[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fdc16fb7 by security tracker role at 2020-01-20T08:10:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2020-7238
+	RESERVED
+CVE-2020-7237 (Cacti 1.2.8 allows Remote Code Execution (by privileged users) via she ...)
+	TODO: check
+CVE-2020-7236 (UHP UHP-100 3.4.1.15, 3.4.2.4, and 3.4.3 devices allow XSS via cw2?td= ...)
+	TODO: check
+CVE-2020-7235 (UHP UHP-100 3.4.1.15, 3.4.2.4, and 3.4.3 devices allow XSS via cB3?ta= ...)
+	TODO: check
+CVE-2020-7234 (Ruckus ZoneFlex R310 104.0.0.0.1347 devices allow Stored XSS via the S ...)
+	TODO: check
+CVE-2020-7233 (KMS Controls BAC-A1616BC BACnet devices have a cleartext password of s ...)
+	TODO: check
+CVE-2020-7232 (Evoko Home 1.31 devices allow remote attackers to obtain sensitive inf ...)
+	TODO: check
+CVE-2020-7231 (Evoko Home 1.31 devices provide different error messages for failed lo ...)
+	TODO: check
+CVE-2019-20381 (TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the ...)
+	TODO: check
+CVE-2016-11018
+	RESERVED
 CVE-2020-7230
 	RESERVED
 CVE-2020-7229
@@ -28,8 +48,8 @@ CVE-2020-7217
 	RESERVED
 CVE-2020-7216
 	RESERVED
-CVE-2020-7215
-	RESERVED
+CVE-2020-7215 (An issue was discovered in Gallagher Command Centre 7.x before 7.90.99 ...)
+	TODO: check
 CVE-2020-7214
 	RESERVED
 CVE-2020-7213
@@ -11018,9 +11038,11 @@ CVE-2020-2657 (Vulnerability in the Oracle CRM Technical Foundation product of O
 CVE-2020-2656 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
 	NOT-FOR-US: Oracle
 CVE-2020-2655 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
+	{DSA-4605-1}
 	- openjdk-13 13.0.2+8-1
 	- openjdk-11 11.0.6+10-1
 CVE-2020-2654 (Vulnerability in the Java SE product of Oracle Java SE (component: Lib ...)
+	{DSA-4605-1}
 	- openjdk-13 13.0.2+8-1
 	- openjdk-11 11.0.6+10-1
 	- openjdk-8 <unfixed>
@@ -11125,6 +11147,7 @@ CVE-2020-2606 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of
 CVE-2020-2605 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
 	NOT-FOR-US: Oracle
 CVE-2020-2604 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+	{DSA-4605-1}
 	- openjdk-13 13.0.2+8-1
 	- openjdk-11 11.0.6+10-1
 	- openjdk-8 <unfixed>
@@ -11134,6 +11157,7 @@ CVE-2020-2603 (Vulnerability in the Oracle Field Service product of Oracle E-Bus
 CVE-2020-2602 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
 	NOT-FOR-US: Oracle
 CVE-2020-2601 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
+	{DSA-4605-1}
 	- openjdk-13 13.0.2+8-1
 	- openjdk-11 11.0.6+10-1
 	- openjdk-8 <unfixed>
@@ -11153,6 +11177,7 @@ CVE-2020-2595 (Vulnerability in the Oracle GraalVM Enterprise Edition product of
 CVE-2020-2594
 	RESERVED
 CVE-2020-2593 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
+	{DSA-4605-1}
 	- openjdk-13 13.0.2+8-1
 	- openjdk-11 11.0.6+10-1
 	- openjdk-8 <unfixed>
@@ -11162,6 +11187,7 @@ CVE-2020-2592 (Vulnerability in the Oracle AutoVue product of Oracle Supply Chai
 CVE-2020-2591 (Vulnerability in the Oracle Web Applications Desktop Integrator produc ...)
 	NOT-FOR-US: Oracle
 CVE-2020-2590 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
+	{DSA-4605-1}
 	- openjdk-13 13.0.2+8-1
 	- openjdk-11 11.0.6+10-1
 	- openjdk-8 <unfixed>
@@ -11182,6 +11208,7 @@ CVE-2020-2584 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
 	- mysql-5.7 <unfixed>
 	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
 CVE-2020-2583 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
+	{DSA-4605-1}
 	- openjdk-13 13.0.2+8-1
 	- openjdk-11 11.0.6+10-1
 	- openjdk-8 <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fdc16fb7ac4b8e93f5d55e21ad94d588d48848b4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fdc16fb7ac4b8e93f5d55e21ad94d588d48848b4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200120/0e4ec096/attachment.html>