[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue May 12 09:10:23 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
549213d2 by security tracker role at 2020-05-12T08:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2020-12799
+ RESERVED
+CVE-2020-12798
+ RESERVED
+CVE-2020-12797
+ RESERVED
+CVE-2020-12796
+ RESERVED
+CVE-2020-12795
+ RESERVED
+CVE-2020-12794
+ RESERVED
+CVE-2020-12793
+ RESERVED
+CVE-2020-12792
+ RESERVED
+CVE-2020-12791
+ RESERVED
CVE-2020-12790 (In the SEOmatic plugin before 3.2.49 for Craft CMS, helpers/DynamicMet ...)
NOT-FOR-US: SEOmatic plugin for Craft CMS
CVE-2020-12789
@@ -5170,10 +5188,10 @@ CVE-2020-11074
RESERVED
CVE-2020-11073
RESERVED
-CVE-2020-11072
- RESERVED
-CVE-2020-11071
- RESERVED
+CVE-2020-11072 (In SLP Validate (npm package slp-validate) before version 1.2.1, users ...)
+ TODO: check
+CVE-2020-11071 (SLPJS (npm package slpjs) before version 0.27.2, has a vulnerability w ...)
+ TODO: check
CVE-2020-11070
RESERVED
CVE-2020-11069
@@ -7933,8 +7951,8 @@ CVE-2020-10069
RESERVED
CVE-2020-10068
RESERVED
-CVE-2020-10067
- RESERVED
+CVE-2020-10067 (A malicious userspace application can cause a integer overflow and byp ...)
+ TODO: check
CVE-2020-10066
RESERVED
CVE-2020-10065
@@ -7947,12 +7965,12 @@ CVE-2020-10062
RESERVED
CVE-2020-10061
RESERVED
-CVE-2020-10060
- RESERVED
-CVE-2020-10059
- RESERVED
-CVE-2020-10058
- RESERVED
+CVE-2020-10060 (In updatehub_probe, right after JSON parsing is complete, objects\[1] ...)
+ TODO: check
+CVE-2020-10059 (The UpdateHub module disables DTLS peer checking, which allows for a m ...)
+ TODO: check
+CVE-2020-10058 (Multiple syscalls in the Kscan subsystem perform insufficient argument ...)
+ TODO: check
CVE-2019-20498 (cPanel before 82.0.18 allows WebDAV authentication bypass because the ...)
NOT-FOR-US: cPanel
CVE-2019-20497 (cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration (SE ...)
@@ -8353,8 +8371,8 @@ CVE-2020-9842
RESERVED
CVE-2020-9841
RESERVED
-CVE-2020-9840
- RESERVED
+CVE-2020-9840 (In SwiftNIO Extras before 1.4.1, a logic issue was addressed with impr ...)
+ TODO: check
CVE-2020-9839
RESERVED
CVE-2020-9838
@@ -8501,26 +8519,26 @@ CVE-2020-9768 (A use after free issue was addressed with improved memory managem
NOT-FOR-US: Apple
CVE-2020-9767
RESERVED
-CVE-2020-10028
- RESERVED
-CVE-2020-10027
- RESERVED
+CVE-2020-10028 (Multiple syscalls with insufficient argument validation See NCC-ZEP-00 ...)
+ TODO: check
+CVE-2020-10027 (An attacker who has obtained code execution within a user thread is ab ...)
+ TODO: check
CVE-2020-10026
- RESERVED
+ REJECTED
CVE-2020-10025
- RESERVED
-CVE-2020-10024
- RESERVED
-CVE-2020-10023
- RESERVED
-CVE-2020-10022
- RESERVED
-CVE-2020-10021
- RESERVED
+ REJECTED
+CVE-2020-10024 (The arm platform-specific code uses a signed integer comparison when v ...)
+ TODO: check
+CVE-2020-10023 (The shell subsystem contains a buffer overflow, whereby an adversary w ...)
+ TODO: check
+CVE-2020-10022 (A malformed JSON payload that is received from an UpdateHub server may ...)
+ TODO: check
+CVE-2020-10021 (Out-of-bounds Write in the USB Mass Storage memoryWrite handler with u ...)
+ TODO: check
CVE-2020-10020
REJECTED
-CVE-2020-10019
- RESERVED
+CVE-2020-10019 (USB DFU has a potential buffer overflow where the requested length (wL ...)
+ TODO: check
CVE-2020-10018 (WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the ...)
{DSA-4641-1}
- webkit2gtk 2.28.0-2
@@ -13518,8 +13536,8 @@ CVE-2020-7649
RESERVED
CVE-2020-7648
RESERVED
-CVE-2020-7647
- RESERVED
+CVE-2020-7647 (All versions before 1.6.7 and all versions after 2.0.0 inclusive and b ...)
+ TODO: check
CVE-2020-7646 (curlrequest through 1.0.1 allows execution of arbitrary commands.It is ...)
TODO: check
CVE-2020-7645 (All versions of chrome-launcher allow execution of arbitrary commands, ...)
@@ -17813,16 +17831,16 @@ CVE-2020-5839
RESERVED
CVE-2020-5838
RESERVED
-CVE-2020-5837
- RESERVED
-CVE-2020-5836
- RESERVED
-CVE-2020-5835
- RESERVED
-CVE-2020-5834
- RESERVED
-CVE-2020-5833
- RESERVED
+CVE-2020-5837 (Symantec Endpoint Protection, prior to 14.3, may not respect file perm ...)
+ TODO: check
+CVE-2020-5836 (Symantec Endpoint Protection, prior to 14.3, can potentially reset the ...)
+ TODO: check
+CVE-2020-5835 (Symantec Endpoint Protection Manager, prior to 14.3, has a race condit ...)
+ TODO: check
+CVE-2020-5834 (Symantec Endpoint Protection Manager, prior to 14.3, may be susceptibl ...)
+ TODO: check
+CVE-2020-5833 (Symantec Endpoint Protection Manager, prior to 14.3, may be susceptibl ...)
+ TODO: check
CVE-2020-5832 (Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6 ...)
NOT-FOR-US: Symantec
CVE-2020-5831 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...)
@@ -29355,8 +29373,7 @@ CVE-2020-1726 (A flaw was discovered in Podman where it incorrectly allows conta
- podman <itp> (bug #930440)
CVE-2020-1725
RESERVED
-CVE-2020-1724
- RESERVED
+CVE-2020-1724 (A flaw was found in Keycloak in versions before 9.0.2. This flaw allow ...)
NOT-FOR-US: Keycloak
CVE-2020-1723
RESERVED
@@ -152852,7 +152869,7 @@ CVE-2017-14202 (Improper Restriction of Operations within the Bounds of a Memory
CVE-2017-14201 (Use After Free vulnerability in the Zephyr shell allows a serial or te ...)
NOT-FOR-US: Zephyr
CVE-2017-14200
- RESERVED
+ REJECTED
CVE-2017-14199 (A buffer overflow has been found in the Zephyr Project's getaddrinfo() ...)
NOT-FOR-US: Zephyr OS
CVE-2017-14198 (An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x befor ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/549213d2c217c8b88c64fd2d37138f7fb58bcb4c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/549213d2c217c8b88c64fd2d37138f7fb58bcb4c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200512/b382d002/attachment.html>
More information about the debian-security-tracker-commits
mailing list