[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Apr 15 21:10:43 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fa859f34 by security tracker role at 2020-04-15T20:10:35+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,329 @@
+CVE-2020-11800
+ RESERVED
+CVE-2020-11799 (Z-Cron 5.6 Build 04 allows an unprivileged attacker to elevate privile ...)
+ TODO: check
+CVE-2020-11798
+ RESERVED
+CVE-2020-11797
+ RESERVED
+CVE-2020-11796
+ RESERVED
+CVE-2020-11795
+ RESERVED
+CVE-2020-11794
+ RESERVED
+CVE-2020-11793
+ RESERVED
+CVE-2020-11792 (NETGEAR R8900, R9000, RAX120, and XR700 devices before 2020-01-20 are ...)
+ TODO: check
+CVE-2020-11791 (NETGEAR JGS516PE devices before 2.6.0.43 are affected by reflected XSS ...)
+ TODO: check
+CVE-2020-11790 (NETGEAR R7800 devices before 1.0.2.68 are affected by remote code exec ...)
+ TODO: check
+CVE-2020-11789 (Certain NETGEAR devices are affected by command injection by an unauth ...)
+ TODO: check
+CVE-2020-11788 (Certain NETGEAR devices are affected by authentication bypass. This af ...)
+ TODO: check
+CVE-2020-11787 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11786 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11785 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11784 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11783 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11782 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11781 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11780 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11779 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11778 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11777 (Certain NETGEAR devices are affected by Stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11776 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11775 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11774 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11773 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11772 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11771 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11770 (Certain NETGEAR devices are affected by command injection by an authen ...)
+ TODO: check
+CVE-2020-11769 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2020-11768 (Certain NETGEAR devices are affected by Stored XSS. This affects D7800 ...)
+ TODO: check
+CVE-2019-20767 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2019-20766
+ RESERVED
+CVE-2019-20765
+ RESERVED
+CVE-2019-20764
+ RESERVED
+CVE-2019-20763
+ RESERVED
+CVE-2019-20762
+ RESERVED
+CVE-2019-20761
+ RESERVED
+CVE-2019-20760
+ RESERVED
+CVE-2019-20759
+ RESERVED
+CVE-2019-20758
+ RESERVED
+CVE-2019-20757
+ RESERVED
+CVE-2019-20756
+ RESERVED
+CVE-2019-20755
+ RESERVED
+CVE-2019-20754
+ RESERVED
+CVE-2019-20753
+ RESERVED
+CVE-2019-20752
+ RESERVED
+CVE-2019-20751
+ RESERVED
+CVE-2019-20750
+ RESERVED
+CVE-2019-20749
+ RESERVED
+CVE-2019-20748
+ RESERVED
+CVE-2019-20747
+ RESERVED
+CVE-2019-20746
+ RESERVED
+CVE-2019-20745
+ RESERVED
+CVE-2019-20744
+ RESERVED
+CVE-2019-20743
+ RESERVED
+CVE-2019-20742
+ RESERVED
+CVE-2019-20741
+ RESERVED
+CVE-2019-20740
+ RESERVED
+CVE-2019-20739
+ RESERVED
+CVE-2019-20738
+ RESERVED
+CVE-2019-20737
+ RESERVED
+CVE-2019-20736
+ RESERVED
+CVE-2019-20735
+ RESERVED
+CVE-2019-20734
+ RESERVED
+CVE-2019-20733
+ RESERVED
+CVE-2019-20732
+ RESERVED
+CVE-2019-20731
+ RESERVED
+CVE-2019-20730
+ RESERVED
+CVE-2019-20729
+ RESERVED
+CVE-2019-20728
+ RESERVED
+CVE-2019-20727
+ RESERVED
+CVE-2019-20726
+ RESERVED
+CVE-2019-20725
+ RESERVED
+CVE-2019-20724
+ RESERVED
+CVE-2019-20723
+ RESERVED
+CVE-2019-20722
+ RESERVED
+CVE-2019-20721
+ RESERVED
+CVE-2019-20720
+ RESERVED
+CVE-2019-20719
+ RESERVED
+CVE-2019-20718
+ RESERVED
+CVE-2019-20717
+ RESERVED
+CVE-2019-20716
+ RESERVED
+CVE-2019-20715
+ RESERVED
+CVE-2019-20714
+ RESERVED
+CVE-2019-20713
+ RESERVED
+CVE-2019-20712
+ RESERVED
+CVE-2019-20711
+ RESERVED
+CVE-2019-20710
+ RESERVED
+CVE-2019-20709
+ RESERVED
+CVE-2019-20708
+ RESERVED
+CVE-2019-20707
+ RESERVED
+CVE-2019-20706
+ RESERVED
+CVE-2019-20705
+ RESERVED
+CVE-2019-20704
+ RESERVED
+CVE-2019-20703
+ RESERVED
+CVE-2019-20702
+ RESERVED
+CVE-2019-20701
+ RESERVED
+CVE-2019-20700
+ RESERVED
+CVE-2019-20699
+ RESERVED
+CVE-2019-20698
+ RESERVED
+CVE-2019-20697
+ RESERVED
+CVE-2019-20696
+ RESERVED
+CVE-2019-20695
+ RESERVED
+CVE-2019-20694
+ RESERVED
+CVE-2019-20693
+ RESERVED
+CVE-2019-20692
+ RESERVED
+CVE-2019-20691
+ RESERVED
+CVE-2019-20690
+ RESERVED
+CVE-2019-20689
+ RESERVED
+CVE-2019-20688
+ RESERVED
+CVE-2019-20687
+ RESERVED
+CVE-2019-20686
+ RESERVED
+CVE-2019-20685
+ RESERVED
+CVE-2019-20684
+ RESERVED
+CVE-2019-20683
+ RESERVED
+CVE-2019-20682
+ RESERVED
+CVE-2019-20681
+ RESERVED
+CVE-2019-20680
+ RESERVED
+CVE-2019-20679
+ RESERVED
+CVE-2019-20678
+ RESERVED
+CVE-2019-20677
+ RESERVED
+CVE-2019-20676
+ RESERVED
+CVE-2019-20675
+ RESERVED
+CVE-2019-20674
+ RESERVED
+CVE-2019-20673
+ RESERVED
+CVE-2019-20672
+ RESERVED
+CVE-2019-20671
+ RESERVED
+CVE-2019-20670 (Certain NETGEAR devices are affected by stored XSS. This affects RBR50 ...)
+ TODO: check
+CVE-2019-20669 (Certain NETGEAR devices are affected by stored XSS. This affects RBR20 ...)
+ TODO: check
+CVE-2019-20668 (Certain NETGEAR devices are affected by stored XSS. This affects RBR20 ...)
+ TODO: check
+CVE-2019-20667 (Certain NETGEAR devices are affected by stored XSS. This affects RBR20 ...)
+ TODO: check
+CVE-2019-20666 (Certain NETGEAR devices are affected by stored XSS. This affects RBR50 ...)
+ TODO: check
+CVE-2019-20665 (Certain NETGEAR devices are affected by stored XSS. This affects RBR20 ...)
+ TODO: check
+CVE-2019-20664 (Certain NETGEAR devices are affected by stored XSS. This affects RBR20 ...)
+ TODO: check
+CVE-2019-20663 (Certain NETGEAR devices are affected by stored XSS. This affects RBR50 ...)
+ TODO: check
+CVE-2019-20662 (Certain NETGEAR devices are affected by stored XSS. This affects RBR50 ...)
+ TODO: check
+CVE-2019-20661 (Certain NETGEAR devices are affected by stored XSS. This affects RBR50 ...)
+ TODO: check
+CVE-2019-20660 (Certain NETGEAR devices are affected by stored XSS. This affects RBR20 ...)
+ TODO: check
+CVE-2019-20659 (Certain NETGEAR devices are affected by command injection by an authen ...)
+ TODO: check
+CVE-2019-20658 (Certain NETGEAR devices are affected by disclosure of sensitive inform ...)
+ TODO: check
+CVE-2019-20657 (Certain NETGEAR devices are affected by a buffer overflow by an authen ...)
+ TODO: check
+CVE-2019-20656 (Certain NETGEAR devices are affected by a a hardcoded password. This a ...)
+ TODO: check
+CVE-2019-20655 (Certain NETGEAR devices are affected by command injection by an authen ...)
+ TODO: check
+CVE-2019-20654 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
+ TODO: check
+CVE-2019-20653 (Certain NETGEAR devices are affected by denial of service. This affect ...)
+ TODO: check
+CVE-2019-20652 (NETGEAR WAC505 devices before 8.2.1.16 are affected by disclosure of s ...)
+ TODO: check
+CVE-2019-20651 (Certain NETGEAR devices are affected by command injection by an authen ...)
+ TODO: check
+CVE-2019-20650 (Certain NETGEAR devices are affected by denial of service. This affect ...)
+ TODO: check
+CVE-2019-20649 (NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure o ...)
+ TODO: check
+CVE-2019-20648 (NETGEAR RN42400 devices before 6.10.2 are affected by incorrect config ...)
+ TODO: check
+CVE-2019-20647 (NETGEAR RAX40 devices before 1.0.3.64 are affected by denial of servic ...)
+ TODO: check
+CVE-2019-20646 (NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of ad ...)
+ TODO: check
+CVE-2019-20645 (NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS. ...)
