10711 [linux: NetLabel: null pointer dereference while receiving CIPSO packet with null category]
-	RESERVED
+CVE-2020-10711 (A NULL pointer dereference flaw was found in the Linux kernel's SELinu ...)
 	- linux <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2020/05/12/2
 CVE-2020-10710
@@ -10424,8 +10513,8 @@ CVE-2020-8791 (The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth
 	NOT-FOR-US: OKLOK
 CVE-2020-8790 (The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlo ...)
 	NOT-FOR-US: OKLOK
-CVE-2020-8789
-	RESERVED
+CVE-2020-8789 (Composr 10.0.30 allows Persistent XSS via a Usergroup name under the S ...)
+	TODO: check
 CVE-2020-8788 (Synaptive Medical ClearCanvas ImageServer 3.0 Alpha allows XSS (and HT ...)
 	NOT-FOR-US: Synaptive Medical ClearCanvas ImageServer
 CVE-2020-8787 (SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to ...)
@@ -11777,6 +11866,7 @@ CVE-2020-8162
 	RESERVED
 CVE-2020-8161 [Directory traversal in Rack::Directory]
 	RESERVED
+	{DLA-2216-1}
 	- ruby-rack 2.1.1-5
 	NOTE: https://groups.google.com/forum/#!msg/rubyonrails-security/IOO1vNZTzPA/Ylzi1UYLAAAJ
 	NOTE: https://github.com/rack/rack/commit/dddb7ad18ed79ca6ab06ccc417a169fde451246e
@@ -12543,8 +12633,8 @@ CVE-2020-7815
 	RESERVED
 CVE-2020-7814
 	RESERVED
-CVE-2020-7813
-	RESERVED
+CVE-2020-7813 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prio ...)
+	TODO: check
 CVE-2020-7812
 	RESERVED
 CVE-2020-7811
@@ -12853,8 +12943,8 @@ CVE-2020-7660
 	RESERVED
 CVE-2020-7659
 	RESERVED
-CVE-2020-7658
-	RESERVED
+CVE-2020-7658 (meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP  ...)
+	TODO: check
 CVE-2020-7657
 	RESERVED
 CVE-2020-7656 (jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load ...)
@@ -16528,8 +16618,8 @@ CVE-2020-6093 (An exploitable information disclosure vulnerability exists in the
 	NOT-FOR-US: Nitro Pro
 CVE-2020-6092 (An exploitable code execution vulnerability exists in the way Nitro Pr ...)
 	NOT-FOR-US: Nitro Pro
-CVE-2020-6091
-	RESERVED
+CVE-2020-6091 (An exploitable authentication bypass vulnerability exists in the ESPON ...)
+	TODO: check
 CVE-2020-6090
 	RESERVED
 CVE-2020-6089
@@ -22330,10 +22420,10 @@ CVE-2020-3346
 	RESERVED
 CVE-2020-3345
 	RESERVED
-CVE-2020-3344
-	RESERVED
-CVE-2020-3343
-	RESERVED
+CVE-2020-3344 (A vulnerability in Cisco AMP for Endpoints Linux Connector Software an ...)
+	TODO: check
+CVE-2020-3343 (A vulnerability in Cisco AMP for Endpoints Linux Connector Software an ...)
+	TODO: check
 CVE-2020-3342
 	RESERVED
 CVE-2020-3341 (A vulnerability in the PDF archive parsing module in Clam AntiVirus (C ...)
@@ -22398,8 +22488,8 @@ CVE-2020-3316
 	RESERVED
 CVE-2020-3315 (Multiple Cisco products are affected by a vulnerability in the Snort d ...)
 	NOT-FOR-US: Cisco
-CVE-2020-3314
-	RESERVED
+CVE-2020-3314 (A vulnerability in the file scan process of Cisco AMP for Endpoints Ma ...)
+	TODO: check
 CVE-2020-3313 (A vulnerability in the web UI of Cisco Firepower Management Center (FM ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3312 (A vulnerability in the application policy configuration of Cisco Firep ...)
