[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Jan 15 20:10:32 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e42f0340 by security tracker role at 2020-01-15T20:10:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,93 @@
+CVE-2020-7103
+ RESERVED
+CVE-2020-7102
+ RESERVED
+CVE-2020-7101
+ RESERVED
+CVE-2020-7100
+ RESERVED
+CVE-2020-7099
+ RESERVED
+CVE-2020-7098
+ RESERVED
+CVE-2020-7097
+ RESERVED
+CVE-2020-7096
+ RESERVED
+CVE-2020-7095
+ RESERVED
+CVE-2020-7094
+ RESERVED
+CVE-2020-7093
+ RESERVED
+CVE-2020-7092
+ RESERVED
+CVE-2020-7091
+ RESERVED
+CVE-2020-7090
+ RESERVED
+CVE-2020-7089
+ RESERVED
+CVE-2020-7088
+ RESERVED
+CVE-2020-7087
+ RESERVED
+CVE-2020-7086
+ RESERVED
+CVE-2020-7085
+ RESERVED
+CVE-2020-7084
+ RESERVED
+CVE-2020-7083
+ RESERVED
+CVE-2020-7082
+ RESERVED
+CVE-2020-7081
+ RESERVED
+CVE-2020-7080
+ RESERVED
+CVE-2020-7079
+ RESERVED
+CVE-2020-7078
+ RESERVED
+CVE-2020-7077
+ RESERVED
+CVE-2020-7076
+ RESERVED
+CVE-2020-7075
+ RESERVED
+CVE-2020-7074
+ RESERVED
+CVE-2020-7073
+ RESERVED
+CVE-2020-7072
+ RESERVED
+CVE-2020-7071
+ RESERVED
+CVE-2020-7070
+ RESERVED
+CVE-2020-7069
+ RESERVED
+CVE-2020-7068
+ RESERVED
+CVE-2020-7067
+ RESERVED
+CVE-2020-7066
+ RESERVED
+CVE-2020-7065
+ RESERVED
+CVE-2020-7064
+ RESERVED
+CVE-2020-7063
+ RESERVED
+CVE-2020-7062
+ RESERVED
+CVE-2020-7061
+ RESERVED
+CVE-2020-7060
+ RESERVED
+CVE-2020-7059
+ RESERVED
CVE-2020-7058 (** DISPUTED ** data_input.php in Cacti 1.2.8 allows remote code execut ...)
TODO: check
CVE-2020-7057 (Hikvision DVR DS-7204HGHI-F1 V4.0.1 build 180903 Web Version sends a d ...)
@@ -6864,8 +6954,8 @@ CVE-2020-3943
RESERVED
CVE-2020-3942
RESERVED
-CVE-2020-3941
- RESERVED
+CVE-2020-3941 (The repair operation of VMware Tools for Windows 10.x.y has a race con ...)
+ TODO: check
CVE-2020-3940
RESERVED
CVE-2019-20149 (ctorName in index.js in kind-of v6.0.2 allows external user input to o ...)
@@ -10444,510 +10534,469 @@ CVE-2020-2733
RESERVED
CVE-2020-2732
RESERVED
-CVE-2020-2731
- RESERVED
-CVE-2020-2730
- RESERVED
-CVE-2020-2729
- RESERVED
-CVE-2020-2728
- RESERVED
-CVE-2020-2727
- RESERVED
+CVE-2020-2731 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+ TODO: check
+CVE-2020-2730 (Vulnerability in the Oracle Financial Services Revenue Management and ...)
+ TODO: check
+CVE-2020-2729 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
+ TODO: check
+CVE-2020-2728 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
+ TODO: check
+CVE-2020-2727 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2726
- RESERVED
+CVE-2020-2726 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2725
- RESERVED
+CVE-2020-2725 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2724
- RESERVED
-CVE-2020-2723
- RESERVED
-CVE-2020-2722
- RESERVED
-CVE-2020-2721
- RESERVED
-CVE-2020-2720
- RESERVED
-CVE-2020-2719
- RESERVED
-CVE-2020-2718
- RESERVED
-CVE-2020-2717
- RESERVED
-CVE-2020-2716
- RESERVED
-CVE-2020-2715
- RESERVED
-CVE-2020-2714
- RESERVED
-CVE-2020-2713
- RESERVED
-CVE-2020-2712
- RESERVED
-CVE-2020-2711
- RESERVED
-CVE-2020-2710
- RESERVED
-CVE-2020-2709
- RESERVED
+CVE-2020-2724 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
+ TODO: check
+CVE-2020-2723 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
+ TODO: check
+CVE-2020-2722 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
+ TODO: check
+CVE-2020-2721 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
+ TODO: check
+CVE-2020-2720 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
+ TODO: check
+CVE-2020-2719 (Vulnerability in the Oracle Banking Corporate Lending product of Oracl ...)
+ TODO: check
+CVE-2020-2718 (Vulnerability in the Oracle Banking Corporate Lending product of Oracl ...)
+ TODO: check
+CVE-2020-2717 (Vulnerability in the Oracle Banking Corporate Lending product of Oracl ...)
+ TODO: check
+CVE-2020-2716 (Vulnerability in the Oracle Banking Corporate Lending product of Oracl ...)
+ TODO: check
+CVE-2020-2715 (Vulnerability in the Oracle Banking Corporate Lending product of Oracl ...)
+ TODO: check
+CVE-2020-2714 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
+ TODO: check
+CVE-2020-2713 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
+ TODO: check
+CVE-2020-2712 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
+ TODO: check
+CVE-2020-2711 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
+ TODO: check
+CVE-2020-2710 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
+ TODO: check
+CVE-2020-2709 (Vulnerability in the Oracle iLearning product of Oracle iLearning (com ...)