+ TODO: check
+CVE-2019-20644 (NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS. ...)
+ TODO: check
+CVE-2019-20643 (NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of se ...)
+ TODO: check
+CVE-2019-20642 (NETGEAR RAX40 devices before 1.0.3.64 are affected by authentication b ...)
+ TODO: check
+CVE-2019-20641 (NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access c ...)
+ TODO: check
+CVE-2019-20640 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2019-20639 (Certain NETGEAR devices are affected by stored XSS. This affects RBR50 ...)
+ TODO: check
+CVE-2019-20638 (NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure o ...)
+ TODO: check
CVE-2020-11767 (Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue. I ...)
TODO: check
CVE-2020-11766
@@ -39,7 +365,7 @@ CVE-2020-11749
CVE-2020-11748
RESERVED
CVE-2020-11747
- RESERVED
+ REJECTED
CVE-2020-11746
RESERVED
CVE-2020-11745
@@ -85,13 +411,11 @@ CVE-2020-11731 (The Media Library Assistant plugin before 2.82 for Wordpress suf
NOT-FOR-US: Media Library Assistant plugin for WordPress
CVE-2020-11730
RESERVED
-CVE-2020-11729
- RESERVED
+CVE-2020-11729 (An issue was discovered in DAViCal Andrew's Web Libraries (AWL) throug ...)
- awl 0.61-1 (bug #956650)
NOTE: https://gitlab.com/davical-project/awl/-/issues/18
NOTE: https://gitlab.com/davical-project/awl/-/commit/535505c9acd0dda9cf664c38f5f8cb8dd61dc0cd
-CVE-2020-11728
- RESERVED
+CVE-2020-11728 (An issue was discovered in DAViCal Andrew's Web Libraries (AWL) throug ...)
- awl 0.61-1 (bug #956650)
NOTE: https://gitlab.com/davical-project/awl/-/issues/19
NOTE: https://gitlab.com/davical-project/awl/-/commit/c2e808cc2420f8d870ac0a4aa9cc1f2c90562428
@@ -233,12 +557,12 @@ CVE-2020-11668 (In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlin
NOTE: https://git.kernel.org/linus/a246b4d547708f33ff4d4b9a7a5dbac741dc89d8
CVE-2020-11667
RESERVED
-CVE-2020-11666
- RESERVED
-CVE-2020-11665
- RESERVED
-CVE-2020-11664
- RESERVED
+CVE-2020-11666 (CA API Developer Portal 4.3.1 and earlier contains an access control f ...)
+ TODO: check
+CVE-2020-11665 (CA API Developer Portal 4.3.1 and earlier handles loginRedirect page r ...)
+ TODO: check
+CVE-2020-11664 (CA API Developer Portal 4.3.1 and earlier handles homeRedirect page re ...)
+ TODO: check
CVE-2020-11663
RESERVED
CVE-2020-11662
@@ -761,7 +1085,7 @@ CVE-2020-11567
RESERVED
CVE-2020-11566
RESERVED
-CVE-2020-11565 (An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_ ...)
+CVE-2020-11565 (** DISPUTED ** An issue was discovered in the Linux kernel through 5.6 ...)
- linux 5.5.17-1
NOTE: https://git.kernel.org/linus/aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd
CVE-2020-11564
@@ -821,14 +1145,14 @@ CVE-2020-11539
RESERVED
CVE-2020-11538
RESERVED
-CVE-2020-11537
- RESERVED
-CVE-2020-11536
- RESERVED
-CVE-2020-11535
- RESERVED
-CVE-2020-11534
- RESERVED
+CVE-2020-11537 (A SQL Injection issue was discovered in ONLYOFFICE Document Server 5.5 ...)
+ TODO: check
+CVE-2020-11536 (An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attack ...)
+ TODO: check
+CVE-2020-11535 (An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attack ...)
+ TODO: check
+CVE-2020-11534 (An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attack ...)
+ TODO: check
CVE-2020-11533 (Ivanti Workspace Control before 10.4.30.0, when SCCM integration is en ...)
NOT-FOR-US: Ivanti Workspace Control
CVE-2020-11532
@@ -2131,8 +2455,8 @@ CVE-2020-10934 (Acyba AcyMailing before 6.9.2 mishandles file uploads by admins.
NOT-FOR-US: Acyba AcyMailing
CVE-2020-10933
RESERVED
-CVE-2020-10932
- RESERVED
+CVE-2020-10932 (An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before ...)
+ TODO: check
CVE-2020-10930
RESERVED
CVE-2020-10929
@@ -2884,8 +3208,7 @@ CVE-2020-10701 [guest agent timeout can be set under read-only mode leading to D
NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=4cc90c2e62df653e909ad31fd810224bf8bcf913 (v6.2.0-rc1)
CVE-2020-10700
RESERVED
-CVE-2020-10699
- RESERVED
+CVE-2020-10699 (A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 ...)
- targetcli-fb <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/open-iscsi/targetcli-fb/issues/162
NOTE: Introduced in: https://github.com/open-iscsi/targetcli-fb/commit/ad37f94ae72d0e3d5963ce182e2897c84af9c039 (v2.1.50)
@@ -3085,12 +3408,12 @@ CVE-2020-10641
RESERVED
CVE-2020-10640
RESERVED
-CVE-2020-10639
- RESERVED
+CVE-2020-10639 (Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and p ...)
+ TODO: check
CVE-2020-10638
RESERVED
-CVE-2020-10637
- RESERVED
+CVE-2020-10637 (Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and p ...)
+ TODO: check
CVE-2020-10636
RESERVED
CVE-2020-10635
@@ -3133,16 +3456,16 @@ CVE-2020-10617 (There are multiple ways an unauthenticated attacker could perfor
NOT-FOR-US: WebAccess/NMS
CVE-2020-10616
RESERVED
-CVE-2020-10615
- RESERVED
+CVE-2020-10615 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
+ TODO: check
CVE-2020-10614
RESERVED
-CVE-2020-10613
- RESERVED
+CVE-2020-10613 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
+ TODO: check
CVE-2020-10612
RESERVED
-CVE-2020-10611
- RESERVED
+CVE-2020-10611 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
+ TODO: check
CVE-2020-10610
RESERVED
CVE-2020-10609
@@ -6902,8 +7225,8 @@ CVE-2020-8950 (The AUEPLauncher service in Radeon AMD User Experience Program La
NOT-FOR-US: Radeon AMD User Experience Program Launcher
CVE-2020-8949 (Gocloud S2A_WL 4.2.7.16471, S2A 4.2.7.17278, S2A 4.3.0.15815, S2A 4.3. ...)
NOT-FOR-US: Gocloud devices
-CVE-2020-8948
- RESERVED
+CVE-2020-8948 (The Sierra Wireless Windows Mobile Broadband Driver Packages (MBDP) be ...)
+ TODO: check
CVE-2020-8947 (functions_netflow.php in Artica Pandora FMS 7.0 allows remote attacker ...)
NOT-FOR-US: Pandora FMS
CVE-2020-8946 (Netis WF2471 v1.2.30142 devices allow an authenticated attacker to exe ...)
@@ -10700,18 +11023,18 @@ CVE-2020-7280
RESERVED
CVE-2020-7279
RESERVED
-CVE-2020-7278
- RESERVED
-CVE-2020-7277
- RESERVED
-CVE-2020-7276
- RESERVED
-CVE-2020-7275
- RESERVED
-CVE-2020-7274
- RESERVED
-CVE-2020-7273
- RESERVED
+CVE-2020-7278 (Exploiting incorrectly configured access control security levels vulne ...)
+ TODO: check
+CVE-2020-7277 (Protection mechanism failure in all processes in McAfee Endpoint Secur ...)
+ TODO: check
+CVE-2020-7276 (Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoi ...)
+ TODO: check
+CVE-2020-7275 (Accessing, modifying or executing executable files vulnerability in th ...)
+ TODO: check
+CVE-2020-7274 (Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Se ...)
+ TODO: check
+CVE-2020-7273 (Accessing functionality not properly constrained by ACLs vulnerability ...)
+ TODO: check
CVE-2020-7272
RESERVED
CVE-2020-7271
@@ -10734,20 +11057,20 @@ CVE-2020-7263 (Improper access control vulnerability in ESConfigTool.exe in ENS
NOT-FOR-US: ENS for Windows
CVE-2020-7262
RESERVED
-CVE-2020-7261
- RESERVED
+CVE-2020-7261 (Buffer Overflow via Environment Variables vulnerability in AMSI compon ...)
+ TODO: check
CVE-2020-7260 (DLL Side Loading vulnerability in the installer for McAfee Application ...)
NOT-FOR-US: McAfee
-CVE-2020-7259
- RESERVED
+CVE-2020-7259 (Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoi ...)
+ TODO: check
CVE-2020-7258 (Cross site scripting vulnerability in McAfee Network Security Manageme ...)
NOT-FOR-US: McAfee
-CVE-2020-7257
- RESERVED
+CVE-2020-7257 (Privilege escalation vulnerability in McAfee Endpoint Security (ENS) f ...)
+ TODO: check
CVE-2020-7256 (Cross site scripting vulnerability in McAfee Network Security Manageme ...)
NOT-FOR-US: McAfee
-CVE-2020-7255
- RESERVED
+CVE-2020-7255 (Privilege escalation vulnerability in the administrative user interfac ...)
