[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Apr 7 21:10:32 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
942c9722 by security tracker role at 2020-04-07T20:10:25+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,320 @@
+CVE-2020-11616
+ RESERVED
+CVE-2020-11615
+ RESERVED
+CVE-2020-11614
+ RESERVED
+CVE-2020-11613
+ RESERVED
+CVE-2020-11612 (The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memo ...)
+ TODO: check
+CVE-2020-11611 (An issue was discovered in xdLocalStorage through 2.0.5. The buildMess ...)
+ TODO: check
+CVE-2020-11610 (An issue was discovered in xdLocalStorage through 2.0.5. The postData( ...)
+ TODO: check
+CVE-2020-11609 (An issue was discovered in the stv06xx subsystem in the Linux kernel b ...)
+ TODO: check
+CVE-2020-11608 (An issue was discovered in the Linux kernel before 5.6.1. drivers/medi ...)
+ TODO: check
+CVE-2020-11607
+ RESERVED
+CVE-2020-11606
+ RESERVED
+CVE-2020-11605
+ RESERVED
+CVE-2020-11604
+ RESERVED
+CVE-2020-11603
+ RESERVED
+CVE-2020-11602
+ RESERVED
+CVE-2020-11601
+ RESERVED
+CVE-2020-11600
+ RESERVED
+CVE-2018-21092
+ RESERVED
+CVE-2018-21091
+ RESERVED
+CVE-2018-21090
+ RESERVED
+CVE-2018-21089
+ RESERVED
+CVE-2018-21088
+ RESERVED
+CVE-2018-21087
+ RESERVED
+CVE-2018-21086
+ RESERVED
+CVE-2018-21085
+ RESERVED
+CVE-2018-21084
+ RESERVED
+CVE-2018-21083
+ RESERVED
+CVE-2018-21082
+ RESERVED
+CVE-2018-21081
+ RESERVED
+CVE-2018-21080
+ RESERVED
+CVE-2018-21079
+ RESERVED
+CVE-2018-21078
+ RESERVED
+CVE-2018-21077
+ RESERVED
+CVE-2018-21076
+ RESERVED
+CVE-2018-21075
+ RESERVED
+CVE-2018-21074
+ RESERVED
+CVE-2018-21073
+ RESERVED
+CVE-2018-21072
+ RESERVED
+CVE-2018-21071
+ RESERVED
+CVE-2018-21070
+ RESERVED
+CVE-2018-21069
+ RESERVED
+CVE-2018-21068
+ RESERVED
+CVE-2018-21067
+ RESERVED
+CVE-2018-21066
+ RESERVED
+CVE-2018-21065
+ RESERVED
+CVE-2018-21064
+ RESERVED
+CVE-2018-21063
+ RESERVED
+CVE-2018-21062
+ RESERVED
+CVE-2018-21061
+ RESERVED
+CVE-2018-21060
+ RESERVED
+CVE-2018-21059
+ RESERVED
+CVE-2018-21058
+ RESERVED
+CVE-2018-21057
+ RESERVED
+CVE-2018-21056
+ RESERVED
+CVE-2018-21055
+ RESERVED
+CVE-2018-21054
+ RESERVED
+CVE-2018-21053
+ RESERVED
+CVE-2018-21052
+ RESERVED
+CVE-2018-21051
+ RESERVED
+CVE-2018-21050
+ RESERVED
+CVE-2018-21049
+ RESERVED
+CVE-2018-21048
+ RESERVED
+CVE-2018-21047
+ RESERVED
+CVE-2018-21046
+ RESERVED
+CVE-2018-21045
+ RESERVED
+CVE-2018-21044
+ RESERVED
+CVE-2018-21043
+ RESERVED
+CVE-2018-21042
+ RESERVED
+CVE-2018-21041
+ RESERVED
+CVE-2018-21040
+ RESERVED
+CVE-2018-21039
+ RESERVED
+CVE-2018-21038
+ RESERVED
+CVE-2017-18696 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18695 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18694 (An issue was discovered on Samsung mobile devices with software throug ...)
+ TODO: check
+CVE-2017-18693 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18692 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18691 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18690 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18689 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18688 (An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), ...)
+ TODO: check
+CVE-2017-18687 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18686 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18685 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18684 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...)
