[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Nov 11 08:10:31 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8f9d117b by security tracker role at 2020-11-11T08:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2020-28415
+ RESERVED
+CVE-2020-28414
+ RESERVED
+CVE-2020-28413
+ RESERVED
+CVE-2020-28412
+ RESERVED
+CVE-2020-28411
+ RESERVED
+CVE-2020-28410
+ RESERVED
+CVE-2020-28409 (The server in Dundas BI through 8.0.0.1001 allows XSS via addition of ...)
+ TODO: check
+CVE-2020-28408 (The server in Dundas BI through 8.0.0.1001 allows XSS via an HTML labe ...)
+ TODO: check
+CVE-2020-28407
+ RESERVED
+CVE-2020-28406
+ RESERVED
+CVE-2020-28405
+ RESERVED
+CVE-2020-28404
+ RESERVED
+CVE-2020-28403
+ RESERVED
+CVE-2020-28402
+ RESERVED
+CVE-2020-28401
+ RESERVED
CVE-2020-28400
RESERVED
CVE-2020-28399
@@ -8010,6 +8040,7 @@ CVE-2020-25655 (An issue was discovered in ManagedClusterView API, that could al
NOT-FOR-US: Red Hat open-cluster-management
CVE-2020-25654 [ACL restrictions bypass]
RESERVED
+ {DLA-2447-1}
- pacemaker 2.0.5~rc2-1 (bug #973254)
NOTE: https://www.openwall.com/lists/oss-security/2020/10/27/1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1888191
@@ -8917,10 +8948,10 @@ CVE-2020-25269 (An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before
NOTE: https://github.com/inspircd/inspircd/commit/b3f1db9d162455af4b31edf231ba749140d37219 (v3)
NOTE: https://github.com/inspircd/inspircd/commit/fbdd08043e97c2749ce2f03382559bba89abf47a (v3)
NOTE: https://github.com/inspircd/inspircd/commit/b24a91181f58c7f7141de8995ff212993bcc333b (v3)
-CVE-2020-25268
- RESERVED
-CVE-2020-25267
- RESERVED
+CVE-2020-25268 (Remote Code Execution can occur via the external news feed in ILIAS 6. ...)
+ TODO: check
+CVE-2020-25267 (An XSS issue exists in the question-pool file-upload preview feature i ...)
+ TODO: check
CVE-2020-25266
RESERVED
CVE-2020-25265
@@ -9377,7 +9408,7 @@ CVE-2020-25076
CVE-2020-25075
RESERVED
CVE-2020-25074 (The cache action in action/cache.py in MoinMoin through 1.9.10 allows ...)
- {DSA-4787-1}
+ {DSA-4787-1 DLA-2446-1}
- moin <removed>
NOTE: https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-52q8-877j-gghq
NOTE: https://github.com/moinwiki/moin-1.9/commit/d1e5fc7d3708d877353ca64dd4aa7cfd1cde4cb4 (1.9.11)
@@ -10927,8 +10958,8 @@ CVE-2020-24368 (Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Di
NOTE: https://github.com/Icinga/icingaweb2/issues/4226
NOTE: https://github.com/Icinga/icingaweb2/commit/5700caf5f2ebd8a20ce2bd9ca30cb471f8b7487e (support/2.6)
NOTE: https://github.com/Icinga/icingaweb2/commit/3035efac65ca2f7977916bd117056aa411776dfd (master)
-CVE-2020-24367
- RESERVED
+CVE-2020-24367 (Incorrect file permissions in BlueStacks 4 through 4.230 on Windows al ...)
+ TODO: check
CVE-2020-24366
RESERVED
CVE-2020-24365 (An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-12 ...)
@@ -11574,8 +11605,8 @@ CVE-2020-24065
RESERVED
CVE-2020-24064
RESERVED
-CVE-2020-24063
- RESERVED
+CVE-2020-24063 (The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php? ...)
