[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Feb 20 08:10:29 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1ca07968 by security tracker role at 2020-02-20T08:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2020-9306
+	RESERVED
+CVE-2020-9305
+	RESERVED
+CVE-2020-9304
+	RESERVED
+CVE-2020-9303
+	RESERVED
+CVE-2020-9302
+	RESERVED
+CVE-2020-9301
+	RESERVED
+CVE-2020-9300
+	RESERVED
+CVE-2020-9299
+	RESERVED
+CVE-2020-9298
+	RESERVED
+CVE-2020-9297
+	RESERVED
+CVE-2020-9296
+	RESERVED
 CVE-2020-9295
 	RESERVED
 CVE-2020-9294
@@ -3008,8 +3030,8 @@ CVE-2020-7944
 	RESERVED
 CVE-2020-7943
 	RESERVED
-CVE-2020-7942
-	RESERVED
+CVE-2020-7942 (Previously, Puppet operated on a model that a node with a valid certif ...)
+	TODO: check
 CVE-2020-7941 (A privilege escalation issue in plone.app.contenttypes in Plone 4.3 th ...)
 	NOT-FOR-US: Plone
 CVE-2020-7940 (Missing password strength checks on some forms in Plone 4.3 through 5. ...)
@@ -5170,8 +5192,8 @@ CVE-2020-6972
 	RESERVED
 CVE-2020-6971
 	RESERVED
-CVE-2020-6970
-	RESERVED
+CVE-2020-6970 (A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA ...)
+	TODO: check
 CVE-2020-6969 (It is possible to unmask credentials and other sensitive information o ...)
 	NOT-FOR-US: AutomationDirect
 CVE-2020-6968
@@ -12010,12 +12032,12 @@ CVE-2020-3947
 	RESERVED
 CVE-2020-3946
 	RESERVED
-CVE-2020-3945
-	RESERVED
-CVE-2020-3944
-	RESERVED
-CVE-2020-3943
-	RESERVED
+CVE-2020-3945 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6. ...)
+	TODO: check
+CVE-2020-3944 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6. ...)
+	TODO: check
+CVE-2020-3943 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6. ...)
+	TODO: check
 CVE-2020-3942
 	RESERVED
 CVE-2020-3941 (The repair operation of VMware Tools for Windows 10.x.y has a race con ...)
@@ -14664,28 +14686,28 @@ CVE-2020-3165
 	RESERVED
 CVE-2020-3164
 	RESERVED
-CVE-2020-3163
-	RESERVED
+CVE-2020-3163 (A vulnerability in the Live Data server of Cisco Unified Contact Cente ...)
+	TODO: check
 CVE-2020-3162
 	RESERVED
 CVE-2020-3161
 	RESERVED
-CVE-2020-3160
-	RESERVED
-CVE-2020-3159
-	RESERVED
-CVE-2020-3158
-	RESERVED
+CVE-2020-3160 (A vulnerability in the Extensible Messaging and Presence Protocol (XMP ...)
+	TODO: check
+CVE-2020-3159 (A vulnerability in the web-based management interface of Cisco Finesse ...)
+	TODO: check
+CVE-2020-3158 (A vulnerability in the High Availability (HA) service of Cisco Smart S ...)
+	TODO: check
 CVE-2020-3157
 	RESERVED
-CVE-2020-3156
-	RESERVED
+CVE-2020-3156 (A vulnerability in the logging component of Cisco Identity Services En ...)
+	TODO: check
 CVE-2020-3155
 	RESERVED
-CVE-2020-3154
-	RESERVED
-CVE-2020-3153
-	RESERVED
+CVE-2020-3154 (A vulnerability in the web UI of Cisco Cloud Web Security (CWS) could  ...)
+	TODO: check
+CVE-2020-3153 (A vulnerability in the installer component of Cisco AnyConnect Secure  ...)
+	TODO: check
 CVE-2020-3152
 	RESERVED
 CVE-2020-3151
@@ -14714,8 +14736,8 @@ CVE-2020-3140
 	RESERVED
 CVE-2020-3139 (A vulnerability in the out of band (OOB) management interface IP table ...)
 	NOT-FOR-US: Cisco
-CVE-2020-3138
-	RESERVED
+CVE-2020-3138 (A vulnerability in the upgrade component of Cisco Enterprise NFV Infra ...)
+	TODO: check
 CVE-2020-3137
 	RESERVED
 CVE-2020-3136 (A vulnerability in the web-based management interface of Cisco Jabber  ...)
@@ -14726,8 +14748,8 @@ CVE-2020-3134 (A vulnerability in the zip decompression engine of Cisco AsyncOS
 	NOT-FOR-US: Cisco
 CVE-2020-3133
 	RESERVED
-CVE-2020-3132
-	RESERVED
+CVE-2020-3132 (A vulnerability in the email message scanning feature of Cisco AsyncOS ...)
