[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Jan 16 20:10:32 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4f657c57 by security tracker role at 2020-01-16T20:10:25+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,203 @@
+CVE-2020-7209
+ RESERVED
+CVE-2020-7208
+ RESERVED
+CVE-2020-7207
+ RESERVED
+CVE-2020-7206
+ RESERVED
+CVE-2020-7205
+ RESERVED
+CVE-2020-7204
+ RESERVED
+CVE-2020-7203
+ RESERVED
+CVE-2020-7202
+ RESERVED
+CVE-2020-7201
+ RESERVED
+CVE-2020-7200
+ RESERVED
+CVE-2020-7199
+ RESERVED
+CVE-2020-7198
+ RESERVED
+CVE-2020-7197
+ RESERVED
+CVE-2020-7196
+ RESERVED
+CVE-2020-7195
+ RESERVED
+CVE-2020-7194
+ RESERVED
+CVE-2020-7193
+ RESERVED
+CVE-2020-7192
+ RESERVED
+CVE-2020-7191
+ RESERVED
+CVE-2020-7190
+ RESERVED
+CVE-2020-7189
+ RESERVED
+CVE-2020-7188
+ RESERVED
+CVE-2020-7187
+ RESERVED
+CVE-2020-7186
+ RESERVED
+CVE-2020-7185
+ RESERVED
+CVE-2020-7184
+ RESERVED
+CVE-2020-7183
+ RESERVED
+CVE-2020-7182
+ RESERVED
+CVE-2020-7181
+ RESERVED
+CVE-2020-7180
+ RESERVED
+CVE-2020-7179
+ RESERVED
+CVE-2020-7178
+ RESERVED
+CVE-2020-7177
+ RESERVED
+CVE-2020-7176
+ RESERVED
+CVE-2020-7175
+ RESERVED
+CVE-2020-7174
+ RESERVED
+CVE-2020-7173
+ RESERVED
+CVE-2020-7172
+ RESERVED
+CVE-2020-7171
+ RESERVED
+CVE-2020-7170
+ RESERVED
+CVE-2020-7169
+ RESERVED
+CVE-2020-7168
+ RESERVED
+CVE-2020-7167
+ RESERVED
+CVE-2020-7166
+ RESERVED
+CVE-2020-7165
+ RESERVED
+CVE-2020-7164
+ RESERVED
+CVE-2020-7163
+ RESERVED
+CVE-2020-7162
+ RESERVED
+CVE-2020-7161
+ RESERVED
+CVE-2020-7160
+ RESERVED
+CVE-2020-7159
+ RESERVED
+CVE-2020-7158
+ RESERVED
+CVE-2020-7157
+ RESERVED
+CVE-2020-7156
+ RESERVED
+CVE-2020-7155
+ RESERVED
+CVE-2020-7154
+ RESERVED
+CVE-2020-7153
+ RESERVED
+CVE-2020-7152
+ RESERVED
+CVE-2020-7151
+ RESERVED
+CVE-2020-7150
+ RESERVED
+CVE-2020-7149
+ RESERVED
+CVE-2020-7148
+ RESERVED
+CVE-2020-7147
+ RESERVED
+CVE-2020-7146
+ RESERVED
+CVE-2020-7145
+ RESERVED
+CVE-2020-7144
+ RESERVED
+CVE-2020-7143
+ RESERVED
+CVE-2020-7142
+ RESERVED
+CVE-2020-7141
+ RESERVED
+CVE-2020-7140
+ RESERVED
+CVE-2020-7139
+ RESERVED
+CVE-2020-7138
+ RESERVED
+CVE-2020-7137
+ RESERVED
+CVE-2020-7136
+ RESERVED
+CVE-2020-7135
+ RESERVED
+CVE-2020-7134
+ RESERVED
+CVE-2020-7133
+ RESERVED
+CVE-2020-7132
+ RESERVED
+CVE-2020-7131
+ RESERVED
+CVE-2020-7130
+ RESERVED
+CVE-2020-7129
+ RESERVED
+CVE-2020-7128
+ RESERVED
+CVE-2020-7127
+ RESERVED
+CVE-2020-7126
+ RESERVED
+CVE-2020-7125
+ RESERVED
+CVE-2020-7124
+ RESERVED
+CVE-2020-7123
+ RESERVED
+CVE-2020-7122
+ RESERVED
+CVE-2020-7121
+ RESERVED
+CVE-2020-7120
+ RESERVED
+CVE-2020-7119
+ RESERVED
+CVE-2020-7118
+ RESERVED
+CVE-2020-7117
+ RESERVED
+CVE-2020-7116
+ RESERVED
+CVE-2020-7115
+ RESERVED
+CVE-2020-7114
+ RESERVED
+CVE-2020-7113
+ RESERVED
+CVE-2020-7112
+ RESERVED
+CVE-2020-7111
+ RESERVED
+CVE-2020-7110
+ RESERVED
CVE-2020-7109
RESERVED
CVE-2020-7108 (The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ...)