@@ -22466,8 +22556,8 @@ CVE-2020-3282
 	RESERVED
 CVE-2020-3281
 	RESERVED
-CVE-2020-3280
-	RESERVED
+CVE-2020-3280 (A vulnerability in the Java Remote Management Interface of Cisco Unifi ...)
+	TODO: check
 CVE-2020-3279
 	RESERVED
 CVE-2020-3278
@@ -22482,8 +22572,8 @@ CVE-2020-3274
 	RESERVED
 CVE-2020-3273 (A vulnerability in the 802.11 Generic Advertisement Service (GAS) fram ...)
 	NOT-FOR-US: Cisco
-CVE-2020-3272
-	RESERVED
+CVE-2020-3272 (A vulnerability in the DHCP server of Cisco Prime Network Registrar co ...)
+	TODO: check
 CVE-2020-3271
 	RESERVED
 CVE-2020-3270
@@ -22658,8 +22748,8 @@ CVE-2020-3186 (A vulnerability in the management access list configuration of Ci
 	NOT-FOR-US: Cisco
 CVE-2020-3185 (A vulnerability in the web-based management interface of Cisco TelePre ...)
 	NOT-FOR-US: Cisco
-CVE-2020-3184
-	RESERVED
+CVE-2020-3184 (A vulnerability in the web-based management interface of Cisco Prime C ...)
+	TODO: check
 CVE-2020-3183
 	RESERVED
 CVE-2020-3182 (A vulnerability in the multicast DNS (mDNS) protocol configuration of  ...)
@@ -25318,8 +25408,7 @@ CVE-2020-1957 (Apache Shiro before 1.5.2, when using Apache Shiro with Spring dy
 	NOTE: https://www.openwall.com/lists/oss-security/2020/03/23/2
 	NOTE: Fixed by: https://github.com/apache/shiro/commit/3708d7907016bf2fa12691dff6ff0def1249b8ce#diff-98f7bc5c0391389e56531f8b3754081aL139
 	NOTE: https://github.com/apache/shiro/pull/203#issuecomment-606270322
-CVE-2020-1956
-	RESERVED
+CVE-2020-1956 (Kylin has some restful apis which will concatenate os command with the ...)
 	NOT-FOR-US: Apache Kylin
 CVE-2020-1955 (CouchDB version 3.0.0 shipped with a new configuration setting that go ...)
 	- couchdb <removed>
@@ -27118,30 +27207,30 @@ CVE-2020-1197
 	RESERVED
 CVE-2020-1196
 	RESERVED
-CVE-2020-1195
-	RESERVED
+CVE-2020-1195 (An elevation of privilege vulnerability exists in Microsoft Edge (Chro ...)
+	TODO: check
 CVE-2020-1194
 	RESERVED
 CVE-2020-1193
 	RESERVED
-CVE-2020-1192
-	RESERVED
-CVE-2020-1191
-	RESERVED
-CVE-2020-1190
-	RESERVED
-CVE-2020-1189
-	RESERVED
-CVE-2020-1188
-	RESERVED
-CVE-2020-1187
-	RESERVED
-CVE-2020-1186
-	RESERVED
-CVE-2020-1185
-	RESERVED
-CVE-2020-1184
-	RESERVED
+CVE-2020-1192 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
+	TODO: check
+CVE-2020-1191 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
+CVE-2020-1190 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
+CVE-2020-1189 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
+CVE-2020-1188 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
+CVE-2020-1187 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
+CVE-2020-1186 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
+CVE-2020-1185 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
+CVE-2020-1184 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
 CVE-2020-1183
 	RESERVED
 CVE-2020-1182
@@ -27150,24 +27239,24 @@ CVE-2020-1181
 	RESERVED
 CVE-2020-1180
 	RESERVED
-CVE-2020-1179
-	RESERVED
+CVE-2020-1179 (An information disclosure vulnerability exists when the Windows GDI co ...)
