[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Tue Aug 11 09:10:23 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
db2fca7e by security tracker role at 2020-08-11T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2020-17480 (TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parse ...)
+	TODO: check
+CVE-2020-17479 (jpv (aka Json Pattern Validator) before 2.2.2 does not properly valida ...)
+	TODO: check
 CVE-2020-17478 (ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly conside ...)
 	- libcrypt-perl-perl <itp> (bug #907353)
 CVE-2020-17477
@@ -2413,14 +2417,14 @@ CVE-2020-16280
 	RESERVED
 CVE-2020-16279
 	RESERVED
-CVE-2020-16278
-	RESERVED
-CVE-2020-16277
-	RESERVED
-CVE-2020-16276
-	RESERVED
-CVE-2020-16275
-	RESERVED
+CVE-2020-16278 (A cross-site scripting (XSS) vulnerability in the Permissions componen ...)
+	TODO: check
+CVE-2020-16277 (An SQL injection vulnerability in the Analytics component of SAINT Sec ...)
+	TODO: check
+CVE-2020-16276 (An SQL injection vulnerability in the Assets component of SAINT Securi ...)
+	TODO: check
+CVE-2020-16275 (A cross-site scripting (XSS) vulnerability in the Credential Manager c ...)
+	TODO: check
 CVE-2020-16274
 	RESERVED
 CVE-2020-16273
@@ -5077,8 +5081,8 @@ CVE-2020-15141
 	RESERVED
 CVE-2020-15140
 	RESERVED
-CVE-2020-15139
-	RESERVED
+CVE-2020-15139 (In MyBB before version 1.8.24, the custom MyCode (BBCode) for the visu ...)
+	TODO: check
 CVE-2020-15138 (Prism is vulnerable to Cross-Site Scripting. The easing preview of the ...)
 	- node-prismjs <unfixed> (bug #968094)
 	NOTE: https://github.com/PrismJS/prism/security/advisories/GHSA-wvhm-4hhf-97x9
@@ -21576,8 +21580,8 @@ CVE-2020-9247
 	RESERVED
 CVE-2020-9246
 	RESERVED
-CVE-2020-9245
-	RESERVED
+CVE-2020-9245 (HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUA ...)
+	TODO: check
 CVE-2020-9244
 	RESERVED
 CVE-2020-9243 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have ...)
@@ -21908,10 +21912,10 @@ CVE-2020-9081
 	RESERVED
 CVE-2020-9080
 	RESERVED
-CVE-2020-9079
-	RESERVED
-CVE-2020-9078
-	RESERVED
+CVE-2020-9079 (FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulne ...)
+	TODO: check
+CVE-2020-9078 (FusionCompute 8.0.0 have local privilege escalation vulnerability. A l ...)
+	TODO: check
 CVE-2020-9077 (HUAWEI P30 smart phones with versions earlier than 10.1.0.160(C00E160R ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9076 (HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db2fca7eb03f74afb20bfeca737e2f34cfff507e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db2fca7eb03f74afb20bfeca737e2f34cfff507e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200811/2098817e/attachment.html>


More information about the debian-security-tracker-commits mailing list