+ TODO: check
CVE-2020-24062
RESERVED
CVE-2020-24061
@@ -11764,8 +11795,8 @@ CVE-2020-23970
RESERVED
CVE-2020-23969
RESERVED
-CVE-2020-23968
- RESERVED
+CVE-2020-23968 (Ilex International Sign&go Workstation Security Suite 7.1 allows e ...)
+ TODO: check
CVE-2020-23967
RESERVED
CVE-2020-23966
@@ -25536,34 +25567,34 @@ CVE-2020-17115
RESERVED
CVE-2020-17114
RESERVED
-CVE-2020-17113
- RESERVED
+CVE-2020-17113 (, aka 'Windows Camera Codec Information Disclosure Vulnerability'. ...)
+ TODO: check
CVE-2020-17112
RESERVED
CVE-2020-17111
RESERVED
-CVE-2020-17110
- RESERVED
-CVE-2020-17109
- RESERVED
-CVE-2020-17108
- RESERVED
-CVE-2020-17107
- RESERVED
-CVE-2020-17106
- RESERVED
-CVE-2020-17105
- RESERVED
-CVE-2020-17104
- RESERVED
+CVE-2020-17110 (, aka 'HEVC Video Extensions Remote Code Execution Vulnerability'. Thi ...)
+ TODO: check
+CVE-2020-17109 (, aka 'HEVC Video Extensions Remote Code Execution Vulnerability'. Thi ...)
+ TODO: check
+CVE-2020-17108 (, aka 'HEVC Video Extensions Remote Code Execution Vulnerability'. Thi ...)
+ TODO: check
+CVE-2020-17107 (, aka 'HEVC Video Extensions Remote Code Execution Vulnerability'. Thi ...)
+ TODO: check
+CVE-2020-17106 (, aka 'HEVC Video Extensions Remote Code Execution Vulnerability'. Thi ...)
+ TODO: check
+CVE-2020-17105 (, aka 'AV1 Video Extension Remote Code Execution Vulnerability'. ...)
+ TODO: check
+CVE-2020-17104 (, aka 'Visual Studio Code JSHint Extension Remote Code Execution Vulne ...)
+ TODO: check
CVE-2020-17103
RESERVED
-CVE-2020-17102
- RESERVED
-CVE-2020-17101
- RESERVED
-CVE-2020-17100
- RESERVED
+CVE-2020-17102 (, aka 'WebP Image Extensions Information Disclosure Vulnerability'. ...)
+ TODO: check
+CVE-2020-17101 (, aka 'HEIF Image Extensions Remote Code Execution Vulnerability'. ...)
+ TODO: check
+CVE-2020-17100 (, aka 'Visual Studio Tampering Vulnerability'. ...)
+ TODO: check
CVE-2020-17099
RESERVED
CVE-2020-17098
@@ -25580,232 +25611,232 @@ CVE-2020-17093
RESERVED
CVE-2020-17092
RESERVED
-CVE-2020-17091
- RESERVED
-CVE-2020-17090
- RESERVED
+CVE-2020-17091 (, aka 'Microsoft Teams Remote Code Execution Vulnerability'. ...)
+ TODO: check
+CVE-2020-17090 (, aka 'Microsoft Defender for Endpoint Security Feature Bypass Vulnera ...)
+ TODO: check
CVE-2020-17089
RESERVED
-CVE-2020-17088
- RESERVED
-CVE-2020-17087
- RESERVED
-CVE-2020-17086
- RESERVED
-CVE-2020-17085
- RESERVED
-CVE-2020-17084
- RESERVED
-CVE-2020-17083
- RESERVED
-CVE-2020-17082
- RESERVED
-CVE-2020-17081
- RESERVED
+CVE-2020-17088 (, aka 'Windows Common Log File System Driver Elevation of Privilege Vu ...)