+ TODO: check
CVE-2020-2708
RESERVED
-CVE-2020-2707
- RESERVED
+CVE-2020-2707 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
+ TODO: check
CVE-2020-2706
RESERVED
-CVE-2020-2705
- RESERVED
+CVE-2020-2705 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2704
- RESERVED
+CVE-2020-2704 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2703
- RESERVED
+CVE-2020-2703 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2702
- RESERVED
+CVE-2020-2702 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2701
- RESERVED
+CVE-2020-2701 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2700
- RESERVED
-CVE-2020-2699
- RESERVED
-CVE-2020-2698
- RESERVED
+CVE-2020-2700 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
+ TODO: check
+CVE-2020-2699 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
+ TODO: check
+CVE-2020-2698 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2697
- RESERVED
-CVE-2020-2696
- RESERVED
-CVE-2020-2695
- RESERVED
-CVE-2020-2694
- RESERVED
+CVE-2020-2697 (Vulnerability in the Oracle Hospitality Suites Management component of ...)
+ TODO: check
+CVE-2020-2696 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2695 (Vulnerability in the PeopleSoft Enterprise CC Common Application Objec ...)
+ TODO: check
+CVE-2020-2694 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (MySQL 8 only)
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2693
- RESERVED
+CVE-2020-2693 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2692
- RESERVED
+CVE-2020-2692 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2691
- RESERVED
+CVE-2020-2691 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2690
- RESERVED
+CVE-2020-2690 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2689
- RESERVED
+CVE-2020-2689 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2688
- RESERVED
-CVE-2020-2687
- RESERVED
-CVE-2020-2686
- RESERVED
+CVE-2020-2688 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+ TODO: check
+CVE-2020-2687 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2686 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2685
- RESERVED
-CVE-2020-2684
- RESERVED
-CVE-2020-2683
- RESERVED
-CVE-2020-2682
- RESERVED
+CVE-2020-2685 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
+ TODO: check
+CVE-2020-2684 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
+ TODO: check
+CVE-2020-2683 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
+ TODO: check
+CVE-2020-2682 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2681
- RESERVED
+CVE-2020-2681 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2680
- RESERVED
-CVE-2020-2679
- RESERVED
+CVE-2020-2680 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2679 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2678
- RESERVED
+CVE-2020-2678 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2677
- RESERVED
-CVE-2020-2676
- RESERVED
-CVE-2020-2675
- RESERVED
-CVE-2020-2674
- RESERVED
+CVE-2020-2677 (Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hosp ...)
+ TODO: check
+CVE-2020-2676 (Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hosp ...)
+ TODO: check
+CVE-2020-2675 (Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hosp ...)
+ TODO: check
+CVE-2020-2674 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.2-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2020-2673
- RESERVED
-CVE-2020-2672
- RESERVED
-CVE-2020-2671
- RESERVED
-CVE-2020-2670
- RESERVED
-CVE-2020-2669
- RESERVED
-CVE-2020-2668
- RESERVED
-CVE-2020-2667
- RESERVED
-CVE-2020-2666
- RESERVED
-CVE-2020-2665
- RESERVED
-CVE-2020-2664
- RESERVED
-CVE-2020-2663
- RESERVED
-CVE-2020-2662
- RESERVED
-CVE-2020-2661
- RESERVED
-CVE-2020-2660
- RESERVED
+CVE-2020-2673 (Vulnerability in the Oracle Application Testing Suite product of Oracl ...)
+ TODO: check
+CVE-2020-2672 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2671 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2670 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2669 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2668 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2667 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2666 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
+ TODO: check
+CVE-2020-2665 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2664 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2663 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2662 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2661 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2660 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed>
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2659
- RESERVED
+CVE-2020-2659 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2658
- RESERVED
-CVE-2020-2657
- RESERVED
-CVE-2020-2656
- RESERVED
-CVE-2020-2655
- RESERVED
+CVE-2020-2658 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+ TODO: check
+CVE-2020-2657 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2020-2656 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2655 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
- openjdk-13 <unfixed>
- openjdk-11 11.0.6+10-1
-CVE-2020-2654
- RESERVED
+CVE-2020-2654 (Vulnerability in the Java SE product of Oracle Java SE (component: Lib ...)
- openjdk-13 <unfixed>
- openjdk-11 11.0.6+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2653
- RESERVED
-CVE-2020-2652
- RESERVED
-CVE-2020-2651
- RESERVED
-CVE-2020-2650
- RESERVED
-CVE-2020-2649
- RESERVED
-CVE-2020-2648
- RESERVED
-CVE-2020-2647
- RESERVED
-CVE-2020-2646
- RESERVED
-CVE-2020-2645
- RESERVED
-CVE-2020-2644
- RESERVED
-CVE-2020-2643
- RESERVED
-CVE-2020-2642
- RESERVED
-CVE-2020-2641
- RESERVED
-CVE-2020-2640
- RESERVED
-CVE-2020-2639
- RESERVED
-CVE-2020-2638
- RESERVED
-CVE-2020-2637
- RESERVED
-CVE-2020-2636
- RESERVED
-CVE-2020-2635
- RESERVED
-CVE-2020-2634
- RESERVED
-CVE-2020-2633
- RESERVED
-CVE-2020-2632
- RESERVED
-CVE-2020-2631
- RESERVED
-CVE-2020-2630
- RESERVED
-CVE-2020-2629
- RESERVED
-CVE-2020-2628
- RESERVED
-CVE-2020-2627
- RESERVED
+CVE-2020-2653 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2020-2652 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2020-2651 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2020-2650 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
+ TODO: check
+CVE-2020-2649 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
+ TODO: check
+CVE-2020-2648 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
+ TODO: check
+CVE-2020-2647 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2646 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2645 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2644 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2643 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2642 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2641 (Vulnerability in the Enterprise Manager for Oracle Database product of ...)
+ TODO: check
+CVE-2020-2640 (Vulnerability in the Enterprise Manager for Oracle Database product of ...)