+	TODO: check
 CVE-2020-1178
 	RESERVED
 CVE-2020-1177
 	RESERVED
-CVE-2020-1176
-	RESERVED
-CVE-2020-1175
-	RESERVED
-CVE-2020-1174
-	RESERVED
-CVE-2020-1173
-	RESERVED
+CVE-2020-1176 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+	TODO: check
+CVE-2020-1175 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+	TODO: check
+CVE-2020-1174 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+	TODO: check
+CVE-2020-1173 (A spoofing vulnerability exists in Microsoft Power BI Report Server in ...)
+	TODO: check
 CVE-2020-1172
 	RESERVED
-CVE-2020-1171
-	RESERVED
+CVE-2020-1171 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
+	TODO: check
 CVE-2020-1170
 	RESERVED
 CVE-2020-1169
@@ -27176,79 +27265,78 @@ CVE-2020-1168
 	RESERVED
 CVE-2020-1167
 	RESERVED
-CVE-2020-1166
-	RESERVED
-CVE-2020-1165
-	RESERVED
-CVE-2020-1164
-	RESERVED
+CVE-2020-1166 (An elevation of privilege vulnerability exists when Windows improperly ...)
+	TODO: check
+CVE-2020-1165 (An elevation of privilege vulnerability exists when Windows improperly ...)
+	TODO: check
+CVE-2020-1164 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
 CVE-2020-1163
 	RESERVED
 CVE-2020-1162
 	RESERVED
-CVE-2020-1161
-	RESERVED
+CVE-2020-1161 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
 	NOT-FOR-US: Microsoft .NET
 CVE-2020-1160
 	RESERVED
 CVE-2020-1159
 	RESERVED
-CVE-2020-1158
-	RESERVED
-CVE-2020-1157
-	RESERVED
-CVE-2020-1156
-	RESERVED
-CVE-2020-1155
-	RESERVED
-CVE-2020-1154
-	RESERVED
-CVE-2020-1153
-	RESERVED
+CVE-2020-1158 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
+CVE-2020-1157 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
+CVE-2020-1156 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
+CVE-2020-1155 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
+CVE-2020-1154 (An elevation of privilege vulnerability exists when the Windows Common ...)
+	TODO: check
+CVE-2020-1153 (A remote code execution vulnerability exists in the way that Microsoft ...)
+	TODO: check
 CVE-2020-1152
 	RESERVED
-CVE-2020-1151
-	RESERVED
-CVE-2020-1150
-	RESERVED
-CVE-2020-1149
-	RESERVED
+CVE-2020-1151 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
+CVE-2020-1150 (A memory corruption vulnerability exists when Windows Media Foundation ...)
+	TODO: check
+CVE-2020-1149 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
 CVE-2020-1148
 	RESERVED
 CVE-2020-1147
 	RESERVED
 CVE-2020-1146
 	RESERVED
-CVE-2020-1145
-	RESERVED
-CVE-2020-1144
-	RESERVED
-CVE-2020-1143
-	RESERVED
-CVE-2020-1142
-	RESERVED
-CVE-2020-1141
-	RESERVED
-CVE-2020-1140
-	RESERVED
-CVE-2020-1139
-	RESERVED
-CVE-2020-1138
-	RESERVED
-CVE-2020-1137
-	RESERVED
-CVE-2020-1136
-	RESERVED
-CVE-2020-1135
-	RESERVED
-CVE-2020-1134
-	RESERVED
+CVE-2020-1145 (An information disclosure vulnerability exists in the way that the Win ...)
+	TODO: check
+CVE-2020-1144 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
+CVE-2020-1143 (An elevation of privilege vulnerability exists in Windows when the Win ...)
+	TODO: check
+CVE-2020-1142 (An elevation of privilege vulnerability exists in the way that the Win ...)
+	TODO: check
+CVE-2020-1141 (An information disclosure vulnerability exists in the way that the Win ...)
+	TODO: check
+CVE-2020-1140 (An elevation of privilege vulnerability exists when DirectX improperly ...)
