[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Tue Jun 16 09:10:27 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b7bc1851 by security tracker role at 2020-06-16T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2020-14163 (An issue was discovered in ecma/operations/ecma-container-object.c in  ...)
+	TODO: check
 CVE-2020-14162
 	RESERVED
 CVE-2020-14161
@@ -1292,7 +1294,7 @@ CVE-2020-13648
 	RESERVED
 CVE-2020-13647
 	RESERVED
-CVE-2020-13646 (In the cheetah free wifi 5.1 driver file liebaonat.sys, local users ar ...)
+CVE-2020-13646 (In Cheetah free WiFi 5.1, the driver file (liebaonat.sys) allows local ...)
 	NOT-FOR-US: cheetah free wifi
 CVE-2020-13645 (In GNOME glib-networking through 2.64.2, the implementation of GTlsCli ...)
 	- glib-networking <unfixed> (bug #961756)
@@ -5213,20 +5215,20 @@ CVE-2020-12007
 	RESERVED
 CVE-2020-12006 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...)
 	NOT-FOR-US: Advantech WebAccess Node
-CVE-2020-12005
-	RESERVED
+CVE-2020-12005 (FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.0 ...)
+	TODO: check
 CVE-2020-12004 (The affected product lacks proper authentication required to query the ...)
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2020-12003
-	RESERVED
+CVE-2020-12003 (FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.0 ...)
+	TODO: check
 CVE-2020-12002 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...)
 	NOT-FOR-US: Advantech WebAccess Node
-CVE-2020-12001
-	RESERVED
+CVE-2020-12001 (FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.0 ...)
+	TODO: check
 CVE-2020-12000 (The affected product is vulnerable to the handling of serialized data. ...)
 	NOT-FOR-US: Inductive Automation Ignition
-CVE-2020-11999
-	RESERVED
+CVE-2020-11999 (FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.0 ...)
+	TODO: check
 CVE-2020-11998
 	RESERVED
 CVE-2020-11997
@@ -6220,7 +6222,7 @@ CVE-2020-11846
 	RESERVED
 CVE-2020-11845 (Cross Site Scripting vulnerability in Micro Focus Service Manager prod ...)
 	NOT-FOR-US: Micro Focus
-CVE-2020-11844 (There is an Incorrect Authorization vulnerability in Micro Focus Servi ...)
+CVE-2020-11844 (Incorrect Authorization vulnerability in Micro Focus Container Deploym ...)
 	NOT-FOR-US: Micro Focus
 CVE-2020-11843
 	RESERVED
@@ -21730,10 +21732,10 @@ CVE-2020-5757
 	RESERVED
 CVE-2020-5756
 	RESERVED
-CVE-2020-5755
-	RESERVED
-CVE-2020-5754
-	RESERVED
+CVE-2020-5755 (Webroot endpoint agents prior to version v9.0.28.48 did not protect th ...)
+	TODO: check
+CVE-2020-5754 (Webroot endpoint agents prior to version v9.0.28.48 allows remote atta ...)
+	TODO: check
 CVE-2020-5753 (Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and u ...)
 	NOT-FOR-US: Signal Private Messenger (Android and iOS version)
 CVE-2020-5752 (Relative path traversal in Druva inSync Windows Client 6.6.3 allows a  ...)
@@ -21756,8 +21758,8 @@ CVE-2020-5744 (Relative Path Traversal in TCExam 14.2.2 allows a remote, authent
 	NOT-FOR-US: TCExam
 CVE-2020-5743 (Improper Control of Resource Identifiers in TCExam 14.2.2 allows a rem ...)
 	NOT-FOR-US: TCExam
-CVE-2020-5742
-	RESERVED
+CVE-2020-5742 (Improper Access Control in Plex Media Server prior to June 15, 2020 al ...)
+	TODO: check
 CVE-2020-5741 (Deserialization of Untrusted Data in Plex Media Server on Windows allo ...)
 	NOT-FOR-US: Plex Media Server on Windows
 CVE-2020-5740 (Improper Input Validation in Plex Media Server on Windows allows a loc ...)
@@ -22609,8 +22611,8 @@ CVE-2020-5360
 	RESERVED
 CVE-2020-5359
 	RESERVED
-CVE-2020-5358
-	RESERVED
+CVE-2020-5358 (Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suit ...)
+	TODO: check
 CVE-2020-5357 (Dell Dock Firmware Update Utilities for Dell Client Consumer and Comme ...)
 	NOT-FOR-US: Dell
 CVE-2020-5356
@@ -25813,8 +25815,8 @@ CVE-2020-4053
 	RESERVED
 CVE-2020-4052
 	RESERVED
-CVE-2020-4051
-	RESERVED
+CVE-2020-4051 (In Dijit before versions 1.11.11, and greater than or equal to 1.12.0  ...)
+	TODO: check
 CVE-2020-4045 (SSB-DB version 20.0.0 has an information disclosure vulnerability. The ...)
 	NOT-FOR-US: SSB-DB
 CVE-2020-4044



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7bc18518b482d84ea8bbe23096d0a9b4a7fecc7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7bc18518b482d84ea8bbe23096d0a9b4a7fecc7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200616/029cd753/attachment.html>


More information about the debian-security-tracker-commits mailing list