[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Wed May 20 09:10:57 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e451b0eb by security tracker role at 2020-05-20T08:10:50+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,129 @@
-CVE-2020-13165
+CVE-2020-13225 (phpIPAM 1.4 contains a stored cross site scripting (XSS) vulnerability ...)
+	TODO: check
+CVE-2020-13224
+	RESERVED
+CVE-2020-13223
+	RESERVED
+CVE-2020-13222
+	RESERVED
+CVE-2020-13221
+	RESERVED
+CVE-2020-13220
+	RESERVED
+CVE-2020-13219
+	RESERVED
+CVE-2020-13218
+	RESERVED
+CVE-2020-13217
+	RESERVED
+CVE-2020-13216
+	RESERVED
+CVE-2020-13215
+	RESERVED
+CVE-2020-13214
+	RESERVED
+CVE-2020-13213
+	RESERVED
+CVE-2020-13212
+	RESERVED
+CVE-2020-13211
+	RESERVED
+CVE-2020-13210
+	RESERVED
+CVE-2020-13209
+	RESERVED
+CVE-2020-13208
+	RESERVED
+CVE-2020-13207
+	RESERVED
+CVE-2020-13206
+	RESERVED
+CVE-2020-13205
+	RESERVED
+CVE-2020-13204
+	RESERVED
+CVE-2020-13203
+	RESERVED
+CVE-2020-13202
+	RESERVED
+CVE-2020-13201
+	RESERVED
+CVE-2020-13200
+	RESERVED
+CVE-2020-13199
+	RESERVED
+CVE-2020-13198
+	RESERVED
+CVE-2020-13197
+	RESERVED
+CVE-2020-13196
+	RESERVED
+CVE-2020-13195
+	RESERVED
+CVE-2020-13194
+	RESERVED
+CVE-2020-13193
+	RESERVED
+CVE-2020-13192
+	RESERVED
+CVE-2020-13191
+	RESERVED
+CVE-2020-13190
+	RESERVED
+CVE-2020-13189
+	RESERVED
+CVE-2020-13188
+	RESERVED
+CVE-2020-13187
+	RESERVED
+CVE-2020-13186
+	RESERVED
+CVE-2020-13185
 	RESERVED
-CVE-2020-13164
+CVE-2020-13184
 	RESERVED
-CVE-2020-13163
+CVE-2020-13183
 	RESERVED
+CVE-2020-13182
+	RESERVED
+CVE-2020-13181
+	RESERVED
+CVE-2020-13180
+	RESERVED
+CVE-2020-13179
+	RESERVED
+CVE-2020-13178
+	RESERVED
+CVE-2020-13177
+	RESERVED
+CVE-2020-13176
+	RESERVED
+CVE-2020-13175
+	RESERVED
+CVE-2020-13174
+	RESERVED
+CVE-2020-13173
+	RESERVED
+CVE-2020-13172
+	RESERVED
+CVE-2020-13171
+	RESERVED
+CVE-2020-13170
+	RESERVED
+CVE-2020-13169
+	RESERVED
+CVE-2020-13168
+	RESERVED
+CVE-2020-13167 (Netsweeper through 6.4.3 allows unauthenticated remote code execution  ...)
+	TODO: check
+CVE-2020-13166 (The management tool in MyLittleAdmin 3.8 allows remote attackers to ex ...)
+	TODO: check
+CVE-2020-13165
+	RESERVED
+CVE-2020-13164 (In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the ...)
+	TODO: check
+CVE-2020-13163 (em-imap 0.5 uses the library eventmachine in an insecure way that allo ...)
+	TODO: check
 CVE-2020-13162
 	RESERVED
 CVE-2020-13161
@@ -2587,16 +2707,16 @@ CVE-2020-12040
 	RESERVED
 CVE-2020-12039
 	RESERVED
-CVE-2020-12038
-	RESERVED
+CVE-2020-12038 (Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk ...)
+	TODO: check
 CVE-2020-12037
 	RESERVED
 CVE-2020-12036
 	RESERVED
 CVE-2020-12035
 	RESERVED
-CVE-2020-12034
-	RESERVED
+CVE-2020-12034 (Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk ...)
