[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Mon Mar 2 20:10:27 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a717d616 by security tracker role at 2020-03-02T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,443 @@
+CVE-2020-9766
+ RESERVED
+CVE-2020-9765
+ RESERVED
+CVE-2020-9764
+ RESERVED
+CVE-2020-9763
+ RESERVED
+CVE-2020-9762
+ RESERVED
+CVE-2020-9761
+ RESERVED
+CVE-2020-9760
+ RESERVED
+CVE-2020-9759
+ RESERVED
+CVE-2020-9758
+ RESERVED
+CVE-2020-9757
+ RESERVED
+CVE-2020-9756
+ RESERVED
+CVE-2020-9755
+ RESERVED
+CVE-2020-9754
+ RESERVED
+CVE-2020-9753
+ RESERVED
+CVE-2020-9752
+ RESERVED
+CVE-2020-9751
+ RESERVED
+CVE-2020-9750
+ RESERVED
+CVE-2020-9749
+ RESERVED
+CVE-2020-9748
+ RESERVED
+CVE-2020-9747
+ RESERVED
+CVE-2020-9746
+ RESERVED
+CVE-2020-9745
+ RESERVED
+CVE-2020-9744
+ RESERVED
+CVE-2020-9743
+ RESERVED
+CVE-2020-9742
+ RESERVED
+CVE-2020-9741
+ RESERVED
+CVE-2020-9740
+ RESERVED
+CVE-2020-9739
+ RESERVED
+CVE-2020-9738
+ RESERVED
+CVE-2020-9737
+ RESERVED
+CVE-2020-9736
+ RESERVED
+CVE-2020-9735
+ RESERVED
+CVE-2020-9734
+ RESERVED
+CVE-2020-9733
+ RESERVED
+CVE-2020-9732
+ RESERVED
+CVE-2020-9731
+ RESERVED
+CVE-2020-9730
+ RESERVED
+CVE-2020-9729
+ RESERVED
+CVE-2020-9728
+ RESERVED
+CVE-2020-9727
+ RESERVED
+CVE-2020-9726
+ RESERVED
+CVE-2020-9725
+ RESERVED
+CVE-2020-9724
+ RESERVED
+CVE-2020-9723
+ RESERVED
+CVE-2020-9722
+ RESERVED
+CVE-2020-9721
+ RESERVED
+CVE-2020-9720
+ RESERVED
+CVE-2020-9719
+ RESERVED
+CVE-2020-9718
+ RESERVED
+CVE-2020-9717
+ RESERVED
+CVE-2020-9716
+ RESERVED
+CVE-2020-9715
+ RESERVED
+CVE-2020-9714
+ RESERVED
+CVE-2020-9713
+ RESERVED
+CVE-2020-9712
+ RESERVED
+CVE-2020-9711
+ RESERVED
+CVE-2020-9710
+ RESERVED
+CVE-2020-9709
+ RESERVED
+CVE-2020-9708
+ RESERVED
+CVE-2020-9707
+ RESERVED
+CVE-2020-9706
+ RESERVED
+CVE-2020-9705
+ RESERVED
+CVE-2020-9704
+ RESERVED
+CVE-2020-9703
+ RESERVED
+CVE-2020-9702
+ RESERVED
+CVE-2020-9701
+ RESERVED
+CVE-2020-9700
+ RESERVED
+CVE-2020-9699
+ RESERVED
+CVE-2020-9698
+ RESERVED
+CVE-2020-9697
+ RESERVED
+CVE-2020-9696
+ RESERVED
+CVE-2020-9695
+ RESERVED
+CVE-2020-9694
+ RESERVED
+CVE-2020-9693
+ RESERVED
+CVE-2020-9692
+ RESERVED
+CVE-2020-9691
+ RESERVED
+CVE-2020-9690
+ RESERVED
+CVE-2020-9689
+ RESERVED
+CVE-2020-9688
+ RESERVED
+CVE-2020-9687
+ RESERVED
+CVE-2020-9686
+ RESERVED
+CVE-2020-9685
+ RESERVED
+CVE-2020-9684
+ RESERVED
+CVE-2020-9683
+ RESERVED
+CVE-2020-9682
+ RESERVED
