[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Jun 18 09:10:30 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
32597bd4 by security tracker role at 2020-06-18T08:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2020-14414
+ RESERVED
+CVE-2020-14413
+ RESERVED
+CVE-2020-14412
+ RESERVED
+CVE-2020-14411
+ RESERVED
+CVE-2020-14410
+ RESERVED
+CVE-2020-14409
+ RESERVED
+CVE-2020-14408 (An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanit ...)
+ TODO: check
CVE-2020-14407
RESERVED
CVE-2020-14406
@@ -399,7 +413,7 @@ CVE-2019-20840 (An issue was discovered in LibVNCServer before 0.9.13. libvncser
CVE-2019-20839 (libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer over ...)
- libvncserver <unfixed>
NOTE: https://github.com/LibVNC/libvncserver/commit/3fd03977c9b35800d73a865f167338cb4d05b0c1
-CVE-2018-21247 (An issue was discovered in LibVNCServer before 0.9.13. There is a memo ...)
+CVE-2018-21247 (An issue was discovered in LibVNCServer before 0.9.13. There is an inf ...)
- libvncserver 0.9.12+dfsg-3
NOTE: https://github.com/LibVNC/libvncserver/issues/253
NOTE: https://github.com/LibVNC/libvncserver/commit/8b06f835e259652b0ff026898014fc7297ade858
@@ -526,8 +540,8 @@ CVE-2020-14159 (By using an Automate API in ConnectWise Automate before 2020.5.1
NOT-FOR-US: ConnectWise
CVE-2020-14158
RESERVED
-CVE-2020-14157
- RESERVED
+CVE-2020-14157 (The wireless-communication feature of the ABUS Secvest FUBE50001 devic ...)
+ TODO: check
CVE-2020-14156 (user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020 ...)
NOT-FOR-US: OpenBMC
CVE-2020-14155 (libpcre in PCRE before 8.44 allows an integer overflow via a large num ...)
@@ -804,8 +818,8 @@ CVE-2020-14042
RESERVED
CVE-2020-14041
RESERVED
-CVE-2020-14040
- RESERVED
+CVE-2020-14040 (Go version v0.3.3 of the x/text package fixes a vulnerability in encod ...)
+ TODO: check
CVE-2020-14039
RESERVED
CVE-2020-XXXX [Editor: Ensure latest comments can only be viewed from public posts]
@@ -1968,7 +1982,7 @@ CVE-2020-13593
RESERVED
CVE-2020-13662 [Drupal SA 2020-003]
RESERVED
- {DSA-4693-1}
+ {DSA-4693-1 DLA-2250-1}
- drupal7 <removed>
NOTE: https://www.drupal.org/sa-core-2020-003
NOTE: https://git.drupalcode.org/project/drupal/-/commit/905ff00a44160adee3f266cdcc87d3350a64a072
@@ -15427,12 +15441,10 @@ CVE-2020-8621
RESERVED
CVE-2020-8620
RESERVED
-CVE-2020-8619
- RESERVED
+CVE-2020-8619 (Unless a nameserver is providing authoritative service for one or more ...)
- bind9 1:9.16.4-1
NOTE: https://kb.isc.org/docs/cve-2020-8619
-CVE-2020-8618
- RESERVED
+CVE-2020-8618 (An attacker who is permitted to send zone data to a server via zone tr ...)
- bind9 1:9.16.4-1
NOTE: https://kb.isc.org/docs/cve-2020-8618
CVE-2020-8617 (Using a specially-crafted message, an attacker may potentially cause a ...)
@@ -28874,50 +28886,50 @@ CVE-2020-3370
RESERVED
CVE-2020-3369
RESERVED
-CVE-2020-3368
- RESERVED
+CVE-2020-3368 (A vulnerability in the antispam protection mechanisms of Cisco AsyncOS ...)
+ TODO: check
CVE-2020-3367
RESERVED
CVE-2020-3366
RESERVED
CVE-2020-3365
RESERVED
-CVE-2020-3364
- RESERVED
+CVE-2020-3364 (A vulnerability in the access control list (ACL) functionality of the ...)