+ TODO: check
+CVE-2020-17087 (, aka 'Windows Kernel Local Elevation of Privilege Vulnerability'. ...)
+ TODO: check
+CVE-2020-17086 (, aka 'Raw Image Extension Remote Code Execution Vulnerability'. This ...)
+ TODO: check
+CVE-2020-17085 (, aka 'Microsoft Exchange Server Denial of Service Vulnerability'. ...)
+ TODO: check
+CVE-2020-17084 (, aka 'Microsoft Exchange Server Remote Code Execution Vulnerability'. ...)
+ TODO: check
+CVE-2020-17083 (, aka 'Microsoft Exchange Server Remote Code Execution Vulnerability'. ...)
+ TODO: check
+CVE-2020-17082 (, aka 'Raw Image Extension Remote Code Execution Vulnerability'. This ...)
+ TODO: check
+CVE-2020-17081 (, aka 'Microsoft Raw Image Extension Information Disclosure Vulnerabil ...)
+ TODO: check
CVE-2020-17080
RESERVED
-CVE-2020-17079
- RESERVED
-CVE-2020-17078
- RESERVED
-CVE-2020-17077
- RESERVED
-CVE-2020-17076
- RESERVED
-CVE-2020-17075
- RESERVED
-CVE-2020-17074
- RESERVED
-CVE-2020-17073
- RESERVED
+CVE-2020-17079 (, aka 'Raw Image Extension Remote Code Execution Vulnerability'. This ...)
+ TODO: check
+CVE-2020-17078 (, aka 'Raw Image Extension Remote Code Execution Vulnerability'. This ...)
+ TODO: check
+CVE-2020-17077 (, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. ...)
+ TODO: check
+CVE-2020-17076 (, aka 'Windows Update Orchestrator Service Elevation of Privilege Vuln ...)
+ TODO: check
+CVE-2020-17075 (, aka 'Windows USO Core Worker Elevation of Privilege Vulnerability'. ...)
+ TODO: check
+CVE-2020-17074 (, aka 'Windows Update Orchestrator Service Elevation of Privilege Vuln ...)
+ TODO: check
+CVE-2020-17073 (, aka 'Windows Update Orchestrator Service Elevation of Privilege Vuln ...)
+ TODO: check
CVE-2020-17072
RESERVED
-CVE-2020-17071
- RESERVED
-CVE-2020-17070
- RESERVED
-CVE-2020-17069
- RESERVED
-CVE-2020-17068
- RESERVED
-CVE-2020-17067
- RESERVED
-CVE-2020-17066
- RESERVED
-CVE-2020-17065
- RESERVED
-CVE-2020-17064
- RESERVED
-CVE-2020-17063
- RESERVED
-CVE-2020-17062
- RESERVED
-CVE-2020-17061
- RESERVED
-CVE-2020-17060
- RESERVED
+CVE-2020-17071 (, aka 'Windows Delivery Optimization Information Disclosure Vulnerabil ...)
+ TODO: check
+CVE-2020-17070 (, aka 'Windows Update Medic Service Elevation of Privilege Vulnerabili ...)
+ TODO: check
+CVE-2020-17069 (, aka 'Windows NDIS Information Disclosure Vulnerability'. ...)
+ TODO: check
+CVE-2020-17068 (, aka 'Windows GDI+ Remote Code Execution Vulnerability'. ...)
+ TODO: check
+CVE-2020-17067 (, aka 'Microsoft Excel Security Feature Bypass Vulnerability'. ...)
+ TODO: check
+CVE-2020-17066 (, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ...)
+ TODO: check
+CVE-2020-17065 (, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ...)
+ TODO: check
+CVE-2020-17064 (, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ...)
+ TODO: check
+CVE-2020-17063 (, aka 'Microsoft Office Online Spoofing Vulnerability'. ...)
+ TODO: check
+CVE-2020-17062 (, aka 'Microsoft Office Access Connectivity Engine Remote Code Executi ...)
