[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Fri Apr 10 21:10:29 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2c711f8f by security tracker role at 2020-04-10T20:10:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2020-11693
+	RESERVED
+CVE-2020-11692
+	RESERVED
+CVE-2020-11691
+	RESERVED
+CVE-2020-11690
+	RESERVED
+CVE-2020-11689
+	RESERVED
+CVE-2020-11688
+	RESERVED
+CVE-2020-11687
+	RESERVED
+CVE-2020-11686
+	RESERVED
+CVE-2020-11685
+	RESERVED
+CVE-2015-9547 (An issue was discovered on Samsung mobile devices with JBP(4.3) and KK ...)
+	TODO: check
+CVE-2015-9546 (An issue was discovered on Samsung mobile devices with KK(4.4) and lat ...)
+	TODO: check
 CVE-2020-11684
 	RESERVED
 CVE-2020-11683
@@ -28,8 +50,7 @@ CVE-2020-11671
 	RESERVED
 CVE-2020-11670
 	RESERVED
-CVE-2020-11669 [powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle]
-	RESERVED
+CVE-2020-11669 (An issue was discovered in the Linux kernel before 5.2 on the powerpc  ...)
 	- linux 5.2.6-1
 	NOTE: https://git.kernel.org/linus/53a712bae5dd919521a58d7bad773b949358add0
 CVE-2020-11668 (In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit. ...)
@@ -73,7 +94,7 @@ CVE-2020-11652
 	RESERVED
 CVE-2020-11651
 	RESERVED
-CVE-2020-11650 (An issue was discovered in iXsystems FreeNAS 11.2 and 11.3 before 11.3 ...)
+CVE-2020-11650 (An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before ...)
 	NOT-FOR-US: FreeNAS
 CVE-2020-11649
 	RESERVED
@@ -1731,8 +1752,8 @@ CVE-2020-11004
 	RESERVED
 CVE-2020-11003
 	RESERVED
-CVE-2020-11002
-	RESERVED
+CVE-2020-11002 (dropwizard-validation before versions 2.0.3 and 1.3.21 has a remote co ...)
+	TODO: check
 CVE-2020-11001
 	RESERVED
 CVE-2020-11000 (GreenBrowser before version 1.2 has a vulnerability where apps that re ...)
@@ -6412,8 +6433,8 @@ CVE-2020-9058
 	RESERVED
 CVE-2020-9057
 	RESERVED
-CVE-2020-9056
-	RESERVED
+CVE-2020-9056 (Periscope BuySpeed version 14.5 is vulnerable to stored cross-site scr ...)
+	TODO: check
 CVE-2020-9055 (Versiant LYNX Customer Service Portal (CSP), version 3.5.2, is vulnera ...)
 	NOT-FOR-US: Versiant LYNX Customer Service Portal
 CVE-2020-9054 (Multiple ZyXEL network-attached storage (NAS) devices running firmware ...)
@@ -11825,8 +11846,8 @@ CVE-2020-6767 (A path traversal vulnerability in the Bosch Video Management Syst
 	NOT-FOR-US: Bosch
 CVE-2020-6766
 	RESERVED
-CVE-2020-6765
-	RESERVED
+CVE-2020-6765 (D-Link DSL-GS225 J1 AU_1.0.4 devices allow an admin to execute OS comm ...)
+	TODO: check
 CVE-2020-6764
 	REJECTED
 CVE-2020-6763
@@ -14879,8 +14900,8 @@ CVE-2020-5408
 	RESERVED
 CVE-2020-5407
 	RESERVED
-CVE-2020-5406
-	RESERVED
+CVE-2020-5406 (VMware Tanzu Application Service for VMs, 2.6.x versions prior to 2.6. ...)
+	TODO: check
 CVE-2020-5405 (Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x pri ...)
 	NOT-FOR-US: Spring Cloud Config
 CVE-2020-5404 (The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and  ...)
@@ -15055,8 +15076,8 @@ CVE-2020-5332
 	RESERVED
 CVE-2020-5331
 	RESERVED
-CVE-2020-5330
-	RESERVED
+CVE-2020-5330 (Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell ...)
+	TODO: check
 CVE-2020-5329
 	RESERVED
 CVE-2020-5328 (Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized  ...)
@@ -15129,8 +15150,8 @@ CVE-2020-5305 (Codoforum 4.8.3 allows XSS in the admin dashboard via a name fiel
 	NOT-FOR-US: Codoforum
 CVE-2020-5304
 	RESERVED
-CVE-2020-5303
-	RESERVED
+CVE-2020-5303 (Tendermint before versions 0.33.3, 0.32.10, and 0.31.12 has a denial-o ...)
+	TODO: check
 CVE-2020-5302 (MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a b ...)
 	NOT-FOR-US: MH-WikiBot
 CVE-2020-5301
@@ -17564,8 +17585,8 @@ CVE-2020-4364
 	RESERVED
 CVE-2020-4363
 	RESERVED
-CVE-2020-4362
-	RESERVED
+CVE-2020-4362 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is ...)
+	TODO: check
 CVE-2020-4361
 	RESERVED
 CVE-2020-4360
@@ -18384,8 +18405,8 @@ CVE-2020-3954
 	RESERVED
 CVE-2020-3953
 	RESERVED
-CVE-2020-3952
-	RESERVED
+CVE-2020-3952 (Under certain conditions, vmdir that ships with VMware vCenter Server, ...)
+	TODO: check
 CVE-2020-3951 (VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows ...)
 	NOT-FOR-US: VMware
 CVE-2020-3950 (VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11. ...)
@@ -24775,10 +24796,10 @@ CVE-2020-1804
 	RESERVED
 CVE-2020-1803
 	RESERVED
-CVE-2020-1802
-	RESERVED
-CVE-2020-1801
-	RESERVED
+CVE-2020-1802 (There is an insufficient integrity validation vulnerability in several ...)
+	TODO: check
+CVE-2020-1801 (There is an improper authentication vulnerability in several smartphon ...)
+	TODO: check
 CVE-2020-1800 (HUAWEI smartphones P30 with versions earlier than 10.0.0.185(C00E85R1P ...)
 	NOT-FOR-US: Huawei
 CVE-2020-1799
@@ -219995,8 +220016,8 @@ CVE-2015-8548 (Multiple unspecified vulnerabilities in Google V8 before 4.7.80.2
 	- chromium-browser 47.0.2526.80-1
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 	[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
-CVE-2015-8546
-	RESERVED
+CVE-2015-8546 (An issue was discovered on Samsung mobile devices with software throug ...)
+	TODO: check
 CVE-2015-8545
 	RESERVED
 CVE-2015-8544 (NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1 ...)
@@ -230105,8 +230126,8 @@ CVE-2015-5526
 	RESERVED
 CVE-2015-5525
 	RESERVED
-CVE-2015-5524
-	RESERVED
+CVE-2015-5524 (An issue was discovered on Samsung mobile devices with KK(4.4) and lat ...)
+	TODO: check
 CVE-2015-5531 (Directory traversal vulnerability in Elasticsearch before 1.6.1 allows ...)
 	- elasticsearch 1.6.1+dfsg-1 (bug #792617)
 	[jessie] - elasticsearch <end-of-life> (No longer supported, see DSA 3389)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c711f8f19ec6ec101dfa4c8eefdf8be963aa102

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c711f8f19ec6ec101dfa4c8eefdf8be963aa102
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200410/aa6a377d/attachment.html>


More information about the debian-security-tracker-commits mailing list