+ TODO: check
CVE-2020-7254 (Privilege Escalation vulnerability in the command line interface in Mc ...)
NOT-FOR-US: McAfee
CVE-2020-7253 (Improper access control vulnerability in masvc.exe in McAfee Agent (MA ...)
@@ -10756,8 +11079,8 @@ CVE-2020-7252 (Unquoted service executable path in DXL Broker in McAfee Data eXc
NOT-FOR-US: McAfee
CVE-2020-7251 (Improper access control vulnerability in Configuration Tool in McAfee ...)
NOT-FOR-US: McAfee
-CVE-2020-7250
- RESERVED
+CVE-2020-7250 (Symbolic link manipulation vulnerability in McAfee Endpoint Security ( ...)
+ TODO: check
CVE-2020-7249 (SMC D3G0804W 3.5.2.5-LAT_GA devices allow XSS via the SSID field on th ...)
NOT-FOR-US: SMC D3G0804W devices
CVE-2020-7248 (libubox in OpenWrt before 18.06.7 and 19.x before 19.07.1 has a tagged ...)
@@ -11428,16 +11751,16 @@ CVE-2020-6998
RESERVED
CVE-2020-6997 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive inf ...)
NOT-FOR-US: Moxa
-CVE-2020-6996
- RESERVED
+CVE-2020-6996 (Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Prot ...)
+ TODO: check
CVE-2020-6995 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 ser ...)
NOT-FOR-US: Moxa
CVE-2020-6994 (A buffer overflow vulnerability was found in some devices of Hirschman ...)
NOT-FOR-US: Hirschmann Automation and Control HiOS and HiSecOS
CVE-2020-6993 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 ser ...)
NOT-FOR-US: Moxa
-CVE-2020-6992
- RESERVED
+CVE-2020-6992 (A local privilege escalation vulnerability has been identified in the ...)
+ TODO: check
CVE-2020-6991 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password ...)
NOT-FOR-US: Moxa
CVE-2020-6990 (Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and p ...)
@@ -15209,16 +15532,16 @@ CVE-2020-5352
RESERVED
CVE-2020-5351
RESERVED
-CVE-2020-5350
- RESERVED
+CVE-2020-5350 (Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, ...)
+ TODO: check
CVE-2020-5349
RESERVED
CVE-2020-5348 (Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a ...)
NOT-FOR-US: Dell
CVE-2020-5347 (Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of s ...)
NOT-FOR-US: Dell EMC Isilon OneFS
-CVE-2020-5346
- RESERVED
+CVE-2020-5346 (RSA Authentication Manager versions prior to 8.4 P11 contain a stored ...)
+ TODO: check
CVE-2020-5345
RESERVED
CVE-2020-5344 (Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70. ...)
@@ -15430,7 +15753,7 @@ CVE-2020-5262 (In EasyBuild before version 4.1.2, the GitHub Personal Access Tok
CVE-2020-5261 (Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Sa ...)
NOT-FOR-US: ASP.NET
CVE-2020-5260 (Affected versions of Git have a vulnerability whereby Git can be trick ...)
- {DSA-4657-1}
+ {DSA-4657-1 DLA-2177-1}
- git 1:2.26.1-1
NOTE: https://lore.kernel.org/lkml/xmqqy2qy7xn8.fsf@gitster.c.googlers.com/
NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b
@@ -17902,8 +18225,8 @@ CVE-2020-4296
RESERVED
CVE-2020-4295
RESERVED
-CVE-2020-4294
- RESERVED
+CVE-2020-4294 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to Server Side Request ...)
+ TODO: check
CVE-2020-4293
RESERVED
CVE-2020-4292 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and ...)
@@ -17942,20 +18265,20 @@ CVE-2020-4276 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 tradition
NOT-FOR-US: IBM
CVE-2020-4275
RESERVED
-CVE-2020-4274
- RESERVED
+CVE-2020-4274 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to ...)
+ TODO: check
CVE-2020-4273 (IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attack ...)
NOT-FOR-US: IBM
-CVE-2020-4272
- RESERVED
-CVE-2020-4271
- RESERVED
-CVE-2020-4270
- RESERVED
-CVE-2020-4269
- RESERVED
-CVE-2020-4268
- RESERVED
+CVE-2020-4272 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to inc ...)
+ TODO: check
+CVE-2020-4271 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to ...)
+ TODO: check
+CVE-2020-4270 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain esc ...)
+ TODO: check
+CVE-2020-4269 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, suc ...)
+ TODO: check
+CVE-2020-4268 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to cross-site scriptin ...)
+ TODO: check
CVE-2020-4267
RESERVED
CVE-2020-4266
@@ -18582,10 +18905,10 @@ CVE-2020-3956
RESERVED
CVE-2020-3955
RESERVED
-CVE-2020-3954
- RESERVED
-CVE-2020-3953
- RESERVED
+CVE-2020-3954 (Open Redirect vulnerability exists in VMware vRealize Log Insight prio ...)
+ TODO: check
+CVE-2020-3953 (Cross Site Scripting (XSS) vulnerability exists in VMware vRealize Log ...)
+ TODO: check
CVE-2020-3952 (Under certain conditions, vmdir that ships with VMware vCenter Server, ...)
NOT-FOR-US: VMware
CVE-2020-3951 (VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows ...)
@@ -21810,125 +22133,111 @@ CVE-2020-2966
RESERVED
CVE-2020-2965
RESERVED
-CVE-2020-2964
- RESERVED
-CVE-2020-2963
- RESERVED
+CVE-2020-2964 (Vulnerability in the Oracle Financial Services Data Foundation product ...)
+ TODO: check
+CVE-2020-2963 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
CVE-2020-2962
RESERVED
-CVE-2020-2961
- RESERVED
+CVE-2020-2961 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
CVE-2020-2960
RESERVED
-CVE-2020-2959
- RESERVED
+CVE-2020-2959 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2958
- RESERVED
+CVE-2020-2958 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2957
RESERVED
-CVE-2020-2956
- RESERVED
-CVE-2020-2955
- RESERVED
-CVE-2020-2954
- RESERVED
-CVE-2020-2953
- RESERVED
-CVE-2020-2952
- RESERVED
-CVE-2020-2951
- RESERVED
+CVE-2020-2956 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
+ TODO: check
+CVE-2020-2955 (Vulnerability in the Oracle FLEXCUBE Core Banking product of Oracle Fi ...)
+ TODO: check
+CVE-2020-2954 (Vulnerability in the PeopleSoft Enterprise HRMS product of Oracle Peop ...)
+ TODO: check
+CVE-2020-2953 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
+ TODO: check
+CVE-2020-2952 (Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middl ...)
+ TODO: check
+CVE-2020-2951 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2950
- RESERVED
-CVE-2020-2949
- RESERVED
+CVE-2020-2950 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2020-2949 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
+ TODO: check
CVE-2020-2948
RESERVED
-CVE-2020-2947
- RESERVED
-CVE-2020-2946
- RESERVED
-CVE-2020-2945
- RESERVED
-CVE-2020-2944
- RESERVED
-CVE-2020-2943
- RESERVED
-CVE-2020-2942
- RESERVED
-CVE-2020-2941
- RESERVED
-CVE-2020-2940
- RESERVED
-CVE-2020-2939
- RESERVED
-CVE-2020-2938
- RESERVED
-CVE-2020-2937
- RESERVED
-CVE-2020-2936
- RESERVED
-CVE-2020-2935
- RESERVED
-CVE-2020-2934
- RESERVED
+CVE-2020-2947 (Vulnerability in the PeopleSoft Enterprise HCM Absence Management prod ...)
+ TODO: check
+CVE-2020-2946 (Vulnerability in the Application Performance Management product of Ora ...)
+ TODO: check
+CVE-2020-2945 (Vulnerability in the Oracle Financial Services Deposit Insurance Calcu ...)
+ TODO: check
+CVE-2020-2944 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2943 (Vulnerability in the Oracle Financial Services Liquidity Risk Measurem ...)
+ TODO: check
+CVE-2020-2942 (Vulnerability in the Oracle Financial Services Price Creation and Disc ...)
+ TODO: check
+CVE-2020-2941 (Vulnerability in the Oracle Financial Services Funds Transfer Pricing ...)
+ TODO: check
+CVE-2020-2940 (Vulnerability in the Oracle Financial Services Profitability Managemen ...)
+ TODO: check
+CVE-2020-2939 (Vulnerability in the Oracle Financial Services Asset Liability Managem ...)
+ TODO: check
+CVE-2020-2938 (Vulnerability in the Oracle Financial Services Loan Loss Forecasting a ...)
+ TODO: check
+CVE-2020-2937 (Vulnerability in the Oracle Insurance Accounting Analyzer product of O ...)
+ TODO: check
+CVE-2020-2936 (Vulnerability in the Oracle Financial Services Balance Sheet Planning ...)
+ TODO: check
+CVE-2020-2935 (Vulnerability in the Oracle Financial Services Hedge Management and IF ...)
+ TODO: check
+CVE-2020-2934 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...)
- mysql-connector-java <removed>
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2933
- RESERVED
+CVE-2020-2933 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...)