+ TODO: check
+CVE-2020-17061 (, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. ...)
+ TODO: check
+CVE-2020-17060 (, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is un ...)
+ TODO: check
CVE-2020-17059
RESERVED
-CVE-2020-17058
- RESERVED
-CVE-2020-17057
- RESERVED
-CVE-2020-17056
- RESERVED
-CVE-2020-17055
- RESERVED
-CVE-2020-17054
- RESERVED
-CVE-2020-17053
- RESERVED
-CVE-2020-17052
- RESERVED
-CVE-2020-17051
- RESERVED
+CVE-2020-17058 (, aka 'Microsoft Browser Memory Corruption Vulnerability'. ...)
+ TODO: check
+CVE-2020-17057 (, aka 'Windows Win32k Elevation of Privilege Vulnerability'. ...)
+ TODO: check
+CVE-2020-17056 (, aka 'Windows Network File System Information Disclosure Vulnerabilit ...)
+ TODO: check
+CVE-2020-17055 (, aka 'Windows Remote Access Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17054 (, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This ...)
+ TODO: check
+CVE-2020-17053 (, aka 'Internet Explorer Memory Corruption Vulnerability'. ...)
+ TODO: check
+CVE-2020-17052 (, aka 'Scripting Engine Memory Corruption Vulnerability'. ...)
+ TODO: check
+CVE-2020-17051 (, aka 'Windows Network File System Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2020-17050
RESERVED
-CVE-2020-17049
- RESERVED
-CVE-2020-17048
- RESERVED
-CVE-2020-17047
- RESERVED
-CVE-2020-17046
- RESERVED
-CVE-2020-17045
- RESERVED
-CVE-2020-17044
- RESERVED
-CVE-2020-17043
- RESERVED
-CVE-2020-17042
- RESERVED
-CVE-2020-17041
- RESERVED
-CVE-2020-17040
- RESERVED
+CVE-2020-17049 (, aka 'Kerberos Security Feature Bypass Vulnerability'. ...)
+ TODO: check
+CVE-2020-17048 (, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This ...)
+ TODO: check
+CVE-2020-17047 (, aka 'Windows Network File System Denial of Service Vulnerability'. ...)
+ TODO: check
+CVE-2020-17046 (, aka 'Windows Error Reporting Denial of Service Vulnerability'. ...)
+ TODO: check
+CVE-2020-17045 (, aka 'Windows KernelStream Information Disclosure Vulnerability'. ...)
+ TODO: check
+CVE-2020-17044 (, aka 'Windows Remote Access Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17043 (, aka 'Windows Remote Access Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17042 (, aka 'Windows Print Spooler Remote Code Execution Vulnerability'. ...)
+ TODO: check
+CVE-2020-17041 (, aka 'Windows Print Configuration Elevation of Privilege Vulnerabilit ...)
+ TODO: check
+CVE-2020-17040 (, aka 'Windows Hyper-V Security Feature Bypass Vulnerability'. ...)
+ TODO: check
CVE-2020-17039
RESERVED
-CVE-2020-17038
- RESERVED
-CVE-2020-17037
- RESERVED
-CVE-2020-17036
- RESERVED
-CVE-2020-17035
- RESERVED
-CVE-2020-17034
- RESERVED
-CVE-2020-17033
- RESERVED
-CVE-2020-17032
- RESERVED
-CVE-2020-17031
- RESERVED
-CVE-2020-17030
- RESERVED
-CVE-2020-17029
- RESERVED
-CVE-2020-17028
- RESERVED
-CVE-2020-17027
- RESERVED
-CVE-2020-17026
- RESERVED
-CVE-2020-17025
- RESERVED
-CVE-2020-17024
- RESERVED
+CVE-2020-17038 (, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is un ...)
+ TODO: check
+CVE-2020-17037 (, aka 'Windows WalletService Elevation of Privilege Vulnerability'. ...)