+	TODO: check
+CVE-2020-1139 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
+CVE-2020-1138 (An elevation of privilege vulnerability exists when the Storage Servic ...)
+	TODO: check
+CVE-2020-1137 (An elevation of privilege vulnerability exists in the way the Windows  ...)
+	TODO: check
+CVE-2020-1136 (A memory corruption vulnerability exists when Windows Media Foundation ...)
+	TODO: check
+CVE-2020-1135 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
+	TODO: check
+CVE-2020-1134 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
 CVE-2020-1133
 	RESERVED
-CVE-2020-1132
-	RESERVED
-CVE-2020-1131
-	RESERVED
+CVE-2020-1132 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
+	TODO: check
+CVE-2020-1131 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
 CVE-2020-1130
 	RESERVED
 CVE-2020-1129
@@ -27257,165 +27345,164 @@ CVE-2020-1128
 	RESERVED
 CVE-2020-1127
 	RESERVED
-CVE-2020-1126
-	RESERVED
-CVE-2020-1125
-	RESERVED
-CVE-2020-1124
-	RESERVED
-CVE-2020-1123
-	RESERVED
+CVE-2020-1126 (A memory corruption vulnerability exists when Windows Media Foundation ...)
+	TODO: check
+CVE-2020-1125 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
+CVE-2020-1124 (An elevation of privilege vulnerability exists when the Windows State  ...)
+	TODO: check
+CVE-2020-1123 (A denial of service vulnerability exists when Connected User Experienc ...)
+	TODO: check
 CVE-2020-1122
 	RESERVED
-CVE-2020-1121
-	RESERVED
+CVE-2020-1121 (An elevation of privilege vulnerability exists when Windows improperly ...)
+	TODO: check
 CVE-2020-1120
 	RESERVED
 CVE-2020-1119
 	RESERVED
-CVE-2020-1118
-	RESERVED
-CVE-2020-1117
-	RESERVED
-CVE-2020-1116
-	RESERVED
+CVE-2020-1118 (A denial of service vulnerability exists in the Windows implementation ...)
+	TODO: check
+CVE-2020-1117 (A remote code execution vulnerability exists in the way that the Color ...)
+	TODO: check
+CVE-2020-1116 (An information disclosure vulnerability exists when the Windows Client ...)
+	TODO: check
 CVE-2020-1115
 	RESERVED
-CVE-2020-1114
-	RESERVED
-CVE-2020-1113
-	RESERVED
-CVE-2020-1112
-	RESERVED
-CVE-2020-1111
-	RESERVED
-CVE-2020-1110
-	RESERVED
-CVE-2020-1109
-	RESERVED
-CVE-2020-1108
-	RESERVED
+CVE-2020-1114 (An elevation of privilege vulnerability exists when the Windows kernel ...)
+	TODO: check
+CVE-2020-1113 (A security feature bypass vulnerability exists in Microsoft Windows wh ...)
+	TODO: check
+CVE-2020-1112 (An elevation of privilege vulnerability exists when the Windows Backgr ...)
+	TODO: check
+CVE-2020-1111 (An elevation of privilege vulnerability exists when Windows improperly ...)
+	TODO: check
+CVE-2020-1110 (An elevation of privilege vulnerability exists when the Windows Update ...)
+	TODO: check
+CVE-2020-1109 (An elevation of privilege vulnerability exists when the Windows Update ...)
+	TODO: check
+CVE-2020-1108 (A denial of service vulnerability exists when .NET Core or .NET Framew ...)
 	NOT-FOR-US: Microsoft .NET
-CVE-2020-1107
-	RESERVED
-CVE-2020-1106
-	RESERVED
-CVE-2020-1105
-	RESERVED
-CVE-2020-1104
-	RESERVED
-CVE-2020-1103
-	RESERVED
-CVE-2020-1102
-	RESERVED
-CVE-2020-1101
-	RESERVED
-CVE-2020-1100
-	RESERVED
-CVE-2020-1099
-	RESERVED
+CVE-2020-1107 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
+	TODO: check
+CVE-2020-1106 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+	TODO: check
+CVE-2020-1105 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
+	TODO: check
+CVE-2020-1104 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
+	TODO: check
+CVE-2020-1103 (An information disclosure vulnerability exists where certain modes of  ...)
