[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Aug 26 09:10:26 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ab1d4576 by security tracker role at 2020-08-26T08:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,71 @@
+CVE-2020-24656 (Maltego before 4.2.12 allows XXE attacks. ...)
+ TODO: check
+CVE-2020-24655
+ RESERVED
+CVE-2020-24654
+ RESERVED
+CVE-2020-24653 (secure-store in Expo through 2.16.1 on iOS provides the insecure kSecA ...)
+ TODO: check
+CVE-2020-24652
+ RESERVED
+CVE-2020-24651
+ RESERVED
+CVE-2020-24650
+ RESERVED
+CVE-2020-24649
+ RESERVED
+CVE-2020-24648
+ RESERVED
+CVE-2020-24647
+ RESERVED
+CVE-2020-24646
+ RESERVED
+CVE-2020-24645
+ RESERVED
+CVE-2020-24644
+ RESERVED
+CVE-2020-24643
+ RESERVED
+CVE-2020-24642
+ RESERVED
+CVE-2020-24641
+ RESERVED
+CVE-2020-24640
+ RESERVED
+CVE-2020-24639
+ RESERVED
+CVE-2020-24638
+ RESERVED
+CVE-2020-24637
+ RESERVED
+CVE-2020-24636
+ RESERVED
+CVE-2020-24635
+ RESERVED
+CVE-2020-24634
+ RESERVED
+CVE-2020-24633
+ RESERVED
+CVE-2020-24632
+ RESERVED
+CVE-2020-24631
+ RESERVED
+CVE-2020-24630
+ RESERVED
+CVE-2020-24629
+ RESERVED
+CVE-2020-24628
+ RESERVED
+CVE-2020-24627
+ RESERVED
+CVE-2020-24626
+ RESERVED
+CVE-2020-24625
+ RESERVED
+CVE-2020-24624
+ RESERVED
+CVE-2020-24623
+ RESERVED
CVE-2020-24622 (In Sonatype Nexus Repository 3.26.1, an S3 secret key can be exposed b ...)
NOT-FOR-US: Sonatype
CVE-2020-24621
@@ -11284,8 +11352,8 @@ CVE-2020-19007
RESERVED
CVE-2020-19006
RESERVED
-CVE-2020-19005
- RESERVED
+CVE-2020-19005 (zrlog v2.1.0 has a vulnerability with the permission check. If admin a ...)
+ TODO: check
CVE-2020-19004
RESERVED
CVE-2020-19003
@@ -14512,42 +14580,42 @@ CVE-2020-17406
RESERVED
CVE-2020-17405
RESERVED
-CVE-2020-17404
- RESERVED
-CVE-2020-17403
- RESERVED
-CVE-2020-17402
- RESERVED
-CVE-2020-17401
- RESERVED
-CVE-2020-17400
- RESERVED
-CVE-2020-17399
- RESERVED
-CVE-2020-17398
- RESERVED
-CVE-2020-17397
- RESERVED
-CVE-2020-17396
- RESERVED
-CVE-2020-17395
- RESERVED
-CVE-2020-17394
- RESERVED
-CVE-2020-17393
- RESERVED
-CVE-2020-17392
- RESERVED
-CVE-2020-17391
- RESERVED
-CVE-2020-17390
- RESERVED
-CVE-2020-17389
- RESERVED
-CVE-2020-17388
- RESERVED
-CVE-2020-17387
- RESERVED
+CVE-2020-17404 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-17403 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-17402 (This vulnerability allows local attackers to disclose sensitive inform ...)
+ TODO: check
+CVE-2020-17401 (This vulnerability allows local attackers to disclose sensitive inform ...)
+ TODO: check
+CVE-2020-17400 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2020-17399 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2020-17398 (This vulnerability allows local attackers to disclose information on a ...)
+ TODO: check
+CVE-2020-17397 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2020-17396 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2020-17395 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2020-17394 (This vulnerability allows local attackers to disclose sensitive inform ...)
+ TODO: check
+CVE-2020-17393 (This vulnerability allows local attackers to disclose information on a ...)
+ TODO: check
+CVE-2020-17392 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2020-17391 (This vulnerability allows local attackers to disclose information on a ...)
+ TODO: check
+CVE-2020-17390 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2020-17389 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-17388 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-17387 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2020-17386 (Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputte ...)
NOT-FOR-US: Cellopoint Cellos
CVE-2020-17385 (Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputte ...)
@@ -18026,8 +18094,8 @@ CVE-2020-15778 (scp in OpenSSH through 8.3p1 allows command injection in scp.c r
NOTE: https://github.com/cpandya2909/CVE-2020-15778
NOTE: Negligible security impact, changing the scp protocol can have a good chance
NOTE: of breaking existing workflows.
-CVE-2020-15777
- RESERVED
+CVE-2020-15777 (An issue was discovered in the Maven Extension plugin before 1.6 for G ...)
+ TODO: check
CVE-2020-15776
RESERVED
CVE-2020-15775
@@ -18422,20 +18490,20 @@ CVE-2020-15646
{DSA-4718-1}
- thunderbird 1:68.10.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-15646
-CVE-2020-15645
- RESERVED
-CVE-2020-15644
- RESERVED
-CVE-2020-15643
- RESERVED
-CVE-2020-15642
- RESERVED
-CVE-2020-15641
- RESERVED
-CVE-2020-15640
- RESERVED
-CVE-2020-15639
- RESERVED
+CVE-2020-15645 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-15644 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-15643 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-15642 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-15641 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2020-15640 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2020-15639 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2020-15638 (This vulnerability allows remote attackers to execute arbitrary code o ...)
NOT-FOR-US: Foxit
CVE-2020-15637 (This vulnerability allows remote attackers to disclose sensitive infor ...)
@@ -40811,8 +40879,8 @@ CVE-2020-7311
RESERVED
CVE-2020-7310 (Privilege Escalation vulnerability in the installer in McAfee McAfee T ...)
NOT-FOR-US: McAfee
-CVE-2020-7309
- RESERVED
+CVE-2020-7309 (Cross Site Scripting vulnerability in ePO extension in McAfee Applicat ...)
+ TODO: check
CVE-2020-7308
RESERVED
CVE-2020-7307 (Unprotected Storage of Credentials vulnerability in McAfee Data Loss P ...)
@@ -72481,8 +72549,7 @@ CVE-2019-14905 (A vulnerability was found in Ansible Engine versions 2.9.x befor
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1776943
NOTE: https://github.com/ansible/ansible/pull/65423
NOTE: https://github.com/ansible/ansible/blob/stable-2.2/CHANGELOG.md
-CVE-2019-14904 [vulnerability in solaris_zone module via crafted solaris zone]
- RESERVED
+CVE-2019-14904 (A flaw was found in the solaris_zone module from the Ansible Community ...)
- ansible 2.9.4+dfsg-1 (low)
[buster] - ansible <no-dsa> (Minor issue)
[stretch] - ansible <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab1d4576e5fd817edffb03cc4d9dd9c228f154fd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab1d4576e5fd817edffb03cc4d9dd9c228f154fd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200826/afa60372/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list