[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Aug 19 09:10:22 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
edb0c6cc by security tracker role at 2020-08-19T08:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2020-24390
+ RESERVED
+CVE-2020-24389
+ RESERVED
+CVE-2020-24388
+ RESERVED
+CVE-2020-24387
+ RESERVED
+CVE-2020-24386
+ RESERVED
+CVE-2020-24385
+ RESERVED
+CVE-2020-24384
+ RESERVED
+CVE-2020-24383
+ RESERVED
CVE-2020-24382
RESERVED
CVE-2020-24381
@@ -712,8 +728,8 @@ CVE-2020-24034
RESERVED
CVE-2020-24033
RESERVED
-CVE-2020-24032
- RESERVED
+CVE-2020-24032 (tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cm ...)
+ TODO: check
CVE-2020-24031
RESERVED
CVE-2020-24030
@@ -908,8 +924,8 @@ CVE-2020-23936
RESERVED
CVE-2020-23935
RESERVED
-CVE-2020-23934
- RESERVED
+CVE-2020-23934 (An issue was discovered in RiteCMS 2.2.1. An authenticated user can di ...)
+ TODO: check
CVE-2020-23933
REJECTED
CVE-2020-23932
@@ -17072,8 +17088,8 @@ CVE-2020-15928
RESERVED
CVE-2020-15927
RESERVED
-CVE-2020-15926
- RESERVED
+CVE-2020-15926 (Rocket.Chat through 3.4.2 allows XSS where an attacker can send a spec ...)
+ TODO: check
CVE-2020-15925 (A SQL injection vulnerability at a tpf URI in Loway QueueMetrics befor ...)
NOT-FOR-US: Loway QueueMetrics
CVE-2020-15924 (There is a SQL Injection in Mida eFramework through 2.9.0 that leads t ...)
@@ -17227,8 +17243,8 @@ CVE-2020-15866 (mruby through 2.1.2-rc has a heap-based buffer overflow in the m
[stretch] - mruby <no-dsa> (Minor issue)
NOTE: https://github.com/mruby/mruby/issues/5042
NOTE: https://github.com/mruby/mruby/commit/6334949ba69363cb909a57d6871895bd6d98bb6b
-CVE-2020-15865
- RESERVED
+CVE-2020-15865 (A Remote Code Execution vulnerability in Stimulsoft (aka Stimulsoft Re ...)
+ TODO: check
CVE-2020-15864
RESERVED
CVE-2020-15863 (hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2 ...)
@@ -44924,8 +44940,8 @@ CVE-2020-5387
RESERVED
CVE-2020-5386
RESERVED
-CVE-2020-5385
- RESERVED
+CVE-2020-5385 (Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suit ...)
+ TODO: check
CVE-2020-5384 (Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Wi ...)
NOT-FOR-US: RSA MFA Agent
CVE-2020-5383
@@ -137025,9 +137041,9 @@ CVE-2018-11558 (DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.
NOT-FOR-US: DomainMod
CVE-2018-11557 (YIBAN Easy class education platform 2.0 has XSS via the articlelist.ph ...)
NOT-FOR-US: YIBAN Easy
-CVE-2018-11556 (tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipeline ...)
+CVE-2018-11556 (** DISPUTED ** tificc in Little CMS 2.9 has an out-of-bounds write in ...)
NOT-FOR-US: Little CMS
-CVE-2018-11555 (tificc in Little CMS 2.9 has an out-of-bounds write in the Precalculat ...)
+CVE-2018-11555 (** DISPUTED ** tificc in Little CMS 2.9 has an out-of-bounds write in ...)
NOT-FOR-US: Little CMS
CVE-2018-11554 (The forgotten-password feature in index.php/member/reset/reset_email.h ...)
NOT-FOR-US: YzmCMS
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edb0c6cc9aa66b0304fb6deaf66cb65cfd2d7a55
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edb0c6cc9aa66b0304fb6deaf66cb65cfd2d7a55
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200819/3d50d19e/attachment.html>
More information about the debian-security-tracker-commits
mailing list