diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-03-26 20:10:24 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-03-26 20:10:24 +0000 |
commit | 14098f3ef2779311588fe58d758265f24676c57d (patch) | |
tree | 8ad9f281d59c35a283b4674c86830597230835c0 /data/CVE/2020.list | |
parent | ac76ae06095a973b98a6624b4ff1fb9cb7a3d1a3 (diff) |
automatic update
Diffstat (limited to 'data/CVE/2020.list')
-rw-r--r-- | data/CVE/2020.list | 31 |
1 files changed, 15 insertions, 16 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 511527d4b3..1af9fa17f6 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1031,8 +1031,8 @@ CVE-2020-35858 (An issue was discovered in the prost crate before 0.6.1 for Rust NOT-FOR-US: prost rust crate CVE-2020-35857 (An issue was discovered in the trust-dns-server crate before 0.18.1 fo ...) NOT-FOR-US: Rust trust-dns-server -CVE-2020-35856 - RESERVED +CVE-2020-35856 (SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by ...) + TODO: check CVE-2020-35855 RESERVED CVE-2020-35854 (Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Bod ...) @@ -1829,8 +1829,7 @@ CVE-2020-35519 [buster] - linux 4.19.171-1 [stretch] - linux 4.9.258-1 NOTE: https://www.openwall.com/lists/oss-security/2021/03/17/17 -CVE-2020-35518 [Information disclosure during the binding of a DN] - RESERVED +CVE-2020-35518 (When binding against a DN during authentication, the reply from 389-ds ...) - 389-ds-base 1.4.4.10-1 [buster] - 389-ds-base <not-affected> (Vulnerable code introduced later) [stretch] - 389-ds-base <not-affected> (Vulnerable code introduced later) @@ -1874,8 +1873,7 @@ CVE-2020-35510 CVE-2020-35509 RESERVED NOT-FOR-US: Keycloak -CVE-2020-35508 - RESERVED +CVE-2020-35508 (A flaw possibility of race condition and incorrect initialization of t ...) - linux 5.9.9-1 [buster] - linux 4.19.160-1 [stretch] - linux 4.9.246-1 @@ -2967,6 +2965,7 @@ CVE-2020-29624 RESERVED CVE-2020-29623 RESERVED + {DSA-4877-1} - webkit2gtk 2.30.6-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) - wpewebkit 2.30.6-1 @@ -5135,8 +5134,8 @@ CVE-2020-28697 RESERVED CVE-2020-28696 RESERVED -CVE-2020-28695 - RESERVED +CVE-2020-28695 (Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices ...) + TODO: check CVE-2020-28694 RESERVED CVE-2020-28693 (An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an ...) @@ -6877,6 +6876,7 @@ CVE-2020-27920 CVE-2020-27919 RESERVED CVE-2020-27918 (A use after free issue was addressed with improved memory management. ...) + {DSA-4877-1} - webkit2gtk 2.30.6-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) - wpewebkit 2.30.6-1 @@ -7105,8 +7105,7 @@ CVE-2020-27830 [Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2] [stretch] - linux <not-affected> (Vulnerability introduced later) NOTE: https://www.openwall.com/lists/oss-security/2020/12/07/1 NOTE: https://git.kernel.org/linus/f0992098cadb4c9c6a00703b66cafe604e178fea -CVE-2020-27829 [heap buffer overflow in coders/tiff.c] - RESERVED +CVE-2020-27829 (A heap based buffer overflow in coders/tiff.c may result in program cr ...) - imagemagick 8:6.9.11.57+dfsg-1 [stretch] - imagemagick <not-affected> (vulnerable code was introduced later) NOTE: https://github.com/ImageMagick/ImageMagick/commit/6ee5059cd3ac8d82714a1ab1321399b88539abf0 @@ -11766,8 +11765,8 @@ CVE-2020-25842 (The encryption function of NHIServiSignAdapter fail to verify th NOT-FOR-US: NHIServiSignAdapter CVE-2020-25841 RESERVED -CVE-2020-25840 - RESERVED +CVE-2020-25840 (Cross-Site scripting vulnerability in Micro Focus Access Manager produ ...) + TODO: check CVE-2020-25839 (NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected b ...) NOT-FOR-US: NetIQ Identity Manager CVE-2020-25838 (Unauthorized disclosure of sensitive information vulnerability in Micr ...) @@ -24859,10 +24858,10 @@ CVE-2020-19628 RESERVED CVE-2020-19627 RESERVED -CVE-2020-19626 - RESERVED -CVE-2020-19625 - RESERVED +CVE-2020-19626 (Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows re ...) + TODO: check +CVE-2020-19625 (Remote Code Execution Vulnerability in tests/support/stores/test_grid_ ...) + TODO: check CVE-2020-19624 RESERVED CVE-2020-19623 |