+	TODO: check
+CVE-2020-1102 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+	TODO: check
+CVE-2020-1101 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+	TODO: check
+CVE-2020-1100 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+	TODO: check
+CVE-2020-1099 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+	TODO: check
 CVE-2020-1098
 	RESERVED
 CVE-2020-1097
 	RESERVED
-CVE-2020-1096
-	RESERVED
+CVE-2020-1096 (A remote code execution vulnerability exists when Microsoft Edge PDF R ...)
+	TODO: check
 CVE-2020-1095
 	RESERVED
 CVE-2020-1094 (An elevation of privilege vulnerability exists when the Windows Work F ...)
 	NOT-FOR-US: Microsoft
-CVE-2020-1093
-	RESERVED
-CVE-2020-1092
-	RESERVED
+CVE-2020-1093 (A remote code execution vulnerability exists in the way that the VBScr ...)
+	TODO: check
+CVE-2020-1092 (A remote code execution vulnerability exists when Internet Explorer im ...)
+	TODO: check
 CVE-2020-1091
 	RESERVED
-CVE-2020-1090
-	RESERVED
+CVE-2020-1090 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
 CVE-2020-1089
 	RESERVED
-CVE-2020-1088
-	RESERVED
-CVE-2020-1087
-	RESERVED
-CVE-2020-1086
-	RESERVED
+CVE-2020-1088 (An elevation of privilege vulnerability exists in Windows Error Report ...)
+	TODO: check
+CVE-2020-1087 (An elevation of privilege vulnerability exists in the way that the Win ...)
+	TODO: check
+CVE-2020-1086 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
 CVE-2020-1085
 	RESERVED
-CVE-2020-1084
-	RESERVED
+CVE-2020-1084 (A Denial Of Service vulnerability exists when Connected User Experienc ...)
+	TODO: check
 CVE-2020-1083
 	RESERVED
-CVE-2020-1082
-	RESERVED
-CVE-2020-1081
-	RESERVED
+CVE-2020-1082 (An elevation of privilege vulnerability exists in Windows Error Report ...)
+	TODO: check
+CVE-2020-1081 (An elevation of privilege vulnerability exists when the Windows Printe ...)
+	TODO: check
 CVE-2020-1080
 	RESERVED
-CVE-2020-1079
-	RESERVED
-CVE-2020-1078
-	RESERVED
-CVE-2020-1077
-	RESERVED
-CVE-2020-1076
-	RESERVED
-CVE-2020-1075
-	RESERVED
+CVE-2020-1079 (An elevation of privilege vulnerability exists when the Windows fails  ...)
+	TODO: check
+CVE-2020-1078 (An elevation of privilege vulnerability exists in Windows Installer be ...)
+	TODO: check
+CVE-2020-1077 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
+	TODO: check
+CVE-2020-1076 (A denial of service vulnerability exists when Windows improperly handl ...)
+	TODO: check
+CVE-2020-1075 (An information disclosure vulnerability exists when Windows Subsystem  ...)
+	TODO: check
 CVE-2020-1074
 	RESERVED
 CVE-2020-1073
 	RESERVED
-CVE-2020-1072
-	RESERVED
-CVE-2020-1071
-	RESERVED
-CVE-2020-1070
-	RESERVED
-CVE-2020-1069
-	RESERVED
-CVE-2020-1068
-	RESERVED
-CVE-2020-1067
-	RESERVED
-CVE-2020-1066
-	RESERVED
-CVE-2020-1065
-	RESERVED
-CVE-2020-1064
-	RESERVED
-CVE-2020-1063
-	RESERVED
-CVE-2020-1062
-	RESERVED
-CVE-2020-1061
-	RESERVED
-CVE-2020-1060
-	RESERVED
-CVE-2020-1059
-	RESERVED
-CVE-2020-1058
-	RESERVED
+CVE-2020-1072 (An information disclosure vulnerability exists when the Windows kernel ...)