+ TODO: check
+CVE-2020-2639 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2638 (Vulnerability in the Enterprise Manager for Oracle Database product of ...)
+ TODO: check
+CVE-2020-2637 (Vulnerability in the Enterprise Manager for Oracle Database product of ...)
+ TODO: check
+CVE-2020-2636 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2635 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2634 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2633 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2632 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2631 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2630 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2629 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2628 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2627 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2626
- RESERVED
-CVE-2020-2625
- RESERVED
-CVE-2020-2624
- RESERVED
-CVE-2020-2623
- RESERVED
-CVE-2020-2622
- RESERVED
-CVE-2020-2621
- RESERVED
-CVE-2020-2620
- RESERVED
-CVE-2020-2619
- RESERVED
-CVE-2020-2618
- RESERVED
-CVE-2020-2617
- RESERVED
-CVE-2020-2616
- RESERVED
-CVE-2020-2615
- RESERVED
-CVE-2020-2614
- RESERVED
-CVE-2020-2613
- RESERVED
-CVE-2020-2612
- RESERVED
-CVE-2020-2611
- RESERVED
-CVE-2020-2610
- RESERVED
-CVE-2020-2609
- RESERVED
-CVE-2020-2608
- RESERVED
-CVE-2020-2607
- RESERVED
-CVE-2020-2606
- RESERVED
-CVE-2020-2605
- RESERVED
-CVE-2020-2604
- RESERVED
+CVE-2020-2626 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2625 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2624 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2623 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2622 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2621 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2620 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2619 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2618 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2617 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2616 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2615 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2614 (Vulnerability in the Enterprise Manager for Fusion Middleware product ...)
+ TODO: check
+CVE-2020-2613 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2612 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2611 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2610 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2609 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2608 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+ TODO: check
+CVE-2020-2607 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2606 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2605 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2604 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
- openjdk-13 <unfixed>
- openjdk-11 11.0.6+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2603
- RESERVED
-CVE-2020-2602
- RESERVED
-CVE-2020-2601
- RESERVED
+CVE-2020-2603 (Vulnerability in the Oracle Field Service product of Oracle E-Business ...)
+ TODO: check
+CVE-2020-2602 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2601 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-13 <unfixed>
- openjdk-11 11.0.6+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2600
- RESERVED
-CVE-2020-2599
- RESERVED
-CVE-2020-2598
- RESERVED
-CVE-2020-2597
- RESERVED
-CVE-2020-2596
- RESERVED
-CVE-2020-2595
- RESERVED
+CVE-2020-2600 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2599 (Vulnerability in the Oracle Hospitality Cruise Materials Management pr ...)
+ TODO: check
+CVE-2020-2598 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+ TODO: check
+CVE-2020-2597 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
+ TODO: check
+CVE-2020-2596 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+ TODO: check
+CVE-2020-2595 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+ TODO: check
CVE-2020-2594
RESERVED
-CVE-2020-2593
- RESERVED
+CVE-2020-2593 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-13 <unfixed>
- openjdk-11 11.0.6+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2592
- RESERVED
-CVE-2020-2591
- RESERVED
-CVE-2020-2590
- RESERVED
+CVE-2020-2592 (Vulnerability in the Oracle AutoVue product of Oracle Supply Chain (co ...)
+ TODO: check
+CVE-2020-2591 (Vulnerability in the Oracle Web Applications Desktop Integrator produc ...)
+ TODO: check
+CVE-2020-2590 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-13 <unfixed>
- openjdk-11 11.0.6+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2589
- RESERVED
+CVE-2020-2589 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed>
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2588
- RESERVED
+CVE-2020-2588 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (MySQL 8 only)
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2587
- RESERVED
-CVE-2020-2586
- RESERVED
-CVE-2020-2585
- RESERVED
-CVE-2020-2584
- RESERVED
+CVE-2020-2587 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
+ TODO: check
+CVE-2020-2586 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
+ TODO: check
+CVE-2020-2585 (Vulnerability in the Java SE product of Oracle Java SE (component: Jav ...)
+ TODO: check
+CVE-2020-2584 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed>
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2583
- RESERVED
+CVE-2020-2583 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
- openjdk-13 <unfixed>
- openjdk-11 11.0.6+10-1
- openjdk-8 <unfixed>
- openjdk-7 <removed>
-CVE-2020-2582
- RESERVED
-CVE-2020-2581
- RESERVED
-CVE-2020-2580
- RESERVED
+CVE-2020-2582 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
+ TODO: check
+CVE-2020-2581 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+ TODO: check
+CVE-2020-2580 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <not-affected> (MySQL 8 only)
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2579
- RESERVED
+CVE-2020-2579 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed>
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2578
- RESERVED
-CVE-2020-2577
- RESERVED
+CVE-2020-2578 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2577 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed>
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2576
- RESERVED
+CVE-2020-2576 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
CVE-2020-2575
RESERVED
-CVE-2020-2574
- RESERVED
+CVE-2020-2574 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed>
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2573
- RESERVED
+CVE-2020-2573 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed>
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2572
- RESERVED
+CVE-2020-2572 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed>
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2571
- RESERVED
-CVE-2020-2570
- RESERVED
+CVE-2020-2571 (Vulnerability in the Oracle VM Server for SPARC product of Oracle Syst ...)
+ TODO: check
+CVE-2020-2570 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed>
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-CVE-2020-2569
- RESERVED
-CVE-2020-2568
- RESERVED
-CVE-2020-2567
- RESERVED
-CVE-2020-2566
- RESERVED
-CVE-2020-2565
- RESERVED
-CVE-2020-2564
- RESERVED
-CVE-2020-2563
- RESERVED
+CVE-2020-2569 (Vulnerability in the Oracle Applications DBA component of Oracle Datab ...)
+ TODO: check
+CVE-2020-2568 (Vulnerability in the Oracle Applications DBA component of Oracle Datab ...)