+CVE-2020-9681
+ RESERVED
+CVE-2020-9680
+ RESERVED
+CVE-2020-9679
+ RESERVED
+CVE-2020-9678
+ RESERVED
+CVE-2020-9677
+ RESERVED
+CVE-2020-9676
+ RESERVED
+CVE-2020-9675
+ RESERVED
+CVE-2020-9674
+ RESERVED
+CVE-2020-9673
+ RESERVED
+CVE-2020-9672
+ RESERVED
+CVE-2020-9671
+ RESERVED
+CVE-2020-9670
+ RESERVED
+CVE-2020-9669
+ RESERVED
+CVE-2020-9668
+ RESERVED
+CVE-2020-9667
+ RESERVED
+CVE-2020-9666
+ RESERVED
+CVE-2020-9665
+ RESERVED
+CVE-2020-9664
+ RESERVED
+CVE-2020-9663
+ RESERVED
+CVE-2020-9662
+ RESERVED
+CVE-2020-9661
+ RESERVED
+CVE-2020-9660
+ RESERVED
+CVE-2020-9659
+ RESERVED
+CVE-2020-9658
+ RESERVED
+CVE-2020-9657
+ RESERVED
+CVE-2020-9656
+ RESERVED
+CVE-2020-9655
+ RESERVED
+CVE-2020-9654
+ RESERVED
+CVE-2020-9653
+ RESERVED
+CVE-2020-9652
+ RESERVED
+CVE-2020-9651
+ RESERVED
+CVE-2020-9650
+ RESERVED
+CVE-2020-9649
+ RESERVED
+CVE-2020-9648
+ RESERVED
+CVE-2020-9647
+ RESERVED
+CVE-2020-9646
+ RESERVED
+CVE-2020-9645
+ RESERVED
+CVE-2020-9644
+ RESERVED
+CVE-2020-9643
+ RESERVED
+CVE-2020-9642
+ RESERVED
+CVE-2020-9641
+ RESERVED
+CVE-2020-9640
+ RESERVED
+CVE-2020-9639
+ RESERVED
+CVE-2020-9638
+ RESERVED
+CVE-2020-9637
+ RESERVED
+CVE-2020-9636
+ RESERVED
+CVE-2020-9635
+ RESERVED
+CVE-2020-9634
+ RESERVED
+CVE-2020-9633
+ RESERVED
+CVE-2020-9632
+ RESERVED
+CVE-2020-9631
+ RESERVED
+CVE-2020-9630
+ RESERVED
+CVE-2020-9629
+ RESERVED
+CVE-2020-9628
+ RESERVED
+CVE-2020-9627
+ RESERVED
+CVE-2020-9626
+ RESERVED
+CVE-2020-9625
+ RESERVED
+CVE-2020-9624
+ RESERVED
+CVE-2020-9623
+ RESERVED
+CVE-2020-9622
+ RESERVED
+CVE-2020-9621
+ RESERVED
+CVE-2020-9620
+ RESERVED
+CVE-2020-9619
+ RESERVED
+CVE-2020-9618
+ RESERVED
+CVE-2020-9617
+ RESERVED
+CVE-2020-9616
+ RESERVED
+CVE-2020-9615
+ RESERVED
+CVE-2020-9614
+ RESERVED
+CVE-2020-9613
+ RESERVED
+CVE-2020-9612
+ RESERVED
+CVE-2020-9611
+ RESERVED
+CVE-2020-9610
+ RESERVED
+CVE-2020-9609
+ RESERVED
+CVE-2020-9608
+ RESERVED
+CVE-2020-9607
+ RESERVED
+CVE-2020-9606
+ RESERVED
+CVE-2020-9605
+ RESERVED
+CVE-2020-9604
+ RESERVED
+CVE-2020-9603
+ RESERVED
+CVE-2020-9602
+ RESERVED
+CVE-2020-9601
+ RESERVED
+CVE-2020-9600
+ RESERVED
+CVE-2020-9599
+ RESERVED
+CVE-2020-9598
+ RESERVED
+CVE-2020-9597
+ RESERVED
+CVE-2020-9596
+ RESERVED
+CVE-2020-9595
+ RESERVED
+CVE-2020-9594
+ RESERVED
+CVE-2020-9593
+ RESERVED
+CVE-2020-9592
+ RESERVED
+CVE-2020-9591
+ RESERVED
+CVE-2020-9590
+ RESERVED
+CVE-2020-9589
+ RESERVED
+CVE-2020-9588
+ RESERVED
+CVE-2020-9587