+ TODO: check
+CVE-2017-18683 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...)
+ TODO: check
+CVE-2017-18682 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18681 (An issue was discovered on Samsung Galaxy S5 mobile devices with softw ...)
+ TODO: check
+CVE-2017-18680 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...)
+ TODO: check
+CVE-2017-18679 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
+ TODO: check
+CVE-2017-18678 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18677 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18676 (An issue was discovered on Samsung mobile devices with N(7.0) (Qualcom ...)
+ TODO: check
+CVE-2017-18675 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18674 (An issue was discovered on Samsung mobile devices with N(7.0) software ...)
+ TODO: check
+CVE-2017-18673 (An issue was discovered on Samsung mobile devices with N(7.x) software ...)
+ TODO: check
+CVE-2017-18672 (An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6 ...)
+ TODO: check
+CVE-2017-18671 (An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6 ...)
+ TODO: check
+CVE-2017-18670 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18669 (An issue was discovered on Samsung mobile devices with N(7.x) software ...)
+ TODO: check
+CVE-2017-18668 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
+ TODO: check
+CVE-2017-18667 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18666 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18665 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
+ TODO: check
+CVE-2017-18664 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18663 (An issue was discovered on Samsung mobile devices with N(7.x) software ...)
+ TODO: check
+CVE-2017-18662 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18661 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18660 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18659 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18658 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
+ TODO: check
+CVE-2017-18657 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18656 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18655 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18654 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18653 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2017-18652 (An issue was discovered on Samsung mobile devices with M(6.0) and N(7. ...)
+ TODO: check
+CVE-2017-18651 (An issue was discovered on Samsung mobile devices with M(6.x) and N(7. ...)
+ TODO: check
+CVE-2017-18650 (An issue was discovered on Samsung mobile devices with N(7.x) software ...)
+ TODO: check
+CVE-2017-18649 (An issue was discovered on Samsung mobile devices with N(7.x) software ...)
+ TODO: check
+CVE-2017-18648 (An issue was discovered on Samsung mobile devices with KK(4.4.x), L(5. ...)
+ TODO: check
+CVE-2017-18647 (An issue was discovered on Samsung mobile devices with M(6,x) and N(7. ...)
+ TODO: check
+CVE-2017-18646
+ RESERVED
+CVE-2017-18645
+ RESERVED
+CVE-2017-18644
+ RESERVED
+CVE-2017-18643
+ RESERVED
+CVE-2016-11053 (An issue was discovered on Samsung mobile devices with software throug ...)
+ TODO: check
+CVE-2016-11052 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) soft ...)
+ TODO: check
+CVE-2016-11051 (An issue was discovered on Samsung mobile devices with J(4.2) (Qualcom ...)
+ TODO: check
+CVE-2016-11050 (An issue was discovered on Samsung mobile devices with S3(KK), Note2(K ...)
+ TODO: check
+CVE-2016-11049 (An issue was discovered on Samsung mobile devices with software throug ...)
+ TODO: check
+CVE-2016-11048 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) (Spr ...)
+ TODO: check
+CVE-2016-11047 (An issue was discovered on Samsung mobile devices with JBP(4.2) and KK ...)
+ TODO: check
+CVE-2016-11046 (An issue was discovered on Samsung mobile devices with JBP(4.3), KK(4. ...)
+ TODO: check
+CVE-2016-11045 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) soft ...)
+ TODO: check
+CVE-2016-11044 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...)
+ TODO: check
+CVE-2016-11043 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
+ TODO: check
+CVE-2016-11042 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...)
+ TODO: check
+CVE-2016-11041 (An issue was discovered on Samsung mobile devices with KK(4.4) softwar ...)
+ TODO: check
+CVE-2016-11040 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) (wit ...)
+ TODO: check
+CVE-2016-11039 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2016-11038 (An issue was discovered on Samsung mobile devices with software throug ...)
+ TODO: check
+CVE-2016-11037
+ REJECTED
+ TODO: check
+CVE-2016-11036 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
+ TODO: check
+CVE-2016-11035 (An issue was discovered on Samsung mobile devices with software throug ...)
+ TODO: check
+CVE-2016-11034 (An issue was discovered on Samsung mobile devices with L(5.0/5.1) and ...)