+	TODO: check
 CVE-2020-12033
 	RESERVED
 CVE-2020-12032
@@ -4083,8 +4203,8 @@ CVE-2019-20638 (NETGEAR MR1100 devices before 12.06.08.00 are affected by disclo
 	NOT-FOR-US: Netgear
 CVE-2020-11767 (Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue. I ...)
 	NOT-FOR-US: itsio
-CVE-2020-11766
-	RESERVED
+CVE-2020-11766 (sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web I ...)
+	TODO: check
 CVE-2020-11765 (An issue was discovered in OpenEXR before 2.4.1. There is an off-by-on ...)
 	[experimental] - openexr 2.5.0-1
 	- openexr <unfixed> (bug #959444)
@@ -9476,8 +9596,8 @@ CVE-2020-9755
 	RESERVED
 CVE-2020-9754
 	RESERVED
-CVE-2020-9753
-	RESERVED
+CVE-2020-9753 (Whale Browser Installer before 1.2.0.5 versions don't support signatur ...)
+	TODO: check
 CVE-2020-9752 (Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a lo ...)
 	NOT-FOR-US: Naver Cloud Explorer
 CVE-2020-9751 (Naver Cloud Explorer before 2.2.2.11 allows the system to download an  ...)
@@ -14385,8 +14505,8 @@ CVE-2020-7658
 	RESERVED
 CVE-2020-7657
 	RESERVED
-CVE-2020-7656
-	RESERVED
+CVE-2020-7656 (jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load ...)
+	TODO: check
 CVE-2020-7655
 	RESERVED
 CVE-2020-7654
@@ -15520,12 +15640,12 @@ CVE-2020-7141
 	RESERVED
 CVE-2020-7140
 	RESERVED
-CVE-2020-7139
-	RESERVED
-CVE-2020-7138
-	RESERVED
-CVE-2020-7137
-	RESERVED
+CVE-2020-7139 (Potential remote access security vulnerabilities have been identified  ...)
+	TODO: check
+CVE-2020-7138 (Potential remote code execution security vulnerabilities have been ide ...)
+	TODO: check
+CVE-2020-7137 (A validation issue in HPE Superdome Flex's RMC component may allow loc ...)
+	TODO: check
 CVE-2020-7136 (A security vulnerability in HPE Smart Update Manager (SUM) prior to ve ...)
 	NOT-FOR-US: HPE Smart Update Manager (SUM)
 CVE-2020-7135 (A potential security vulnerability has been identified in the disk dri ...)
@@ -25530,6 +25650,7 @@ CVE-2020-3343
 CVE-2020-3342
 	RESERVED
 CVE-2020-3341 (A vulnerability in the PDF archive parsing module in Clam AntiVirus (C ...)
+	{DLA-2215-1}
 	- clamav 0.102.3+dfsg-1
 	[buster] - clamav <no-dsa> (ClamAV is updated via -updates)
 	[stretch] - clamav <no-dsa> (ClamAV is updated via -updates)
@@ -25561,6 +25682,7 @@ CVE-2020-3329 (A vulnerability in role-based access control of Cisco Integrated
 CVE-2020-3328
 	RESERVED
 CVE-2020-3327 (A vulnerability in the ARJ archive parsing module in Clam AntiVirus (C ...)
+	{DLA-2215-1}
 	- clamav 0.102.3+dfsg-1
 	[buster] - clamav <no-dsa> (ClamAV is updated via -updates)
 	[stretch] - clamav <no-dsa> (ClamAV is updated via -updates)
@@ -28823,10 +28945,10 @@ CVE-2020-2027
 	RESERVED
 CVE-2020-2026
 	RESERVED
-CVE-2020-2025
-	RESERVED
-CVE-2020-2024
-	RESERVED
+CVE-2020-2025 (Kata Containers before 1.11.0 on Cloud Hypervisor persists guest files ...)
+	TODO: check
+CVE-2020-2024 (An improper link resolution vulnerability affects Kata Containers vers ...)
+	TODO: check
 CVE-2020-2023
 	RESERVED
 CVE-2020-2022



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e451b0ebc468a07a015eaf25250d3e58470599bc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e451b0ebc468a07a015eaf25250d3e58470599bc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200520/3cfdb665/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list