- mysql-connector-java <removed>
[stretch] - mysql-connector-java <ignored> (Oracle doesn't disclose details, but CVSS score is marginal, so seems fine to ignore for Stretch)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2932
- RESERVED
-CVE-2020-2931
- RESERVED
-CVE-2020-2930
- RESERVED
+CVE-2020-2932 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
+ TODO: check
+CVE-2020-2931 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
+ TODO: check
+CVE-2020-2930 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2929
- RESERVED
+CVE-2020-2929 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2928
- RESERVED
+CVE-2020-2928 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2927
- RESERVED
-CVE-2020-2926
- RESERVED
+CVE-2020-2927 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2926 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2925
- RESERVED
+CVE-2020-2925 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2924
- RESERVED
+CVE-2020-2924 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2923
- RESERVED
+CVE-2020-2923 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2922
- RESERVED
+CVE-2020-2922 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2921
- RESERVED
+CVE-2020-2921 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2920
- RESERVED
+CVE-2020-2920 (Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain ( ...)
+ TODO: check
CVE-2020-2919
RESERVED
CVE-2020-2918
@@ -21937,503 +22246,446 @@ CVE-2020-2917
RESERVED
CVE-2020-2916
RESERVED
-CVE-2020-2915
- RESERVED
-CVE-2020-2914
- RESERVED
+CVE-2020-2915 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
+ TODO: check
+CVE-2020-2914 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2913
- RESERVED
+CVE-2020-2913 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2912
- RESERVED
-CVE-2020-2911
- RESERVED
+CVE-2020-2912 (Vulnerability in the PeopleSoft Enterprise CS Campus Community product ...)
+ TODO: check
+CVE-2020-2911 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2910
- RESERVED
+CVE-2020-2910 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2909
- RESERVED
+CVE-2020-2909 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2908
- RESERVED
+CVE-2020-2908 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2907
- RESERVED
+CVE-2020-2907 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2906
- RESERVED
-CVE-2020-2905
- RESERVED
+CVE-2020-2906 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of O ...)
+ TODO: check
+CVE-2020-2905 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2904
- RESERVED
+CVE-2020-2904 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2903
- RESERVED
+CVE-2020-2903 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2902
- RESERVED
+CVE-2020-2902 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2901
- RESERVED
+CVE-2020-2901 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2900
- RESERVED
-CVE-2020-2899
- RESERVED
-CVE-2020-2898
- RESERVED
+CVE-2020-2900 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+ TODO: check
+CVE-2020-2899 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of O ...)
+ TODO: check
+CVE-2020-2898 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2897
- RESERVED
+CVE-2020-2897 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2896
- RESERVED
+CVE-2020-2896 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2895
- RESERVED
+CVE-2020-2895 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2894
- RESERVED
+CVE-2020-2894 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2893
- RESERVED
+CVE-2020-2893 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2892
- RESERVED
+CVE-2020-2892 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2891
- RESERVED
-CVE-2020-2890
- RESERVED
-CVE-2020-2889
- RESERVED
-CVE-2020-2888
- RESERVED
-CVE-2020-2887
- RESERVED
-CVE-2020-2886
- RESERVED
-CVE-2020-2885
- RESERVED
-CVE-2020-2884
- RESERVED
-CVE-2020-2883
- RESERVED
-CVE-2020-2882
- RESERVED
-CVE-2020-2881
- RESERVED
-CVE-2020-2880
- RESERVED
-CVE-2020-2879
- RESERVED
-CVE-2020-2878
- RESERVED
-CVE-2020-2877
- RESERVED
-CVE-2020-2876
- RESERVED
-CVE-2020-2875
- RESERVED
+CVE-2020-2891 (Vulnerability in the Oracle Financial Services Liquidity Risk Manageme ...)
+ TODO: check
+CVE-2020-2890 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
+ TODO: check
+CVE-2020-2889 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2020-2888 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2887 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
+ TODO: check
+CVE-2020-2886 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2020-2885 (Vulnerability in the Oracle Document Management and Collaboration prod ...)
+ TODO: check
+CVE-2020-2884 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2883 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2882 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
+ TODO: check
+CVE-2020-2881 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2020-2880 (Vulnerability in the Oracle Learning Management product of Oracle E-Bu ...)
+ TODO: check
+CVE-2020-2879 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2878 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2877 (Vulnerability in the Oracle Partner Management product of Oracle E-Bus ...)
+ TODO: check
+CVE-2020-2876 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2875 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...)
- mysql-connector-java <removed>
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2874
- RESERVED
-CVE-2020-2873
- RESERVED
-CVE-2020-2872
- RESERVED
-CVE-2020-2871
- RESERVED
-CVE-2020-2870
- RESERVED
-CVE-2020-2869
- RESERVED
-CVE-2020-2868
- RESERVED
-CVE-2020-2867
- RESERVED
-CVE-2020-2866
- RESERVED
-CVE-2020-2865
- RESERVED
-CVE-2020-2864
- RESERVED
-CVE-2020-2863
- RESERVED
-CVE-2020-2862
- RESERVED
-CVE-2020-2861
- RESERVED
-CVE-2020-2860
- RESERVED
-CVE-2020-2859
- RESERVED
-CVE-2020-2858
- RESERVED
-CVE-2020-2857
- RESERVED
-CVE-2020-2856
- RESERVED
-CVE-2020-2855
- RESERVED
-CVE-2020-2854
- RESERVED
-CVE-2020-2853
- RESERVED
+CVE-2020-2874 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2873 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
+ TODO: check
+CVE-2020-2872 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2871 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
+ TODO: check
+CVE-2020-2870 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+ TODO: check
+CVE-2020-2869 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2868 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2867 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2866 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
+ TODO: check
+CVE-2020-2865 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
+ TODO: check
+CVE-2020-2864 (Vulnerability in the Oracle iSupplier Portal product of Oracle E-Busin ...)
+ TODO: check
+CVE-2020-2863 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
+ TODO: check
+CVE-2020-2862 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+ TODO: check
+CVE-2020-2861 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2860 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2859 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2858 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2857 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
+ TODO: check
+CVE-2020-2856 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
+ TODO: check
+CVE-2020-2855 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2854 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
+ TODO: check
+CVE-2020-2853 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2852
- RESERVED
-CVE-2020-2851
- RESERVED
-CVE-2020-2850
- RESERVED
-CVE-2020-2849
- RESERVED
-CVE-2020-2848
- RESERVED
-CVE-2020-2847
- RESERVED
-CVE-2020-2846
- RESERVED
-CVE-2020-2845
- RESERVED
-CVE-2020-2844
- RESERVED
-CVE-2020-2843
- RESERVED
-CVE-2020-2842
- RESERVED
-CVE-2020-2841
- RESERVED
-CVE-2020-2840
- RESERVED
-CVE-2020-2839
- RESERVED
-CVE-2020-2838
- RESERVED
-CVE-2020-2837
- RESERVED
-CVE-2020-2836
- RESERVED
-CVE-2020-2835
- RESERVED
-CVE-2020-2834
- RESERVED
-CVE-2020-2833
- RESERVED
-CVE-2020-2832
- RESERVED
-CVE-2020-2831
- RESERVED
-CVE-2020-2830
- RESERVED
+CVE-2020-2852 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
+ TODO: check
+CVE-2020-2851 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2850 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2849 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2848 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2847 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2846 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2845 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2844 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2843 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2842 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2841 (Vulnerability in the Oracle Knowledge Management product of Oracle E-B ...)
+ TODO: check
+CVE-2020-2840 (Vulnerability in the Oracle E-Business Intelligence product of Oracle ...)
+ TODO: check
+CVE-2020-2839 (Vulnerability in the Oracle Service Intelligence product of Oracle E-B ...)
+ TODO: check
+CVE-2020-2838 (Vulnerability in the Oracle CRM Gateway for Mobile Devices product of ...)
+ TODO: check
+CVE-2020-2837 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2836 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2835 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2834 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2833 (Vulnerability in the Oracle Quoting product of Oracle E-Business Suite ...)
+ TODO: check
+CVE-2020-2832 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+ TODO: check
+CVE-2020-2831 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2830 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2829
- RESERVED
-CVE-2020-2828
- RESERVED
-CVE-2020-2827
- RESERVED
-CVE-2020-2826
- RESERVED
-CVE-2020-2825
- RESERVED
-CVE-2020-2824
- RESERVED
-CVE-2020-2823
- RESERVED
-CVE-2020-2822
- RESERVED
-CVE-2020-2821
- RESERVED
-CVE-2020-2820
- RESERVED
-CVE-2020-2819
- RESERVED
-CVE-2020-2818
- RESERVED
-CVE-2020-2817
- RESERVED
-CVE-2020-2816
- RESERVED
+CVE-2020-2829 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2828 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2827 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+ TODO: check
+CVE-2020-2826 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+ TODO: check
+CVE-2020-2825 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+ TODO: check
+CVE-2020-2824 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+ TODO: check
+CVE-2020-2823 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
+ TODO: check
+CVE-2020-2822 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
+ TODO: check
+CVE-2020-2821 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
+ TODO: check
+CVE-2020-2820 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
+ TODO: check
+CVE-2020-2819 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
+ TODO: check
+CVE-2020-2818 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
+ TODO: check
+CVE-2020-2817 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...)