+ TODO: check
+CVE-2016-11033 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
+ TODO: check
+CVE-2016-11032 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
+ TODO: check
+CVE-2016-11031 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2016-11030 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2016-11029 (An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6 ...)
+ TODO: check
+CVE-2016-11028 (An issue was discovered on Samsung mobile devices with software throug ...)
+ TODO: check
+CVE-2016-11027 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
+ TODO: check
+CVE-2016-11026 (An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/ ...)
+ TODO: check
+CVE-2016-11025 (An issue was discovered on Samsung mobile devices with software throug ...)
+ TODO: check
+CVE-2015-9545 (An issue was discovered in xdLocalStorage through 2.0.5. The receiveMe ...)
+ TODO: check
+CVE-2015-9544 (An issue was discovered in xdLocalStorage through 2.0.5. The receiveMe ...)
+ TODO: check
+CVE-2013-7488 (perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 ...)
+ TODO: check
CVE-2020-11599 (An issue was discovered in CIPPlanner CIPAce 6.80 Build 2016031401. Ge ...)
NOT-FOR-US: CIPPlanner
CVE-2020-11598 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Upl ...)
@@ -75,10 +392,10 @@ CVE-2020-11563
RESERVED
CVE-2020-11562
RESERVED
-CVE-2020-11561
- RESERVED
-CVE-2020-11560
- RESERVED
+CVE-2020-11561 (In NCH Express Invoice 7.25, an authenticated low-privilege user can e ...)
+ TODO: check
+CVE-2020-11560 (NCH Express Invoice 7.25 allows local users to discover the cleartext ...)
+ TODO: check
CVE-2020-11559
RESERVED
CVE-2020-11558 (An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by ...)
@@ -168,24 +485,24 @@ CVE-2020-11518 (Zoho ManageEngine ADSelfService Plus before 5815 allows unauthen
NOT-FOR-US: Zoho
CVE-2020-11517
RESERVED
-CVE-2020-11516
- RESERVED
-CVE-2020-11515
- RESERVED
-CVE-2020-11514
- RESERVED
+CVE-2020-11516 (Stored XSS in the Contact Form 7 Datepicker plugin through 2.6.0 for W ...)
+ TODO: check
+CVE-2020-11515 (The Rank Math plugin through 1.0.40.2 for WordPress allows unauthentic ...)
+ TODO: check
+CVE-2020-11514 (The Rank Math plugin through 1.0.40.2 for WordPress allows unauthentic ...)
+ TODO: check
CVE-2020-11513
RESERVED
-CVE-2020-11512
- RESERVED
+CVE-2020-11512 (Stored XSS in the IMPress for IDX Broker WordPress plugin before 2.6.2 ...)
+ TODO: check
CVE-2020-11511
RESERVED
CVE-2020-11510
RESERVED
-CVE-2020-11509
- RESERVED
-CVE-2020-11508
- RESERVED
+CVE-2020-11509 (An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for Wor ...)
+ TODO: check
+CVE-2020-11508 (An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for Wor ...)
+ TODO: check
CVE-2020-11507 (An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0. ...)
NOT-FOR-US: Malwarebytes AdwCleaner
CVE-2020-11506
@@ -4806,8 +5123,8 @@ CVE-2020-9516
RESERVED
CVE-2020-9515
RESERVED
-CVE-2020-9514
- RESERVED
+CVE-2020-9514 (An issue was discovered in the IMPress for IDX Broker plugin before 2. ...)
+ TODO: check
CVE-2020-9513
RESERVED
CVE-2020-9512
@@ -5378,8 +5695,8 @@ CVE-2020-9288
RESERVED
CVE-2020-9287 (An Unsafe Search Path vulnerability in FortiClient EMS online installe ...)
NOT-FOR-US: Fortiguard
-CVE-2020-9286
- RESERVED
+CVE-2020-9286 (An improper authorization vulnerability in FortiADC may allow a remote ...)
+ TODO: check
CVE-2020-9285
RESERVED
CVE-2020-9284
@@ -8082,8 +8399,8 @@ CVE-2020-8098
RESERVED
CVE-2020-8097
RESERVED
-CVE-2020-8096
- RESERVED
+CVE-2020-8096 (Untrusted Search Path vulnerability in Bitdefender High-Level Antimalw ...)