+	TODO: check
 CVE-2020-3131 (A vulnerability in the Cisco Webex Teams client for Windows could allo ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3130
@@ -14766,12 +14788,12 @@ CVE-2020-3116
 	RESERVED
 CVE-2020-3115 (A vulnerability in the CLI of the Cisco SD-WAN Solution vManage softwa ...)
 	NOT-FOR-US: Cisco
-CVE-2020-3114
-	RESERVED
-CVE-2020-3113
-	RESERVED
-CVE-2020-3112
-	RESERVED
+CVE-2020-3114 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
+	TODO: check
+CVE-2020-3113 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
+	TODO: check
+CVE-2020-3112 (A vulnerability in the REST API endpoint of Cisco Data Center Network  ...)
+	TODO: check
 CVE-2020-3111 (A vulnerability in the Cisco Discovery Protocol implementation for the ...)
 	NOT-FOR-US: Cisco
 CVE-2020-3110 (A vulnerability in the Cisco Discovery Protocol implementation for the ...)
@@ -73290,8 +73312,8 @@ CVE-2019-1952 (A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure
 	NOT-FOR-US: Cisco
 CVE-2019-1951 (A vulnerability in the packet filtering features of Cisco SD-WAN Solut ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1950
-	RESERVED
+CVE-2019-1950 (A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers ...)
+	TODO: check
 CVE-2019-1949 (A vulnerability in the web-based management interface of Cisco Firepow ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1948 (A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an un ...)
@@ -217444,8 +217466,7 @@ CVE-2015-7545 (The (1) git-remote-ext and (2) unspecified other remote helper pr
 	- git 1:2.6.1-1
 	[squeeze] - git <not-affected> (git 1.7.2 did not have git-remote-ext yet)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/10/06/1
-CVE-2015-7747 [When changing both sample format and number of channels, data gets corrupted; if new sample format smaller than old, possible buffer overflow]
-	RESERVED
+CVE-2015-7747 (Buffer overflow in the afReadFrames function in audiofile (aka libaudi ...)
 	- audiofile 0.3.6-3 (bug #801102)
 	[jessie] - audiofile 0.3.6-2+deb8u1
 	[wheezy] - audiofile <no-dsa> (Minor issue)
@@ -237043,30 +237064,30 @@ CVE-2014-9619 (Unrestricted file upload vulnerability in webadmin/ajaxfilemanage
 	NOT-FOR-US: Netsweeper
 CVE-2014-9618 (The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x befo ...)
 	NOT-FOR-US: Netsweeper
-CVE-2014-9617
-	RESERVED
+CVE-2014-9617 (Open redirect vulnerability in remotereporter/load_logfiles.php in Net ...)
+	TODO: check
 CVE-2014-9616 (Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 a ...)
 	NOT-FOR-US: Netsweeper
-CVE-2014-9615
-	RESERVED
-CVE-2014-9614
-	RESERVED
-CVE-2014-9613
-	RESERVED
-CVE-2014-9612
-	RESERVED
+CVE-2014-9615 (Cross-site scripting (XSS) vulnerability in Netsweeper 4.0.4 allows re ...)
+	TODO: check
+CVE-2014-9614 (The Web Panel in Netsweeper before 4.0.5 has a default password of bra ...)
+	TODO: check
+CVE-2014-9613 (Multiple SQL injection vulnerabilities in Netsweeper before 2.6.29.10  ...)
+	TODO: check
+CVE-2014-9612 (SQL injection vulnerability in remotereporter/load_logfiles.php in Net ...)
+	TODO: check
 CVE-2014-9611 (Netsweeper before 4.0.5 allows remote attackers to bypass authenticati ...)
 	NOT-FOR-US: Netsweeper
 CVE-2014-9610 (Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 a ...)
 	NOT-FOR-US: Netsweeper
-CVE-2014-9609
-	RESERVED
-CVE-2014-9608
-	RESERVED
-CVE-2014-9607
-	RESERVED
-CVE-2014-9606
-	RESERVED
+CVE-2014-9609 (Directory traversal vulnerability in webadmin/reporter/view_server_log ...)
+	TODO: check
+CVE-2014-9608 (Cross-site scripting (XSS) vulnerability in webadmin/policy/group_tabl ...)
+	TODO: check
+CVE-2014-9607 (Cross-site scripting (XSS) vulnerability in remotereporter/load_logfil ...)
+	TODO: check
+CVE-2014-9606 (Multiple cross-site scripting (XSS) vulnerabilities in Netsweeper befo ...)
+	TODO: check
 CVE-2014-9605 (WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x  ...)
 	NOT-FOR-US: Netsweeper
 CVE-2014-9604 (libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a ze ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ca079682dac3641fe9cbdf72199fa7c8fcc6cd6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ca079682dac3641fe9cbdf72199fa7c8fcc6cd6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200220/9253fa5b/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list