[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Nov 20 08:10:29 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
abd04bc2 by security tracker role at 2020-11-20T08:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2020-28971
+ RESERVED
+CVE-2020-28970
+ RESERVED
+CVE-2020-28969
+ RESERVED
+CVE-2020-28968
+ RESERVED
+CVE-2020-28967
+ RESERVED
+CVE-2020-28966
+ RESERVED
+CVE-2020-28965
+ RESERVED
+CVE-2020-28964
+ RESERVED
+CVE-2020-28963
+ RESERVED
+CVE-2020-28962
+ RESERVED
+CVE-2020-28961
+ RESERVED
+CVE-2020-28960
+ RESERVED
+CVE-2020-28959
+ RESERVED
+CVE-2020-28958
+ RESERVED
+CVE-2020-28957
+ RESERVED
+CVE-2020-28956
+ RESERVED
+CVE-2020-28955
+ RESERVED
+CVE-2020-28954 (web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 la ...)
+ TODO: check
+CVE-2020-28953 (In BigBlueButton before 2.2.29, a user can vote more than once in a si ...)
+ TODO: check
+CVE-2020-28952
+ RESERVED
CVE-2020-28951 (libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter ...)
NOT-FOR-US: libuci in OpenWrt
CVE-2020-28950
@@ -61,8 +101,8 @@ CVE-2020-28926
RESERVED
CVE-2020-28925
RESERVED
-CVE-2020-28924
- RESERVED
+CVE-2020-28924 (An issue was discovered in Rclone before 1.53.3. Due to the use of a w ...)
+ TODO: check
CVE-2020-28923
RESERVED
CVE-2020-28922
@@ -2414,8 +2454,8 @@ CVE-2020-28352
RESERVED
CVE-2020-28351 (The conferencing component on Mitel ShoreTel 19.46.1802.0 devices coul ...)
NOT-FOR-US: Mitel
-CVE-2020-28350
- RESERVED
+CVE-2020-28350 (A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sokrates ...)
+ TODO: check
CVE-2020-28349 (** DISPUTED ** An inaccurate frame deduplication process in ChirpStack ...)
NOT-FOR-US: ChirpStack Network Server
CVE-2020-28348
@@ -4207,16 +4247,16 @@ CVE-2020-28215
RESERVED
CVE-2020-28214
RESERVED
-CVE-2020-28213
- RESERVED
-CVE-2020-28212
- RESERVED
-CVE-2020-28211
- RESERVED
-CVE-2020-28210
- RESERVED
-CVE-2020-28209
- RESERVED
+CVE-2020-28213 (A CWE-494: Download of Code Without Integrity Check vulnerability exis ...)
+ TODO: check
+CVE-2020-28212 (A CWE-307: Improper Restriction of Excessive Authentication Attempts v ...)
+ TODO: check
+CVE-2020-28211 (A CWE-863: Incorrect Authorization vulnerability exists in PLC Simulat ...)
+ TODO: check
+CVE-2020-28210 (A CWE-79 Improper Neutralization of Input During Web Page Generation ( ...)
+ TODO: check
+CVE-2020-28209 (A CWE-428 Windows Unquoted Search Path vulnerability exists in EcoStru ...)
+ TODO: check
CVE-2020-28208
RESERVED
CVE-2020-28207
@@ -9658,8 +9698,8 @@ CVE-2020-25991
RESERVED
CVE-2020-25990 (WebsiteBaker 2.12.2 allows SQL Injection via parameter 'display_name' ...)
NOT-FOR-US: WebsiteBaker
-CVE-2020-25989
- RESERVED
+CVE-2020-25989 (Privilege escalation via arbitrary file write in pritunl electron clie ...)
+ TODO: check
CVE-2020-25988 (UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2 ...)
TODO: check
CVE-2020-25987 (MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in ...)
@@ -53888,54 +53928,54 @@ CVE-2020-7575 (A vulnerability has been identified in Climatix POL908 (BACnet/IP
NOT-FOR-US: Climatix
CVE-2020-7574 (A vulnerability has been identified in Climatix POL908 (BACnet/IP modu ...)
NOT-FOR-US: Climatix
-CVE-2020-7573
- RESERVED
-CVE-2020-7572
- RESERVED
-CVE-2020-7571
- RESERVED
-CVE-2020-7570
- RESERVED
-CVE-2020-7569
- RESERVED
-CVE-2020-7568
- RESERVED
-CVE-2020-7567
- RESERVED
-CVE-2020-7566
- RESERVED
-CVE-2020-7565
- RESERVED
+CVE-2020-7573 (A CWE-284 Improper Access Control vulnerability exists in EcoStruxure ...)