+ TODO: check
CVE-2020-8095 (A vulnerability in the improper handling of junctions before deletion ...)
NOT-FOR-US: Bitdefender Total Security
CVE-2020-8094
@@ -9239,18 +9556,18 @@ CVE-2020-7620 (pomelo-monitor through 0.3.7 is vulnerable to Command Injection.I
NOT-FOR-US: Node pomelo-monitor
CVE-2020-7619 (get-git-data through 1.3.1 is vulnerable to Command Injection. It is p ...)
NOT-FOR-US: get-git-data node module
-CVE-2020-7618
- RESERVED
+CVE-2020-7618 (sds through 3.2.0 is vulnerable to Prototype Pollution.The library cou ...)
+ TODO: check
CVE-2020-7617 (ini-parser through 0.0.2 is vulnerable to Prototype Pollution.The libr ...)
NOT-FOR-US: Node ini-parser
-CVE-2020-7616
- RESERVED
-CVE-2020-7615
- RESERVED
-CVE-2020-7614
- RESERVED
-CVE-2020-7613
- RESERVED
+CVE-2020-7616 (express-mock-middleware through 0.0.6 is vulnerable to Prototype Pollu ...)
+ TODO: check
+CVE-2020-7615 (fsa through 0.5.1 is vulnerable to Command Injection. The first argume ...)
+ TODO: check
+CVE-2020-7614 (npm-programmatic through 0.0.12 is vulnerable to Command Injection.The ...)
+ TODO: check
+CVE-2020-7613 (clamscan through 1.2.0 is vulnerable to Command Injection. It is possi ...)
+ TODO: check
CVE-2020-7612
RESERVED
CVE-2020-7611 (All versions of io.micronaut:micronaut-http-client before 1.2.11 and a ...)
@@ -10728,8 +11045,8 @@ CVE-2020-6976 (Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and pr
NOT-FOR-US: Delta Industrial Automation CNCSoft ScreenEditor
CVE-2020-6975 (Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (820 ...)
NOT-FOR-US: Digi International ConnectPort LTS 32 MEI
-CVE-2020-6974
- RESERVED
+CVE-2020-6974 (Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a pa ...)
+ TODO: check
CVE-2020-6973 (Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (820 ...)
NOT-FOR-US: Digi International ConnectPort LTS 32 MEI
CVE-2020-6972 (In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell F ...)
@@ -11543,8 +11860,8 @@ CVE-2020-6649
RESERVED
CVE-2020-6648
RESERVED
-CVE-2020-6647
- RESERVED
+CVE-2020-6647 (An improper neutralization of input vulnerability in the dashboard of ...)
+ TODO: check
CVE-2020-6646 (An improper neutralization of input vulnerability in FortiWeb allows a ...)
NOT-FOR-US: Fortiguard
CVE-2020-6645
@@ -12667,8 +12984,8 @@ CVE-2020-6173 (TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncont
- python-tuf <itp> (bug #934151)
CVE-2020-6172
RESERVED
-CVE-2020-6171
- RESERVED
+CVE-2020-6171 (A cross-site scripting (XSS) vulnerability in the index page of the CL ...)
+ TODO: check
CVE-2020-6170 (An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P ...)
NOT-FOR-US: Genexis
CVE-2020-6169
@@ -13575,8 +13892,8 @@ CVE-2020-5736
RESERVED
CVE-2020-5735
RESERVED
-CVE-2020-5734
- RESERVED
+CVE-2020-5734 (Classic buffer overflow in SolarWinds Dameware allows a remote, unauth ...)
+ TODO: check
CVE-2020-5733
RESERVED
CVE-2020-5732
@@ -14542,8 +14859,8 @@ CVE-2020-5304
RESERVED
CVE-2020-5303
RESERVED
-CVE-2020-5302
- RESERVED
+CVE-2020-5302 (MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a b ...)
+ TODO: check
CVE-2020-5301
RESERVED
CVE-2020-5300 (In Hydra (an OAuth2 Server and OpenID Certified™ OpenID Connect ...)