+ TODO: check
+CVE-2020-2816 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
-CVE-2020-2815
- RESERVED
-CVE-2020-2814
- RESERVED
+CVE-2020-2815 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2814 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2813
- RESERVED
-CVE-2020-2812
- RESERVED
+CVE-2020-2813 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2812 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2811
- RESERVED
-CVE-2020-2810
- RESERVED
-CVE-2020-2809
- RESERVED
-CVE-2020-2808
- RESERVED
-CVE-2020-2807
- RESERVED
-CVE-2020-2806
- RESERVED
+CVE-2020-2811 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2810 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
+ TODO: check
+CVE-2020-2809 (Vulnerability in the Oracle E-Business Intelligence product of Oracle ...)
+ TODO: check
+CVE-2020-2808 (Vulnerability in the Oracle E-Business Intelligence product of Oracle ...)
+ TODO: check
+CVE-2020-2807 (Vulnerability in the Oracle Marketing Encyclopedia System product of O ...)
+ TODO: check
+CVE-2020-2806 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2805
- RESERVED
+CVE-2020-2805 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2804
- RESERVED
+CVE-2020-2804 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2803
- RESERVED
+CVE-2020-2803 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2802
- RESERVED
-CVE-2020-2801
- RESERVED
-CVE-2020-2800
- RESERVED
+CVE-2020-2802 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+ TODO: check
+CVE-2020-2801 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2800 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2799
- RESERVED
-CVE-2020-2798
- RESERVED
-CVE-2020-2797
- RESERVED
-CVE-2020-2796
- RESERVED
-CVE-2020-2795
- RESERVED
-CVE-2020-2794
- RESERVED
-CVE-2020-2793
- RESERVED
+CVE-2020-2799 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+ TODO: check
+CVE-2020-2798 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2797 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2796 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2795 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
+ TODO: check
+CVE-2020-2794 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2793 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+ TODO: check
CVE-2020-2792
RESERVED
-CVE-2020-2791
- RESERVED
-CVE-2020-2790
- RESERVED
+CVE-2020-2791 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
+ TODO: check
+CVE-2020-2790 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2789
- RESERVED
+CVE-2020-2789 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
CVE-2020-2788
RESERVED
-CVE-2020-2787
- RESERVED
-CVE-2020-2786
- RESERVED
-CVE-2020-2785
- RESERVED
-CVE-2020-2784
- RESERVED
-CVE-2020-2783
- RESERVED
-CVE-2020-2782
- RESERVED
-CVE-2020-2781
- RESERVED
+CVE-2020-2787 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2020-2786 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2020-2785 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2020-2784 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2020-2783 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2020-2782 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2781 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2780
- RESERVED
+CVE-2020-2780 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2779
- RESERVED
+CVE-2020-2779 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (MySQL 8 only)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2778
- RESERVED
+CVE-2020-2778 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
-CVE-2020-2777
- RESERVED
-CVE-2020-2776
- RESERVED
-CVE-2020-2775
- RESERVED
-CVE-2020-2774
- RESERVED
+CVE-2020-2777 (Vulnerability in the Hyperion Financial Management product of Oracle H ...)
+ TODO: check
+CVE-2020-2776 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2775 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2774 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2773
- RESERVED
+CVE-2020-2773 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2772
- RESERVED
-CVE-2020-2771
- RESERVED
-CVE-2020-2770
- RESERVED
+CVE-2020-2772 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
+ TODO: check
+CVE-2020-2771 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2770 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2769
- RESERVED
-CVE-2020-2768
- RESERVED
+CVE-2020-2769 (Vulnerability in the Hyperion Financial Reporting product of Oracle Hy ...)
+ TODO: check
+CVE-2020-2768 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
- mysql-cluster <itp> (bug #833356)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2767
- RESERVED
+CVE-2020-2767 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
-CVE-2020-2766
- RESERVED
-CVE-2020-2765
- RESERVED
+CVE-2020-2766 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2765 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2764
- RESERVED
+CVE-2020-2764 (Vulnerability in the Java SE product of Oracle Java SE (component: Adv ...)
NOT-FOR-US: Java Advanced Management Console
-CVE-2020-2763
- RESERVED
+CVE-2020-2763 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2762
- RESERVED
+CVE-2020-2762 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2761
- RESERVED
+CVE-2020-2761 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2760
- RESERVED
+CVE-2020-2760 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2759
- RESERVED
+CVE-2020-2759 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2758
- RESERVED
+CVE-2020-2758 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2757
- RESERVED
+CVE-2020-2757 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2756
- RESERVED
+CVE-2020-2756 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2755
- RESERVED
+CVE-2020-2755 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 <unfixed>
-CVE-2020-2754
- RESERVED
+CVE-2020-2754 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 <unfixed>
-CVE-2020-2753
- RESERVED
-CVE-2020-2752
- RESERVED
+CVE-2020-2753 (Vulnerability in the Oracle Workflow product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2752 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
-CVE-2020-2751
- RESERVED
-CVE-2020-2750
- RESERVED
-CVE-2020-2749
- RESERVED
-CVE-2020-2748
- RESERVED
+CVE-2020-2751 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2750 (Vulnerability in the Oracle General Ledger product of Oracle E-Busines ...)
+ TODO: check
+CVE-2020-2749 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2748 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2747
- RESERVED
-CVE-2020-2746
- RESERVED
-CVE-2020-2745
- RESERVED
-CVE-2020-2744
- RESERVED
-CVE-2020-2743
- RESERVED
+CVE-2020-2747 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
+ TODO: check
+CVE-2020-2746 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
+ TODO: check
+CVE-2020-2745 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
+ TODO: check
+CVE-2020-2744 (Vulnerability in the Oracle Transportation Management product of Oracl ...)
+ TODO: check
+CVE-2020-2743 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2742
- RESERVED
+CVE-2020-2742 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2741
- RESERVED
+CVE-2020-2741 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2740
- RESERVED
-CVE-2020-2739
- RESERVED
-CVE-2020-2738
- RESERVED
-CVE-2020-2737
- RESERVED
+CVE-2020-2740 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
+ TODO: check
+CVE-2020-2739 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2738 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM ...)
+ TODO: check
+CVE-2020-2737 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+ TODO: check
CVE-2020-2736
RESERVED
-CVE-2020-2735
- RESERVED
-CVE-2020-2734
- RESERVED
-CVE-2020-2733
- RESERVED
+CVE-2020-2735 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
+ TODO: check
+CVE-2020-2734 (Vulnerability in the RDBMS/Optimizer component of Oracle Database Serv ...)
+ TODO: check
+CVE-2020-2733 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
+ TODO: check
CVE-2020-2732 (A flaw was discovered in the way that the KVM hypervisor handled instr ...)
- linux 5.5.13-1
NOTE: https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ec
@@ -22492,8 +22744,8 @@ CVE-2020-2708
RESERVED
CVE-2020-2707 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
NOT-FOR-US: Oracle
-CVE-2020-2706
- RESERVED
+CVE-2020-2706 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
+ TODO: check
CVE-2020-2705 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
@@ -22752,8 +23004,8 @@ CVE-2020-2596 (Vulnerability in the Oracle CRM Technical Foundation product of O
NOT-FOR-US: Oracle
CVE-2020-2595 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
NOT-FOR-US: Oracle
-CVE-2020-2594
- RESERVED
+CVE-2020-2594 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
+ TODO: check
CVE-2020-2593 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
{DSA-4621-1 DSA-4605-1 DLA-2128-1}
- openjdk-13 13.0.2+8-1
@@ -22863,8 +23115,8 @@ CVE-2020-2555 (Vulnerability in the Oracle Coherence product of Oracle Fusion Mi
NOT-FOR-US: Oracle
CVE-2020-2554
RESERVED
-CVE-2020-2553
- RESERVED
+CVE-2020-2553 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
+ TODO: check
CVE-2020-2552 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2020-2551 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
@@ -22921,12 +23173,12 @@ CVE-2020-2526
RESERVED
CVE-2020-2525
RESERVED
-CVE-2020-2524
- RESERVED
+CVE-2020-2524 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
+ TODO: check
CVE-2020-2523
RESERVED
-CVE-2020-2522
- RESERVED
+CVE-2020-2522 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
+ TODO: check
CVE-2020-2521
RESERVED
CVE-2020-2520
@@ -22941,8 +23193,8 @@ CVE-2020-2516 (Vulnerability in the Core RDBMS component of Oracle Database Serv
NOT-FOR-US: Oracle
CVE-2020-2515 (Vulnerability in the Database Gateway for ODBC component of Oracle Dat ...)
NOT-FOR-US: Oracle
-CVE-2020-2514
- RESERVED
+CVE-2020-2514 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
+ TODO: check
CVE-2020-2513
RESERVED
CVE-2020-2512 (Vulnerability in the Database Gateway for ODBC component of Oracle Dat ...)
@@ -24884,8 +25136,8 @@ CVE-2019-19502 (Code injection in pluginconfig.php in Image Uploader and Browser
NOT-FOR-US: ckeditor plugin
CVE-2019-19501 (VeraCrypt 1.24 allows Local Privilege Escalation during execution of V ...)
NOT-FOR-US: VeraCrypt
-CVE-2019-19500
- RESERVED
+CVE-2019-19500 (Matrix42 Workspace Management 9.1.2.2765 and below allows stored XSS v ...)