+ TODO: check
+CVE-2020-7572 (A CWE-611 Improper Restriction of XML External Entity Reference vulner ...)
+ TODO: check
+CVE-2020-7571 (A CWE-79 Multiple Improper Neutralization of Input During Web Page Gen ...)
+ TODO: check
+CVE-2020-7570 (A CWE-79 Improper Neutralization of Input During Web Page Generation ( ...)
+ TODO: check
+CVE-2020-7569 (A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerabilit ...)
+ TODO: check
+CVE-2020-7568 (A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor ...)
+ TODO: check
+CVE-2020-7567 (A CWE-311: Missing Encryption of Sensitive Data vulnerability exists i ...)
+ TODO: check
+CVE-2020-7566 (A CWE-334: Small Space of Random Values vulnerability exists in Modico ...)
+ TODO: check
+CVE-2020-7565 (A CWE-326: Inadequate Encryption Strength vulnerability exists in Modi ...)
+ TODO: check
CVE-2020-7564 (A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer ...)
NOT-FOR-US: Modicon
CVE-2020-7563 (A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server ...)
NOT-FOR-US: Modicon
CVE-2020-7562 (A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server o ...)
NOT-FOR-US: Modicon
-CVE-2020-7561
- RESERVED
+CVE-2020-7561 (A CWE-284: Improper Access Control vulnerability exists in Easergy T30 ...)
+ TODO: check
CVE-2020-7560
RESERVED
-CVE-2020-7559
- RESERVED
-CVE-2020-7558
- RESERVED
-CVE-2020-7557
- RESERVED
-CVE-2020-7556
- RESERVED
-CVE-2020-7555
- RESERVED
-CVE-2020-7554
- RESERVED
-CVE-2020-7553
- RESERVED
-CVE-2020-7552
- RESERVED
-CVE-2020-7551
- RESERVED
-CVE-2020-7550
- RESERVED
+CVE-2020-7559 (A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer ...)
+ TODO: check
+CVE-2020-7558 (A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition ...)
+ TODO: check
+CVE-2020-7557 (A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition ( ...)
+ TODO: check
+CVE-2020-7556 (A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition ...)
+ TODO: check
+CVE-2020-7555 (A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition ...)
+ TODO: check
+CVE-2020-7554 (A CWE-119 Improper Restriction of Operations within the Bounds of a Me ...)
+ TODO: check
+CVE-2020-7553 (A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition ...)
+ TODO: check
+CVE-2020-7552 (A CWE-119 Improper Restriction of Operations within the Bounds of a Me ...)
+ TODO: check
+CVE-2020-7551 (A CWE-119 Improper Restriction of Operations within the Bounds of a Me ...)
+ TODO: check
+CVE-2020-7550 (A CWE-119 Improper Restriction of Operations within the Bounds of a Me ...)
+ TODO: check
CVE-2020-7549
RESERVED
CVE-2020-7548
@@ -53946,8 +53986,8 @@ CVE-2020-7546
RESERVED
CVE-2020-7545
RESERVED
-CVE-2020-7544
- RESERVED
+CVE-2020-7544 (A CWE-269 Improper Privilege Management vulnerability exists in EcoStr ...)
+ TODO: check
CVE-2020-7543
RESERVED
CVE-2020-7542
@@ -53958,8 +53998,8 @@ CVE-2020-7540
RESERVED
CVE-2020-7539
RESERVED
-CVE-2020-7538
- RESERVED
+CVE-2020-7538 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
+ TODO: check
CVE-2020-7537
RESERVED
CVE-2020-7536
@@ -58648,8 +58688,8 @@ CVE-2020-5670
RESERVED
CVE-2020-5669
RESERVED
-CVE-2020-5668
- RESERVED
+CVE-2020-5668 (Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series ...)
+ TODO: check
CVE-2020-5667 (Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS ...)
NOT-FOR-US: Studyplus
CVE-2020-5666 (Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series ...)
@@ -61106,8 +61146,7 @@ CVE-2020-4790
RESERVED
CVE-2020-4789
RESERVED
-CVE-2020-4788 [Speculation on incompletely validated data on IBM Power9]
- RESERVED
+CVE-2020-4788 (IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local ...)
- linux <unfixed>
CVE-2020-4787
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abd04bc2496673b1eaa3342767c89d5e97d5aab9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abd04bc2496673b1eaa3342767c89d5e97d5aab9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201120/78b6a8d3/attachment.html>
More information about the debian-security-tracker-commits
mailing list