+ TODO: check
CVE-2020-3363
RESERVED
-CVE-2020-3362
- RESERVED
-CVE-2020-3361
- RESERVED
-CVE-2020-3360
- RESERVED
+CVE-2020-3362 (A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO ...)
+ TODO: check
+CVE-2020-3361 (A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Serve ...)
+ TODO: check
+CVE-2020-3360 (A vulnerability in the Web Access feature of Cisco IP Phones Series 78 ...)
+ TODO: check
CVE-2020-3359
RESERVED
CVE-2020-3358
RESERVED
CVE-2020-3357
RESERVED
-CVE-2020-3356
- RESERVED
-CVE-2020-3355
- RESERVED
-CVE-2020-3354
- RESERVED
+CVE-2020-3356 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
+ TODO: check
+CVE-2020-3355 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
+ TODO: check
+CVE-2020-3354 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
+ TODO: check
CVE-2020-3353 (A vulnerability in the syslog processing engine of Cisco Identity Serv ...)
NOT-FOR-US: Cisco
CVE-2020-3352
RESERVED
CVE-2020-3351
RESERVED
-CVE-2020-3350
- RESERVED
+CVE-2020-3350 (A vulnerability in the endpoint software of Cisco AMP for Endpoints an ...)
+ TODO: check
CVE-2020-3349
RESERVED
CVE-2020-3348
RESERVED
-CVE-2020-3347
- RESERVED
+CVE-2020-3347 (A vulnerability in Cisco Webex Meetings Desktop App for Windows could ...)
+ TODO: check
CVE-2020-3346
RESERVED
CVE-2020-3345
@@ -28926,8 +28938,8 @@ CVE-2020-3344 (A vulnerability in Cisco AMP for Endpoints Linux Connector Softwa
NOT-FOR-US: Cisco
CVE-2020-3343 (A vulnerability in Cisco AMP for Endpoints Linux Connector Software an ...)
NOT-FOR-US: Cisco
-CVE-2020-3342
- RESERVED
+CVE-2020-3342 (A vulnerability in the software update feature of Cisco Webex Meetings ...)
+ TODO: check
CVE-2020-3341 (A vulnerability in the PDF archive parsing module in Clam AntiVirus (C ...)
{DLA-2215-1}
- clamav 0.102.3+dfsg-1
@@ -28940,10 +28952,10 @@ CVE-2020-3339 (A vulnerability in the web-based management interface of Cisco Pr
NOT-FOR-US: Cisco
CVE-2020-3338
RESERVED
-CVE-2020-3337
- RESERVED
-CVE-2020-3336
- RESERVED
+CVE-2020-3337 (A vulnerability in the web server of Cisco Umbrella could allow an una ...)
+ TODO: check
+CVE-2020-3336 (A vulnerability in the software upgrade process of Cisco TelePresence ...)
+ TODO: check
CVE-2020-3335 (A vulnerability in the key store of Cisco Application Services Engine ...)
NOT-FOR-US: Cisco
CVE-2020-3334 (A vulnerability in the ARP packet processing of Cisco Adaptive Securit ...)
@@ -29026,28 +29038,28 @@ CVE-2020-3298 (A vulnerability in the Open Shortest Path First (OSPF) implementa
NOT-FOR-US: Cisco
CVE-2020-3297
RESERVED
-CVE-2020-3296
- RESERVED
-CVE-2020-3295
- RESERVED
-CVE-2020-3294
- RESERVED
-CVE-2020-3293
- RESERVED
-CVE-2020-3292
- RESERVED
-CVE-2020-3291
- RESERVED
-CVE-2020-3290
- RESERVED
-CVE-2020-3289
- RESERVED
-CVE-2020-3288
- RESERVED
-CVE-2020-3287
- RESERVED
-CVE-2020-3286
- RESERVED
+CVE-2020-3296 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3295 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3294 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3293 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3292 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3291 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3290 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3289 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3288 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3287 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3286 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2020-3285 (A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) ...)
