[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Aug 20 09:10:23 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c5ab8150 by security tracker role at 2020-08-20T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,209 @@
+CVE-2020-24550
+	RESERVED
+CVE-2020-24549
+	RESERVED
+CVE-2020-24548
+	RESERVED
+CVE-2020-24547
+	RESERVED
+CVE-2020-24546
+	RESERVED
+CVE-2020-24545
+	RESERVED
+CVE-2020-24544
+	RESERVED
+CVE-2020-24543
+	RESERVED
+CVE-2020-24542
+	RESERVED
+CVE-2020-24541
+	RESERVED
+CVE-2020-24540
+	RESERVED
+CVE-2020-24539
+	RESERVED
+CVE-2020-24538
+	RESERVED
+CVE-2020-24537
+	RESERVED
+CVE-2020-24536
+	RESERVED
+CVE-2020-24535
+	RESERVED
+CVE-2020-24534
+	RESERVED
+CVE-2020-24533
+	RESERVED
+CVE-2020-24532
+	RESERVED
+CVE-2020-24531
+	RESERVED
+CVE-2020-24530
+	RESERVED
+CVE-2020-24529
+	RESERVED
+CVE-2020-24528
+	RESERVED
+CVE-2020-24527
+	RESERVED
+CVE-2020-24526
+	RESERVED
+CVE-2020-24525
+	RESERVED
+CVE-2020-24524
+	RESERVED
+CVE-2020-24523
+	RESERVED
+CVE-2020-24522
+	RESERVED
+CVE-2020-24521
+	RESERVED
+CVE-2020-24520
+	RESERVED
+CVE-2020-24519
+	RESERVED
+CVE-2020-24518
+	RESERVED
+CVE-2020-24517
+	RESERVED
+CVE-2020-24516
+	RESERVED
+CVE-2020-24515
+	RESERVED
+CVE-2020-24514
+	RESERVED
+CVE-2020-24513
+	RESERVED
+CVE-2020-24512
+	RESERVED
+CVE-2020-24511
+	RESERVED
+CVE-2020-24510
+	RESERVED
+CVE-2020-24509
+	RESERVED
+CVE-2020-24508
+	RESERVED
+CVE-2020-24507
+	RESERVED
+CVE-2020-24506
+	RESERVED
+CVE-2020-24505
+	RESERVED
+CVE-2020-24504
+	RESERVED
+CVE-2020-24503
+	RESERVED
+CVE-2020-24502
+	RESERVED
+CVE-2020-24501
+	RESERVED
+CVE-2020-24500
+	RESERVED
+CVE-2020-24499
+	RESERVED
+CVE-2020-24498
+	RESERVED
+CVE-2020-24497
+	RESERVED
+CVE-2020-24496
+	RESERVED
+CVE-2020-24495
+	RESERVED
+CVE-2020-24494
+	RESERVED
+CVE-2020-24493
+	RESERVED
+CVE-2020-24492
+	RESERVED
+CVE-2020-24491
+	RESERVED
+CVE-2020-24490
+	RESERVED
+CVE-2020-24489
+	RESERVED
+CVE-2020-24488
+	RESERVED
+CVE-2020-24487
+	RESERVED
+CVE-2020-24486
+	RESERVED
+CVE-2020-24485
+	RESERVED
+CVE-2020-24484
+	RESERVED
+CVE-2020-24483
+	RESERVED
+CVE-2020-24482
+	RESERVED
+CVE-2020-24481
+	RESERVED
+CVE-2020-24480
+	RESERVED
+CVE-2020-24479
+	RESERVED
+CVE-2020-24478
+	RESERVED
+CVE-2020-24477
+	RESERVED
+CVE-2020-24476
+	RESERVED
+CVE-2020-24475
+	RESERVED
+CVE-2020-24474
+	RESERVED
+CVE-2020-24473
+	RESERVED
+CVE-2020-24472
+	RESERVED
+CVE-2020-24471
+	RESERVED
+CVE-2020-24470
+	RESERVED
+CVE-2020-24469
+	RESERVED
+CVE-2020-24468
+	RESERVED
+CVE-2020-24467
+	RESERVED
+CVE-2020-24466
+	RESERVED
+CVE-2020-24465
+	RESERVED
+CVE-2020-24464
+	RESERVED
+CVE-2020-24463
+	RESERVED
+CVE-2020-24462
+	RESERVED
+CVE-2020-24461
+	RESERVED
+CVE-2020-24460
+	RESERVED
+CVE-2020-24459
+	RESERVED
+CVE-2020-24458
+	RESERVED
+CVE-2020-24457
+	RESERVED
+CVE-2020-24456
+	RESERVED
+CVE-2020-24455
+	RESERVED
+CVE-2020-24454
+	RESERVED
+CVE-2020-24453
+	RESERVED
+CVE-2020-24452
+	RESERVED
+CVE-2020-24451
+	RESERVED
+CVE-2020-24450
+	RESERVED
+CVE-2020-24449
+	RESERVED
+CVE-2020-24448
+	RESERVED
 CVE-2020-24447
 	RESERVED
 CVE-2020-24446
@@ -482,7 +688,7 @@ CVE-2020-24214
 	RESERVED
 CVE-2020-24213
 	RESERVED
-CVE-2020-24212 (Kaldin 4.0 is affected by: Insecure Permissions. The impact is: gain p ...)
+CVE-2020-24212 (**REJECTED**Kaldin 4.0 is affected by: Insecure Permissions. The impac ...)
