[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Jul 23 09:10:41 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
23d048fb by security tracker role at 2020-07-23T08:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2020-15908 (tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6. ...)
+ TODO: check
+CVE-2020-15907
+ RESERVED
+CVE-2020-15906
+ RESERVED
+CVE-2020-15905
+ RESERVED
+CVE-2020-15904 (A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allo ...)
+ TODO: check
+CVE-2020-15903
+ RESERVED
+CVE-2020-15902 (Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url o ...)
+ TODO: check
+CVE-2020-15901 (ajaxhelper.php in Nagios XI before 5.7.2 allows remote attackers to ex ...)
+ TODO: check
+CVE-2020-15900
+ RESERVED
+CVE-2020-15899
+ RESERVED
+CVE-2020-15898
+ RESERVED
+CVE-2020-15897
+ RESERVED
CVE-2020-15896 (An authentication-bypass issue was discovered on D-Link DAP-1522 devic ...)
NOT-FOR-US: D-Link
CVE-2020-15895 (An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10 ...)
@@ -1738,8 +1762,8 @@ CVE-2020-15128
RESERVED
CVE-2020-15127
RESERVED
-CVE-2020-15126
- RESERVED
+CVE-2020-15126 (In parser-server from version 3.5.0 and before 4.3.0, an authenticated ...)
+ TODO: check
CVE-2020-15125
RESERVED
CVE-2020-15124 (In Goobi Viewer Core before version 4.8.3, a path traversal vulnerabil ...)
@@ -13624,8 +13648,8 @@ CVE-2020-10919
RESERVED
CVE-2020-10918
RESERVED
-CVE-2020-10917
- RESERVED
+CVE-2020-10917 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2020-10916 (This vulnerability allows network-adjacent attackers to escalate privi ...)
NOT-FOR-US: TP-Link
CVE-2020-10915 (This vulnerability allows remote attackers to execute arbitrary code o ...)
@@ -16900,34 +16924,34 @@ CVE-2020-9689
RESERVED
CVE-2020-9688 (Adobe Download Manager version 2.0.0.518 have a command injection vuln ...)
NOT-FOR-US: Adobe
-CVE-2020-9687
- RESERVED
-CVE-2020-9686
- RESERVED
-CVE-2020-9685
- RESERVED
-CVE-2020-9684
- RESERVED
-CVE-2020-9683
- RESERVED
+CVE-2020-9687 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
+ TODO: check
+CVE-2020-9686 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
+ TODO: check
+CVE-2020-9685 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
+ TODO: check
+CVE-2020-9684 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
+ TODO: check
+CVE-2020-9683 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
+ TODO: check
CVE-2020-9682 (Adobe Creative Cloud Desktop Application versions 5.1 and earlier have ...)
NOT-FOR-US: Adobe
CVE-2020-9681
RESERVED
-CVE-2020-9680
- RESERVED
-CVE-2020-9679
- RESERVED
-CVE-2020-9678
- RESERVED
-CVE-2020-9677
- RESERVED
-CVE-2020-9676
- RESERVED
-CVE-2020-9675
- RESERVED
-CVE-2020-9674
- RESERVED
+CVE-2020-9680 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vul ...)
+ TODO: check
+CVE-2020-9679 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vuln ...)
+ TODO: check
+CVE-2020-9678 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vul ...)
+ TODO: check
+CVE-2020-9677 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vuln ...)
+ TODO: check
+CVE-2020-9676 (Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write v ...)
+ TODO: check
+CVE-2020-9675 (Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vu ...)
+ TODO: check
+CVE-2020-9674 (Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write v ...)
+ TODO: check
CVE-2020-9673 (Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2 ...)
NOT-FOR-US: Adobe
CVE-2020-9672 (Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2 ...)
@@ -16944,12 +16968,12 @@ CVE-2020-9667
RESERVED
CVE-2020-9666 (Adobe Campaign Classic before 20.2 have an out-of-bounds read vulnerab ...)
NOT-FOR-US: Adobe
-CVE-2020-9665
- RESERVED
-CVE-2020-9664
- RESERVED
-CVE-2020-9663
- RESERVED
+CVE-2020-9665 (Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a ...)
+ TODO: check
+CVE-2020-9664 (Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a ...)
+ TODO: check
+CVE-2020-9663 (Adobe Reader Mobile versions 20.0.1 and earlier have a directory trave ...)
+ TODO: check
CVE-2020-9662 (Adobe After Effects versions 17.1 and earlier have an out-of-bounds wr ...)
NOT-FOR-US: Adobe
CVE-2020-9661 (Adobe After Effects versions 17.1 and earlier have an out-of-bounds re ...)
@@ -29864,14 +29888,14 @@ CVE-2020-4402
RESERVED
CVE-2020-4401
RESERVED
-CVE-2020-4400
- RESERVED
-CVE-2020-4399
- RESERVED
+CVE-2020-4400 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 uses an inadequate account lo ...)
+ TODO: check
+CVE-2020-4399 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 could allow an authenticated ...)
+ TODO: check
CVE-2020-4398
RESERVED
-CVE-2020-4397
- RESERVED
+CVE-2020-4397 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 transmits sensitive informati ...)
+ TODO: check
CVE-2020-4396
RESERVED
CVE-2020-4395
@@ -29894,8 +29918,8 @@ CVE-2020-4387 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server)
NOT-FOR-US: IBM
CVE-2020-4386 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
NOT-FOR-US: IBM
-CVE-2020-4385
- RESERVED
+CVE-2020-4385 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains hard-coded credentia ...)
+ TODO: check
CVE-2020-4384 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable t ...)
NOT-FOR-US: IBM
CVE-2020-4383
@@ -29920,14 +29944,14 @@ CVE-2020-4374
RESERVED
CVE-2020-4373
RESERVED
-CVE-2020-4372
- RESERVED
-CVE-2020-4371
- RESERVED
+CVE-2020-4372 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores user credentials in pl ...)
+ TODO: check
+CVE-2020-4371 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains sensitive informatio ...)
+ TODO: check
CVE-2020-4370
RESERVED
-CVE-2020-4369
- RESERVED
+CVE-2020-4369 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores highly sensitive infor ...)
+ TODO: check
CVE-2020-4368
RESERVED
CVE-2020-4367 (IBM Planning Analytics Local 2.0 uses weaker than expected cryptograph ...)
@@ -32943,8 +32967,8 @@ CVE-2020-3454
RESERVED
CVE-2020-3453
RESERVED
-CVE-2020-3452
- RESERVED
+CVE-2020-3452 (A vulnerability in the web services interface of Cisco Adaptive Securi ...)
+ TODO: check
CVE-2020-3451
RESERVED
CVE-2020-3450 (A vulnerability in the web-based management interface of Cisco Vision ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23d048fb39e4521e55180b67f06a1b405bcf470c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23d048fb39e4521e55180b67f06a1b405bcf470c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200723/67f457b5/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list