+ TODO: check
+CVE-2020-2567 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
+ TODO: check
+CVE-2020-2566 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
+ TODO: check
+CVE-2020-2565 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2564 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM ...)
+ TODO: check
+CVE-2020-2563 (Vulnerability in the Hyperion Financial Close Management product of Or ...)
+ TODO: check
CVE-2020-2562
RESERVED
-CVE-2020-2561
- RESERVED
-CVE-2020-2560
- RESERVED
-CVE-2020-2559
- RESERVED
-CVE-2020-2558
- RESERVED
-CVE-2020-2557
- RESERVED
-CVE-2020-2556
- RESERVED
-CVE-2020-2555
- RESERVED
+CVE-2020-2561 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources product ...)
+ TODO: check
+CVE-2020-2560 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM ...)
+ TODO: check
+CVE-2020-2559 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM ...)
+ TODO: check
+CVE-2020-2558 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+ TODO: check
+CVE-2020-2557 (Vulnerability in the Oracle Demantra Demand Management product of Orac ...)
+ TODO: check
+CVE-2020-2556 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
+ TODO: check
+CVE-2020-2555 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
+ TODO: check
CVE-2020-2554
RESERVED
CVE-2020-2553
RESERVED
-CVE-2020-2552
- RESERVED
-CVE-2020-2551
- RESERVED
-CVE-2020-2550
- RESERVED
-CVE-2020-2549
- RESERVED
-CVE-2020-2548
- RESERVED
-CVE-2020-2547
- RESERVED
-CVE-2020-2546
- RESERVED
-CVE-2020-2545
- RESERVED
-CVE-2020-2544
- RESERVED
-CVE-2020-2543
- RESERVED
-CVE-2020-2542
- RESERVED
-CVE-2020-2541
- RESERVED
-CVE-2020-2540
- RESERVED
-CVE-2020-2539
- RESERVED
-CVE-2020-2538
- RESERVED
-CVE-2020-2537
- RESERVED
-CVE-2020-2536
- RESERVED
-CVE-2020-2535
- RESERVED
-CVE-2020-2534
- RESERVED
-CVE-2020-2533
- RESERVED
+CVE-2020-2552 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2551 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2550 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2549 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2548 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2547 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2546 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2545 (Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middl ...)
+ TODO: check
+CVE-2020-2544 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2543 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2020-2542 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2020-2541 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2020-2540 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2020-2539 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2538 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2537 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2020-2536 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+ TODO: check
+CVE-2020-2535 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2020-2534 (Vulnerability in the Oracle Reports Developer product of Oracle Fusion ...)
+ TODO: check
+CVE-2020-2533 (Vulnerability in the Oracle Reports Developer product of Oracle Fusion ...)
+ TODO: check
CVE-2020-2532
RESERVED
-CVE-2020-2531
- RESERVED
-CVE-2020-2530
- RESERVED
+CVE-2020-2531 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+ TODO: check
+CVE-2020-2530 (Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middl ...)
+ TODO: check
CVE-2020-2529
RESERVED
CVE-2020-2528
RESERVED
-CVE-2020-2527
- RESERVED
+CVE-2020-2527 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+ TODO: check
CVE-2020-2526
RESERVED
CVE-2020-2525
@@ -10962,26 +11011,26 @@ CVE-2020-2521
RESERVED
CVE-2020-2520
RESERVED
-CVE-2020-2519
- RESERVED
-CVE-2020-2518
- RESERVED
-CVE-2020-2517
- RESERVED
-CVE-2020-2516
- RESERVED
-CVE-2020-2515
- RESERVED
+CVE-2020-2519 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
+CVE-2020-2518 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
+ TODO: check
+CVE-2020-2517 (Vulnerability in the Database Gateway for ODBC component of Oracle Dat ...)
+ TODO: check
+CVE-2020-2516 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+ TODO: check
+CVE-2020-2515 (Vulnerability in the Database Gateway for ODBC component of Oracle Dat ...)
+ TODO: check
CVE-2020-2514
RESERVED
CVE-2020-2513
RESERVED
-CVE-2020-2512
- RESERVED
-CVE-2020-2511
- RESERVED
-CVE-2020-2510
- RESERVED
+CVE-2020-2512 (Vulnerability in the Database Gateway for ODBC component of Oracle Dat ...)
+ TODO: check
+CVE-2020-2511 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+ TODO: check
+CVE-2020-2510 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+ TODO: check
CVE-2019-19720 (Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() functio ...)
- yabasic <unfixed> (unimportant)
NOTE: https://github.com/marcIhm/yabasic/issues/36
@@ -12125,32 +12174,23 @@ CVE-2020-2100
RESERVED
CVE-2020-2099
RESERVED
-CVE-2020-2098
- RESERVED
+CVE-2020-2098 (A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0. ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2097
- RESERVED
+CVE-2020-2097 (Jenkins Sounds Plugin 0.5 and earlier does not perform permission chec ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2096
- RESERVED
+CVE-2020-2096 (Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project n ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2095
- RESERVED
+CVE-2020-2095 (Jenkins Redgate SQL Change Automation Plugin 2.0.4 and earlier stored ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2094
- RESERVED
+CVE-2020-2094 (A missing permission check in Jenkins Health Advisor by CloudBees Plug ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2093
- RESERVED
+CVE-2020-2093 (A cross-site request forgery vulnerability in Jenkins Health Advisor b ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2092
- RESERVED
+CVE-2020-2092 (Jenkins Robot Framework Plugin 2.0.0 and earlier does not configure it ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2091
- RESERVED
+CVE-2020-2091 (A missing permission check in Jenkins Amazon EC2 Plugin 1.47 and earli ...)
NOT-FOR-US: Jenkins plugin
-CVE-2020-2090
- RESERVED
+CVE-2020-2090 (A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugi ...)
