[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Jul 25 09:10:29 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7f16acca by security tracker role at 2020-07-25T08:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2020-15947
+	RESERVED
+CVE-2020-15946
+	RESERVED
+CVE-2020-15945 (Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c  ...)
+	TODO: check
+CVE-2020-15944
+	RESERVED
+CVE-2020-15943
+	RESERVED
+CVE-2020-15942
+	RESERVED
+CVE-2020-15941
+	RESERVED
+CVE-2020-15940
+	RESERVED
+CVE-2020-15939
+	RESERVED
+CVE-2020-15938
+	RESERVED
+CVE-2020-15937
+	RESERVED
+CVE-2020-15936
+	RESERVED
+CVE-2020-15935
+	RESERVED
+CVE-2020-15934
+	RESERVED
+CVE-2020-15933
+	RESERVED
 CVE-2020-15932 (Overwolf before 0.149.2.30 mishandles Symbolic Links during updates, c ...)
 	TODO: check
 CVE-2020-15931
@@ -2716,8 +2746,8 @@ CVE-2020-14727
 	RESERVED
 CVE-2020-14726
 	RESERVED
-CVE-2020-14725
-	RESERVED
+CVE-2020-14725 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
+	TODO: check
 CVE-2020-14724 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
 	NOT-FOR-US: Oracle
 CVE-2020-14723 (Vulnerability in the Oracle Help Technologies product of Oracle Fusion ...)
@@ -7632,8 +7662,8 @@ CVE-2020-12814
 	RESERVED
 CVE-2020-12813
 	RESERVED
-CVE-2020-12812
-	RESERVED
+CVE-2020-12812 (An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0,  ...)
+	TODO: check
 CVE-2020-12811
 	RESERVED
 CVE-2020-12810
@@ -14895,36 +14925,36 @@ CVE-2020-10616 (Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not
 	NOT-FOR-US: Opto 22 SoftPAC Project
 CVE-2020-10615 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
 	NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
-CVE-2020-10614
-	RESERVED
+CVE-2020-10614 (In OSIsoft PI System multiple products and versions, an authenticated  ...)
+	TODO: check
 CVE-2020-10613 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
 	NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
 CVE-2020-10612 (Opto 22 SoftPAC Project Version 9.6 and prior. SoftPACAgent communicat ...)
 	NOT-FOR-US: Opto 22 SoftPAC Project
 CVE-2020-10611 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
 	NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
-CVE-2020-10610
-	RESERVED
+CVE-2020-10610 (In OSIsoft PI System multiple products and versions, a local attacker  ...)
+	TODO: check
 CVE-2020-10609
 	RESERVED
-CVE-2020-10608
-	RESERVED
+CVE-2020-10608 (In OSIsoft PI System multiple products and versions, a local attacker  ...)
+	TODO: check
 CVE-2020-10607 (In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer ...)
 	NOT-FOR-US: Advantech WebAccess
-CVE-2020-10606
-	RESERVED
+CVE-2020-10606 (In OSIsoft PI System multiple products and versions, a local attacker  ...)
+	TODO: check
 CVE-2020-10605 (Grundfos CIM 500 before v06.16.00 responds to unauthenticated requests ...)
 	NOT-FOR-US: Grundfos CIM
-CVE-2020-10604
-	RESERVED
+CVE-2020-10604 (In OSIsoft PI System multiple products and versions, a remote, unauthe ...)
+	TODO: check
 CVE-2020-10603 (WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize use ...)
 	NOT-FOR-US: WebAccess/NMS
-CVE-2020-10602
-	RESERVED
+CVE-2020-10602 (In OSIsoft PI System multiple products and versions, an authenticated  ...)
+	TODO: check
 CVE-2020-10601 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow  ...)
 	NOT-FOR-US: VISAM VBASE Editor
-CVE-2020-10600
-	RESERVED
+CVE-2020-10600 (In OSIsoft PI System multiple products and versions, an authenticated  ...)
+	TODO: check
 CVE-2020-10599 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may al ...)
 	NOT-FOR-US: VISAM VBASE Editor
 CVE-2020-10598 (In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES  ...)
@@ -20492,8 +20522,8 @@ CVE-2020-8209
 	RESERVED
 CVE-2020-8208
 	RESERVED
-CVE-2020-8207
-	RESERVED
+CVE-2020-8207 (Improper access control in Citrix Workspace app for Windows 1912 CU1 a ...)
+	TODO: check
 CVE-2020-8206
 	RESERVED
 CVE-2020-8205 (The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable  ...)
@@ -20567,10 +20597,9 @@ CVE-2020-8177
 	NOTE: https://github.com/curl/curl/commit/8236aba58542c5f89f1d41ca09d84579efb05e22 (7.71.0)
 CVE-2020-8176 (A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.6 ...)
 	NOT-FOR-US: koa-shopify-auth
-CVE-2020-8175
-	RESERVED
-CVE-2020-8174 [napi_get_value_string_*() allows various kinds of memory corruption]
-	RESERVED
+CVE-2020-8175 (Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow  ...)
+	TODO: check
+CVE-2020-8174 (napi_get_value_string_*() allows various kinds of memory corruption in ...)
 	{DSA-4696-1}
 	- nodejs 10.21.0~dfsg-1 (bug #962145)
 	[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security support)
@@ -43531,7 +43560,7 @@ CVE-2019-18246 (BIOTRONIK CardioMessenger II, The affected products do not prope
 	NOT-FOR-US: BIOTRONIK CardioMessenge
 CVE-2019-18245 (Reliable Controls LicenseManager versions 3.4 and prior may allow an a ...)
 	NOT-FOR-US: Reliable Controls LicenseManager
-CVE-2019-18244 (OSIsoft PI Vision, PI Vision 2017 R2, PI Vision 2017 R2 SP1, PI Vision ...)
+CVE-2019-18244 (In OSIsoft PI System multiple products and versions, a local attacker  ...)
 	NOT-FOR-US: OSIsoft
 CVE-2019-18243
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f16accacd65a204cb9ec1e61c3ae02cbe562d1f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f16accacd65a204cb9ec1e61c3ae02cbe562d1f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200725/5a5503cb/attachment.html>

More information about the debian-security-tracker-commits mailing list