[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Mar 19 20:10:30 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2f0c6f65 by security tracker role at 2020-03-19T20:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,27 @@
+CVE-2020-10679
+ RESERVED
+CVE-2020-10678 (In Octopus Deploy before 2020.1.5, for customers running on-premises A ...)
+ TODO: check
+CVE-2020-10677
+ RESERVED
+CVE-2020-10676
+ RESERVED
+CVE-2020-10675 (The Library API in buger jsonparser through 2019-12-04 allows attacker ...)
+ TODO: check
CVE-2020-10673 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
TODO: check
CVE-2020-10672 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
TODO: check
-CVE-2020-10671
- RESERVED
-CVE-2020-10670
- RESERVED
+CVE-2020-10671 (The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missi ...)
+ TODO: check
+CVE-2020-10670 (The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 pri ...)
+ TODO: check
CVE-2020-10669
RESERVED
-CVE-2020-10668
- RESERVED
-CVE-2020-10667
- RESERVED
+CVE-2020-10668 (The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 pri ...)
+ TODO: check
+CVE-2020-10667 (The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 pri ...)
+ TODO: check
CVE-2020-10666
RESERVED
CVE-2020-10674 (PerlSpeak through 2.01 allows attackers to execute arbitrary OS comman ...)
@@ -33,36 +43,36 @@ CVE-2019-20529 (In core/doctype/prepared_report/prepared_report.py in Frappe 11
NOT-FOR-US: Frappe Framework
CVE-2019-20528 (Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasour ...)
NOT-FOR-US: Ignite Realtime Openfire
-CVE-2019-20527
- RESERVED
-CVE-2019-20526
- RESERVED
-CVE-2019-20525
- RESERVED
-CVE-2019-20524
- RESERVED
-CVE-2019-20523
- RESERVED
-CVE-2019-20522
- RESERVED
-CVE-2019-20521
- RESERVED
-CVE-2019-20520
- RESERVED
-CVE-2019-20519
- RESERVED
-CVE-2019-20518
- RESERVED
-CVE-2019-20517
- RESERVED
-CVE-2019-20516
- RESERVED
-CVE-2019-20515
- RESERVED
-CVE-2019-20514
- RESERVED
-CVE-2019-20513
- RESERVED
+CVE-2019-20527 (Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasour ...)
+ TODO: check
+CVE-2019-20526 (Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasour ...)
+ TODO: check
+CVE-2019-20525 (Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasour ...)
+ TODO: check
+CVE-2019-20524 (ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner param ...)
+ TODO: check
+CVE-2019-20523 (ilchCMS 2.1.23 allows XSS via the index.php/partner/index Name paramet ...)
+ TODO: check
+CVE-2019-20522 (ilchCMS 2.1.23 allows XSS via the index.php/partner/index Link paramet ...)
+ TODO: check
+CVE-2019-20521 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/ URI ...)
+ TODO: check
+CVE-2019-20520 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/meth ...)
+ TODO: check
+CVE-2019-20519 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the user/ UR ...)
+ TODO: check
+CVE-2019-20518 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the project/ ...)
+ TODO: check
+CVE-2019-20517 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the contact/ ...)
+ TODO: check
+CVE-2019-20516 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the blog/ UR ...)
+ TODO: check
+CVE-2019-20515 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the addresse ...)
+ TODO: check
+CVE-2019-20514 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the address/ ...)
+ TODO: check
+CVE-2019-20513 (Open edX Ironwood.1 allows support/certificates?user= reflected XSS. ...)
+ TODO: check
CVE-2019-20512 (Open edX Ironwood.1 allows support/certificates?course_id= reflected X ...)
NOT-FOR-US: Open edX Ironwood.1
CVE-2019-20511 (ERPNext 11.1.47 allows blog?blog_category= Frame Injection. ...)
@@ -91,8 +101,8 @@ CVE-2019-20510
REJECTED
CVE-2020-10649
RESERVED
-CVE-2020-10648
- RESERVED
+CVE-2020-10648 (Das U-Boot through 2020.01 allows attackers to bypass verified boot re ...)
+ TODO: check
CVE-2020-10647
RESERVED
CVE-2020-10646
@@ -2985,6 +2995,7 @@ CVE-2020-9337 (In GolfBuddy Course Manager 1.1, passwords are sent (with base64
CVE-2020-9336 (fauzantrif eLection 2.0 has XSS via the Admin Dashboard -> Settings ...)