NOT-FOR-US: Jenkins plugin
CVE-2020-2089
RESERVED
@@ -12693,8 +12733,8 @@ CVE-2020-1931
RESERVED
CVE-2020-1930
RESERVED
-CVE-2020-1929
- RESERVED
+CVE-2020-1929 (The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an ...)
+ TODO: check
CVE-2020-1928
RESERVED
CVE-2020-1927
@@ -15237,30 +15277,30 @@ CVE-2020-1613
RESERVED
CVE-2020-1612
RESERVED
-CVE-2020-1611
- RESERVED
+CVE-2020-1611 (A Local File Inclusion vulnerability in Juniper Networks Junos Space a ...)
+ TODO: check
CVE-2020-1610
RESERVED
-CVE-2020-1609
- RESERVED
-CVE-2020-1608
- RESERVED
-CVE-2020-1607
- RESERVED
-CVE-2020-1606
- RESERVED
-CVE-2020-1605
- RESERVED
-CVE-2020-1604
- RESERVED
-CVE-2020-1603
- RESERVED
-CVE-2020-1602
- RESERVED
-CVE-2020-1601
- RESERVED
-CVE-2020-1600
- RESERVED
+CVE-2020-1609 (When a device using Juniper Network's Dynamic Host Configuration Proto ...)
+ TODO: check
+CVE-2020-1608 (Receipt of a specific MPLS or IPv6 packet on the core facing interface ...)
+ TODO: check
+CVE-2020-1607 (Insufficient Cross-Site Scripting (XSS) protection in J-Web may potent ...)
+ TODO: check
+CVE-2020-1606 (A path traversal vulnerability in the Juniper Networks Junos OS device ...)
+ TODO: check
+CVE-2020-1605 (When a device using Juniper Network's Dynamic Host Configuration Proto ...)
+ TODO: check
+CVE-2020-1604 (On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the ...)
+ TODO: check
+CVE-2020-1603 (Specific IPv6 packets sent by clients processed by the Routing Engine ...)
+ TODO: check
+CVE-2020-1602 (When a device using Juniper Network's Dynamic Host Configuration Proto ...)
+ TODO: check
+CVE-2020-1601 (Certain types of malformed Path Computation Element Protocol (PCEP) pa ...)
+ TODO: check
+CVE-2020-1600 (In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an ...)
+ TODO: check
CVE-2020-1599
RESERVED
CVE-2020-1598
@@ -18308,7 +18348,7 @@ CVE-2019-18414 (Sourcecodester Restaurant Management System 1.0 is affected by a
CVE-2019-18413 (In TypeStack class-validator 0.10.2, validate() input validation can b ...)
NOT-FOR-US: TypeStack class-validator
CVE-2019-18412
- RESERVED
+ REJECTED
CVE-2019-18411 (Zoho ManageEngine ADSelfService Plus 5.x through 5803 has CSRF on the ...)
NOT-FOR-US: Zoho ManageEngine
CVE-2019-18410
@@ -18637,16 +18677,16 @@ CVE-2019-18276 (An issue was discovered in disable_priv_mode in shell.c in GNU B
NOTE: https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=951bdaad7a18cc0dc1036bba86b18b90874d39ff
NOTE: https://savannah.gnu.org/patch/?9822
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1158028
-CVE-2019-18275
- RESERVED
+CVE-2019-18275 (OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affect ...)
+ TODO: check
CVE-2019-18274
RESERVED
-CVE-2019-18273
- RESERVED
+CVE-2019-18273 (OSIsoft PI Vision, PI Vision 2017 R2 and PI Vision 2017 R2 SP1. The af ...)
+ TODO: check
CVE-2019-18272
RESERVED
-CVE-2019-18271
- RESERVED
+CVE-2019-18271 (OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affect ...)
+ TODO: check
CVE-2019-18270
RESERVED
CVE-2019-18269 (In Omron PLC CJ series, all versions, and Omron PLC CS series, all ver ...)
@@ -18699,8 +18739,8 @@ CVE-2019-18246
RESERVED
CVE-2019-18245 (Reliable Controls LicenseManager versions 3.4 and prior may allow an a ...)
NOT-FOR-US: Reliable Controls LicenseManager
-CVE-2019-18244
- RESERVED
+CVE-2019-18244 (OSIsoft PI Vision, PI Vision 2017 R2, PI Vision 2017 R2 SP1, PI Vision ...)
+ TODO: check
CVE-2019-18243
RESERVED
CVE-2019-18242
@@ -24217,14 +24257,14 @@ CVE-2019-16471
RESERVED
CVE-2019-16470
RESERVED
-CVE-2019-16469
- RESERVED
-CVE-2019-16468
- RESERVED
-CVE-2019-16467
- RESERVED
-CVE-2019-16466
- RESERVED
+CVE-2019-16469 (Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 hav ...)
+ TODO: check
+CVE-2019-16468 (Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 hav ...)
+ TODO: check
+CVE-2019-16467 (Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 hav ...)
+ TODO: check
+CVE-2019-16466 (Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 hav ...)
+ TODO: check
CVE-2019-16465 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
NOT-FOR-US: Adobe
CVE-2019-16464 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
@@ -25686,8 +25726,7 @@ CVE-2019-15963
RESERVED
CVE-2019-15962 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
NOT-FOR-US: Cisco
-CVE-2019-15961
- RESERVED
+CVE-2019-15961 (A vulnerability in the email parsing module Clam AntiVirus (ClamAV) So ...)
- clamav 0.102.1+dfsg-1 (bug #945265)
[buster] - clamav <no-dsa> (ClamAV is updated via -updates)
[stretch] - clamav <no-dsa> (ClamAV is updated via -updates)
@@ -46761,8 +46800,8 @@ CVE-2019-9511 (Some HTTP/2 implementations are vulnerable to window size manipul
NOTE: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
NOTE: https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
NOTE: https://github.com/nghttp2/nghttp2/releases/tag/v1.39.2
-CVE-2019-9510
- RESERVED
+CVE-2019-9510 (A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 a ...)