+ TODO: check
+CVE-2020-17036 (, aka 'Windows Function Discovery SSDP Provider Information Disclosure ...)
+ TODO: check
+CVE-2020-17035 (, aka 'Windows Kernel Elevation of Privilege Vulnerability'. ...)
+ TODO: check
+CVE-2020-17034 (, aka 'Windows Remote Access Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17033 (, aka 'Windows Remote Access Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17032 (, aka 'Windows Remote Access Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17031 (, aka 'Windows Remote Access Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17030 (, aka 'Windows MSCTF Server Information Disclosure Vulnerability'. ...)
+ TODO: check
+CVE-2020-17029 (, aka 'Windows Canonical Display Driver Information Disclosure Vulnera ...)
+ TODO: check
+CVE-2020-17028 (, aka 'Windows Remote Access Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17027 (, aka 'Windows Remote Access Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17026 (, aka 'Windows Remote Access Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17025 (, aka 'Windows Remote Access Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17024 (, aka 'Windows Client Side Rendering Print Provider Elevation of Privi ...)
+ TODO: check
CVE-2020-17023 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
NOT-FOR-US: Microsoft
CVE-2020-17022 (A remote code execution vulnerability exists in the way that Microsoft ...)
NOT-FOR-US: Microsoft
-CVE-2020-17021
- RESERVED
-CVE-2020-17020
- RESERVED
-CVE-2020-17019
- RESERVED
-CVE-2020-17018
- RESERVED
-CVE-2020-17017
- RESERVED
-CVE-2020-17016
- RESERVED
-CVE-2020-17015
- RESERVED
-CVE-2020-17014
- RESERVED
-CVE-2020-17013
- RESERVED
-CVE-2020-17012
- RESERVED
-CVE-2020-17011
- RESERVED
-CVE-2020-17010
- RESERVED
+CVE-2020-17021 (, aka 'Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulne ...)
+ TODO: check
+CVE-2020-17020 (, aka 'Microsoft Word Security Feature Bypass Vulnerability'. ...)
+ TODO: check
+CVE-2020-17019 (, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ...)
+ TODO: check
+CVE-2020-17018 (, aka 'Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulne ...)
+ TODO: check
+CVE-2020-17017 (, aka 'Microsoft SharePoint Information Disclosure Vulnerability'. Thi ...)
+ TODO: check
+CVE-2020-17016 (, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is un ...)
+ TODO: check
+CVE-2020-17015 (, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is un ...)
+ TODO: check
+CVE-2020-17014 (, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17013 (, aka 'Win32k Information Disclosure Vulnerability'. ...)
+ TODO: check
+CVE-2020-17012 (, aka 'Windows Bind Filter Driver Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2020-17011 (, aka 'Windows Port Class Library Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2020-17010 (, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is un ...)
+ TODO: check
CVE-2020-17009
RESERVED
CVE-2020-17008
RESERVED
-CVE-2020-17007
- RESERVED
-CVE-2020-17006
- RESERVED
-CVE-2020-17005
- RESERVED
-CVE-2020-17004
- RESERVED
+CVE-2020-17007 (, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. ...)
+ TODO: check
+CVE-2020-17006 (, aka 'Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulne ...)
+ TODO: check
+CVE-2020-17005 (, aka 'Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulne ...)
+ TODO: check
+CVE-2020-17004 (, aka 'Windows Graphics Component Information Disclosure Vulnerability ...)
+ TODO: check
CVE-2020-17003 (A remote code execution vulnerability exists when the Base3D rendering ...)
NOT-FOR-US: Microsoft
CVE-2020-17002
RESERVED
-CVE-2020-17001
- RESERVED
-CVE-2020-17000
- RESERVED
-CVE-2020-16999
- RESERVED
-CVE-2020-16998
- RESERVED
-CVE-2020-16997
- RESERVED
+CVE-2020-17001 (, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. Th ...)