+ TODO: check
CVE-2019-19499
RESERVED
CVE-2019-19498
@@ -25434,8 +25686,8 @@ CVE-2019-19391 (** DISPUTED ** In LuaJIT through 2.0.5, as used in Moonjit befor
NOTE: https://github.com/LuaJIT/LuaJIT/pull/526
NOTE: Negligible security impact. The debug library is unsafe per se and one is
NOTE: not supposed to release an application with the debug library.
-CVE-2019-19390
- RESERVED
+CVE-2019-19390 (The Search parameter of the Software Catalogue section of Matrix42 Wor ...)
+ TODO: check
CVE-2019-19389 (JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP R ...)
NOT-FOR-US: JetBrains Ktor framework
CVE-2019-19388 (A cross-site scripting (XSS) vulnerability in app/dialplans/dialplan_d ...)
@@ -28593,8 +28845,8 @@ CVE-2020-1096
RESERVED
CVE-2020-1095
RESERVED
-CVE-2020-1094
- RESERVED
+CVE-2020-1094 (An elevation of privilege vulnerability exists when the Windows Work F ...)
+ TODO: check
CVE-2020-1093
RESERVED
CVE-2020-1092
@@ -28681,10 +28933,10 @@ CVE-2020-1052
RESERVED
CVE-2020-1051
RESERVED
-CVE-2020-1050
- RESERVED
-CVE-2020-1049
- RESERVED
+CVE-2020-1050 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
+ TODO: check
+CVE-2020-1049 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
+ TODO: check
CVE-2020-1048
RESERVED
CVE-2020-1047
@@ -28723,254 +28975,254 @@ CVE-2020-1031
RESERVED
CVE-2020-1030
RESERVED
-CVE-2020-1029
- RESERVED
+CVE-2020-1029 (An elevation of privilege vulnerability exists when Connected User Exp ...)
+ TODO: check
CVE-2020-1028
RESERVED
-CVE-2020-1027
- RESERVED
-CVE-2020-1026
- RESERVED
+CVE-2020-1027 (An elevation of privilege vulnerability exists in the way that the Win ...)
+ TODO: check
+CVE-2020-1026 (A Security Feature Bypass vulnerability exists in the MSR JavaScript C ...)
+ TODO: check
CVE-2020-1025
RESERVED
CVE-2020-1024
RESERVED
CVE-2020-1023
RESERVED
-CVE-2020-1022
- RESERVED
+CVE-2020-1022 (A remote code execution vulnerability exists in Microsoft Dynamics Bus ...)
+ TODO: check
CVE-2020-1021
RESERVED
-CVE-2020-1020
- RESERVED
-CVE-2020-1019
- RESERVED
-CVE-2020-1018
- RESERVED
-CVE-2020-1017
- RESERVED
-CVE-2020-1016
- RESERVED
-CVE-2020-1015
- RESERVED
-CVE-2020-1014
- RESERVED
+CVE-2020-1020 (A remote code execution vulnerability exists in Microsoft Windows when ...)
+ TODO: check
+CVE-2020-1019 (An elevation of privilege vulnerability exists in RMS Sharing App for ...)
+ TODO: check
+CVE-2020-1018 (An information disclosure vulnerability exists when Microsoft Dynamics ...)
+ TODO: check
+CVE-2020-1017 (An elevation of privilege vulnerability exists in the way the Windows ...)
+ TODO: check
+CVE-2020-1016 (An information disclosure vulnerability exists when the Windows Push N ...)
+ TODO: check
+CVE-2020-1015 (An elevation of privilege vulnerability exists in the way that the Use ...)
+ TODO: check
+CVE-2020-1014 (An elevation of privilege vulnerability exists in the Microsoft Window ...)
+ TODO: check
CVE-2020-1013
RESERVED
CVE-2020-1012
RESERVED
-CVE-2020-1011
- RESERVED
+CVE-2020-1011 (An elevation of privilege vulnerability exists when the Windows System ...)
+ TODO: check
CVE-2020-1010
RESERVED
-CVE-2020-1009
- RESERVED
-CVE-2020-1008
- RESERVED
-CVE-2020-1007
- RESERVED
-CVE-2020-1006
- RESERVED
-CVE-2020-1005
- RESERVED
-CVE-2020-1004
- RESERVED
-CVE-2020-1003
- RESERVED
-CVE-2020-1002
- RESERVED
-CVE-2020-1001
- RESERVED
-CVE-2020-1000
- RESERVED
-CVE-2020-0999
- RESERVED
+CVE-2020-1009 (An elevation of privilege vulnerability exists in the way that the Mic ...)
+ TODO: check
+CVE-2020-1008 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2020-1007 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2020-1006 (An elevation of privilege vulnerability exists in the way the Windows ...)
+ TODO: check
+CVE-2020-1005 (An information disclosure vulnerability exists when the Microsoft Wind ...)
+ TODO: check
+CVE-2020-1004 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
+ TODO: check
+CVE-2020-1003 (An elevation of privilege vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2020-1002 (An elevation of privilege vulnerability exists when the MpSigStub.exe ...)
+ TODO: check
+CVE-2020-1001 (An elevation of privilege vulnerability exists in the way the Windows ...)
+ TODO: check
+CVE-2020-1000 (An elevation of privilege vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2020-0999 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
CVE-2020-0998
RESERVED
CVE-2020-0997
RESERVED
-CVE-2020-0996
- RESERVED
-CVE-2020-0995
- RESERVED
-CVE-2020-0994
- RESERVED
-CVE-2020-0993
- RESERVED
-CVE-2020-0992
- RESERVED
-CVE-2020-0991
- RESERVED
+CVE-2020-0996 (An elevation of privilege vulnerability exists when the Windows Update ...)
+ TODO: check
+CVE-2020-0995 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2020-0994 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2020-0993 (A denial of service vulnerability exists in Windows DNS when it fails ...)
+ TODO: check
+CVE-2020-0992 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2020-0991 (A remote code execution vulnerability exists in Microsoft Office softw ...)
+ TODO: check
CVE-2020-0990
RESERVED
CVE-2020-0989
RESERVED
-CVE-2020-0988
- RESERVED
-CVE-2020-0987
- RESERVED
+CVE-2020-0988 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2020-0987 (An information disclosure vulnerability exists when the Microsoft Wind ...)
+ TODO: check
CVE-2020-0986
RESERVED
-CVE-2020-0985
- RESERVED
-CVE-2020-0984
- RESERVED
-CVE-2020-0983
- RESERVED
-CVE-2020-0982
- RESERVED
-CVE-2020-0981
- RESERVED
-CVE-2020-0980
- RESERVED
-CVE-2020-0979
- RESERVED
-CVE-2020-0978
- RESERVED
-CVE-2020-0977
- RESERVED
-CVE-2020-0976
- RESERVED
-CVE-2020-0975
- RESERVED
-CVE-2020-0974
- RESERVED
-CVE-2020-0973
- RESERVED
-CVE-2020-0972
- RESERVED
-CVE-2020-0971
- RESERVED
-CVE-2020-0970
- RESERVED
-CVE-2020-0969
- RESERVED
-CVE-2020-0968
- RESERVED
-CVE-2020-0967
- RESERVED
-CVE-2020-0966
- RESERVED
-CVE-2020-0965
- RESERVED
-CVE-2020-0964
- RESERVED
+CVE-2020-0985 (An elevation of privilege vulnerability exists when the Windows Update ...)
+ TODO: check
+CVE-2020-0984 (An elevation of privilege vulnerability exists when the Microsoft Auto ...)
+ TODO: check
+CVE-2020-0983 (An elevation of privilege vulnerability exists when the Windows Delive ...)
+ TODO: check
+CVE-2020-0982 (An information disclosure vulnerability exists when the Microsoft Wind ...)
+ TODO: check
+CVE-2020-0981 (A security feature bypass vulnerability exists when Windows fails to p ...)
+ TODO: check
+CVE-2020-0980 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
+ TODO: check
+CVE-2020-0979 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
+ TODO: check
+CVE-2020-0978 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2020-0977 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
+ TODO: check
+CVE-2020-0976 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
+ TODO: check
+CVE-2020-0975 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
+ TODO: check
+CVE-2020-0974 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+ TODO: check
+CVE-2020-0973 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2020-0972 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
+ TODO: check
+CVE-2020-0971 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+ TODO: check
+CVE-2020-0970 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2020-0969 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2020-0968 (A remote code execution vulnerability exists in the way that the scrip ...)
+ TODO: check
+CVE-2020-0967 (A remote code execution vulnerability exists in the way that the VBScr ...)
+ TODO: check
+CVE-2020-0966 (A remote code execution vulnerability exists in the way that the VBScr ...)
+ TODO: check
+CVE-2020-0965 (A remoted code execution vulnerability exists in the way that Microsof ...)
+ TODO: check
+CVE-2020-0964 (A remote code execution vulnerability exists in the way that the Windo ...)
+ TODO: check
CVE-2020-0963
RESERVED
-CVE-2020-0962
- RESERVED
-CVE-2020-0961
- RESERVED
-CVE-2020-0960
- RESERVED
-CVE-2020-0959
- RESERVED
-CVE-2020-0958
- RESERVED
-CVE-2020-0957
- RESERVED
-CVE-2020-0956
- RESERVED
-CVE-2020-0955
- RESERVED
-CVE-2020-0954
- RESERVED
-CVE-2020-0953
- RESERVED
-CVE-2020-0952
- RESERVED
+CVE-2020-0962 (An information disclosure vulnerability exists when the win32k compone ...)
