[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Sat Jul 25 09:10:29 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7f16acca by security tracker role at 2020-07-25T08:10:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2020-15947
+ RESERVED
+CVE-2020-15946
+ RESERVED
+CVE-2020-15945 (Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c ...)
+ TODO: check
+CVE-2020-15944
+ RESERVED
+CVE-2020-15943
+ RESERVED
+CVE-2020-15942
+ RESERVED
+CVE-2020-15941
+ RESERVED
+CVE-2020-15940
+ RESERVED
+CVE-2020-15939
+ RESERVED
+CVE-2020-15938
+ RESERVED
+CVE-2020-15937
+ RESERVED
+CVE-2020-15936
+ RESERVED
+CVE-2020-15935
+ RESERVED
+CVE-2020-15934
+ RESERVED
+CVE-2020-15933
+ RESERVED
CVE-2020-15932 (Overwolf before 0.149.2.30 mishandles Symbolic Links during updates, c ...)
TODO: check
CVE-2020-15931
@@ -2716,8 +2746,8 @@ CVE-2020-14727
RESERVED
CVE-2020-14726
RESERVED
-CVE-2020-14725
- RESERVED
+CVE-2020-14725 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
+ TODO: check
CVE-2020-14724 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
NOT-FOR-US: Oracle
CVE-2020-14723 (Vulnerability in the Oracle Help Technologies product of Oracle Fusion ...)
@@ -7632,8 +7662,8 @@ CVE-2020-12814
RESERVED
CVE-2020-12813
RESERVED
-CVE-2020-12812
- RESERVED
+CVE-2020-12812 (An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, ...)
+ TODO: check
CVE-2020-12811
RESERVED
CVE-2020-12810
@@ -14895,36 +14925,36 @@ CVE-2020-10616 (Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not
NOT-FOR-US: Opto 22 SoftPAC Project
CVE-2020-10615 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
-CVE-2020-10614
- RESERVED
+CVE-2020-10614 (In OSIsoft PI System multiple products and versions, an authenticated ...)
+ TODO: check
CVE-2020-10613 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
CVE-2020-10612 (Opto 22 SoftPAC Project Version 9.6 and prior. SoftPACAgent communicat ...)
NOT-FOR-US: Opto 22 SoftPAC Project
CVE-2020-10611 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
-CVE-2020-10610
- RESERVED
+CVE-2020-10610 (In OSIsoft PI System multiple products and versions, a local attacker ...)
+ TODO: check
CVE-2020-10609
RESERVED
-CVE-2020-10608
- RESERVED
+CVE-2020-10608 (In OSIsoft PI System multiple products and versions, a local attacker ...)
+ TODO: check
CVE-2020-10607 (In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer ...)
NOT-FOR-US: Advantech WebAccess
-CVE-2020-10606
- RESERVED
+CVE-2020-10606 (In OSIsoft PI System multiple products and versions, a local attacker ...)
+ TODO: check
CVE-2020-10605 (Grundfos CIM 500 before v06.16.00 responds to unauthenticated requests ...)
NOT-FOR-US: Grundfos CIM
-CVE-2020-10604
- RESERVED
+CVE-2020-10604 (In OSIsoft PI System multiple products and versions, a remote, unauthe ...)
+ TODO: check
CVE-2020-10603 (WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize use ...)
NOT-FOR-US: WebAccess/NMS
-CVE-2020-10602
- RESERVED
+CVE-2020-10602 (In OSIsoft PI System multiple products and versions, an authenticated ...)
+ TODO: check
CVE-2020-10601 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow ...)
NOT-FOR-US: VISAM VBASE Editor
-CVE-2020-10600
- RESERVED
+CVE-2020-10600 (In OSIsoft PI System multiple products and versions, an authenticated ...)
+ TODO: check
CVE-2020-10599 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may al ...)
NOT-FOR-US: VISAM VBASE Editor
CVE-2020-10598 (In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES ...)
@@ -20492,8 +20522,8 @@ CVE-2020-8209
RESERVED
CVE-2020-8208
RESERVED
-CVE-2020-8207
- RESERVED
+CVE-2020-8207 (Improper access control in Citrix Workspace app for Windows 1912 CU1 a ...)
+ TODO: check
CVE-2020-8206
RESERVED
CVE-2020-8205 (The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable ...)
@@ -20567,10 +20597,9 @@ CVE-2020-8177
NOTE: https://github.com/curl/curl/commit/8236aba58542c5f89f1d41ca09d84579efb05e22 (7.71.0)
CVE-2020-8176 (A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.6 ...)
NOT-FOR-US: koa-shopify-auth
-CVE-2020-8175
- RESERVED
-CVE-2020-8174 [napi_get_value_string_*() allows various kinds of memory corruption]
- RESERVED
+CVE-2020-8175 (Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow ...)
+ TODO: check
+CVE-2020-8174 (napi_get_value_string_*() allows various kinds of memory corruption in ...)
{DSA-4696-1}
- nodejs 10.21.0~dfsg-1 (bug #962145)
[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security support)
@@ -43531,7 +43560,7 @@ CVE-2019-18246 (BIOTRONIK CardioMessenger II, The affected products do not prope
NOT-FOR-US: BIOTRONIK CardioMessenge
CVE-2019-18245 (Reliable Controls LicenseManager versions 3.4 and prior may allow an a ...)
NOT-FOR-US: Reliable Controls LicenseManager
-CVE-2019-18244 (OSIsoft PI Vision, PI Vision 2017 R2, PI Vision 2017 R2 SP1, PI Vision ...)
+CVE-2019-18244 (In OSIsoft PI System multiple products and versions, a local attacker ...)
NOT-FOR-US: OSIsoft
CVE-2019-18243
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f16accacd65a204cb9ec1e61c3ae02cbe562d1f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f16accacd65a204cb9ec1e61c3ae02cbe562d1f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200725/5a5503cb/attachment.html>
More information about the debian-security-tracker-commits
mailing list