NOT-FOR-US: fauzantrif eLection
CVE-2020-6816 [mutation XSS vulnerability again]
+ RESERVED
- python-bleach 3.1.3-1 (bug #954236)
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1621692 (not public)
NOTE: https://github.com/mozilla/bleach/security/advisories/GHSA-m6xf-fq7q-8743
@@ -12236,8 +12247,8 @@ CVE-2020-5269
RESERVED
CVE-2020-5268
RESERVED
-CVE-2020-5267
- RESERVED
+CVE-2020-5267 (In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible ...)
+ TODO: check
CVE-2020-5266
RESERVED
CVE-2020-5265
@@ -12246,8 +12257,8 @@ CVE-2020-5264
RESERVED
CVE-2020-5263
RESERVED
-CVE-2020-5262
- RESERVED
+CVE-2020-5262 (In EasyBuild before version 4.1.2, the GitHub Personal Access Token (P ...)
+ TODO: check
CVE-2020-5261
RESERVED
CVE-2020-5260
@@ -14886,12 +14897,12 @@ CVE-2020-4207 (IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0
NOT-FOR-US: IBM
CVE-2020-4206
RESERVED
-CVE-2020-4205
- RESERVED
+CVE-2020-4205 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could allow an aut ...)
+ TODO: check
CVE-2020-4204 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
NOT-FOR-US: IBM
-CVE-2020-4203
- RESERVED
+CVE-2020-4203 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could potentially ...)
+ TODO: check
CVE-2020-4202
RESERVED
CVE-2020-4201
@@ -17080,7 +17091,7 @@ CVE-2019-19801 (In Gallagher Command Centre Server versions of v8.10 prior to v8
NOT-FOR-US: Gallagher Command Centre Server
CVE-2019-19800 (Zoho ManageEngine Applications Manager 14 before 14520 allows a remote ...)
NOT-FOR-US: Zoho ManageEngine Applications Manager
-CVE-2019-19799 (Zoho ManageEngine Applications Manager 14590 and before allows a remot ...)
+CVE-2019-19799 (Zoho ManageEngine Applications Manager before 14600 allows a remote un ...)
NOT-FOR-US: Zoho ManageEngine
CVE-2019-19798
RESERVED
@@ -17864,12 +17875,12 @@ CVE-2020-3268
RESERVED
CVE-2020-3267
RESERVED
-CVE-2020-3266
- RESERVED
-CVE-2020-3265
- RESERVED
-CVE-2020-3264
- RESERVED
+CVE-2020-3266 (A vulnerability in the CLI of Cisco SD-WAN Solution software could all ...)
+ TODO: check
+CVE-2020-3265 (A vulnerability in Cisco SD-WAN Solution software could allow an authe ...)
+ TODO: check
+CVE-2020-3264 (A vulnerability in Cisco SD-WAN Solution software could allow an authe ...)
+ TODO: check
CVE-2020-3263
RESERVED
CVE-2020-3262
@@ -22286,8 +22297,7 @@ CVE-2020-1707
NOT-FOR-US: openshift
CVE-2020-1706 (It has been found that in openshift-enterprise version 3.11 and opensh ...)
NOT-FOR-US: openshift
-CVE-2020-1705
- RESERVED
+CVE-2020-1705 (A vulnerability was found in openshift/template-service-broker-operato ...)
NOT-FOR-US: openshift
CVE-2020-1704 (An insecure modification vulnerability in the /etc/passwd file was fou ...)
NOT-FOR-US: openshift
@@ -22413,8 +22423,7 @@ CVE-2019-19338 [KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA
NOTE: https://www.openwall.com/lists/oss-security/2019/12/11/1
CVE-2019-19337 (A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph ...)
- ceph <not-affected> (Only affects Ceph as packaged by Red Hat)
-CVE-2019-19336
- RESERVED
+CVE-2019-19336 (A cross-site scripting vulnerability was reported in the oVirt-engine' ...)
NOT-FOR-US: ovirt-engine
CVE-2019-19335 (During installation of an OpenShift 4 cluster, the `openshift-install` ...)
NOT-FOR-US: OpenShift
@@ -33417,8 +33426,8 @@ CVE-2019-16384
RESERVED
CVE-2019-16383 (MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2 ...)