+ TODO: check
CVE-2019-9509
RESERVED
CVE-2019-9508
@@ -46831,8 +46870,8 @@ CVE-2019-9494 (The implementations of SAE in hostapd and wpa_supplicant are vuln
NOTE: https://w1.fi/security/2019-1/sae-side-channel-attacks.txt
NOTE: Patches: https://w1.fi/security/2019-1/
NOTE: CONFIG_SAE=y enabled since 2:2.7~git20180706+420b5dd-1
-CVE-2019-9493
- RESERVED
+CVE-2019-9493 (The MyCar Controls of AutoMobility Distribution Inc., mobile applicati ...)
+ TODO: check
CVE-2019-9492 (A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 an ...)
NOT-FOR-US: Trend Micro
CVE-2019-9491 (Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below ...)
@@ -74438,7 +74477,7 @@ CVE-2018-18813 (The Spotfire web server component of TIBCO Software Inc.'s TIBCO
CVE-2018-18812 (The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire ...)
NOT-FOR-US: TIBCO
CVE-2018-18811
- RESERVED
+ REJECTED
CVE-2018-18810 (The Administrator Service component of TIBCO Software Inc.'s TIBCO Man ...)
NOT-FOR-US: TIBCO
CVE-2018-18809 (The default server implementation of TIBCO Software Inc.'s TIBCO Jaspe ...)
@@ -91312,7 +91351,7 @@ CVE-2018-12419
CVE-2018-12418 (Archive.java in Junrar before 1.0.1, as used in Apache Tika and other ...)
NOT-FOR-US: Junrar
CVE-2018-12417
- RESERVED
+ REJECTED
CVE-2018-12416 (The GridServer Broker and GridServer Director components of TIBCO Soft ...)
NOT-FOR-US: TIBCO
CVE-2018-12415 (The Central Administration server (emsca) component of TIBCO Software ...)
@@ -170156,8 +170195,8 @@ CVE-2017-3213 (The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not v
NOT-FOR-US: Think Mutual Bank Mobile Banking app
CVE-2017-3212 (The Space Coast Credit Union Mobile app 2.2 for iOS and 2.1.0.1104 for ...)
NOT-FOR-US: Space Coast Credit Union Mobile app
-CVE-2017-3211
- RESERVED
+CVE-2017-3211 (Yopify, an e-commerce notification plugin, up to April 06, 2017, leaks ...)
+ TODO: check
CVE-2017-3210 (Applications developed using the Portrait Display SDK, versions 2.30 t ...)
NOT-FOR-US: Portrait Display SDK
CVE-2017-3209 (The DBPOWER U818A WIFI quadcopter drone provides FTP access over its o ...)
@@ -207446,8 +207485,8 @@ CVE-2015-8550 (Xen, when used on a system providing PV backends, allows local gu
NOTE: https://git.kernel.org/linus/18779149101c0dd43ded43669ae2a92d21b6f9cb
NOTE: https://git.kernel.org/linus/be69746ec12f35b484707da505c6c76ff06f97dc
NOTE: https://git.kernel.org/linus/8135cf8b092723dbfcc611fe6fdcb3a36c9951c5
-CVE-2015-8549
- RESERVED
+CVE-2015-8549 (XML external entity (XXE) vulnerability in PyAMF before 0.8.0 allows r ...)
+ TODO: check
CVE-2015-8569 (The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pp ...)
{DSA-3434-1}
- linux 4.3.3-3
@@ -211183,8 +211222,8 @@ CVE-2015-7876 (The escapeLike function in sqlsrv/database.inc in the Drupal 7 dr
NOT-FOR-US: Driver for SQL Server and SQL Azure module for Drupal
CVE-2015-7875 (ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal do ...)
NOT-FOR-US: Ctools module for Drupal
-CVE-2015-7874
- RESERVED
+CVE-2015-7874 (Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and ear ...)
+ TODO: check
CVE-2015-7873 (The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 ...)
{DSA-3382-1}
- phpmyadmin 4:4.5.1-1 (low)
@@ -212236,8 +212275,8 @@ CVE-2015-7557 (The _rsvg_node_poly_build_path function in rsvg-shapes.c in librs
[wheezy] - librsvg 2.36.1-2+deb7u1
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=738050 (not public accessible)
NOTE: https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df (2.40.7)
-CVE-2015-7556
- RESERVED
+CVE-2015-7556 (DeleGate 9.9.13 allows local users to gain privileges as demonstrated ...)
+ TODO: check
CVE-2015-7555 (Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allow ...)
{DLA-389-1}
- giflib 5.1.2-0.1 (bug #808704)
@@ -214882,8 +214921,8 @@ CVE-2015-6594
RESERVED
CVE-2015-6592 (Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require auth ...)
NOT-FOR-US: Huawei
-CVE-2015-6591
- RESERVED
+CVE-2015-6591 (Directory traversal vulnerability in application/templates/amelia/load ...)
+ TODO: check
CVE-2015-6590
RESERVED
CVE-2015-6589
@@ -215151,8 +215190,8 @@ CVE-2015-6499
RESERVED
CVE-2015-6498 (Alcatel-Lucent Home Device Manager before 4.1.10, 4.2.x before 4.2.2 a ...)
NOT-FOR-US: Alcatel-Lucent Home Device Manager
-CVE-2015-6497
- RESERVED
+CVE-2015-6497 (The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2 ...)
+ TODO: check
CVE-2015-6495 (There is Sensitive Information in Cloudera Manager before 5.4.6 Diagno ...)
NOT-FOR-US: Cloudera
CVE-2015-6494 (Cross-site scripting (XSS) vulnerability in Infinite Automation Mango ...)