+ RESERVED
+CVE-2020-9586
+ RESERVED
+CVE-2020-9585
+ RESERVED
+CVE-2020-9584
+ RESERVED
+CVE-2020-9583
+ RESERVED
+CVE-2020-9582
+ RESERVED
+CVE-2020-9581
+ RESERVED
+CVE-2020-9580
+ RESERVED
+CVE-2020-9579
+ RESERVED
+CVE-2020-9578
+ RESERVED
+CVE-2020-9577
+ RESERVED
+CVE-2020-9576
+ RESERVED
+CVE-2020-9575
+ RESERVED
+CVE-2020-9574
+ RESERVED
+CVE-2020-9573
+ RESERVED
+CVE-2020-9572
+ RESERVED
+CVE-2020-9571
+ RESERVED
+CVE-2020-9570
+ RESERVED
+CVE-2020-9569
+ RESERVED
+CVE-2020-9568
+ RESERVED
+CVE-2020-9567
+ RESERVED
+CVE-2020-9566
+ RESERVED
+CVE-2020-9565
+ RESERVED
+CVE-2020-9564
+ RESERVED
+CVE-2020-9563
+ RESERVED
+CVE-2020-9562
+ RESERVED
+CVE-2020-9561
+ RESERVED
+CVE-2020-9560
+ RESERVED
+CVE-2020-9559
+ RESERVED
+CVE-2020-9558
+ RESERVED
+CVE-2020-9557
+ RESERVED
+CVE-2020-9556
+ RESERVED
+CVE-2020-9555
+ RESERVED
+CVE-2020-9554
+ RESERVED
+CVE-2020-9553
+ RESERVED
+CVE-2020-9552
+ RESERVED
+CVE-2020-9551
+ RESERVED
+CVE-2019-20489 (An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. The web ...)
+ TODO: check
+CVE-2019-20488 (An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multipl ...)
+ TODO: check
+CVE-2019-20487 (An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multipl ...)
+ TODO: check
+CVE-2019-20486 (An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multipl ...)
+ TODO: check
CVE-2020-9550
RESERVED
CVE-2020-9549 (In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bou ...)
@@ -659,7 +1099,7 @@ CVE-2020-9274 (An issue was discovered in Pure-FTPd 1.0.49. An uninitialized poi
NOTE: probably not the end of the world, but it is made worse by use of the rather
NOTE: unsafe strcmp() instead of strncmp() in the vulnerable functions
CVE-2020-9273 (In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interru ...)
- {DSA-4635-1 DLA-2115-1}
+ {DSA-4635-1 DLA-2115-2 DLA-2115-1}
- proftpd-dfsg 1.3.6c-2 (bug #951800)
NOTE: https://github.com/proftpd/proftpd/issues/903
NOTE: https://github.com/proftpd/proftpd/commit/d388f7904d4c9a6d0ea54237b8b54a57c19d8d49 (master)
@@ -1800,12 +2240,12 @@ CVE-2020-8780
RESERVED
CVE-2020-8779
RESERVED
-CVE-2020-8778
- RESERVED
-CVE-2020-8777
- RESERVED
-CVE-2020-8776
- RESERVED
+CVE-2020-8778 (Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 ( ...)
+ TODO: check
+CVE-2020-8777 (Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 ( ...)
+ TODO: check
+CVE-2020-8776 (Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 ( ...)
