[Git][security-tracker-team/security-tracker][master] automatic update

Thu Aug 27 09:10:24 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1d246654 by security tracker role at 2020-08-27T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,79 @@
+CVE-2020-24699
+	RESERVED
+CVE-2020-24698
+	RESERVED
+CVE-2020-24697
+	RESERVED
+CVE-2020-24696
+	RESERVED
+CVE-2020-24695
+	RESERVED
+CVE-2020-24694
+	RESERVED
+CVE-2020-24693
+	RESERVED
+CVE-2020-24692
+	RESERVED
+CVE-2020-24691
+	RESERVED
+CVE-2020-24690
+	RESERVED
+CVE-2020-24689
+	RESERVED
+CVE-2020-24688
+	RESERVED
+CVE-2020-24687
+	RESERVED
+CVE-2020-24686
+	RESERVED
+CVE-2020-24685
+	RESERVED
+CVE-2020-24684
+	RESERVED
+CVE-2020-24683
+	RESERVED
+CVE-2020-24682
+	RESERVED
+CVE-2020-24681
+	RESERVED
+CVE-2020-24680
+	RESERVED
+CVE-2020-24679
+	RESERVED
+CVE-2020-24678
+	RESERVED
+CVE-2020-24677
+	RESERVED
+CVE-2020-24676
+	RESERVED
+CVE-2020-24675
+	RESERVED
+CVE-2020-24674
+	RESERVED
+CVE-2020-24673
+	RESERVED
+CVE-2020-24672
+	RESERVED
+CVE-2020-24671
+	RESERVED
+CVE-2020-24670
+	RESERVED
+CVE-2020-24669
+	RESERVED
+CVE-2020-24668
+	RESERVED
+CVE-2020-24667
+	RESERVED
+CVE-2020-24666
+	RESERVED
+CVE-2020-24665
+	RESERVED
+CVE-2020-24664
+	RESERVED
+CVE-2020-24663
+	RESERVED
+CVE-2020-24662
+	RESERVED
 CVE-2020-24661 (GNOME Geary before 3.36.3 mishandles pinned TLS certificate verificati ...)
 	- geary <unfixed>
 	NOTE: https://gitlab.gnome.org/GNOME/geary/-/issues/866
@@ -124,10 +200,10 @@ CVE-2020-24601
 	RESERVED
 CVE-2020-24600
 	RESERVED
-CVE-2020-24599
-	RESERVED
-CVE-2020-24598
-	RESERVED
+CVE-2020-24599 (An issue was discovered in Joomla! before 3.9.21. Lack of escaping in  ...)
+	TODO: check
+CVE-2020-24598 (An issue was discovered in Joomla! before 3.9.21. Lack of input valida ...)
+	TODO: check
 CVE-2020-24597
 	RESERVED
 CVE-2020-24596
@@ -176,7 +252,7 @@ CVE-2020-24576
 	RESERVED
 CVE-2020-24575
 	RESERVED
-CVE-2020-24574 (The client (aka GalaxyClientService.exe) in GOG GALAXY 2.0.19 allows l ...)
+CVE-2020-24574 (The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.20  ...)
 	NOT-FOR-US: GOG Galaxy client
 CVE-2020-24573
 	RESERVED
@@ -18898,8 +18974,8 @@ CVE-2020-15487
 	RESERVED
 CVE-2020-15486 (An issue was discovered on Dr Trust ECG Pen 2.00.08 devices. Because t ...)
 	NOT-FOR-US: Dr Trust ECG Pen 2.00.08 devices
-CVE-2020-15485
-	RESERVED
+CVE-2020-15485 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
+	TODO: check
 CVE-2020-15484 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
 	NOT-FOR-US: Nescomed Multipara Monitor M1000 devices
 CVE-2020-15483 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
@@ -19632,8 +19708,8 @@ CVE-2020-15158 (In libIEC61850 before version 1.4.3, when a message with COTP me
 	NOT-FOR-US: libIEC61850
 CVE-2020-15157
 	RESERVED
-CVE-2020-15156
-	RESERVED
+CVE-2020-15156 (In nodebb-plugin-blog-comments before version 0.7.0, a logged in user  ...)
+	TODO: check
 CVE-2020-15155
 	RESERVED
 CVE-2020-15154
@@ -20595,10 +20671,10 @@ CVE-2020-14731
 	RESERVED
 CVE-2020-14730
 	RESERVED
-CVE-2020-14729
-	RESERVED
-CVE-2020-14728
-	RESERVED
+CVE-2020-14729 (Vulnerability in SuiteCommerce Advanced (SCA) Sites component of Oracl ...)
+	TODO: check
+CVE-2020-14728 (Vulnerability in the SuiteCommerce Advanced (SCA) component of Oracle  ...)
+	TODO: check
 CVE-2020-14727
 	RESERVED
 CVE-2020-14726
@@ -101596,10 +101672,10 @@ CVE-2019-5323 (There are command injection vulnerabilities present in the AirWav
 	NOT-FOR-US: Aruba Airwave
 CVE-2019-5322 (A remotely exploitable information disclosure vulnerability is present ...)
 	NOT-FOR-US: Edge Switch models
-CVE-2019-5321
-	RESERVED
-CVE-2019-5320
-	RESERVED
+CVE-2019-5321 (Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5 ...)
+	TODO: check
+CVE-2019-5320 (Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5 ...)
+	TODO: check
 CVE-2019-5319
 	RESERVED
 CVE-2019-5318
@@ -103000,8 +103076,8 @@ CVE-2019-4697 (IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user c
 	NOT-FOR-US: IBM
 CVE-2019-4696
 	RESERVED
-CVE-2019-4695
-	RESERVED
+CVE-2019-4695 (IBM Security Guardium Data Encryption (GDE) 3.0.0.2 allows web pages t ...)
+	TODO: check
 CVE-2019-4694 (IBM Security Guardium Data Encryption (GDE) 3.0.0.2 contains hard-code ...)
 	NOT-FOR-US: IBM
 CVE-2019-4693 (IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user creden ...)
@@ -340212,8 +340288,8 @@ CVE-2011-4822 (Multiple cross-site scripting (XSS) vulnerabilities in the user p
 	NOT-FOR-US: Atlassian FishEye
 CVE-2011-4821 (Directory traversal vulnerability in the TFTP server in D-Link DIR-601 ...)
 	NOT-FOR-US: D-Link router
-CVE-2011-4820
-	RESERVED
+CVE-2011-4820 (IBM Rational Asset Manager 7.5 could allow a remote attacker to bypass ...)
+	TODO: check
 CVE-2011-4819 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asse ...)
 	NOT-FOR-US: IBM Maximo Asset Management
 CVE-2011-4818 (Open redirect vulnerability in IBM Maximo Asset Management and Asset M ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d246654a7b24cc0ac75305f3625d8fdb211bc3a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d246654a7b24cc0ac75305f3625d8fdb211bc3a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200827/fb577bee/attachment-0001.html>