NOT-FOR-US: Progress MOVEit Transfer
-CVE-2019-16382
- RESERVED
+CVE-2019-16382 (An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is ...)
+ TODO: check
CVE-2019-16381
RESERVED
CVE-2019-16380
@@ -33473,8 +33482,7 @@ CVE-2019-16377 (The makandra consul gem through 1.0.2 for Ruby has Incorrect Acc
NOT-FOR-US: makandra consul gem
CVE-2019-16376
RESERVED
-CVE-2019-16375
- RESERVED
+CVE-2019-16375 (An issue was discovered in Open Ticket Request System (OTRS) 7.0.x thr ...)
- otrs2 6.0.23-1
[buster] - otrs2 <no-dsa> (Non-free not supported)
[stretch] - otrs2 <no-dsa> (Non-free not supported)
@@ -33598,10 +33606,10 @@ CVE-2019-16340 (Belkin Linksys Velop 1.1.8.192419 devices allows remote attacker
NOT-FOR-US: Belkin
CVE-2019-16339
RESERVED
-CVE-2019-16338
- RESERVED
-CVE-2019-16337
- RESERVED
+CVE-2019-16338 (The tfo_common component in HwordApp.dll in Hancom Office 9.6.1.7634 a ...)
+ TODO: check
+CVE-2019-16337 (The hncbd90 component in Hancom Office 9.6.1.9403 allows a use-after-f ...)
+ TODO: check
CVE-2019-16336 (The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE componen ...)
NOT-FOR-US: Cypress
CVE-2019-16335 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
@@ -34457,26 +34465,26 @@ CVE-2019-16072
RESERVED
CVE-2019-16071
RESERVED
-CVE-2019-16070
- RESERVED
+CVE-2019-16070 (A number of stored Cross-site Scripting (XSS) vulnerabilities were ide ...)
+ TODO: check
CVE-2019-16069
RESERVED
CVE-2019-16068
RESERVED
-CVE-2019-16067
- RESERVED
-CVE-2019-16066
- RESERVED
-CVE-2019-16065
- RESERVED
-CVE-2019-16064
- RESERVED
+CVE-2019-16067 (NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over ...)
+ TODO: check
+CVE-2019-16066 (An unrestricted file upload vulnerability exists in user and system fi ...)
+ TODO: check
+CVE-2019-16065 (A remote SQL injection web vulnerability was discovered in the Enigma ...)
+ TODO: check
+CVE-2019-16064 (NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal ...)
+ TODO: check
CVE-2019-16063
RESERVED
-CVE-2019-16062
- RESERVED
-CVE-2019-16061
- RESERVED
+CVE-2019-16062 (NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data sto ...)
+ TODO: check
+CVE-2019-16061 (A number of files on the NETSAS Enigma NMS server 65.0.0 and prior are ...)
+ TODO: check
CVE-2019-16089 (An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_s ...)
- linux <unfixed>
[stretch] - linux <not-affected> (Vulnerable code not present)
@@ -34597,12 +34605,12 @@ CVE-2019-16014
RESERVED
CVE-2019-16013
RESERVED
-CVE-2019-16012
- RESERVED
+CVE-2019-16012 (A vulnerability in the web UI of Cisco SD-WAN Solution vManage softwar ...)
+ TODO: check
CVE-2019-16011
RESERVED
-CVE-2019-16010
- RESERVED
+CVE-2019-16010 (A vulnerability in the web UI of the Cisco SD-WAN vManage software cou ...)
+ TODO: check
CVE-2019-16009
RESERVED
CVE-2019-16008 (A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and ...)
@@ -35685,14 +35693,14 @@ CVE-2019-15658 (connect-pg-simple before 6.0.1 allows SQL injection if tableName
NOT-FOR-US: connect-pg-simple
CVE-2019-15657 (In eslint-utils before 1.4.1, the getStaticValue function can execute ...)
NOT-FOR-US: eslint-utils
-CVE-2019-15656
- RESERVED
-CVE-2019-15655
- RESERVED
-CVE-2019-15654
- RESERVED
-CVE-2019-15653
- RESERVED
+CVE-2019-15656 (D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to ...)
+ TODO: check
+CVE-2019-15655 (D-Link DSL-2875AL devices through 1.00.05 are prone to password disclo ...)
+ TODO: check
+CVE-2019-15654 (Comba AP2600-I devices through A02,0202N00PD2 are prone to password di ...)
