[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
06ad61e9 by security tracker role at 2020-02-26T08:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2020-9417
+	RESERVED
+CVE-2020-9416
+	RESERVED
+CVE-2020-9415
+	RESERVED
+CVE-2020-9414
+	RESERVED
+CVE-2020-9413
+	RESERVED
+CVE-2020-9412
+	RESERVED
+CVE-2020-9411
+	RESERVED
+CVE-2020-9410
+	RESERVED
+CVE-2020-9409
+	RESERVED
+CVE-2020-9408
+	RESERVED
+CVE-2020-9407 (IBL Online Weather before 4.3.5a allows attackers to obtain sensitive  ...)
+	TODO: check
+CVE-2020-9406 (IBL Online Weather before 4.3.5a allows unauthenticated eval injection ...)
+	TODO: check
+CVE-2020-9405 (IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS  ...)
+	TODO: check
+CVE-2020-9404
+	RESERVED
+CVE-2020-9403
+	RESERVED
+CVE-2020-9402
+	RESERVED
+CVE-2020-9401
+	RESERVED
+CVE-2020-9400
+	RESERVED
+CVE-2020-9399
+	RESERVED
+CVE-2020-9398 (ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_a ...)
+	TODO: check
+CVE-2020-9397
+	RESERVED
+CVE-2020-9396
+	RESERVED
 CVE-2020-9395
 	RESERVED
 CVE-2020-9394 (An issue was discovered in the pricing-table-by-supsystic plugin befor ...)
@@ -66595,8 +66639,8 @@ CVE-2019-4002
 	RESERVED
 CVE-2019-4001
 	RESERVED
-CVE-2019-4000
-	RESERVED
+CVE-2019-4000 (Improper neutralization of directives in dynamically evaluated code in ...)
+	TODO: check
 CVE-2019-3999 (Improper neutralization of special elements used in an OS command in D ...)
 	TODO: check
 CVE-2019-3998 (Authentication bypass using an alternate path or channel in SimpliSafe ...)
@@ -224817,8 +224861,7 @@ CVE-2015-5203 (Double free vulnerability in the jasper_image_stop_load function
 	NOTE: Analysis/More information/Fixing commits: https://bugzilla.redhat.com/show_bug.cgi?id=1254242#c11
 CVE-2015-5202 (Red Hat Satellite 6 allows remote authenticated users with privileged  ...)
 	NOT-FOR-US: Satellite6
-CVE-2015-5201
-	RESERVED
+CVE-2015-5201 (VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka  ...)
 	NOT-FOR-US: Red Hat vdms
 CVE-2015-5200 (The trace functionality in libvdpau before 1.1.1, when used in a setui ...)
 	{DSA-3355-1 DLA-306-1}
@@ -239037,8 +239080,8 @@ CVE-2015-0567
 	RESERVED
 CVE-2015-0566
 	RESERVED
-CVE-2015-0565
-	RESERVED
+CVE-2015-0565 (NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks ...)
+	TODO: check
 CVE-2014-9585 (The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel thro ...)
 	{DSA-3170-1 DLA-155-1}
 	- linux 3.16.7-ckt4-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06ad61e9f8e76eca12ab60631a6231f498dbd4e4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06ad61e9f8e76eca12ab60631a6231f498dbd4e4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200226/a87381bc/attachment.html>