+ TODO: check
+CVE-2020-0961 (A remote code execution vulnerability exists when the Microsoft Office ...)
+ TODO: check
+CVE-2020-0960 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2020-0959 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2020-0958 (An elevation of privilege vulnerability exists in Windows when the Win ...)
+ TODO: check
+CVE-2020-0957 (An elevation of privilege vulnerability exists in Windows when the Win ...)
+ TODO: check
+CVE-2020-0956 (An elevation of privilege vulnerability exists in Windows when the Win ...)
+ TODO: check
+CVE-2020-0955 (An information disclosure vulnerability exists when certain central pr ...)
+ TODO: check
+CVE-2020-0954 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2020-0953 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2020-0952 (An information disclosure vulnerability exists when the Windows GDI co ...)
+ TODO: check
CVE-2020-0951
RESERVED
-CVE-2020-0950
- RESERVED
-CVE-2020-0949
- RESERVED
-CVE-2020-0948
- RESERVED
-CVE-2020-0947
- RESERVED
-CVE-2020-0946
- RESERVED
-CVE-2020-0945
- RESERVED
-CVE-2020-0944
- RESERVED
-CVE-2020-0943
- RESERVED
-CVE-2020-0942
- RESERVED
+CVE-2020-0950 (A memory corruption vulnerability exists when Windows Media Foundation ...)
+ TODO: check
+CVE-2020-0949 (A memory corruption vulnerability exists when Windows Media Foundation ...)
+ TODO: check
+CVE-2020-0948 (A memory corruption vulnerability exists when Windows Media Foundation ...)
+ TODO: check
+CVE-2020-0947 (An information disclosure vulnerability exists when Media Foundation i ...)
+ TODO: check
+CVE-2020-0946 (An information disclosure vulnerability exists when Media Foundation i ...)
+ TODO: check
+CVE-2020-0945 (An information disclosure vulnerability exists when Media Foundation i ...)
+ TODO: check
+CVE-2020-0944 (An elevation of privilege vulnerability exists when Connected User Exp ...)
+ TODO: check
+CVE-2020-0943 (An authentication bypass vulnerability exists in Microsoft YourPhoneCo ...)
+ TODO: check
+CVE-2020-0942 (An elevation of privilege vulnerability exists when Connected User Exp ...)
+ TODO: check
CVE-2020-0941
RESERVED
-CVE-2020-0940
- RESERVED
-CVE-2020-0939
- RESERVED
-CVE-2020-0938
- RESERVED
-CVE-2020-0937
- RESERVED
-CVE-2020-0936
- RESERVED
-CVE-2020-0935
- RESERVED
-CVE-2020-0934
- RESERVED
-CVE-2020-0933
- RESERVED
-CVE-2020-0932
- RESERVED
-CVE-2020-0931
- RESERVED
-CVE-2020-0930
- RESERVED
-CVE-2020-0929
- RESERVED
+CVE-2020-0940 (An elevation of privilege vulnerability exists in the way the Windows ...)
+ TODO: check
+CVE-2020-0939 (An information disclosure vulnerability exists when Media Foundation i ...)
+ TODO: check
+CVE-2020-0938 (A remote code execution vulnerability exists in Microsoft Windows when ...)
+ TODO: check
+CVE-2020-0937 (An information disclosure vulnerability exists when Media Foundation i ...)
+ TODO: check
+CVE-2020-0936 (An elevation of privilege vulnerability exists when a Windows schedule ...)
+ TODO: check
+CVE-2020-0935 (An elevation of privilege vulnerability exists when the OneDrive for W ...)
+ TODO: check
+CVE-2020-0934 (An elevation of privilege vulnerability exists when the Windows WpcDes ...)
+ TODO: check
+CVE-2020-0933 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2020-0932 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+ TODO: check
+CVE-2020-0931 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+ TODO: check
+CVE-2020-0930 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2020-0929 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+ TODO: check
CVE-2020-0928
RESERVED
-CVE-2020-0927
- RESERVED
-CVE-2020-0926
- RESERVED
-CVE-2020-0925
- RESERVED
-CVE-2020-0924
- RESERVED
-CVE-2020-0923
- RESERVED
+CVE-2020-0927 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2020-0926 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2020-0925 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2020-0924 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2020-0923 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
CVE-2020-0922
RESERVED
CVE-2020-0921
RESERVED
-CVE-2020-0920
- RESERVED
-CVE-2020-0919
- RESERVED
-CVE-2020-0918
- RESERVED
-CVE-2020-0917
- RESERVED
+CVE-2020-0920 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+ TODO: check
+CVE-2020-0919 (An elevation of privilege vulnerability exists in Remote Desktop App f ...)
+ TODO: check
+CVE-2020-0918 (An elevation of privilege vulnerability exists when Windows Hyper-V on ...)
+ TODO: check
+CVE-2020-0917 (An elevation of privilege vulnerability exists when Windows Hyper-V on ...)
+ TODO: check
CVE-2020-0916
RESERVED
CVE-2020-0915
RESERVED
CVE-2020-0914
RESERVED
-CVE-2020-0913
- RESERVED
+CVE-2020-0913 (An elevation of privilege vulnerability exists when the Windows kernel ...)
+ TODO: check
CVE-2020-0912
RESERVED
CVE-2020-0911
RESERVED
-CVE-2020-0910
- RESERVED
+CVE-2020-0910 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+ TODO: check
CVE-2020-0909
RESERVED
CVE-2020-0908
RESERVED
-CVE-2020-0907
- RESERVED
-CVE-2020-0906
- RESERVED
+CVE-2020-0907 (A remote code execution vulnerability exists in the way that Microsoft ...)
+ TODO: check
+CVE-2020-0906 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
+ TODO: check
CVE-2020-0905 (An remote code execution vulnerability exists in Microsoft Dynamics Bu ...)
NOT-FOR-US: Microsoft
CVE-2020-0904
@@ -28981,18 +29233,18 @@ CVE-2020-0902 (An elevation of privilege vulnerability exists in Service Fabric
NOT-FOR-US: Microsoft
CVE-2020-0901
RESERVED
-CVE-2020-0900
- RESERVED
-CVE-2020-0899
- RESERVED
+CVE-2020-0900 (An elevation of privilege vulnerability exists when the Visual Studio ...)
+ TODO: check
+CVE-2020-0899 (An elevation of privilege vulnerability exists when Microsoft Visual S ...)
+ TODO: check
CVE-2020-0898 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
NOT-FOR-US: Microsoft
CVE-2020-0897 (An elevation of privilege vulnerability exists when the Windows Work F ...)
NOT-FOR-US: Microsoft
CVE-2020-0896 (An elevation of privilege vulnerability exists when Windows improperly ...)
NOT-FOR-US: Microsoft
-CVE-2020-0895
- RESERVED
+CVE-2020-0895 (A remote code execution vulnerability exists in the way that the VBScr ...)
+ TODO: check
CVE-2020-0894 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2020-0893 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
@@ -29003,10 +29255,10 @@ CVE-2020-0891 (This vulnerability is caused when SharePoint Server does not prop
NOT-FOR-US: Microsoft
CVE-2020-0890
RESERVED
-CVE-2020-0889
- RESERVED
-CVE-2020-0888
- RESERVED
+CVE-2020-0889 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2020-0888 (An elevation of privilege vulnerability exists when DirectX improperly ...)
+ TODO: check
CVE-2020-0887 (An elevation of privilege vulnerability exists in Windows when the Win ...)
NOT-FOR-US: Microsoft
CVE-2020-0886
@@ -29111,8 +29363,8 @@ CVE-2020-0837
RESERVED
CVE-2020-0836
RESERVED
-CVE-2020-0835
- RESERVED
+CVE-2020-0835 (An elevation of privilege vulnerability exists when Windows Defender a ...)
+ TODO: check
CVE-2020-0834 (An elevation of privilege vulnerability exists when Windows improperly ...)
NOT-FOR-US: Microsoft
CVE-2020-0833 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -29139,8 +29391,8 @@ CVE-2020-0823 (A remote code execution vulnerability exists in the way that the
NOT-FOR-US: Microsoft
CVE-2020-0822 (An elevation of privilege vulnerability exists when the Windows Langua ...)
NOT-FOR-US: Microsoft
-CVE-2020-0821
- RESERVED
+CVE-2020-0821 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
CVE-2020-0820 (An information disclosure vulnerability exists when Media Foundation i ...)
NOT-FOR-US: Microsoft
CVE-2020-0819 (An elevation of privilege vulnerability exists when the Windows Device ...)
@@ -29193,8 +29445,8 @@ CVE-2020-0796 (A remote code execution vulnerability exists in the way that the
NOT-FOR-US: Microsoft
CVE-2020-0795 (This vulnerability is caused when SharePoint Server does not properly ...)
NOT-FOR-US: Microsoft
-CVE-2020-0794
- RESERVED
+CVE-2020-0794 (A denial of service vulnerability exists when Windows improperly handl ...)
+ TODO: check
CVE-2020-0793 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
NOT-FOR-US: Microsoft
CVE-2020-0792 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
@@ -29213,8 +29465,8 @@ CVE-2020-0786 (A denial of service vulnerability exists when the Windows Tile Ob
NOT-FOR-US: Microsoft
CVE-2020-0785 (An elevation of privilege vulnerability exists when the Windows User P ...)