@@ -4047,8 +4247,8 @@ CVE-2019-20329 (OpenLambda 2019-09-10 allows DNS rebinding attacks against the O
NOT-FOR-US: OpenLambda
CVE-2019-20328
RESERVED
-CVE-2019-20327
- RESERVED
+CVE-2019-20327 (Insecure permissions in cwrapper_perl in Centreon Infrastructure Monit ...)
+ TODO: check
CVE-2019-20325
REJECTED
CVE-2019-20324
@@ -11195,7 +11395,7 @@ CVE-2019-19682 (nopCommerce through 4.20 allows XSS in the SaveStoreMappings of
NOT-FOR-US: nopCommerce
CVE-2019-19681 (Pandora FMS 7.x suffers from remote code execution vulnerability. With ...)
NOT-FOR-US: Pandora FMS
-CVE-2019-19680 (A file-extension filtering vulnerability in ProofPoint Protection Serv ...)
+CVE-2019-19680 (A file-extension filtering vulnerability in Proofpoint Enterprise Prot ...)
NOT-FOR-US: ProofPoint Protection Server Email Firewall
CVE-2019-19679 (In "Xray Test Management for Jira" prior to version 3.5.5, remote auth ...)
NOT-FOR-US: Xray Test Management for Jira
@@ -13804,8 +14004,8 @@ CVE-2019-19280
RESERVED
CVE-2019-19279
RESERVED
-CVE-2019-19278
- RESERVED
+CVE-2019-19278 (A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 ...)
+ TODO: check
CVE-2019-19277
RESERVED
CVE-2019-19276
@@ -18674,8 +18874,8 @@ CVE-2019-18284 (A vulnerability has been identified in SPPA-T3000 Application Se
NOT-FOR-US: Siemens
CVE-2019-18283 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
NOT-FOR-US: Siemens
-CVE-2019-18282
- RESERVED
+CVE-2019-18282 (The flow_dissector feature in the Linux kernel 4.3 through 5.x before ...)
+ TODO: check
CVE-2019-18281 (An out-of-bounds memory access in the generateDirectionalRuns() functi ...)
{DSA-4556-1}
- qtbase-opensource-src-gles 5.12.5+dfsg-1
@@ -21221,8 +21421,7 @@ CVE-2019-17575 (A file-rename filter bypass exists in admin/media/rename.php in
NOT-FOR-US: WBCE CMS
CVE-2019-17574 (An issue was discovered in the Popup Maker plugin before 1.8.13 for Wo ...)
NOT-FOR-US: Popup Maker plugin for WordPress
-CVE-2019-17573
- RESERVED
+CVE-2019-17573 (By default, Apache CXF creates a /services page containing a listing o ...)
NOT-FOR-US: Apache CFX
CVE-2019-17572
RESERVED
@@ -32503,8 +32702,8 @@ CVE-2019-13941
RESERVED
CVE-2019-13940
RESERVED
-CVE-2019-13939
- RESERVED
+CVE-2019-13939 (A vulnerability has been identified in Nucleus NET (All versions), Nuc ...)
+ TODO: check
CVE-2019-13938
RESERVED
CVE-2019-13937
@@ -32515,8 +32714,8 @@ CVE-2019-13935 (Improper Neutralization of Input During Web Page Generation ('Cr
NOT-FOR-US: Siemens
CVE-2019-13934 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: Siemens
-CVE-2019-13933
- RESERVED
+CVE-2019-13933 (A vulnerability has been identified in SCALANCE X-200RNA switch family ...)
+ TODO: check
CVE-2019-13932 (A vulnerability has been identified in XHQ (All versions < V6.0.0.2 ...)
NOT-FOR-US: Siemens
CVE-2019-13931 (A vulnerability has been identified in XHQ (All versions < V6.0.0.2 ...)
