[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 18 08:10:24 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
55bf77f5 by security tracker role at 2020-01-18T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2020-7226
+ RESERVED
+CVE-2020-7225
+ RESERVED
+CVE-2020-7224
+ RESERVED
+CVE-2020-7223
+ RESERVED
+CVE-2020-7222 (An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06- ...)
+ TODO: check
+CVE-2020-7221
+ RESERVED
+CVE-2020-7220
+ RESERVED
+CVE-2020-7219
+ RESERVED
+CVE-2020-7218
+ RESERVED
+CVE-2020-7217
+ RESERVED
+CVE-2020-7216
+ RESERVED
CVE-2020-7215
RESERVED
CVE-2020-7214
@@ -223,8 +245,8 @@ CVE-2020-7106 (Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_i
CVE-2020-7105 (async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a N ...)
- hiredis <unfixed>
NOTE: https://github.com/redis/hiredis/issues/747
-CVE-2020-7104
- RESERVED
+CVE-2020-7104 (The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via th ...)
+ TODO: check
CVE-2019-20380
RESERVED
CVE-2020-7103
@@ -2663,8 +2685,8 @@ CVE-2020-5957
RESERVED
CVE-2019-20358
RESERVED
-CVE-2019-20357
- RESERVED
+CVE-2019-20357 (A Persistent Arbitrary Code Execution vulnerability exists in the Tren ...)
+ TODO: check
CVE-2020-5956
RESERVED
CVE-2020-5955
@@ -11396,10 +11418,10 @@ CVE-2019-19699
RESERVED
CVE-2019-19698 (marc-q libwav through 2017-04-20 has a NULL pointer dereference in wav ...)
NOT-FOR-US: libwav
-CVE-2019-19697
- RESERVED
-CVE-2019-19696
- RESERVED
+CVE-2019-19697 (An arbitrary code execution vulnerability exists in the Trend Micro Se ...)
+ TODO: check
+CVE-2019-19696 (A RootCA vulnerability found in Trend Micro Password Manager for Windo ...)
+ TODO: check
CVE-2019-19695 (A privilege escalation vulnerability in Trend Micro Antivirus for Mac ...)
NOT-FOR-US: Trend Micro
CVE-2019-19694
@@ -22980,7 +23002,7 @@ CVE-2019-17027
RESERVED
CVE-2019-17026
RESERVED
- {DSA-4600-1 DLA-2061-1}
+ {DSA-4603-1 DSA-4600-1 DLA-2061-1}
- firefox 72.0.1-1 (bug #948452)
- firefox-esr 68.4.1esr-1
- thunderbird 1:68.4.1-1
@@ -22990,7 +23012,7 @@ CVE-2019-17025 (Mozilla developers reported memory safety bugs present in Firefo
- firefox 72.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17025
CVE-2019-17024 (Mozilla developers reported memory safety bugs present in Firefox 71 a ...)
- {DSA-4600-1 DLA-2061-1}
+ {DSA-4603-1 DSA-4600-1 DLA-2061-1}
- firefox 72.0-1
- firefox-esr 68.4.0esr-1
- thunderbird 1:68.4.1-1
@@ -23004,7 +23026,7 @@ CVE-2019-17023 (After a HelloRetryRequest has been sent, the client may negotiat
NOTE: https://hg.mozilla.org/projects/nss/rev/d64102b76a437f24d98a20480dcc9f1655143e7c
NOTE: https://hg.mozilla.org/projects/nss/rev/8a2bd40e7f89a796cf24a0ff7cfb67c6e69c5c78
CVE-2019-17022 (When pasting a <style> tag from the clipboard into a ric ...)
- {DSA-4600-1 DLA-2061-1}
+ {DSA-4603-1 DSA-4600-1 DLA-2061-1}
- firefox 72.0-1
- firefox-esr 68.4.0esr-1
- thunderbird 1:68.4.1-1
@@ -23028,7 +23050,7 @@ CVE-2019-17018 (When in Private Browsing Mode on Windows 10, the Windows keyboar
- firefox <not-affected> (Windows-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17018
CVE-2019-17017 (Due to a missing case handling object types, a type confusion vulnerab ...)
- {DSA-4600-1 DLA-2061-1}
+ {DSA-4603-1 DSA-4600-1 DLA-2061-1}
- firefox 72.0-1
- firefox-esr 68.4.0esr-1
- thunderbird 1:68.4.1-1
@@ -23036,7 +23058,7 @@ CVE-2019-17017 (Due to a missing case handling object types, a type confusion vu
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/#CVE-2019-17017
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/#CVE-2019-17017
CVE-2019-17016 (When pasting a <style> tag from the clipboard into a ric ...)
- {DSA-4600-1 DLA-2061-1}
+ {DSA-4603-1 DSA-4600-1 DLA-2061-1}
- firefox 72.0-1
- firefox-esr 68.4.0esr-1
- thunderbird 1:68.4.1-1
@@ -27096,8 +27118,8 @@ CVE-2019-15627 (Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Ag
NOT-FOR-US: Trend Micro
CVE-2019-15626 (The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), ...)
NOT-FOR-US: Deep Security Manager application (Trend Micro)
-CVE-2019-15625
- RESERVED
+CVE-2019-15625 (A memory usage vulnerability exists in Trend Micro Password Manager 3. ...)
+ TODO: check
CVE-2019-15624
RESERVED
CVE-2019-15623
@@ -246440,8 +246462,8 @@ CVE-2014-5011 (DOMPDF before 0.6.2 allows Information Disclosure. ...)
NOTE: https://github.com/dompdf/dompdf/releases/tag/v0.6.2
CVE-2014-5010
RESERVED
-CVE-2014-5007
- RESERVED
+CVE-2014-5007 (Directory traversal vulnerability in the agentLogUploader servlet in Z ...)
+ TODO: check
CVE-2014-5006 (Directory traversal vulnerability in ZOHO ManageEngine Desktop Central ...)
NOT-FOR-US: ZOHO ManageEngine
CVE-2014-5005 (Directory traversal vulnerability in ZOHO ManageEngine Desktop Central ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/55bf77f5c30c95993a2a44d7838537110fcc7589
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/55bf77f5c30c95993a2a44d7838537110fcc7589
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200118/61099dff/attachment.html>
More information about the debian-security-tracker-commits
mailing list