@@ -216407,8 +216446,8 @@ CVE-2015-5953 (Cross-site scripting (XSS) vulnerability in the activity applicat
{DSA-3373-1}
- owncloud 7.0.6+dfsg-1
NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-010
-CVE-2015-5952
- RESERVED
+CVE-2015-5952 (Directory traversal vulnerability in Thomson Reuters for FATCA before ...)
+ TODO: check
CVE-2015-5951 (A file upload issue exists in the specid parameter in Thomson Reuters ...)
NOT-FOR-US: Thomson Reuters FATCH
CVE-2015-5950 (The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on ...)
@@ -217711,8 +217750,8 @@ CVE-2015-5486
RESERVED
CVE-2015-5485 (Cross-site scripting (XSS) vulnerability in the Event Import page (imp ...)
NOT-FOR-US: Event Import page (import-eventbrite-events.php) in the Modern Tribe Eventbrite Tickets plugin for WordPress
-CVE-2015-5484
- RESERVED
+CVE-2015-5484 (Cross-site scripting (XSS) vulnerability in the Plotly plugin before 1 ...)
+ TODO: check
CVE-2015-5483
RESERVED
CVE-2015-5482 (Directory traversal vulnerability in the GD bbPress Attachments plugin ...)
@@ -217757,8 +217796,8 @@ CVE-2015-5468 (Directory traversal vulnerability in the WP e-Commerce Shop Styli
NOT-FOR-US: Commerce Shop Styling plugin for WordPress
CVE-2015-5467
RESERVED
-CVE-2015-5466
- RESERVED
+CVE-2015-5466 (Silicon Integrated Systems XGI WindowsXP Display Manager (aka XGI VGA ...)
+ TODO: check
CVE-2015-5465 (Silicon Integrated Systems WindowsXP Display Manager (aka VGA Driver M ...)
NOT-FOR-US: Silicon Integrated Systems
CVE-2015-5464 (The Gemalto SafeNet Luna HSM allows remote authenticated users to bypa ...)
@@ -218604,8 +218643,7 @@ CVE-2015-5232 (Race conditions in opa-fm before 10.4.0.0.196 and opa-ff before 1
CVE-2015-5231 (The service daemon in CRIU does not properly restrict access to non-du ...)
- criu 1.8-2 (bug #797110)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1256728
-CVE-2015-5230
- RESERVED
+CVE-2015-5230 (The DNS packet parsing/generation code in PowerDNS (aka pdns) Authorit ...)
{DSA-3347-1}
- pdns 3.4.6-1
[wheezy] - pdns <not-affected> (Only affects 3.4.0-3.4.5)
@@ -219097,10 +219135,10 @@ CVE-2015-5075 (Cross-site request forgery (CSRF) vulnerability in X2Engine X2CRM
NOT-FOR-US: X2Engine
CVE-2015-5074 (Incomplete blacklist vulnerability in the FileUploadsFilter class in p ...)
NOT-FOR-US: X2Engine
-CVE-2015-5072
- RESERVED
-CVE-2015-5071
- RESERVED
+CVE-2015-5072 (The BIRT Engine servlet in the AR System Mid Tier component before 9.0 ...)
+ TODO: check
+CVE-2015-5071 (AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 ...)
+ TODO: check
CVE-2014-9735 (The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for ...)
NOT-FOR-US: WordPress plugins ThemePunch Slider Revolution (revslider) and Showbiz Pro
CVE-2014-9734 (Directory traversal vulnerability in the Slider Revolution (revslider) ...)
@@ -228546,7 +228584,7 @@ CVE-2015-1851 (OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1231817
NOTE: https://bugs.launchpad.net/cinder/+bug/1415087
CVE-2015-1850 [Host file disclosure through qcow2 backing file]
- RESERVED
+ REJECTED
- nova <unfixed> (unimportant)
NOTE: http://www.openwall.com/lists/oss-security/2015/06/13/1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1231816
@@ -228668,15 +228706,13 @@ CVE-2015-1813 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.606
CVE-2015-1812 (Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and L ...)
- jenkins <removed> (bug #781223)
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
-CVE-2015-1811 [External entity processing in XML can reveal sensitive local files (SECURITY-167)]
- RESERVED
+CVE-2015-1811 (XML external entity (XXE) vulnerability in CloudBees Jenkins before 1. ...)
- jenkins <removed> (bug #781223)
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
CVE-2015-1810 (The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS b ...)
- jenkins <removed> (bug #781223)
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
-CVE-2015-1809 [external entity injection via XPath (SECURITY-165)]
- RESERVED
+CVE-2015-1809 (XML external entity (XXE) vulnerability in CloudBees Jenkins before 1. ...)
- jenkins <removed> (bug #781223)
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
CVE-2015-1808 (Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticate ...)
@@ -242746,8 +242782,8 @@ CVE-2014-6450 (Juniper Junos OS before 11.4R12-S4, 12.1X44 before 12.1X44-D41, 1
NOT-FOR-US: Juniper Junos OS
CVE-2014-6449 (Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X ...)
NOT-FOR-US: Juniper Junos OS
-CVE-2014-6448
- RESERVED
+CVE-2014-6448 (Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before ...)
+ TODO: check
CVE-2014-6447
RESERVED
CVE-2014-6446 (The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPre ...)
@@ -292243,11 +292279,9 @@ CVE-2012-1565 (Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5
NOT-FOR-US: eZ Publish
CVE-2012-1564 (Cross-site scripting (XSS) vulnerability in administration/create_albu ...)
NOT-FOR-US: YVS
-CVE-2012-1563
- RESERVED
+CVE-2012-1563 (Joomla! before 2.5.3 allows Admin Account Creation. ...)
NOT-FOR-US: Joomla!
-CVE-2012-1562
- RESERVED
+CVE-2012-1562 (Joomla! core before 2.5.3 allows unauthorized password change. ...)
