[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c6a978d4 by security tracker role at 2020-06-05T08:10:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,59 @@
-CVE-2020-13843
+CVE-2020-13866
 	RESERVED
-CVE-2020-13842
+CVE-2020-13865
 	RESERVED
-CVE-2020-13841
+CVE-2020-13864
 	RESERVED
-CVE-2020-13840
+CVE-2020-13863
 	RESERVED
-CVE-2020-13839
+CVE-2020-13862
 	RESERVED
+CVE-2020-13861
+	RESERVED
+CVE-2020-13860
+	RESERVED
+CVE-2020-13859
+	RESERVED
+CVE-2020-13858
+	RESERVED
+CVE-2020-13857
+	RESERVED
+CVE-2020-13856
+	RESERVED
+CVE-2020-13855
+	RESERVED
+CVE-2020-13854
+	RESERVED
+CVE-2020-13853
+	RESERVED
+CVE-2020-13852
+	RESERVED
+CVE-2020-13851
+	RESERVED
+CVE-2020-13850
+	RESERVED
+CVE-2020-13849 (The MQTT protocol 3.1.1 requires a server to set a timeout value of 1. ...)
+	TODO: check
+CVE-2020-13848 (Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attac ...)
+	TODO: check
+CVE-2020-13847
+	RESERVED
+CVE-2020-13846
+	RESERVED
+CVE-2020-13845
+	RESERVED
+CVE-2020-13844
+	RESERVED
+CVE-2020-13843 (An issue was discovered on LG mobile devices with Android OS software  ...)
+	TODO: check
+CVE-2020-13842 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
+	TODO: check
+CVE-2020-13841 (An issue was discovered on LG mobile devices with Android OS 9 and 10  ...)
+	TODO: check
+CVE-2020-13840 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
+	TODO: check
+CVE-2020-13839 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
+	TODO: check
 CVE-2020-13838 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
 	NOT-FOR-US: Samsung mobile devices
 CVE-2020-13837 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
@@ -249,8 +295,8 @@ CVE-2020-13770
 	RESERVED
 CVE-2020-13769
 	RESERVED
-CVE-2020-13768
-	RESERVED
+CVE-2020-13768 (In MiniShare before 1.4.2, there is a stack-based buffer overflow via  ...)
+	TODO: check
 CVE-2020-13767
 	RESERVED
 CVE-2020-13766
@@ -2299,18 +2345,18 @@ CVE-2020-12854
 	RESERVED
 CVE-2020-12853 (Pydio Cells 2.0.4 allows XSS. A malicious user can either upload or cr ...)
 	TODO: check
-CVE-2020-12852
-	RESERVED
-CVE-2020-12851
-	RESERVED
+CVE-2020-12852 (The update feature for Pydio Cells 2.0.4 allows an administrator user  ...)
+	TODO: check
+CVE-2020-12851 (Pydio Cells 2.0.4 allows an authenticated user to write or overwrite e ...)
+	TODO: check
 CVE-2020-12850
 	RESERVED
 CVE-2020-12849
 	RESERVED
 CVE-2020-12848
 	RESERVED
-CVE-2020-12847
-	RESERVED
+CVE-2020-12847 (Pydio Cells 2.0.4 web application offers an administrative console nam ...)
+	TODO: check
 CVE-2020-12846 (Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remo ...)
 	NOT-FOR-US: Zimbra
 CVE-2020-12845
@@ -6068,8 +6114,8 @@ CVE-2020-11684
 	RESERVED
 CVE-2020-11683
 	RESERVED
-CVE-2020-11682
-	RESERVED
+CVE-2020-11682 (Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing  ...)
+	TODO: check
 CVE-2020-11681 (Castel NextGen DVR v1.0.0 stores and displays credentials for the asso ...)
 	TODO: check
 CVE-2020-11680 (Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all ...)
@@ -14160,8 +14206,7 @@ CVE-2020-8557
 	RESERVED
 CVE-2020-8556
 	RESERVED
-CVE-2020-8555
-	RESERVED
+CVE-2020-8555 (The Kubernetes kube-controller-manager in versions v1.0-1.14, versions ...)
 	- kubernetes 1.18.2-1
 	NOTE: https://github.com/kubernetes/kubernetes/issues/91542
 CVE-2020-8554



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6a978d4692171d525dab25adcef32230ce794f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6a978d4692171d525dab25adcef32230ce794f9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200605/3a85acc9/attachment.html>