@@ -34516,8 +34715,8 @@ CVE-2019-13526 (Datalogic AV7000 Linear barcode scanner all versions prior to 4.
NOT-FOR-US: Datalogic AV7000 Linear barcode scanner
CVE-2019-13525 (In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrat ...)
NOT-FOR-US: IP-AK2 Access Control Panel
-CVE-2019-13524
- RESERVED
+CVE-2019-13524 (GE PACSystems RX3i CPE100/115: All versions prior to R9.85,CPE302/305/ ...)
+ TODO: check
CVE-2019-13523 (In Honeywell Performance IP Cameras and Performance NVRs, the integrat ...)
NOT-FOR-US: Honeywell
CVE-2019-13522 (An attacker could use a specially crafted project file to corrupt the ...)
@@ -37557,8 +37756,7 @@ CVE-2019-12425
RESERVED
CVE-2019-12424
REJECTED
-CVE-2019-12423
- RESERVED
+CVE-2019-12423 (Apache CXF ships with a OpenId Connect JWK Keys service, which allows ...)
NOT-FOR-US: Apache CFX
CVE-2019-12422 (Apache Shiro before 1.4.2, when using the default "remember me" config ...)
- shiro <unfixed> (bug #947945)
@@ -38706,10 +38904,10 @@ CVE-2019-12000
RESERVED
CVE-2019-11999
RESERVED
-CVE-2019-11998
- RESERVED
-CVE-2019-11997
- RESERVED
+CVE-2019-11998 (HPE Superdome Flex Server is vulnerable to multiple remote vulnerabili ...)
+ TODO: check
+CVE-2019-11997 (A potential security vulnerability has been identified in HPE enhanced ...)
+ TODO: check
CVE-2019-11996 (Potential security vulnerabilities have been identified with HPE Nimbl ...)
NOT-FOR-US: HPE
CVE-2019-11995 (Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unaut ...)
@@ -41773,11 +41971,11 @@ CVE-2019-10942 (A vulnerability has been identified in SCALANCE X-200 (All versi
NOT-FOR-US: Siemens
CVE-2019-10941
RESERVED
-CVE-2019-10940
- RESERVED
+CVE-2019-10940 (A vulnerability has been identified in SINEMA Server (All versions < ...)
+ TODO: check
CVE-2019-10939
RESERVED
-CVE-2019-10938 (A vulnerability has been identified in Ethernet plug-in communication ...)
+CVE-2019-10938 (A vulnerability has been identified in SIPROTEC 5 devices with CPU var ...)
NOT-FOR-US: Ethernet plug-in communication modules for SIPROTEC 5 devices
CVE-2019-10937 (A vulnerability has been identified in SIMATIC TDC CP51M1 (All version ...)
NOT-FOR-US: SIMATIC TDC CP51M1
@@ -41785,8 +41983,8 @@ CVE-2019-10936 (A vulnerability has been identified in Development/Evaluation Ki
NOT-FOR-US: Siemens
CVE-2019-10935 (A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier ...)
NOT-FOR-US: Siemens
-CVE-2019-10934
- RESERVED
+CVE-2019-10934 (A vulnerability has been identified in TIA Portal V14 (All versions), ...)
+ TODO: check
CVE-2019-10933 (A vulnerability has been identified in Spectrum Power 3 (Corporate Use ...)
NOT-FOR-US: Siemens
CVE-2019-10932
@@ -54329,7 +54527,7 @@ CVE-2019-6577 (A vulnerability has been identified in SIMATIC HMI Comfort Panels
NOT-FOR-US: Siemens
CVE-2019-6576 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...)
NOT-FOR-US: Siemens
-CVE-2019-6575 (A vulnerability has been identified in SIMATIC CP443-1 OPC UA (All ver ...)
+CVE-2019-6575 (A vulnerability has been identified in SIMATIC CP443-1 OPC UA (incl. S ...)
NOT-FOR-US: Siemens
CVE-2019-6574 (A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 ...)
NOT-FOR-US: Siemens
@@ -54341,11 +54539,11 @@ CVE-2019-6571 (A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xy
NOT-FOR-US: Siemens
CVE-2019-6570 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
NOT-FOR-US: Siemens
-CVE-2019-6569 (A vulnerability has been identified in Scalance X-200 (All versions &l ...)
+CVE-2019-6569 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
NOT-FOR-US: Scalance
-CVE-2019-6568 (A vulnerability has been identified in CP1604, CP1616, SIMATIC CP343-1 ...)
