[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Wed Apr 8 09:10:28 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e9b02415 by security tracker role at 2020-04-08T08:10:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2020-11636
+	RESERVED
+CVE-2020-11635
+	RESERVED
+CVE-2020-11634
+	RESERVED
+CVE-2020-11633
+	RESERVED
+CVE-2020-11632
+	RESERVED
+CVE-2020-11631 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
+	TODO: check
+CVE-2020-11630 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
+	TODO: check
+CVE-2020-11629 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
+	TODO: check
+CVE-2020-11628 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
+	TODO: check
+CVE-2020-11627 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
+	TODO: check
+CVE-2020-11626 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
+	TODO: check
+CVE-2020-11625
+	RESERVED
+CVE-2020-11624
+	RESERVED
+CVE-2020-11623
+	RESERVED
+CVE-2020-11622
+	RESERVED
+CVE-2020-11621
+	RESERVED
+CVE-2020-11620 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
+	TODO: check
+CVE-2020-11619 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
+	TODO: check
+CVE-2020-11618
+	RESERVED
+CVE-2020-11617
+	RESERVED
 CVE-2020-11616
 	RESERVED
 CVE-2020-11615
@@ -288,7 +328,6 @@ CVE-2016-11038 (An issue was discovered on Samsung mobile devices with software
 	NOT-FOR-US: Samsung mobile devices
 CVE-2016-11037
 	REJECTED
-	TODO: check
 CVE-2016-11036 (An issue was discovered on Samsung mobile devices with M(6.0) software ...)
 	NOT-FOR-US: Samsung mobile devices
 CVE-2016-11035 (An issue was discovered on Samsung mobile devices with software throug ...)
@@ -436,8 +475,8 @@ CVE-2020-11545 (Project Worlds Official Car Rental System 1 is vulnerable to mul
 	NOT-FOR-US: Project Worlds Official Car Rental System 1
 CVE-2020-11544 (An issue was discovered in Project Worlds Official Car Rental System 1 ...)
 	NOT-FOR-US: Project Worlds Official Car Rental System 1
-CVE-2020-11543
-	RESERVED
+CVE-2020-11543 (OpsRamp Gateway 3.0.0 has a backdoor account vadmin with the password  ...)
+	TODO: check
 CVE-2020-11542 (3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authenticat ...)
 	NOT-FOR-US: 3xLOGIC Infinias eIDC32 2.213 devices
 CVE-2020-11541
@@ -2694,8 +2733,8 @@ CVE-2020-10635
 	RESERVED
 CVE-2020-10634
 	RESERVED
-CVE-2020-10633
-	RESERVED
+CVE-2020-10633 (A non-persistent XSS (cross-site scripting) vulnerability exists in eW ...)
+	TODO: check
 CVE-2020-10632
 	RESERVED
 CVE-2020-10631
@@ -3261,8 +3300,8 @@ CVE-2020-10368
 	RESERVED
 CVE-2020-10367
 	RESERVED
-CVE-2020-10366
-	RESERVED
+CVE-2020-10366 (LogicalDoc before 8.3.3 allows /servlet.gupld Directory Traversal, a d ...)
+	TODO: check
 CVE-2020-10365 (LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the ...)
 	NOT-FOR-US: LogicalDoc
 CVE-2020-10364 (The SSH daemon on MikroTik routers through v6.44.3 could allow remote  ...)
@@ -12313,14 +12352,17 @@ CVE-2020-6453
 	RESERVED
 CVE-2020-6452
 	RESERVED
+	{DSA-4654-1}
 	- chromium 80.0.3987.162-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6451
 	RESERVED
+	{DSA-4654-1}
 	- chromium 80.0.3987.162-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6450
 	RESERVED
+	{DSA-4654-1}
 	- chromium 80.0.3987.162-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6449 (Use after free in audio in Google Chrome prior to 80.0.3987.149 allowe ...)
@@ -38062,8 +38104,8 @@ CVE-2019-15791
 CVE-2019-15790
 	RESERVED
 	NOT-FOR-US: Apport
-CVE-2019-15789
-	RESERVED
+CVE-2019-15789 (Privilege escalation vulnerability in MicroK8s allows a low privilege  ...)
+	TODO: check
 CVE-2019-15807 (In the Linux kernel before 5.1.13, there is a memory leak in drivers/s ...)
 	{DLA-1930-1 DLA-1919-1}
 	- linux 5.2.6-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9b02415224c59c3511f4fbc4eeb57f0538722f2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9b02415224c59c3511f4fbc4eeb57f0538722f2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200408/70b33844/attachment.html>

More information about the debian-security-tracker-commits mailing list