[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Aug 18 21:10:25 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b314dde2 by security tracker role at 2020-08-18T20:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2020-24382
+ RESERVED
CVE-2020-24381
RESERVED
CVE-2020-24380
@@ -350,8 +352,8 @@ CVE-2020-24214
RESERVED
CVE-2020-24213
RESERVED
-CVE-2020-24212
- RESERVED
+CVE-2020-24212 (Kaldin 4.0 is affected by: Insecure Permissions. The impact is: gain p ...)
+ TODO: check
CVE-2020-24211
RESERVED
CVE-2020-24210
@@ -898,8 +900,8 @@ CVE-2020-23940
RESERVED
CVE-2020-23939
RESERVED
-CVE-2020-23938
- RESERVED
+CVE-2020-23938 (Out of bounds read (CWE-125) in AnnLab V3 Lite 4.0.8.3 can cause a den ...)
+ TODO: check
CVE-2020-23937
RESERVED
CVE-2020-23936
@@ -909,7 +911,7 @@ CVE-2020-23935
CVE-2020-23934
RESERVED
CVE-2020-23933
- RESERVED
+ REJECTED
CVE-2020-23932
RESERVED
CVE-2020-23931
@@ -16499,7 +16501,8 @@ CVE-2020-16188
RESERVED
CVE-2020-16187
RESERVED
-CVE-2020-16186 (A stored Cross-site scripting (XSS) vulnerability in Firco Continuity ...)
+CVE-2020-16186
+ REJECTED
NOT-FOR-US: Firco Continuity
CVE-2020-16185
RESERVED
@@ -19456,14 +19459,14 @@ CVE-2020-14938 (An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assu
[jessie] - freedroidrpg <end-of-life> (games are not supported)
NOTE: https://bugs.freedroid.org/b/issue952
NOTE: https://logicaltrust.net/blog/2020/02/freedroid.html
-CVE-2020-14937
- RESERVED
-CVE-2020-14936
- RESERVED
-CVE-2020-14935
- RESERVED
-CVE-2020-14934
- RESERVED
+CVE-2020-14937 (Memory access out of buffer boundaries issues was discovered in Contik ...)
+ TODO: check
+CVE-2020-14936 (Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the ...)
+ TODO: check
+CVE-2020-14935 (Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the ...)
+ TODO: check
+CVE-2020-14934 (Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the ...)
+ TODO: check
CVE-2020-14933 (compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachme ...)
- squirrelmail <removed>
NOTE: https://www.openwall.com/lists/oss-security/2020/06/20/1
@@ -21119,8 +21122,8 @@ CVE-2020-14335
RESERVED
CVE-2020-14334 (A flaw was found in Red Hat Satellite 6 which allows privileged attack ...)
- foreman <itp> (bug #663101)
-CVE-2020-14333
- RESERVED
+CVE-2020-14333 (A flaw was found in Ovirt Engine's web interface in ovirt 4.4 and earl ...)
+ TODO: check
CVE-2020-14332
RESERVED
- ansible <unfixed> (bug #966672)
@@ -35076,8 +35079,8 @@ CVE-2020-9417
RESERVED
CVE-2020-9416
RESERVED
-CVE-2020-9415
- RESERVED
+CVE-2020-9415 (The TIBCO Data Virtualization Server component of TIBCO Software Inc.' ...)
+ TODO: check
CVE-2020-9414 (The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed ...)
NOT-FOR-US: TIBCO
CVE-2020-9413 (The MFT Browser file transfer client and MFT Browser admin client comp ...)
@@ -39242,12 +39245,12 @@ CVE-2020-7710
RESERVED
CVE-2020-7709
RESERVED
-CVE-2020-7708
- RESERVED
-CVE-2020-7707
- RESERVED
-CVE-2020-7706
- RESERVED
+CVE-2020-7708 (The package irrelon-path before 4.7.0; the package @irrelon/path befor ...)
+ TODO: check
+CVE-2020-7707 (The package property-expr before 2.0.3 are vulnerable to Prototype Pol ...)
+ TODO: check
+CVE-2020-7706 (The package connie-lang before 0.1.1 are vulnerable to Prototype Pollu ...)
+ TODO: check
CVE-2020-7705
RESERVED
CVE-2020-7704 (The package linux-cmdline before 1.0.1 are vulnerable to Prototype Pol ...)
@@ -40858,10 +40861,10 @@ CVE-2020-7021
RESERVED
CVE-2020-7020
RESERVED
-CVE-2020-7019
- RESERVED
-CVE-2020-7018
- RESERVED
+CVE-2020-7019 (In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was f ...)
+ TODO: check
+CVE-2020-7018 (Elastic Enterprise Search before 7.9.0 contain a credential exposure f ...)
+ TODO: check
CVE-2020-7017 (In Kibana versions before 6.8.11 and 7.8.1 the region map visualizatio ...)
- kibana <itp> (bug #700337)
CVE-2020-7016 (Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (D ...)
@@ -55111,11 +55114,11 @@ CVE-2019-19457 (SALTO ProAccess SPACE 5.4.3.0 allows XSS. ...)
NOT-FOR-US: SALTO ProAccess SPACE
CVE-2019-19456 (A Reflected XSS was found in the server selection box inside the login ...)
NOT-FOR-US: Wowza Streaming Engine
-CVE-2019-19455 (Wowza Streaming Engine through 2019-11-28 has Insecure Permissions. ...)
+CVE-2019-19455 (Wowza Streaming Engine before 4.8.5 has Insecure Permissions which may ...)
NOT-FOR-US: Wowza Streaming Engine
CVE-2019-19454 (An arbitrary file download was found in the "Download Log" functionali ...)
NOT-FOR-US: Wowza Streaming Engine
-CVE-2019-19453 (Wowza Streaming Engine through 2019-11-28 allows XSS (issue 1 of 2). ...)
+CVE-2019-19453 (Wowza Streaming Engine before 4.8.5 allows XSS (issue 1 of 2). An auth ...)
NOT-FOR-US: Wowza Streaming Engine
CVE-2019-19452 (A buffer overflow was found in Patriot Viper RGB through 1.1 when proc ...)
NOT-FOR-US: Patriot Viper RGB
@@ -98241,8 +98244,8 @@ CVE-2018-20705
RESERVED
CVE-2018-20704
RESERVED
-CVE-2019-6258
- RESERVED
+CVE-2019-6258 (D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow ...)
+ TODO: check
CVE-2019-6257 (A Server Side Request Forgery (SSRF) vulnerability in elFinder before ...)
NOT-FOR-US: elFinder
CVE-2019-6256 (A Denial of Service issue was discovered in the LIVE555 Streaming Medi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b314dde26553af5488e9709b304a90549a419486
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b314dde26553af5488e9709b304a90549a419486
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200818/baf34b45/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list