+ TODO: check
CVE-2020-8775
RESERVED
CVE-2020-8774
@@ -2406,8 +2846,8 @@ CVE-2020-8502
RESERVED
CVE-2020-8501
RESERVED
-CVE-2020-8500
- RESERVED
+CVE-2020-8500 (In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code ...)
+ TODO: check
CVE-2020-8499
RESERVED
CVE-2020-8498 (XSS exists in the shortcode functionality of the GistPress plugin befo ...)
@@ -2555,8 +2995,8 @@ CVE-2020-8439
RESERVED
CVE-2020-8438 (Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated att ...)
NOT-FOR-US: Ruckus devices
-CVE-2020-8437
- RESERVED
+CVE-2020-8437 (The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505 ...)
+ TODO: check
CVE-2020-8436
RESERVED
CVE-2020-8435
@@ -3468,8 +3908,8 @@ CVE-2020-8015
RESERVED
CVE-2020-8014
RESERVED
-CVE-2020-8013
- RESERVED
+CVE-2020-8013 (A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of S ...)
+ TODO: check
CVE-2020-8012 (CA Unified Infrastructure Management (Nimsoft/UIM) 9.20 and below cont ...)
NOT-FOR-US: CA Unified Infrastructure Management (Nimsoft/UIM)
CVE-2020-8011 (CA Unified Infrastructure Management (Nimsoft/UIM) 9.20 and below cont ...)
@@ -6356,7 +6796,7 @@ CVE-2020-6766
CVE-2020-6765
RESERVED
CVE-2020-6764
- RESERVED
+ REJECTED
CVE-2020-6763
RESERVED
CVE-2020-6762
@@ -9630,11 +10070,11 @@ CVE-2020-5251
RESERVED
CVE-2020-5250
RESERVED
-CVE-2020-5249
- RESERVED
+CVE-2020-5249 (In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Pum ...)
+ TODO: check
CVE-2020-5248
RESERVED
-CVE-2020-5247 (In Puma (RubyGem) before 4.3.2 and 3.12.2, if an application using Pum ...)
+CVE-2020-5247 (In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application us ...)
- puma <unfixed> (bug #952766)
NOTE: https://github.com/puma/puma/security/advisories/GHSA-84j7-475p-hp8v
NOTE: https://github.com/puma/puma/commit/1b17e85a06183cd169b41ca719928c26d44a6e03 (3.12.3)
@@ -12047,8 +12487,8 @@ CVE-2020-4294
RESERVED
CVE-2020-4293
RESERVED
-CVE-2020-4292
- RESERVED
+CVE-2020-4292 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and ...)
+ TODO: check
CVE-2020-4291
RESERVED
CVE-2020-4290
@@ -12065,8 +12505,8 @@ CVE-2020-4285
RESERVED
CVE-2020-4284
RESERVED
-CVE-2020-4283
- RESERVED
+CVE-2020-4283 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and ...)
+ TODO: check
CVE-2020-4282
RESERVED
CVE-2020-4281
@@ -17245,10 +17685,10 @@ CVE-2019-19610
RESERVED
CVE-2019-19609 (The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Co ...)
NOT-FOR-US: Strapi
-CVE-2019-19608
- RESERVED
-CVE-2019-19607
- RESERVED
+CVE-2019-19608 (A SQL injection vulnerability in in the web conferencing component of ...)
+ TODO: check
+CVE-2019-19607 (A SQL injection vulnerability in the web conferencing component of Mit ...)
+ TODO: check
CVE-2019-19606
RESERVED
CVE-2019-19605
@@ -19379,10 +19819,10 @@ CVE-2019-19373 (An issue was discovered in Squiz Matrix CMS 5.5.0 prior to 5.5.0
NOT-FOR-US: Squiz Matrix CMS
CVE-2019-19372 (** DISPUTED ** A downloadFile.php download_file path traversal vulnera ...)
NOT-FOR-US: rConfig
-CVE-2019-19371
- RESERVED
-CVE-2019-19370
- RESERVED
+CVE-2019-19371 (A cross-site scripting (XSS) vulnerability in the web conferencing com ...)
+ TODO: check
+CVE-2019-19370 (A cross-site scripting (XSS) vulnerability in the web conferencing com ...)