+	TODO: check
+CVE-2020-1071 (An elevation of privilege vulnerability exists when Windows improperly ...)
+	TODO: check
+CVE-2020-1070 (An elevation of privilege vulnerability exists when the Windows Print  ...)
+	TODO: check
+CVE-2020-1069 (A remote code execution vulnerability exists in Microsoft SharePoint S ...)
+	TODO: check
+CVE-2020-1068 (An elevation of privilege vulnerability exists in Windows Media Servic ...)
+	TODO: check
+CVE-2020-1067 (A remote code execution vulnerability exists in the way that Windows h ...)
+	TODO: check
+CVE-2020-1066 (An elevation of privilege vulnerability exists in .NET Framework which ...)
+	TODO: check
+CVE-2020-1065 (A remote code execution vulnerability exists in the way that the Chakr ...)
+	TODO: check
+CVE-2020-1064 (A remote code execution vulnerability exists in the way that the MSHTM ...)
+	TODO: check
+CVE-2020-1063 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
+	TODO: check
+CVE-2020-1062 (A remote code execution vulnerability exists when Internet Explorer im ...)
+	TODO: check
+CVE-2020-1061 (A remote code execution vulnerability exists in the way that the Micro ...)
+	TODO: check
+CVE-2020-1060 (A remote code execution vulnerability exists in the way that the VBScr ...)
+	TODO: check
+CVE-2020-1059 (A spoofing vulnerability exists when Microsoft Edge does not properly  ...)
+	TODO: check
+CVE-2020-1058 (A remote code execution vulnerability exists in the way that the VBScr ...)
+	TODO: check
 CVE-2020-1057
 	RESERVED
-CVE-2020-1056
-	RESERVED
-CVE-2020-1055
-	RESERVED
-CVE-2020-1054
-	RESERVED
+CVE-2020-1056 (An elevation of privilege vulnerability exists when Microsoft Edge doe ...)
+	TODO: check
+CVE-2020-1055 (A cross-site-scripting (XSS) vulnerability exists when Active Director ...)
+	TODO: check
+CVE-2020-1054 (An elevation of privilege vulnerability exists in Windows when the Win ...)
+	TODO: check
 CVE-2020-1053
 	RESERVED
 CVE-2020-1052
 	RESERVED
-CVE-2020-1051
-	RESERVED
+CVE-2020-1051 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+	TODO: check
 CVE-2020-1050 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
 	NOT-FOR-US: Microsoft
 CVE-2020-1049 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
 	NOT-FOR-US: Microsoft
-CVE-2020-1048
-	RESERVED
+CVE-2020-1048 (An elevation of privilege vulnerability exists when the Windows Print  ...)
+	TODO: check
 CVE-2020-1047
 	RESERVED
 CVE-2020-1046
@@ -27436,12 +27523,12 @@ CVE-2020-1039
 	RESERVED
 CVE-2020-1038
 	RESERVED
-CVE-2020-1037
-	RESERVED
+CVE-2020-1037 (A remote code execution vulnerability exists in the way that the Chakr ...)
+	TODO: check
 CVE-2020-1036
 	RESERVED
-CVE-2020-1035
-	RESERVED
+CVE-2020-1035 (A remote code execution vulnerability exists in the way that the VBScr ...)
+	TODO: check
 CVE-2020-1034
 	RESERVED
 CVE-2020-1033
@@ -27454,22 +27541,22 @@ CVE-2020-1030
 	RESERVED
 CVE-2020-1029 (An elevation of privilege vulnerability exists when Connected User Exp ...)
 	NOT-FOR-US: Microsoft
-CVE-2020-1028
-	RESERVED
+CVE-2020-1028 (A memory corruption vulnerability exists when Windows Media Foundation ...)
+	TODO: check
 CVE-2020-1027 (An elevation of privilege vulnerability exists in the way that the Win ...)