+ TODO: check
+CVE-2019-15653 (Comba AP2600-I devices through A02,0202N00PD2 are prone to password di ...)
+ TODO: check
CVE-2019-15652 (The web interface for NSSLGlobal SatLink VSAT Modem Unit (VMU) devices ...)
NOT-FOR-US: NSSLGlobal SatLink VSAT Modem Unit (VMU) devices
CVE-2019-15651 (wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCert ...)
@@ -36077,8 +36085,8 @@ CVE-2019-15541 (rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16
NOT-FOR-US: Rust crate rustls
CVE-2019-15540 (filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2. ...)
NOT-FOR-US: libMirage
-CVE-2019-15539
- RESERVED
+CVE-2019-15539 (The proj_doc_edit_page.php Project Documentation feature in MantisBT b ...)
+ TODO: check
CVE-2019-15538 (An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in ...)
{DLA-1919-1}
- linux 5.2.17-1
@@ -37338,8 +37346,7 @@ CVE-2019-15125
RESERVED
CVE-2018-20975 (Fat Free CRM before 0.18.1 has XSS in the tags_helper in app/helpers/t ...)
NOT-FOR-US: Fat Free CRM
-CVE-2019-15124
- RESERVED
+CVE-2019-15124 (In the MobileFrontend extension for MediaWiki, XSS exists within the e ...)
NOT-FOR-US: MobileFrontend extension for MediaWiki
CVE-2019-15123
RESERVED
@@ -38283,56 +38290,49 @@ CVE-2019-14880
- moodle <removed>
CVE-2019-14879 (moodle before versions 3.7.3, 3.6.7, 3.5.9 is vulnerable to a None. ...)
- moodle <removed>
-CVE-2019-14878
- RESERVED
+CVE-2019-14878 (In the __d2b function of the newlib libc library, all versions prior t ...)
- newlib 3.3.0-1
[buster] - newlib <no-dsa> (Minor issue)
[stretch] - newlib <no-dsa> (Minor issue)
[jessie] - newlib <ignored> (Minor issue)
NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
TODO: picolibc might be affected, not yet in the archive
-CVE-2019-14877
- RESERVED
+CVE-2019-14877 (In the __mdiff function of the newlib libc library, all versions prior ...)
- newlib 3.3.0-1
[buster] - newlib <no-dsa> (Minor issue)
[stretch] - newlib <no-dsa> (Minor issue)
[jessie] - newlib <ignored> (Minor issue)
NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
TODO: picolibc might be affected, not yet in the archive
-CVE-2019-14876
- RESERVED
+CVE-2019-14876 (In the __lshift function of the newlib libc library, all versions prio ...)
- newlib 3.3.0-1
[buster] - newlib <no-dsa> (Minor issue)
[stretch] - newlib <no-dsa> (Minor issue)
[jessie] - newlib <ignored> (Minor issue)
NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
TODO: picolibc might be affected, not yet in the archive
-CVE-2019-14875
- RESERVED
+CVE-2019-14875 (In the __multiply function of the newlib libc library, all versions pr ...)
- newlib 3.3.0-1
[buster] - newlib <no-dsa> (Minor issue)
[stretch] - newlib <no-dsa> (Minor issue)
[jessie] - newlib <ignored> (Minor issue)
NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
TODO: picolibc might be affected, not yet in the archive
-CVE-2019-14874
- RESERVED
+CVE-2019-14874 (In the __i2b function of the newlib libc library, all versions prior t ...)
- newlib 3.3.0-1
[buster] - newlib <no-dsa> (Minor issue)
[stretch] - newlib <no-dsa> (Minor issue)
[jessie] - newlib <ignored> (Minor issue)
NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
TODO: picolibc might be affected, not yet in the archive
-CVE-2019-14873
- RESERVED
+CVE-2019-14873 (In the __multadd function of the newlib libc library, prior to version ...)
- newlib 3.3.0-1
[buster] - newlib <no-dsa> (Minor issue)
[stretch] - newlib <no-dsa> (Minor issue)
[jessie] - newlib <ignored> (Minor issue)
NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
TODO: picolibc might be affected, not yet in the archive
-CVE-2019-14872
- RESERVED
+CVE-2019-14872 (The _dtoa_r function of the newlib libc library, prior to version 3.3. ...)