 	TODO: check
 CVE-2020-24211
 	RESERVED
@@ -1030,7 +1236,7 @@ CVE-2020-23940
 	RESERVED
 CVE-2020-23939
 	RESERVED
-CVE-2020-23938 (Out of bounds read (CWE-125) in AnnLab V3 Lite 4.0.8.3 can cause a den ...)
+CVE-2020-23938 (***REJECTED***Out of bounds read (CWE-125) in AnnLab V3 Lite 4.0.8.3 c ...)
 	TODO: check
 CVE-2020-23937
 	RESERVED
@@ -17971,26 +18177,26 @@ CVE-2020-15640
 	RESERVED
 CVE-2020-15639
 	RESERVED
-CVE-2020-15638
-	RESERVED
-CVE-2020-15637
-	RESERVED
-CVE-2020-15636
-	RESERVED
-CVE-2020-15635
-	RESERVED
-CVE-2020-15634
-	RESERVED
+CVE-2020-15638 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+	TODO: check
+CVE-2020-15637 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+	TODO: check
+CVE-2020-15636 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+	TODO: check
+CVE-2020-15635 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+	TODO: check
+CVE-2020-15634 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
+	TODO: check
 CVE-2020-15633 (This vulnerability allows network-adjacent attackers to bypass authent ...)
 	NOT-FOR-US: D-Link
 CVE-2020-15632 (This vulnerability allows network-adjacent attackers to bypass authent ...)
 	NOT-FOR-US: D-Link
 CVE-2020-15631 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
 	NOT-FOR-US: D-Link
-CVE-2020-15630
-	RESERVED
-CVE-2020-15629
-	RESERVED
+CVE-2020-15630 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+	TODO: check
+CVE-2020-15629 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+	TODO: check
 CVE-2020-15628 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: CentOS-WebPanel.com
 CVE-2020-15627 (This vulnerability allows remote attackers to disclose sensitive infor ...)
@@ -18248,8 +18454,8 @@ CVE-2019-20895
 	RESERVED
 CVE-2020-15532 (Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overf ...)
 	TODO: check
-CVE-2020-15531
-	RESERVED
+CVE-2020-15531 (Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overf ...)
+	TODO: check
 CVE-2020-15530 (An issue was discovered in Valve Steam Client 2.10.91.91. The installe ...)
 	- steam <not-affected> (Steam on Windows)
 CVE-2020-15529 (An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation  ...)
@@ -19096,14 +19302,14 @@ CVE-2020-15148
 	RESERVED
 CVE-2020-15147
 	RESERVED
-CVE-2020-15146
-	RESERVED
+CVE-2020-15146 (In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4 ...)
+	TODO: check
 CVE-2020-15145 (In Composer-Setup for Windows before version 6.0.0, if the developer's ...)
 	NOT-FOR-US: Composer-Setup for Windows
 CVE-2020-15144
 	RESERVED
-CVE-2020-15143
-	RESERVED
+CVE-2020-15143 (In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4 ...)
+	TODO: check
 CVE-2020-15142 (In openapi-python-client before version 0.5.3, clients generated with  ...)
 	TODO: check
 CVE-2020-15141 (In openapi-python-client before version 0.5.3, there is a path travers ...)
@@ -19164,8 +19370,8 @@ CVE-2020-15121 (In radare2 before version 4.5.0, malformed PDB file names in the
 	NOTE: https://github.com/radareorg/radare2/pull/16966
 CVE-2020-15120 (In "I hate money" before version 4.1.5, an authenticated member of one ...)
 	NOT-FOR-US: ihatemoney
-CVE-2020-15119
-	RESERVED
+CVE-2020-15119 (In auth0-lock versions before and including 11.25.1, dangerouslySetInn ...)
+	TODO: check
 CVE-2020-15118 (In Wagtail before versions 2.7.4 and 2.9.3, when a form page type is m ...)
 	NOT-FOR-US: Wagtail
 CVE-2020-15117 (In Synergy before version 1.12.0, a Synergy server can be crashed by r ...)
@@ -22574,10 +22780,10 @@ CVE-2020-13828
 	RESERVED
 CVE-2020-13827 (phpList before 3.5.4 allows XSS via /lists/admin/user.php and /lists/a ...)
 	- phplist <itp> (bug #612288)
-CVE-2020-13826
-	RESERVED
-CVE-2020-13825
-	RESERVED
+CVE-2020-13826 (A CSV injection (aka Excel Macro Injection or Formula Injection) issue ...)
+	TODO: check
+CVE-2020-13825 (A cross-site scripting (XSS) vulnerability in i-doit 1.14.2 allows rem ...)
+	TODO: check
 CVE-2020-13824
 	RESERVED
 CVE-2020-13823
@@ -36504,10 +36710,10 @@ CVE-2020-8872 (This vulnerability allows local attackers to disclose sensitive i
 	NOT-FOR-US: Parallels
 CVE-2020-8871 (This vulnerability allows local attackers to escalate privileges on af ...)
 	NOT-FOR-US: Parallels
-CVE-2020-8870
-	RESERVED
-CVE-2020-8869
-	RESERVED
+CVE-2020-8870 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+	TODO: check
+CVE-2020-8869 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+	TODO: check
 CVE-2020-8868 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Quest Foglight Evolve
 CVE-2020-8867 (This vulnerability allows remote attackers to create a denial-of-servi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5ab815024e147c01a8a970ef8e8d2c140fe3100

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5ab815024e147c01a8a970ef8e8d2c140fe3100
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200820/0134a6f0/attachment.html>

More information about the debian-security-tracker-commits mailing list