@@ -22992,20 +23309,15 @@ CVE-2020-2178
RESERVED
CVE-2020-2177
RESERVED
-CVE-2020-2176
- RESERVED
+CVE-2020-2176 (Multiple form validation endpoints in Jenkins useMango Runner Plugin 1 ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2175
- RESERVED
+CVE-2020-2175 (Jenkins FitNesse Plugin 1.31 and earlier does not correctly escape rep ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2174
- RESERVED
+CVE-2020-2174 (Jenkins AWSEB Deployment Plugin 0.3.19 and earlier does not escape var ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2173
- RESERVED
+CVE-2020-2173 (Jenkins Gatling Plugin 1.2.7 and earlier prevents Content-Security-Pol ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2172
- RESERVED
+CVE-2020-2172 (Jenkins Code Coverage API Plugin 1.1.4 and earlier does not configure ...)
NOT-FOR-US: Jenkins plugin
CVE-2020-2171 (Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML ...)
NOT-FOR-US: Jenkins plugin
@@ -32345,8 +32657,8 @@ CVE-2019-17659
RESERVED
CVE-2019-17658 (An unquoted service path vulnerability in the FortiClient FortiTray co ...)
NOT-FOR-US: Fortiguard
-CVE-2019-17657
- RESERVED
+CVE-2019-17657 (An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSw ...)
+ TODO: check
CVE-2019-17656
RESERVED
CVE-2019-17655
@@ -46208,8 +46520,8 @@ CVE-2019-13561 (D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote atta
NOT-FOR-US: D-Link
CVE-2019-13560 (D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers ...)
NOT-FOR-US: D-Link
-CVE-2019-13559
- RESERVED
+CVE-2019-13559 (GE Mark VIe Controller is shipped with pre-configured hard-coded crede ...)
+ TODO: check
CVE-2019-13558 (In WebAccess versions 8.4.1 and prior, an exploit executed over the ne ...)
NOT-FOR-US: WebAccess
CVE-2019-13557 (In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an ...)
@@ -46218,8 +46530,8 @@ CVE-2019-13556 (In WebAccess versions 8.4.1 and prior, multiple stack-based buff
NOT-FOR-US: WebAccess
CVE-2019-13555 (In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial n ...)
NOT-FOR-US: Mitsubishi
-CVE-2019-13554
- RESERVED
+CVE-2019-13554 (GE Mark VIe Controller has an unsecured Telnet protocol that may allow ...)
+ TODO: check
CVE-2019-13553 (Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb ...)
NOT-FOR-US: Rittal Chiller SK 3232-Series
CVE-2019-13552 (In WebAccess versions 8.4.1 and prior, multiple command injection vuln ...)
@@ -71511,12 +71823,12 @@ CVE-2019-4395 (IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.
NOT-FOR-US: IBM
CVE-2019-4394 (IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 con ...)
NOT-FOR-US: IBM
-CVE-2019-4393
- RESERVED
+CVE-2019-4393 (HCL AppScan Standard is vulnerable to excessive authorization attempts ...)
+ TODO: check
CVE-2019-4392 (HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded cred ...)
NOT-FOR-US: HCL AppScan
-CVE-2019-4391
- RESERVED
+CVE-2019-4391 (HCL AppScan Standard is vulnerable to XML External Entity Injection (X ...)
+ TODO: check
CVE-2019-4390
RESERVED
CVE-2019-4389
@@ -74620,7 +74932,7 @@ CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer overflow
NOTE: https://github.com/python/cpython/commit/ef4306b24c9034d6b37bb034e2ebe82e745d4b77 (3.7)
NOTE: https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc (3.6)
NOTE: Negligible security impact
-CVE-2018-20405 (BigTree 4.3 allows full path disclosure via authenticated admin/news/ ...)
+CVE-2018-20405 (** DISPUTED ** BigTree 4.3 allows full path disclosure via authenticat ...)
NOT-FOR-US: BigTree CMS
CVE-2018-20404 (ETK_E900.sys, a SmartETK driver for VIA Technologies EPIA-E900 system ...)
NOT-FOR-US: ETK_E900.sys (SmartETK driver for VIA Technologies EPIA-E900 system board)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/942c97226591893f5ee7879c4df3c62c567e812f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/942c97226591893f5ee7879c4df3c62c567e812f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200407/07c09e47/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list