[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c19d207b by security tracker role at 2020-12-14T08:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2020-35241
+	RESERVED
+CVE-2020-35240
+	RESERVED
+CVE-2020-35239
+	RESERVED
+CVE-2020-35238
+	RESERVED
+CVE-2020-35237
+	RESERVED
+CVE-2020-35236 (The GitLab Webhook Handler in amazee.io Lagoon before 1.12.3 has incor ...)
+	TODO: check
+CVE-2020-35235 (** UNSUPPORTED WHEN ASSIGNED ** vendor/elfinder/php/connector.minimal. ...)
+	TODO: check
+CVE-2020-35234 (The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrato ...)
+	TODO: check
+CVE-2020-35233
+	RESERVED
+CVE-2020-35232
+	RESERVED
+CVE-2020-35231
+	RESERVED
+CVE-2020-35230
+	RESERVED
+CVE-2020-35229
+	RESERVED
+CVE-2020-35228
+	RESERVED
+CVE-2020-35227
+	RESERVED
+CVE-2020-35226
+	RESERVED
+CVE-2020-35225
+	RESERVED
+CVE-2020-35224
+	RESERVED
+CVE-2020-35223
+	RESERVED
+CVE-2020-35222
+	RESERVED
+CVE-2020-35221
+	RESERVED
+CVE-2020-35220
+	RESERVED
 CVE-2020-35219
 	RESERVED
 CVE-2020-35218
@@ -253,8 +297,8 @@ CVE-2016-15001
 	REJECTED
 CVE-2020-29670
 	RESERVED
-CVE-2020-29669
-	RESERVED
+CVE-2020-29669 (In the Macally WIFISD2-2A82 Media and Travel Router 2.000.010, the Gue ...)
+	TODO: check
 CVE-2020-29668 (Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API ...)
 	- sympa 6.2.58~dfsg-2 (bug #976020)
 	NOTE: https://github.com/sympa-community/sympa/issues/1041
@@ -54332,11 +54376,11 @@ CVE-2020-9003 (A stored XSS vulnerability exists in the Modula Image Gallery plu
 CVE-2020-9002
 	RESERVED
 CVE-2020-9001
-	RESERVED
+	REJECTED
 CVE-2020-9000
 	RESERVED
 CVE-2020-8999
-	RESERVED
+	REJECTED
 CVE-2020-8998
 	REJECTED
 CVE-2020-8997 (Older generation Abbott FreeStyle Libre sensors allow remote attackers ...)
@@ -62753,8 +62797,8 @@ CVE-2020-5667 (Studyplus App for Android v6.3.7 and earlier and Studyplus App fo
 	NOT-FOR-US: Studyplus
 CVE-2020-5666 (Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series  ...)
 	NOT-FOR-US: Mitsubishi Electric
-CVE-2020-5665
-	RESERVED
+CVE-2020-5665 (Improper check or handling of exceptional conditions in MELSEC iQ-F se ...)
+	TODO: check
 CVE-2020-5664 (Deserialization of untrusted data vulnerability in XooNIps 3.49 and ea ...)
 	NOT-FOR-US: XooNIps
 CVE-2020-5663 (Stored cross-site scripting vulnerability in XooNIps 3.49 and earlier  ...)
@@ -62805,16 +62849,16 @@ CVE-2020-5641 (Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmw
 	NOT-FOR-US: GS108Ev3 firmware
 CVE-2020-5640 (Local file inclusion vulnerability in OneThird CMS v1.96c and earlier  ...)
 	NOT-FOR-US: OneThird CMS
-CVE-2020-5639
-	RESERVED
+CVE-2020-5639 (Directory traversal vulnerability in FileZen versions from V3.0.0 to V ...)
+	TODO: check
 CVE-2020-5638 (Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Sma ...)
 	NOT-FOR-US: desknet's NEO
-CVE-2020-5637
-	RESERVED
-CVE-2020-5636
-	RESERVED
-CVE-2020-5635
-	RESERVED
+CVE-2020-5637 (Improper validation of integrity check value vulnerability in Aterm SA ...)
+	TODO: check
+CVE-2020-5636 (Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker ...)
+	TODO: check
+CVE-2020-5635 (Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker ...)
+	TODO: check
 CVE-2020-5634 (ELECOM LAN routers (WRC-2533GST2 firmware versions prior to v1.14, WRC ...)
 	NOT-FOR-US: ELECOM LAN routers
 CVE-2020-5633



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c19d207b6028edb8a5872b3c6384a88824c096bd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c19d207b6028edb8a5872b3c6384a88824c096bd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201214/b5db7c9b/attachment.html>