- newlib 3.3.0-1
[buster] - newlib <no-dsa> (Minor issue)
[stretch] - newlib <no-dsa> (Minor issue)
@@ -46859,8 +46859,8 @@ CVE-2019-12418 (When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 an
NOTE: https://github.com/apache/tomcat/commit/bef3f40400243348d12f4abfe9b413f43897c02b (7.0.98)
CVE-2019-12417 (A malicious admin user could edit the state of objects in the Airflow ...)
- airflow <itp> (bug #819700)
-CVE-2019-12416
- RESERVED
+CVE-2019-12416 (we got reports for 2 injection attacks against the DeltaSpike windowha ...)
+ TODO: check
CVE-2019-12415 (In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to conv ...)
- libapache-poi-java <unfixed> (bug #943565)
[buster] - libapache-poi-java <no-dsa> (Minor issue)
@@ -47656,18 +47656,18 @@ CVE-2019-12132 (An issue was discovered in ONAP SDNC before Dublin. By executing
TODO: check
CVE-2019-12131 (An issue was detected in ONAP APPC through Dublin and SDC through Dubl ...)
TODO: check
-CVE-2019-12130
- RESERVED
-CVE-2019-12129
- RESERVED
-CVE-2019-12128
- RESERVED
-CVE-2019-12127
- RESERVED
-CVE-2019-12126
- RESERVED
-CVE-2019-12125
- RESERVED
+CVE-2019-12130 (In ONAP CLI through Dublin, by accessing an applicable port (30234, 30 ...)
+ TODO: check
+CVE-2019-12129 (In ONAP MSB through Dublin, by accessing an applicable port (30234, 30 ...)
+ TODO: check
+CVE-2019-12128 (In ONAP SO through Dublin, by accessing an applicable port (30234, 302 ...)
+ TODO: check
+CVE-2019-12127 (In ONAP OOM through Dublin, by accessing an applicable port (30234, 30 ...)
+ TODO: check
+CVE-2019-12126 (In ONAP DCAE through Dublin, by accessing an applicable port (30234, 3 ...)
+ TODO: check
+CVE-2019-12125 (In ONAP Logging through Dublin, by accessing an applicable port (30234 ...)
+ TODO: check
CVE-2019-12124 (An issue was discovered in ONAP APPC before Dublin. By using an expose ...)
TODO: check
CVE-2019-12123 (An issue was discovered in ONAP SDNC before Dublin. By executing sla/p ...)
@@ -49896,8 +49896,8 @@ CVE-2019-11363 (A SQL injection vulnerability in Snare Central before 7.4.5 allo
NOT-FOR-US: Snare Central
CVE-2019-11362 (app/controllers/frontend/PostController.php in ROCBOSS V2.2.1 has SQL ...)
NOT-FOR-US: ROCBOSS
-CVE-2019-11361
- RESERVED
+CVE-2019-11361 (Zoho ManageEngine Remote Access Plus 10.0.258 does not validate user p ...)
+ TODO: check
CVE-2016-10748
RESERVED
CVE-2016-10747
@@ -67473,7 +67473,7 @@ CVE-2019-5106 (A hard-coded encryption key vulnerability exists in the authentic
CVE-2019-5105
RESERVED
CVE-2019-5104
- RESERVED
+ REJECTED
CVE-2019-5103
RESERVED
CVE-2019-5102 (An exploitable information leak vulnerability exists in the ustream-ss ...)
@@ -261574,12 +261574,12 @@ CVE-2014-2725
RESERVED
CVE-2014-2724
RESERVED
-CVE-2014-2723
- RESERVED
-CVE-2014-2722
- RESERVED
-CVE-2014-2721
- RESERVED
+CVE-2014-2723 (In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote ...)
+ TODO: check
+CVE-2014-2722 (In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote ...)
+ TODO: check
+CVE-2014-2721 (In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote ...)
+ TODO: check
CVE-2014-2720 (IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's Cen ...)
NOT-FOR-US: IZArc Archiver
CVE-2014-2719 (Advanced_System_Content.asp in the ASUS RT series routers with firmwar ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f0c6f655176b26b22e81ebd0a1305dd7a6ff9e9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f0c6f655176b26b22e81ebd0a1305dd7a6ff9e9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200319/bce48180/attachment.html>
More information about the debian-security-tracker-commits
mailing list