+ TODO: check
CVE-2019-19369
RESERVED
CVE-2019-19368 (A Reflected Cross Site Scripting was discovered in the Login page of R ...)
@@ -19490,8 +19930,7 @@ CVE-2020-1733 [insecure temporary directory when running become_user from become
CVE-2020-1732
RESERVED
- wildfly <itp> (bug #752018)
-CVE-2020-1731
- RESERVED
+CVE-2020-1731 (A flaw was found in all versions of the Keycloak operator, before vers ...)
NOT-FOR-US: Keycloak
CVE-2020-1730
RESERVED
@@ -20414,7 +20853,7 @@ CVE-2019-19077 (A memory leak in the bnxt_re_create_srq() function in drivers/in
[stretch] - linux <not-affected> (Vulnerable code not present)
[jessie] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4a9d46a9fe14401f21df69cea97c62396d5fb053
-CVE-2019-19076 (A memory leak in the nfp_abm_u32_knode_replace() function in drivers/n ...)
+CVE-2019-19076 (** DISPUTED ** A memory leak in the nfp_abm_u32_knode_replace() functi ...)
- linux 5.3.7-1
[buster] - linux <not-affected> (Vulnerable code not present)
[stretch] - linux <not-affected> (Vulnerable code not present)
@@ -20894,20 +21333,20 @@ CVE-2019-18905
RESERVED
CVE-2019-18904
RESERVED
-CVE-2019-18903
- RESERVED
-CVE-2019-18902
- RESERVED
-CVE-2019-18901
- RESERVED
+CVE-2019-18903 (A Use After Free vulnerability in wicked of SUSE Linux Enterprise Serv ...)
+ TODO: check
+CVE-2019-18902 (A Use After Free vulnerability in wicked of SUSE Linux Enterprise Serv ...)
+ TODO: check
+CVE-2019-18901 (A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-sy ...)
+ TODO: check
CVE-2019-18900 (: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS ...)
TODO: check
CVE-2019-18899 (The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in use ...)
- apt-cacher-ng <not-affected> (openSUSE specific systemd service unit configuration)
CVE-2019-18898 (UNIX Symbolic Link (Symlink) Following vulnerability in the trousers p ...)
NOT-FOR-US: SUSE specific packaging issue in %posttrans section in src:trousers
-CVE-2019-18897
- RESERVED
+CVE-2019-18897 (A UNIX Symbolic Link (Symlink) Following vulnerability in the packagin ...)
+ TODO: check
CVE-2019-18896
RESERVED
CVE-2019-18895 (Scanguard through 2019-11-12 on Windows has Insecure Permissions for t ...)
@@ -21005,8 +21444,8 @@ CVE-2019-18865
RESERVED
CVE-2019-18864
RESERVED
-CVE-2019-18863
- RESERVED
+CVE-2019-18863 (A key length vulnerability in the implementation of the SRTP 128-bit k ...)
+ TODO: check
CVE-2019-18862 (maidag in GNU Mailutils before 3.8 is installed setuid and allows loca ...)
- mailutils <unfixed> (unimportant; bug #944265)
NOTE: /usr/sbin/maidat not installed suid root on Debian
@@ -35479,8 +35918,7 @@ CVE-2019-14893
[jessie] - jackson-databind 2.4.2-2+deb8u9
NOTE: https://github.com/FasterXML/jackson-databind/issues/2469
NOTE: https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317
-CVE-2019-14892
- RESERVED
+CVE-2019-14892 (A flaw was discovered in jackson-databind in versions before 2.9.10, 2 ...)
- jackson-databind 2.10.0-1
[buster] - jackson-databind 2.9.8-3+deb10u1
[stretch] - jackson-databind 2.8.6-1+deb9u6
@@ -44766,8 +45204,8 @@ CVE-2019-12185 (eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /a
NOT-FOR-US: eLabFTW
CVE-2019-12184 (There is XSS in browser/components/MarkdownPreview.js in BoostIO Boost ...)
