[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Oct 3 09:10:28 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
122c37f3 by security tracker role at 2020-10-03T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,12 +29,12 @@ CVE-2020-26529
 	RESERVED
 CVE-2020-26528
 	RESERVED
-CVE-2020-26527
-	RESERVED
-CVE-2020-26526
-	RESERVED
-CVE-2020-26525
-	RESERVED
+CVE-2020-26527 (An issue was discovered in API/api/Version in Damstra Smart Asset 2020 ...)
+	TODO: check
+CVE-2020-26526 (An issue was discovered in Damstra Smart Asset 2020.7. It is possible  ...)
+	TODO: check
+CVE-2020-26525 (Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset ori ...)
+	TODO: check
 CVE-2020-26524 (CodeLathe FileCloud before 20.2.0.11915 allows username enumeration. ...)
 	NOT-FOR-US: CodeLathe FileCloud
 CVE-2020-26523 (Froala Editor before 3.2.2 allows XSS via pasted content. ...)
@@ -1641,8 +1641,8 @@ CVE-2020-25778
 	RESERVED
 CVE-2020-25777
 	RESERVED
-CVE-2020-25776
-	RESERVED
+CVE-2020-25776 (Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbo ...)
+	TODO: check
 CVE-2020-25775 (The Trend Micro Security 2020 (v16) consumer family of products is vul ...)
 	NOT-FOR-US: Trend Micro
 CVE-2020-25774 (A vulnerability in the Trend Micro Apex One ServerMigrationTool compon ...)
@@ -22872,8 +22872,8 @@ CVE-2020-15591
 	RESERVED
 CVE-2020-15590 (A vulnerability in the Private Internet Access (PIA) VPN Client for Li ...)
 	NOT-FOR-US: Private Internet Access client for Linux
-CVE-2020-15589
-	RESERVED
+CVE-2020-15589 (A design issue was discovered in GetInternetRequestHandle, InternetSen ...)
+	TODO: check
 CVE-2020-15588 (An issue was discovered in the client side of Zoho ManageEngine Deskto ...)
 	NOT-FOR-US: Zoho ManageEngine
 CVE-2020-15587
@@ -23713,14 +23713,14 @@ CVE-2020-15236
 	RESERVED
 CVE-2020-15235
 	RESERVED
-CVE-2020-15234
-	RESERVED
-CVE-2020-15233
-	RESERVED
-CVE-2020-15232
-	RESERVED
-CVE-2020-15231
-	RESERVED
+CVE-2020-15234 (ORY Fosite is a security first OAuth2 & OpenID Connect framework f ...)
+	TODO: check
+CVE-2020-15233 (ORY Fosite is a security first OAuth2 & OpenID Connect framework f ...)
+	TODO: check
+CVE-2020-15232 (In mapfish-print before version 3.24, a user can do to an XML External ...)
+	TODO: check
+CVE-2020-15231 (In mapfish-print before version 3.24, a user can use the JSONP support ...)
+	TODO: check
 CVE-2020-15230 (Vapor is a web framework for Swift. In Vapor before version 4.29.4, At ...)
 	TODO: check
 CVE-2020-15229
@@ -28803,10 +28803,10 @@ CVE-2020-13340
 	RESERVED
 CVE-2020-13339
 	RESERVED
-CVE-2020-13338
-	RESERVED
-CVE-2020-13337
-	RESERVED
+CVE-2020-13338 (An issue has been discovered in GitLab affecting versions prior to 12. ...)
+	TODO: check
+CVE-2020-13337 (An issue has been discovered in GitLab affecting versions from 12.10 t ...)
+	TODO: check
 CVE-2020-13336 (An issue has been discovered in GitLab affecting versions from 11.8 be ...)
 	- gitlab <unfixed>
 CVE-2020-13335
@@ -30448,8 +30448,8 @@ CVE-2020-12678
 	REJECTED
 CVE-2020-12677 (An issue was discovered in Progress MOVEit Automation Web Admin. A Web ...)
 	NOT-FOR-US: Progress MOVEit Automation Web Admin
-CVE-2020-12676
-	RESERVED
+CVE-2020-12676 (FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge me ...)
+	TODO: check
 CVE-2020-12675 (The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPr ...)
 	NOT-FOR-US: mappress-google-maps-for-wordpress plugin for WordPress
 CVE-2020-12692 (An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...)
@@ -48915,20 +48915,20 @@ CVE-2020-5991
 	RESERVED
 CVE-2020-5990
 	RESERVED
-CVE-2020-5989
-	RESERVED
-CVE-2020-5988
-	RESERVED
-CVE-2020-5987
-	RESERVED
-CVE-2020-5986
-	RESERVED
-CVE-2020-5985
-	RESERVED
-CVE-2020-5984
-	RESERVED
-CVE-2020-5983
-	RESERVED
+CVE-2020-5989 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
+	TODO: check
+CVE-2020-5988 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
+	TODO: check
+CVE-2020-5987 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
+	TODO: check
+CVE-2020-5986 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
+	TODO: check
+CVE-2020-5985 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
+	TODO: check
+CVE-2020-5984 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
+	TODO: check
+CVE-2020-5983 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
+	TODO: check
 CVE-2020-5982 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
 CVE-2020-5981 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/122c37f3d8f01f252fccba608c63da16030e0901

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/122c37f3d8f01f252fccba608c63da16030e0901
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201003/bae5ed9f/attachment.html>


More information about the debian-security-tracker-commits mailing list