[Git][security-tracker-team/security-tracker][master] automatic update

Wed Aug 19 09:10:22 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
edb0c6cc by security tracker role at 2020-08-19T08:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2020-24390
+	RESERVED
+CVE-2020-24389
+	RESERVED
+CVE-2020-24388
+	RESERVED
+CVE-2020-24387
+	RESERVED
+CVE-2020-24386
+	RESERVED
+CVE-2020-24385
+	RESERVED
+CVE-2020-24384
+	RESERVED
+CVE-2020-24383
+	RESERVED
 CVE-2020-24382
 	RESERVED
 CVE-2020-24381
@@ -712,8 +728,8 @@ CVE-2020-24034
 	RESERVED
 CVE-2020-24033
 	RESERVED
-CVE-2020-24032
-	RESERVED
+CVE-2020-24032 (tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cm ...)
+	TODO: check
 CVE-2020-24031
 	RESERVED
 CVE-2020-24030
@@ -908,8 +924,8 @@ CVE-2020-23936
 	RESERVED
 CVE-2020-23935
 	RESERVED
-CVE-2020-23934
-	RESERVED
+CVE-2020-23934 (An issue was discovered in RiteCMS 2.2.1. An authenticated user can di ...)
+	TODO: check
 CVE-2020-23933
 	REJECTED
 CVE-2020-23932
@@ -17072,8 +17088,8 @@ CVE-2020-15928
 	RESERVED
 CVE-2020-15927
 	RESERVED
-CVE-2020-15926
-	RESERVED
+CVE-2020-15926 (Rocket.Chat through 3.4.2 allows XSS where an attacker can send a spec ...)
+	TODO: check
 CVE-2020-15925 (A SQL injection vulnerability at a tpf URI in Loway QueueMetrics befor ...)
 	NOT-FOR-US: Loway QueueMetrics
 CVE-2020-15924 (There is a SQL Injection in Mida eFramework through 2.9.0 that leads t ...)
@@ -17227,8 +17243,8 @@ CVE-2020-15866 (mruby through 2.1.2-rc has a heap-based buffer overflow in the m
 	[stretch] - mruby <no-dsa> (Minor issue)
 	NOTE: https://github.com/mruby/mruby/issues/5042
 	NOTE: https://github.com/mruby/mruby/commit/6334949ba69363cb909a57d6871895bd6d98bb6b
-CVE-2020-15865
-	RESERVED
+CVE-2020-15865 (A Remote Code Execution vulnerability in Stimulsoft (aka Stimulsoft Re ...)
+	TODO: check
 CVE-2020-15864
 	RESERVED
 CVE-2020-15863 (hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2 ...)
@@ -44924,8 +44940,8 @@ CVE-2020-5387
 	RESERVED
 CVE-2020-5386
 	RESERVED
-CVE-2020-5385
-	RESERVED
+CVE-2020-5385 (Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suit ...)
+	TODO: check
 CVE-2020-5384 (Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Wi ...)
 	NOT-FOR-US: RSA MFA Agent
 CVE-2020-5383
@@ -137025,9 +137041,9 @@ CVE-2018-11558 (DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.
 	NOT-FOR-US: DomainMod
 CVE-2018-11557 (YIBAN Easy class education platform 2.0 has XSS via the articlelist.ph ...)
 	NOT-FOR-US: YIBAN Easy
-CVE-2018-11556 (tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipeline ...)
+CVE-2018-11556 (** DISPUTED ** tificc in Little CMS 2.9 has an out-of-bounds write in  ...)
 	NOT-FOR-US: Little CMS
-CVE-2018-11555 (tificc in Little CMS 2.9 has an out-of-bounds write in the Precalculat ...)
+CVE-2018-11555 (** DISPUTED ** tificc in Little CMS 2.9 has an out-of-bounds write in  ...)
 	NOT-FOR-US: Little CMS
 CVE-2018-11554 (The forgotten-password feature in index.php/member/reset/reset_email.h ...)
 	NOT-FOR-US: YzmCMS



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edb0c6cc9aa66b0304fb6deaf66cb65cfd2d7a55

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edb0c6cc9aa66b0304fb6deaf66cb65cfd2d7a55
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200819/3d50d19e/attachment.html>