NOT-FOR-US: Boostnote
-CVE-2019-12183
- RESERVED
+CVE-2019-12183 (Incorrect Access Control in Safescan Timemoto TM-616 and TA-8000 serie ...)
+ TODO: check
CVE-2019-12182
RESERVED
CVE-2019-12181 (A privilege escalation vulnerability exists in SolarWinds Serv-U befor ...)
@@ -85747,8 +86185,8 @@ CVE-2018-17060 (Telerik Extensions for ASP.NET MVC (all versions) does not white
NOT-FOR-US: Telerik Extensions for ASP.NET MVC
CVE-2018-17059
RESERVED
-CVE-2018-17058
- RESERVED
+CVE-2018-17058 (An issue was discovered in JABA XPress Online Shop through 2018-09-14. ...)
+ TODO: check
CVE-2018-17057 (An issue was discovered in TCPDF before 6.2.22. Attackers can trigger ...)
- tcpdf 6.2.26+dfsg-1 (bug #908866)
[stretch] - tcpdf <no-dsa> (Minor issue)
@@ -89119,10 +89557,10 @@ CVE-2018-15822 (The flv_write_packet function in libavformat/flvenc.c in FFmpeg
- libav <removed>
CVE-2018-15821
RESERVED
-CVE-2018-15820
- RESERVED
-CVE-2018-15819
- RESERVED
+CVE-2018-15820 (EasyIO EasyIO-30P devices before 2.0.5.27 allow XSS via the dev.htm GD ...)
+ TODO: check
+CVE-2018-15819 (EasyIO EasyIO-30P devices before 2.0.5.27 have Incorrect Access Contro ...)
+ TODO: check
CVE-2018-15818 (An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker ...)
NOT-FOR-US: Repute ARForms
CVE-2018-15817 (FastStone Image Viewer 6.5 has a Read Access Violation on Block Data M ...)
@@ -92958,8 +93396,8 @@ CVE-2018-14386
RESERVED
CVE-2018-14385
RESERVED
-CVE-2018-14384
- RESERVED
+CVE-2018-14384 (The Website Manager module in SEO Panel 3.13.0 and earlier is affected ...)
+ TODO: check
CVE-2018-14383 (The Transition Technologies "The Scheduler" app 5.1.3 for Jira allows ...)
NOT-FOR-US: Transition Technologies "The Scheduler" app for Jira
CVE-2018-14382 (InstantCMS 2.10.1 has /redirect?url= XSS. ...)
@@ -100176,7 +100614,7 @@ CVE-2018-11677
CVE-2018-11676
RESERVED
CVE-2018-11675
- RESERVED
+ REJECTED
CVE-2018-11674
RESERVED
CVE-2018-11673
@@ -147863,8 +148301,8 @@ CVE-2017-12582 (Unprivileged user can access all functions in the Surveillance S
NOT-FOR-US: QNAP
CVE-2017-12581 (GitHub Electron before 1.6.8 allows remote command execution because o ...)
- electron <itp> (bug #842420)
-CVE-2017-12580
- RESERVED
+CVE-2017-12580 (An issue was discovered in IDM UltraEdit through 24.10.0.32. To exploi ...)
+ TODO: check
CVE-2017-12579 (An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion ...)
NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
CVE-2017-12578
@@ -235785,8 +236223,7 @@ CVE-2015-1585 (Fat Free CRM before 0.13.6 allows remote attackers to conduct cro
NOT-FOR-US: Fat Free CRM
CVE-2015-1584
RESERVED
-CVE-2015-1583
- RESERVED
+CVE-2015-1583 (Multiple cross-site request forgery (CSRF) vulnerabilities in ATutor 2 ...)
NOT-FOR-US: ATutor
CVE-2015-1582 (Multiple cross-site scripting (XSS) vulnerabilities in the Spider Face ...)
NOT-FOR-US: Spider Facebook plugin for WordPress
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a717d616c32de3906e0a0549bb114e56a98fa450
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a717d616c32de3906e0a0549bb114e56a98fa450
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200302/59daa40e/attachment.html>
More information about the debian-security-tracker-commits
mailing list