 	NOT-FOR-US: Microsoft
 CVE-2020-1026 (A Security Feature Bypass vulnerability exists in the MSR JavaScript C ...)
 	NOT-FOR-US: Microsoft
 CVE-2020-1025
 	RESERVED
-CVE-2020-1024
-	RESERVED
-CVE-2020-1023
-	RESERVED
+CVE-2020-1024 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+	TODO: check
+CVE-2020-1023 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+	TODO: check
 CVE-2020-1022 (A remote code execution vulnerability exists in Microsoft Dynamics Bus ...)
 	NOT-FOR-US: Microsoft
-CVE-2020-1021
-	RESERVED
+CVE-2020-1021 (An elevation of privilege vulnerability exists in Windows Error Report ...)
+	TODO: check
 CVE-2020-1020 (A remote code execution vulnerability exists in Microsoft Windows when ...)
 	NOT-FOR-US: Microsoft
 CVE-2020-1019 (An elevation of privilege vulnerability exists in RMS Sharing App for  ...)
@@ -27490,8 +27577,8 @@ CVE-2020-1012
 	RESERVED
 CVE-2020-1011 (An elevation of privilege vulnerability exists when the Windows System ...)
 	NOT-FOR-US: Microsoft
-CVE-2020-1010
-	RESERVED
+CVE-2020-1010 (An elevation of privilege vulnerability exists in Windows Block Level  ...)
+	TODO: check
 CVE-2020-1009 (An elevation of privilege vulnerability exists in the way that the Mic ...)
 	NOT-FOR-US: Microsoft
 CVE-2020-1008 (A remote code execution vulnerability exists when the Windows Jet Data ...)
@@ -27584,8 +27671,8 @@ CVE-2020-0965 (A remoted code execution vulnerability exists in the way that Mic
 	NOT-FOR-US: Microsoft
 CVE-2020-0964 (A remote code execution vulnerability exists in the way that the Windo ...)
 	NOT-FOR-US: Microsoft
-CVE-2020-0963
-	RESERVED
+CVE-2020-0963 (An information disclosure vulnerability exists when the Windows GDI co ...)
+	TODO: check
 CVE-2020-0962 (An information disclosure vulnerability exists when the win32k compone ...)
 	NOT-FOR-US: Microsoft
 CVE-2020-0961 (A remote code execution vulnerability exists when the Microsoft Office ...)
@@ -27692,8 +27779,8 @@ CVE-2020-0911
 	RESERVED
 CVE-2020-0910 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
 	NOT-FOR-US: Microsoft
-CVE-2020-0909
-	RESERVED
+CVE-2020-0909 (A denial of service vulnerability exists when Hyper-V on a Windows Ser ...)
+	TODO: check
 CVE-2020-0908
 	RESERVED
 CVE-2020-0907 (A remote code execution vulnerability exists in the way that Microsoft ...)
@@ -27708,8 +27795,8 @@ CVE-2020-0903 (A cross-site-scripting (XSS) vulnerability exists when Microsoft
 	NOT-FOR-US: Microsoft
 CVE-2020-0902 (An elevation of privilege vulnerability exists in Service Fabric File  ...)
 	NOT-FOR-US: Microsoft
-CVE-2020-0901
-	RESERVED
+CVE-2020-0901 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
+	TODO: check
 CVE-2020-0900 (An elevation of privilege vulnerability exists when the Visual Studio  ...)
 	NOT-FOR-US: Microsoft
 CVE-2020-0899 (An elevation of privilege vulnerability exists when Microsoft Visual S ...)
author	security tracker role <sectracker@soriano.debian.org>	2020-05-22 20:10:21 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2020-05-22 20:10:21 +0000
commit	88fd4da2b2ff95c1b744ca1d10621dae88f615cf (patch)
tree	a766bb355ffcbd40d5293c507a8788c9b7109623 /data
parent	40aae2ba2dc0f8671feb7ffe3fdc59e34168c960 (diff)