+CVE-2019-6568 (A vulnerability has been identified in CP1604, CP1616, CP343-1 Advance ...)
NOT-FOR-US: Siemens
-CVE-2019-6567 (A vulnerability has been identified in SCALANCE X-200 (All Versions &l ...)
+CVE-2019-6567 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
NOT-FOR-US: Siemens
CVE-2019-6566 (GE Communicator, all versions prior to 4.0.517, allows a non-administr ...)
NOT-FOR-US: GE Communicator
@@ -61226,7 +61424,7 @@ CVE-2019-3766 (Dell EMC ECS versions prior to 3.4.0.0 contain an improper restri
NOT-FOR-US: EMC
CVE-2019-3765 (Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and ...)
NOT-FOR-US: EMC
-CVE-2019-3764 (Dell EMC iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior ...)
+CVE-2019-3764 (Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to ...)
NOT-FOR-US: EMC
CVE-2019-3763 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...)
NOT-FOR-US: RSA
@@ -113240,7 +113438,7 @@ CVE-2018-4850 (A vulnerability has been identified in SIMATIC S7-400 (incl. F) C
NOT-FOR-US: SIMATIC
CVE-2018-4849 (A vulnerability has been identified in Siveillance VMS Video for Andro ...)
NOT-FOR-US: Siveillance VMS Video
-CVE-2018-4848 (A vulnerability has been identified in SCALANCE X-200 (All versions &l ...)
+CVE-2018-4848 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
NOT-FOR-US: Siemens SCALANCE X switches
CVE-2018-4847 (A vulnerability has been identified in SIMATIC WinCC OA Operator iOS A ...)
NOT-FOR-US: SIMATIC WinCC OA Operator iOS App
@@ -113252,7 +113450,7 @@ CVE-2018-4844 (A vulnerability has been identified in SIMATIC WinCC OA UI for An
NOT-FOR-US: SIMATIC
CVE-2018-4843 (A vulnerability has been identified in SIMATIC CP 343-1 Advanced (All ...)
NOT-FOR-US: SIMATIC
-CVE-2018-4842 (A vulnerability has been identified in SCALANCE X-200 IRT (All version ...)
+CVE-2018-4842 (A vulnerability has been identified in SCALANCE X-200IRT switch family ...)
NOT-FOR-US: Siemens SCALANCE X switches
CVE-2018-4841 (A vulnerability has been identified in TIM 1531 IRC (All versions < ...)
NOT-FOR-US: TIM
@@ -125798,11 +125996,11 @@ CVE-2018-0723 (Cross-site scripting (XSS) vulnerability in Q'center Virtual Appl
NOT-FOR-US: Q'center Virtual Appliance
CVE-2018-0722 (Path Traversal vulnerability in Photo Station versions: 5.7.2 and earl ...)
NOT-FOR-US: QNAP
-CVE-2018-0721 (Buffer Overflow vulnerability in QNAP QTS 4.2.6 build 20180711 and ear ...)
+CVE-2018-0721 (Buffer Overflow vulnerability in NAS devices. QTS allows attackers to ...)
NOT-FOR-US: QNAP QTS
CVE-2018-0720
RESERVED
-CVE-2018-0719 (Cross-site scripting (XSS) vulnerability in QNAP QTS 4.2.6 build 20180 ...)
+CVE-2018-0719 (Cross-site Scripting (XSS) vulnerability in NAS devices of QNAP System ...)
NOT-FOR-US: QNAP QTS
CVE-2018-0718 (Command injection vulnerability in Music Station 5.1.2 and earlier ver ...)
NOT-FOR-US: Music Station
@@ -315617,8 +315815,8 @@ CVE-2010-3050 (Cisco IOS before 12.2(33)SXI allows remote authenticated users to
NOT-FOR-US: Cisco
CVE-2010-3049 (Cisco IOS before 12.2(33)SXI allows local users to cause a denial of s ...)
NOT-FOR-US: Cisco
-CVE-2010-3048
- RESERVED
+CVE-2010-3048 (Cisco Unified Personal Communicator 7.0 (1.13056) does not free alloca ...)
+ TODO: check
CVE-2010-3047
RESERVED
CVE-2010-3046
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4f657c5794a20f1f49b6eb5c6c5f26b5163d312d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4f657c5794a20f1f49b6eb5c6c5f26b5163d312d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200116/64cb0b7f/attachment.html>
More information about the debian-security-tracker-commits
mailing list