NOT-FOR-US: Joomla!
CVE-2012-1561 (Cross-site scripting (XSS) vulnerability in the Finder module 6.x-1.x ...)
NOT-FOR-US: Drupal Finder
@@ -292741,8 +292775,8 @@ CVE-2012-1328 (Cisco Unified IP Phones 9900 series devices with firmware 9.1 and
NOT-FOR-US: Cisco IP Phone
CVE-2012-1327 (dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 al ...)
NOT-FOR-US: Cisco IOS
-CVE-2012-1326
- RESERVED
+CVE-2012-1326 (Cisco IronPort Web Security Appliance up to and including 7.5 does not ...)
+ TODO: check
CVE-2012-1325
RESERVED
CVE-2012-1324 (Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and 15.2, ...)
@@ -292761,8 +292795,8 @@ CVE-2012-1318
RESERVED
CVE-2012-1317 (The multicast implementation in Cisco IOS before 15.1(1)SY allows remo ...)
NOT-FOR-US: Cisco IOS
-CVE-2012-1316
- RESERVED
+CVE-2012-1316 (Cisco IronPort Web Security Appliance does not check for certificate r ...)
+ TODO: check
CVE-2012-1315 (Memory leak in the SIP inspection feature in the Zone-Based Firewall i ...)
NOT-FOR-US: Cisco IOS
CVE-2012-1314 (The WAAS Express feature in Cisco IOS 15.1 and 15.2 allows remote atta ...)
@@ -293683,8 +293717,8 @@ CVE-2012-0947 (Heap-based buffer overflow in the vqa_decode_chunk function in th
CVE-2012-0946 (The NVIDIA UNIX driver before 295.40 allows local users to access arbi ...)
- nvidia-graphics-drivers 295.40-1
[squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze1
-CVE-2012-0945
- RESERVED
+CVE-2012-0945 (whoopsie-daisy before 0.1.26: Root user can remove arbitrary files ...)
+ TODO: check
CVE-2012-0944 (Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does ...)
- aptdaemon 0.43+bzr790-1
[squeeze] - aptdaemon <not-affected> (Vulnerable code not present)
@@ -295316,8 +295350,8 @@ CVE-2012-0336
RESERVED
CVE-2012-0335 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with soft ...)
NOT-FOR-US: Cisco
-CVE-2012-0334
- RESERVED
+CVE-2012-0334 (Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 ha ...)
+ TODO: check
CVE-2012-0333 (Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and ...)
NOT-FOR-US: Cisco
CVE-2012-0332
@@ -295938,8 +295972,7 @@ CVE-2011-4909 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! be
CVE-2011-4908
RESERVED
NOT-FOR-US: Joomla!
-CVE-2011-4907
- RESERVED
+CVE-2011-4907 (Joomla! 1.5x through 1.5.12: Missing JEXEC Check ...)
NOT-FOR-US: Joomla!
CVE-2011-4906
RESERVED
@@ -296239,8 +296272,8 @@ CVE-2005-4893
RESERVED
CVE-2005-4892
RESERVED
-CVE-2005-4891
- RESERVED
+CVE-2005-4891 (Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL inje ...)
+ TODO: check
CVE-2011-4856 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 sen ...)
NOT-FOR-US: Plesk
CVE-2011-4855 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 omi ...)
@@ -296930,8 +296963,7 @@ CVE-2012-0785 [Jenkins and hash collision attack]
- jenkins-winstone 0.9.10-jenkins-31+dfsg-1 (bug #655553)
- jenkins-executable-war 1.25-1 (bug #655554)
- jenkins 1.409.3+dfsg-2
-CVE-2012-0070
- RESERVED
+CVE-2012-0070 (spamdyke prior to 4.2.1: STARTTLS reveals plaintext ...)
NOT-FOR-US: spamdyke not in Debian
CVE-2012-0069 (SQL injection vulnerability in ajax.php in Batavi before 1.2.1 allows ...)
NOT-FOR-US: batavi not in Debian
@@ -298073,8 +298105,7 @@ CVE-2011-4338
NOT-FOR-US: Arch-Linux specific tool
CVE-2011-4337 (Static code injection vulnerability in translate.php in Support Incide ...)
NOT-FOR-US: Support Incident Tracker
-CVE-2011-4336
- RESERVED
+CVE-2011-4336 (Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to sn ...)
NOT-FOR-US: Tiki Wiki
CVE-2011-4335 (Multiple cross-site scripting (XSS) vulnerabilities in Contao before 2 ...)
NOT-FOR-US: Contao
@@ -335521,8 +335552,8 @@ CVE-2009-1122 (The WebDAV extension in Microsoft Internet Information Services (
NOT-FOR-US: Microsoft
CVE-2009-1121
RESERVED
-CVE-2009-1120
- RESERVED
+CVE-2009-1120 (EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remo ...)
+ TODO: check
CVE-2009-1119 (Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 a ...)
NOT-FOR-US: EMC RepliStor
CVE-2009-1118
@@ -359728,10 +359759,10 @@ CVE-2007-4776 (Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edit
NOT-FOR-US: Microsoft Visual Basic
CVE-2007-4775
RESERVED
-CVE-2007-4774
- RESERVED
-CVE-2007-4773
- RESERVED
+CVE-2007-4774 (The Linux kernel before 2.4.36-rc1 has a race condition. It was possib ...)
+ TODO: check
+CVE-2007-4773 (Systrace before 1.6.0 has insufficient escape policy enforcement. ...)
+ TODO: check
CVE-2007-4772 (The regular expression parser in TCL before 8.4.17, as used in Postgre ...)
{DSA-1463-1 DSA-1460-1}
- postgresql-8.2 8.2.6-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e42f0340ea55e4c3d023cf195450b3fb7c72f75d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e42f0340ea55e4c3d023cf195450b3fb7c72f75d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200115/bdcbbe77/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list