[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Apr 9 09:10:35 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b9633bbf by security tracker role at 2020-04-09T08:10:27+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2020-11657
+ RESERVED
+CVE-2020-11656 (In SQLite through 3.31.1, the ALTER TABLE implementation has a use-aft ...)
+ TODO: check
+CVE-2020-11655 (SQLite through 3.31.1 allows attackers to cause a denial of service (s ...)
+ TODO: check
+CVE-2020-11654
+ RESERVED
+CVE-2020-11653 (An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6 ...)
+ TODO: check
+CVE-2020-11652
+ RESERVED
+CVE-2020-11651
+ RESERVED
+CVE-2020-11650 (An issue was discovered in iXsystems FreeNAS 11.2 and 11.3 before 11.3 ...)
+ TODO: check
+CVE-2020-11649
+ RESERVED
+CVE-2020-11648
+ RESERVED
+CVE-2020-11647
+ RESERVED
+CVE-2019-20637 (An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6 ...)
+ TODO: check
CVE-2020-11646
RESERVED
CVE-2020-11645
@@ -6878,12 +6902,12 @@ CVE-2020-8830
RESERVED
CVE-2020-8829
RESERVED
-CVE-2020-8828
- RESERVED
-CVE-2020-8827
- RESERVED
-CVE-2020-8826
- RESERVED
+CVE-2020-8828 (As of v1.5.0, the default admin password is set to the argocd-server p ...)
+ TODO: check
+CVE-2020-8827 (As of v1.5.0, the Argo API does not implement anti-automation measures ...)
+ TODO: check
+CVE-2020-8826 (As of v1.5.0, the Argo web interface authentication system issued immu ...)
+ TODO: check
CVE-2020-8825 (index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows store ...)
NOT-FOR-US: Vanilla Forums
CVE-2020-8824 (Hitron CODA-4582U 7.1.1.30 devices allow XSS via a Managed Device name ...)
@@ -21960,8 +21984,7 @@ CVE-2020-2734
RESERVED
CVE-2020-2733
RESERVED
-CVE-2020-2732 [kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources]
- RESERVED
+CVE-2020-2732 (A flaw was discovered in the way that the KVM hypervisor handled instr ...)
- linux 5.5.13-1
NOTE: https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ec
NOTE: https://git.kernel.org/linus/35a571346a94fb93b5b3b6a599675ef3384bc75c
@@ -24385,8 +24408,8 @@ CVE-2020-1887 (Incorrect validation of the TLS SNI hostname in osquery versions
- osquery <itp> (bug #803502)
CVE-2020-1886
RESERVED
-CVE-2020-1885
- RESERVED
+CVE-2020-1885 (Writing to an unprivileged file from a privileged OVRRedir.exe process ...)
+ TODO: check
CVE-2019-19512
RESERVED
CVE-2019-19511
@@ -27014,21 +27037,17 @@ CVE-2020-1641
RESERVED
CVE-2020-1640
RESERVED
-CVE-2020-1639
- RESERVED
+CVE-2020-1639 (When an attacker sends a specific crafted Ethernet Operation, Administ ...)
NOT-FOR-US: Juniper
-CVE-2020-1638
- RESERVED
+CVE-2020-1638 (The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and J ...)
NOT-FOR-US: Juniper
-CVE-2020-1637
- RESERVED
+CVE-2020-1637 (A vulnerability in Juniper Networks SRX Series device configured as a ...)
NOT-FOR-US: Juniper
CVE-2020-1636
RESERVED
CVE-2020-1635
RESERVED
-CVE-2020-1634
- RESERVED
+CVE-2020-1634 (On High-End SRX Series devices, in specific configurations and when sp ...)
NOT-FOR-US: Juniper
CVE-2020-1633
RESERVED
@@ -27038,59 +27057,41 @@ CVE-2020-1632
NOT-FOR-US: Juniper
CVE-2020-1631
RESERVED
-CVE-2020-1630
- RESERVED
+CVE-2020-1630 (A privilege escalation vulnerability in Juniper Networks Junos OS devi ...)
NOT-FOR-US: Juniper
-CVE-2020-1629
- RESERVED
+CVE-2020-1629 (A race condition vulnerability on Juniper Network Junos OS devices may ...)
NOT-FOR-US: Juniper
-CVE-2020-1628
- RESERVED
+CVE-2020-1628 (Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal com ...)
NOT-FOR-US: Juniper
-CVE-2020-1627
- RESERVED
+CVE-2020-1627 (A vulnerability in Juniper Networks Junos OS on vMX and MX150 devices ...)
NOT-FOR-US: Juniper
-CVE-2020-1626
- RESERVED
+CVE-2020-1626 (A vulnerability in Juniper Networks Junos OS Evolved may allow an atta ...)
NOT-FOR-US: Juniper
-CVE-2020-1625
- RESERVED
+CVE-2020-1625 (The kernel memory usage represented as "temp" via 'show system virtual ...)
NOT-FOR-US: Juniper
-CVE-2020-1624
- RESERVED
+CVE-2020-1624 (A local, authenticated user with shell can obtain the hashed values of ...)
NOT-FOR-US: Juniper
-CVE-2020-1623
- RESERVED
+CVE-2020-1623 (A local, authenticated user with shell can view sensitive configuratio ...)
NOT-FOR-US: Juniper
-CVE-2020-1622
- RESERVED
+CVE-2020-1622 (A local, authenticated user with shell can obtain the hashed values of ...)
NOT-FOR-US: Juniper
-CVE-2020-1621
- RESERVED
+CVE-2020-1621 (A local, authenticated user with shell can obtain the hashed values of ...)
NOT-FOR-US: Juniper
-CVE-2020-1620
- RESERVED
+CVE-2020-1620 (A local, authenticated user with shell can obtain the hashed values of ...)
NOT-FOR-US: Juniper
-CVE-2020-1619
- RESERVED
+CVE-2020-1619 (A privilege escalation vulnerability in Juniper Networks QFX10K Series ...)
NOT-FOR-US: Juniper
-CVE-2020-1618
- RESERVED
+CVE-2020-1618 (On Juniper Networks EX and QFX Series, an authentication bypass vulner ...)
NOT-FOR-US: Juniper
-CVE-2020-1617
- RESERVED
+CVE-2020-1617 (This issue occurs on Juniper Networks Junos OS devices which do not su ...)
NOT-FOR-US: Juniper
-CVE-2020-1616
- RESERVED
+CVE-2020-1616 (Due to insufficient server-side login attempt limit enforcement, a vul ...)
NOT-FOR-US: Juniper
-CVE-2020-1615
- RESERVED
+CVE-2020-1615 (The factory configuration for vMX installations, as shipped, includes ...)
NOT-FOR-US: Juniper
-CVE-2020-1614
- RESERVED
+CVE-2020-1614 (A Use of Hard-coded Credentials vulnerability exists in the NFX250 Ser ...)
NOT-FOR-US: Juniper
-CVE-2020-1613
- RESERVED
+CVE-2020-1613 (A vulnerability in the BGP FlowSpec implementation may cause a Juniper ...)
NOT-FOR-US: Juniper
CVE-2020-1612
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9633bbf36277d9e3f31208c081cc0550b167a2e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9633bbf36277d9e3f31208c081cc0550b167a2e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200409/e03ab372/attachment.html>
More information about the debian-security-tracker-commits
mailing list