NOT-FOR-US: Microsoft
-CVE-2020-0784
- RESERVED
+CVE-2020-0784 (An elevation of privilege vulnerability exists when DirectX improperly ...)
+ TODO: check
CVE-2020-0783 (An elevation of privilege vulnerability exists when the Windows Univer ...)
NOT-FOR-US: Microsoft
CVE-2020-0782
@@ -29261,8 +29513,8 @@ CVE-2020-0762 (An elevation of privilege vulnerability exists when Windows Defen
NOT-FOR-US: Microsoft
CVE-2020-0761
RESERVED
-CVE-2020-0760
- RESERVED
+CVE-2020-0760 (A remote code execution vulnerability exists when Microsoft Office imp ...)
+ TODO: check
CVE-2020-0759 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
NOT-FOR-US: Microsoft
CVE-2020-0758 (An elevation of privilege vulnerability exists when Azure DevOps Serve ...)
@@ -29383,8 +29635,8 @@ CVE-2020-0701 (An elevation of privilege vulnerability exists in the way that th
NOT-FOR-US: Microsoft
CVE-2020-0700 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
NOT-FOR-US: Microsoft
-CVE-2020-0699
- RESERVED
+CVE-2020-0699 (An information disclosure vulnerability exists when the win32k compone ...)
+ TODO: check
CVE-2020-0698 (An information disclosure vulnerability exists when the Telephony Serv ...)
NOT-FOR-US: Microsoft
CVE-2020-0697 (An elevation of privilege vulnerability exists in Microsoft Office OLi ...)
@@ -29407,8 +29659,8 @@ CVE-2020-0689 (A security feature bypass vulnerability exists in secure boot, ak
NOT-FOR-US: Microsoft
CVE-2020-0688 (A remote code execution vulnerability exists in Microsoft Exchange sof ...)
NOT-FOR-US: Microsoft
-CVE-2020-0687
- RESERVED
+CVE-2020-0687 (A remote code execution vulnerability exists when the Windows font lib ...)
+ TODO: check
CVE-2020-0686 (An elevation of privilege vulnerability exists in the Windows Installe ...)
NOT-FOR-US: Microsoft
CVE-2020-0685 (An elevation of privilege vulnerability exists when Windows improperly ...)
@@ -30072,12 +30324,12 @@ CVE-2019-18572 (The RSA Identity Governance and Lifecycle and RSA Via Lifecycle
NOT-FOR-US: RSA
CVE-2019-18571 (The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Go ...)
NOT-FOR-US: RSA
-CVE-2020-0600
- RESERVED
+CVE-2020-0600 (Improper buffer restrictions in firmware for some Intel(R) NUC may all ...)
+ TODO: check
CVE-2020-0599
RESERVED
-CVE-2020-0598
- RESERVED
+CVE-2020-0598 (Uncontrolled search path in the installer for the Intel(R) Binary Conf ...)
+ TODO: check
CVE-2020-0597
RESERVED
CVE-2020-0596
@@ -30116,12 +30368,12 @@ CVE-2020-0580
RESERVED
CVE-2020-0579
RESERVED
-CVE-2020-0578
- RESERVED
-CVE-2020-0577
- RESERVED
-CVE-2020-0576
- RESERVED
+CVE-2020-0578 (Improper conditions check for Intel(R) Modular Server MFS2600KISPP Com ...)
+ TODO: check
+CVE-2020-0577 (Insufficient control flow for Intel(R) Modular Server MFS2600KISPP Com ...)
+ TODO: check
+CVE-2020-0576 (Buffer overflow in Intel(R) Modular Server MFS2600KISPP Compute Module ...)
+ TODO: check
CVE-2020-0575
RESERVED
CVE-2020-0574 (Improper configuration in block design for Intel(R) MAX(R) 10 FPGA all ...)
@@ -30147,8 +30399,8 @@ CVE-2020-0569
- qtbase-opensource-src 5.12.5+dfsg-8
NOTE: Patch for 5.6.0 through 5.13.2: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=bf131e8d2181b3404f5293546ed390999f760404
NOTE: Patch for 5.0.0 through 5.5.1: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=5c4234ed958130d655df8197129806f687d4df0d
-CVE-2020-0568
- RESERVED
+CVE-2020-0568 (Race condition in the Intel(R) Driver and Support Assistant before ver ...)
+ TODO: check
CVE-2020-0567 (Improper input validation in Intel(R) Graphics Drivers before version ...)
NOT-FOR-US: Intel graphics driver for Windows
CVE-2020-0566
@@ -30167,10 +30419,10 @@ CVE-2020-0560 (Improper permissions in the installer for the Intel(R) Renesas El
NOT-FOR-US: Intel
CVE-2020-0559
RESERVED
-CVE-2020-0558
- RESERVED
-CVE-2020-0557
- RESERVED
+CVE-2020-0558 (Improper buffer restrictions in kernel mode driver for Intel(R) PROSet ...)
+ TODO: check
+CVE-2020-0557 (Insecure inherited permissions in Intel(R) PROSet/Wireless WiFi produc ...)
+ TODO: check
CVE-2020-0556 (Improper access control in subsystem for BlueZ before version 5.54 may ...)
{DSA-4647-1}
- bluez 5.50-1.1 (bug #953770)
@@ -30220,8 +30472,8 @@ CVE-2020-0548 (Cleanup errors in some Intel(R) Processors may allow an authentic
[jessie] - intel-microcode <postponed> (Minor issue; low impact if all mitigations for TAA and MDS were already previously applied)
NOTE: https://software.intel.com/security-software-guidance/software-guidance/vector-register-sampling
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
-CVE-2020-0547
- RESERVED
+CVE-2020-0547 (Incorrect default permissions in the installer for Intel(R) Data Migra ...)
+ TODO: check
CVE-2020-0546 (Unquoted service path in Intel(R) Optane(TM) DC Persistent Memory Modu ...)
NOT-FOR-US: Intel
CVE-2020-0545
@@ -49996,17 +50248,17 @@ CVE-2019-12525 (An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x th
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_3.txt
NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-409956536647b3a05ee1e367424a24ae6b8f13fd.patch
NOTE: Squid 3.5: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-ec0d0f39cf28da14eead0ba5e777e95855bc2f67.patch
-CVE-2019-12524
- RESERVED
+CVE-2019-12524 (An issue was discovered in Squid through 4.7. When handling requests f ...)
+ TODO: check
CVE-2019-12523 (An issue was discovered in Squid before 4.9. When handling a URN reque ...)
- squid 4.9-1
- squid3 <removed>
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_8.txt
NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-fbbdf75efd7a5cc244b4886a9d42ea458c5a3a73.patch
-CVE-2019-12522
- RESERVED
-CVE-2019-12521
- RESERVED
+CVE-2019-12522 (An issue was discovered in Squid through 4.7. When Squid is run as roo ...)
+ TODO: check
+CVE-2019-12521 (An issue was discovered in Squid through 4.7. When Squid is parsing ES ...)
+ TODO: check
CVE-2019-12520
RESERVED
CVE-2019-12519
@@ -57019,7 +57271,7 @@ CVE-2019-10070 (Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to S
NOT-FOR-US: Apache Atlas
CVE-2019-10069 (In Godot through 3.1, remote code execution is possible due to the des ...)
NOT-FOR-US: Godot
-CVE-2019-10068 (An issue was discovered in Kentico before 12.0.15. Due to a failure to ...)
+CVE-2019-10068 (An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x befor ...)
NOT-FOR-US: Kentico
CVE-2019-10067 (An issue was discovered in Open Ticket Request System (OTRS) 7.x throu ...)
- otrs2 6.0.18-1
@@ -72011,8 +72263,8 @@ CVE-2019-4656 (IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and
NOT-FOR-US: IBM
CVE-2019-4655 (IBM MQ 9.1.0.0, 9.1.0.1, 9.1.0.2, 9.1.0.3, 9.1.1, 9.1.2, and 9.1.3 is ...)
NOT-FOR-US: IBM
-CVE-2019-4654
- RESERVED
+CVE-2019-4654 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 does not validate, or incorrectly va ...)
+ TODO: check
CVE-2019-4653
RESERVED
CVE-2019-4652 (IBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure file per ...)
@@ -72131,10 +72383,10 @@ CVE-2019-4596 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.
NOT-FOR-US: IBM
CVE-2019-4595 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 c ...)
NOT-FOR-US: IBM
-CVE-2019-4594
- RESERVED
-CVE-2019-4593
- RESERVED
+CVE-2019-4594 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to obt ...)
+ TODO: check
+CVE-2019-4593 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 generates an error message that incl ...)
+ TODO: check
CVE-2019-4592 (IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow ...)
NOT-FOR-US: IBM
CVE-2019-4591
@@ -77682,8 +77934,8 @@ CVE-2019-2882
RESERVED
CVE-2019-2881
RESERVED
-CVE-2019-2880
- RESERVED
+CVE-2019-2880 (Vulnerability in the Oracle Retail Store Inventory Management product ...)
+ TODO: check
CVE-2019-2879 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2878 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa859f341b92353aa7a72d7603977c9913e1130a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa859f341b92353aa7a72d7603977c9913e1130a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200415/2702a914/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list