+ TODO: check
+CVE-2020-17000 (, aka 'Remote Desktop Protocol Client Information Disclosure Vulnerabi ...)
+ TODO: check
+CVE-2020-16999 (, aka 'Windows WalletService Information Disclosure Vulnerability'. ...)
+ TODO: check
+CVE-2020-16998 (, aka 'DirectX Elevation of Privilege Vulnerability'. ...)
+ TODO: check
+CVE-2020-16997 (, aka 'Remote Desktop Protocol Server Information Disclosure Vulnerabi ...)
+ TODO: check
CVE-2020-16996
RESERVED
CVE-2020-16995 (An elevation of privilege vulnerability exists in Network Watcher Agen ...)
NOT-FOR-US: Microsoft
-CVE-2020-16994
- RESERVED
-CVE-2020-16993
- RESERVED
-CVE-2020-16992
- RESERVED
-CVE-2020-16991
- RESERVED
-CVE-2020-16990
- RESERVED
-CVE-2020-16989
- RESERVED
-CVE-2020-16988
- RESERVED
-CVE-2020-16987
- RESERVED
-CVE-2020-16986
- RESERVED
-CVE-2020-16985
- RESERVED
-CVE-2020-16984
- RESERVED
-CVE-2020-16983
- RESERVED
-CVE-2020-16982
- RESERVED
-CVE-2020-16981
- RESERVED
+CVE-2020-16994 (, aka 'Azure Sphere Unsigned Code Execution Vulnerability'. This CVE I ...)
+ TODO: check
+CVE-2020-16993 (, aka 'Azure Sphere Elevation of Privilege Vulnerability'. This CVE ID ...)
+ TODO: check
+CVE-2020-16992 (, aka 'Azure Sphere Elevation of Privilege Vulnerability'. This CVE ID ...)
+ TODO: check
+CVE-2020-16991 (, aka 'Azure Sphere Unsigned Code Execution Vulnerability'. This CVE I ...)
+ TODO: check
+CVE-2020-16990 (, aka 'Azure Sphere Information Disclosure Vulnerability'. This CVE ID ...)
+ TODO: check
+CVE-2020-16989 (, aka 'Azure Sphere Elevation of Privilege Vulnerability'. This CVE ID ...)
+ TODO: check
+CVE-2020-16988 (, aka 'Azure Sphere Elevation of Privilege Vulnerability'. This CVE ID ...)
+ TODO: check
+CVE-2020-16987 (, aka 'Azure Sphere Unsigned Code Execution Vulnerability'. This CVE I ...)
+ TODO: check
+CVE-2020-16986 (, aka 'Azure Sphere Denial of Service Vulnerability'. ...)
+ TODO: check
+CVE-2020-16985 (, aka 'Azure Sphere Information Disclosure Vulnerability'. This CVE ID ...)
+ TODO: check
+CVE-2020-16984 (, aka 'Azure Sphere Unsigned Code Execution Vulnerability'. This CVE I ...)
+ TODO: check
+CVE-2020-16983 (, aka 'Azure Sphere Tampering Vulnerability'. ...)
+ TODO: check
+CVE-2020-16982 (, aka 'Azure Sphere Unsigned Code Execution Vulnerability'. This CVE I ...)
+ TODO: check
+CVE-2020-16981 (, aka 'Azure Sphere Elevation of Privilege Vulnerability'. This CVE ID ...)
+ TODO: check
CVE-2020-16980 (An elevation of privilege vulnerability exists when the Windows iSCSI ...)
NOT-FOR-US: Microsoft
-CVE-2020-16979
- RESERVED
+CVE-2020-16979 (, aka 'Microsoft SharePoint Information Disclosure Vulnerability'. Thi ...)