NOT-FOR-US: Cisco
CVE-2020-3284
@@ -29060,18 +29072,18 @@ CVE-2020-3281 (A vulnerability in the audit logging component of Cisco Digital N
NOT-FOR-US: Cisco
CVE-2020-3280 (A vulnerability in the Java Remote Management Interface of Cisco Unifi ...)
NOT-FOR-US: Cisco
-CVE-2020-3279
- RESERVED
-CVE-2020-3278
- RESERVED
-CVE-2020-3277
- RESERVED
-CVE-2020-3276
- RESERVED
-CVE-2020-3275
- RESERVED
-CVE-2020-3274
- RESERVED
+CVE-2020-3279 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3278 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3277 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3276 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3275 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3274 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2020-3273 (A vulnerability in the 802.11 Generic Advertisement Service (GAS) fram ...)
NOT-FOR-US: Cisco
CVE-2020-3272 (A vulnerability in the DHCP server of Cisco Prime Network Registrar co ...)
@@ -29080,10 +29092,10 @@ CVE-2020-3271
RESERVED
CVE-2020-3270
RESERVED
-CVE-2020-3269
- RESERVED
-CVE-2020-3268
- RESERVED
+CVE-2020-3269 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2020-3268 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
CVE-2020-3267 (A vulnerability in the API subsystem of Cisco Unified Contact Center E ...)
NOT-FOR-US: Cisco
CVE-2020-3266 (A vulnerability in the CLI of Cisco SD-WAN Solution software could all ...)
@@ -29092,8 +29104,8 @@ CVE-2020-3265 (A vulnerability in Cisco SD-WAN Solution software could allow an
NOT-FOR-US: Cisco
CVE-2020-3264 (A vulnerability in Cisco SD-WAN Solution software could allow an authe ...)
NOT-FOR-US: Cisco
-CVE-2020-3263
- RESERVED
+CVE-2020-3263 (A vulnerability in Cisco Webex Meetings Desktop App could allow an una ...)
+ TODO: check
CVE-2020-3262 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
NOT-FOR-US: Cisco
CVE-2020-3261 (A vulnerability in the web-based management interface of Cisco Mobilit ...)
@@ -29128,16 +29140,16 @@ CVE-2020-3247 (Multiple vulnerabilities in the REST API of Cisco UCS Director an
NOT-FOR-US: Cisco
CVE-2020-3246 (A vulnerability in the web server of Cisco Umbrella could allow an una ...)
NOT-FOR-US: Cisco
-CVE-2020-3245
- RESERVED
-CVE-2020-3244
- RESERVED
+CVE-2020-3245 (A vulnerability in the web application of Cisco Smart Software Manager ...)
+ TODO: check
+CVE-2020-3244 (A vulnerability in the Enhanced Charging Service (ECS) functionality o ...)
+ TODO: check
CVE-2020-3243 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
NOT-FOR-US: Cisco
-CVE-2020-3242
- RESERVED
-CVE-2020-3241
- RESERVED
+CVE-2020-3242 (A vulnerability in the REST API of Cisco UCS Director could allow an a ...)
+ TODO: check
+CVE-2020-3241 (A vulnerability in the orchestration tasks of Cisco UCS Director could ...)
+ TODO: check
CVE-2020-3240 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
NOT-FOR-US: Cisco
CVE-2020-3239 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
@@ -29146,8 +29158,8 @@ CVE-2020-3238 (A vulnerability in the Cisco Application Framework component of t
NOT-FOR-US: Cisco
CVE-2020-3237 (A vulnerability in the Cisco Application Framework component of the Ci ...)
NOT-FOR-US: Cisco
-CVE-2020-3236
- RESERVED
+CVE-2020-3236 (A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Soft ...)
+ TODO: check
CVE-2020-3235 (A vulnerability in the Simple Network Management Protocol (SNMP) subsy ...)
NOT-FOR-US: Cisco
CVE-2020-3234 (A vulnerability in the virtual console authentication of Cisco IOS Sof ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32597bd42698ab9aeecaee4757befb884399ad22
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32597bd42698ab9aeecaee4757befb884399ad22
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200618/4ae41299/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list