[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Dec 7 20:10:32 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
01b2e85a by security tracker role at 2020-12-07T20:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2020-29597
+	RESERVED
+CVE-2020-29596
+	RESERVED
+CVE-2020-29595 (PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 ...)
+	TODO: check
+CVE-2020-29594
+	RESERVED
+CVE-2020-29593
+	RESERVED
+CVE-2020-29592
+	RESERVED
 CVE-2020-29591
 	RESERVED
 CVE-2020-29590
@@ -2086,8 +2098,8 @@ CVE-2020-28729
 	RESERVED
 CVE-2020-28728
 	RESERVED
-CVE-2020-28727
-	RESERVED
+CVE-2020-28727 (Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid p ...)
+	TODO: check
 CVE-2020-28726 (Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 parameter  ...)
 	NOT-FOR-US: SeedDMS
 CVE-2020-28725
@@ -8918,8 +8930,8 @@ CVE-2020-27152 (An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kv
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1888886
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=208767
 	NOTE: https://git.kernel.org/linus/77377064c3a94911339f13ce113b3abf265e06da
-CVE-2020-27151
-	RESERVED
+CVE-2020-27151 (An issue was discovered in Kata Containers through 1.11.3 and 2.x thro ...)
+	TODO: check
 CVE-2020-27153 (In BlueZ before 5.55, a double free was found in the gatttool disconne ...)
 	{DLA-2410-1}
 	- bluez 5.55-1
@@ -10387,8 +10399,8 @@ CVE-2020-26515
 	RESERVED
 CVE-2020-26514
 	RESERVED
-CVE-2020-26513
-	RESERVED
+CVE-2020-26513 (An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP ...)
+	TODO: check
 CVE-2020-26512
 	RESERVED
 CVE-2020-26511 (The wpo365-login plugin before v11.7 for WordPress allows use of a sym ...)
@@ -11234,8 +11246,8 @@ CVE-2020-26124 (openmediavault before 4.1.36 and 5.x before 5.5.12 allows authen
 	NOT-FOR-US: openmediavault
 CVE-2020-26123
 	RESERVED
-CVE-2020-26122
-	RESERVED
+CVE-2020-26122 (Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remot ...)
+	TODO: check
 CVE-2020-26121 (An issue was discovered in the FileImporter extension for MediaWiki be ...)
 	NOT-FOR-US: FileImporter MediaWiki extension
 CVE-2020-26120 (XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 ...)
@@ -38118,8 +38130,8 @@ CVE-2020-13947
 	RESERVED
 CVE-2020-13946 (In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.1 ...)
 	- cassandra <itp> (bug #585905)
-CVE-2020-13945
-	RESERVED
+CVE-2020-13945 (In Apache APISIX, the user enabled the Admin API and deleted the Admin ...)
+	TODO: check
 CVE-2020-13944 (In Apache Airflow < 1.10.12, the "origin" parameter passed to some  ...)
 	- airflow <itp> (bug #819700)
 CVE-2020-13943 (If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7 ...)
@@ -51752,8 +51764,8 @@ CVE-2020-9249 (HUAWEI P30 smartphones with versions earlier than 10.1.0.160(C00E
 	NOT-FOR-US: Huawei
 CVE-2020-9248 (Huawei FusionComput 8.0.0 have an improper authorization vulnerability ...)
 	NOT-FOR-US: Huawei
-CVE-2020-9247
-	RESERVED
+CVE-2020-9247 (There is a buffer overflow vulnerability in several Huawei products. T ...)
+	TODO: check
 CVE-2020-9246 (FusionCompute 8.0.0 has an information leak vulnerability. A module do ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9245 (HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUA ...)
@@ -60423,12 +60435,12 @@ CVE-2020-5802
 	RESERVED
 CVE-2020-5801
 	RESERVED
-CVE-2020-5800
-	RESERVED
-CVE-2020-5799
-	RESERVED
-CVE-2020-5798
-	RESERVED
+CVE-2020-5800 (The Eat Spray Love mobile app for both iOS and Android contains logic  ...)
+	TODO: check
+CVE-2020-5799 (The Eat Spray Love mobile app for both iOS and Android contains a back ...)
+	TODO: check
+CVE-2020-5798 (inSync Client installer for macOS versions v6.8.0 and prior could allo ...)
+	TODO: check
 CVE-2020-5797 (UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180 ...)
 	NOT-FOR-US: TP-Link
 CVE-2020-5796 (Improper preservation of permissions in Nagios XI 5.7.4 allows a local ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01b2e85a2ea0c405d2dce9d0dd9ace8c2145124c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01b2e85a2ea0c405d2dce9d0dd9ace8c2145124c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201207/ae2e8220/attachment.html>

More information about the debian-security-tracker-commits mailing list