+ TODO: check
CVE-2020-16978 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
NOT-FOR-US: Microsoft
CVE-2020-16977 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
@@ -25822,8 +25853,8 @@ CVE-2020-16972 (An elevation of privilege vulnerability exists when the Windows
NOT-FOR-US: Microsoft
CVE-2020-16971
RESERVED
-CVE-2020-16970
- RESERVED
+CVE-2020-16970 (, aka 'Azure Sphere Unsigned Code Execution Vulnerability'. This CVE I ...)
+ TODO: check
CVE-2020-16969 (An information disclosure vulnerability exists in how Microsoft Exchan ...)
NOT-FOR-US: Microsoft
CVE-2020-16968 (A remote code execution vulnerability exists when the Windows Camera C ...)
@@ -27620,11 +27651,9 @@ CVE-2020-16129
RESERVED
CVE-2020-16128
RESERVED
-CVE-2020-16127
- RESERVED
+CVE-2020-16127 (An Ubuntu-specific modification to AccountsService in versions before ...)
- accountsservice <not-affected> (Ubuntu-specific issue in 0010-set-language.patch)
-CVE-2020-16126
- RESERVED
+CVE-2020-16126 (An Ubuntu-specific modification to AccountsService in versions before ...)
- accountsservice <not-affected> (Ubuntu-specific issue in 0010-set-language.patch)
CVE-2020-16125 (gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup ...)
{DLA-2434-1}
@@ -29873,7 +29902,7 @@ CVE-2020-15276 (baserCMS before version 4.4.1 is vulnerable to Cross-Site Script
NOT-FOR-US: baserCMS
CVE-2020-15275 [malicious SVG attachment causing stored XSS vulnerability]
RESERVED
- {DSA-4787-1}
+ {DSA-4787-1 DLA-2446-1}
- moin <removed>
NOTE: https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-4q96-6xhq-ff43
NOTE: https://github.com/moinwiki/moin-1.9/commit/64e16037a60646a4d834f0203c75481b9c3fa74c (1.9.11)
@@ -69393,8 +69422,8 @@ CVE-2020-1601 (Certain types of malformed Path Computation Element Protocol (PCE
NOT-FOR-US: Juniper
CVE-2020-1600 (In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an ...)
NOT-FOR-US: Juniper
-CVE-2020-1599
- RESERVED
+CVE-2020-1599 (, aka 'Windows Spoofing Vulnerability'. ...)
+ TODO: check
CVE-2020-1598 (An elevation of privilege vulnerability exists when the Windows Univer ...)
NOT-FOR-US: Microsoft
CVE-2020-1597 (A denial of service vulnerability exists when ASP.NET Core improperly ...)
@@ -69948,8 +69977,8 @@ CVE-2020-1327 (A spoofing vulnerability exists in Microsoft Azure DevOps Server
NOT-FOR-US: Microsoft
CVE-2020-1326 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
NOT-FOR-US: Microsoft
-CVE-2020-1325
- RESERVED
+CVE-2020-1325 (, aka 'Azure DevOps Server and Team Foundation Services Spoofing Vulne ...)
+ TODO: check
CVE-2020-1324 (An elevation of privilege (user to user) vulnerability exists in Windo ...)
NOT-FOR-US: Microsoft
CVE-2020-1323 (An open redirect vulnerability exists in Microsoft SharePoint that cou ...)
@@ -107279,8 +107308,8 @@ CVE-2019-7359 (An exploitable heap overflow vulnerability in the AcCellMargin ha
NOT-FOR-US: Autodesk
CVE-2019-7358 (An exploitable heap overflow vulnerability in the DXF-parsing function ...)
NOT-FOR-US: Autodesk
-CVE-2019-7357
- RESERVED
+CVE-2019-7357 (Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can ...)
+ TODO: check
CVE-2019-7356 (Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter. ...)
NOT-FOR-US: Subrion CMS
CVE-2019-1000024 (OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cro ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f9d117b63d35ceecbb3e0729badc4c90ce9dbbe
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f9d117b63d35ceecbb3e0729badc4c90ce9dbbe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201111/627a5007/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list