[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Oct 13 21:10:28 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2a965452 by security tracker role at 2020-10-13T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2857,8 +2857,8 @@ CVE-2020-25791 (An issue was discovered in the sized-chunks crate through 0.6.2
NOTE: https://github.com/bodil/sized-chunks/issues/11
CVE-2020-25780
RESERVED
-CVE-2020-25779
- RESERVED
+CVE-2020-25779 (Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in w ...)
+ TODO: check
CVE-2020-25778
RESERVED
CVE-2020-25777
@@ -19965,30 +19965,30 @@ CVE-2020-17419
RESERVED
CVE-2020-17418
RESERVED
-CVE-2020-17417
- RESERVED
-CVE-2020-17416
- RESERVED
-CVE-2020-17415
- RESERVED
-CVE-2020-17414
- RESERVED
-CVE-2020-17413
- RESERVED
-CVE-2020-17412
- RESERVED
-CVE-2020-17411
- RESERVED
-CVE-2020-17410
- RESERVED
-CVE-2020-17409
- RESERVED
+CVE-2020-17417 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-17416 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-17415 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2020-17414 (This vulnerability allows local attackers to escalate privileges on af ...)
+ TODO: check
+CVE-2020-17413 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-17412 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-17411 (This vulnerability allows remote attackers to disclose sensitive infor ...)
+ TODO: check
+CVE-2020-17410 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-17409 (This vulnerability allows network-adjacent attackers to disclose sensi ...)
+ TODO: check
CVE-2020-17408 (This vulnerability allows remote attackers to disclose sensitive infor ...)
NOT-FOR-US: NEC
-CVE-2020-17407
- RESERVED
-CVE-2020-17406
- RESERVED
+CVE-2020-17407 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
+CVE-2020-17406 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+ TODO: check
CVE-2020-17405 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
NOT-FOR-US: Senstar Symphony
CVE-2020-17404 (This vulnerability allows remote attackers to execute arbitrary code o ...)
@@ -22678,8 +22678,8 @@ CVE-2020-16126
RESERVED
CVE-2020-16125
RESERVED
-CVE-2020-16124
- RESERVED
+CVE-2020-16124 (Integer Overflow or Wraparound vulnerability in the XML RPC library of ...)
+ TODO: check
CVE-2020-16123
RESERVED
CVE-2020-16122
@@ -23537,8 +23537,8 @@ CVE-2020-15799
RESERVED
CVE-2020-15798
RESERVED
-CVE-2020-15797
- RESERVED
+CVE-2020-15797 (A vulnerability has been identified in DCA Vantage Analyzer (All versi ...)
+ TODO: check
CVE-2020-15796
RESERVED
CVE-2020-15795
@@ -24958,8 +24958,8 @@ CVE-2020-15253
RESERVED
CVE-2020-15252
RESERVED
-CVE-2020-15251
- RESERVED
+CVE-2020-15251 (In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version ...)
+ TODO: check
CVE-2020-15250 (In JUnit4 before version 4.13.1, the test rule TemporaryFolder contain ...)
TODO: check
CVE-2020-15249
@@ -28496,8 +28496,8 @@ CVE-2020-13959
RESERVED
CVE-2020-13958
RESERVED
-CVE-2020-13957
- RESERVED
+CVE-2020-13957 (Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 ...)
+ TODO: check
CVE-2020-13956 [incorrect handling of malformed authority component in request URIs]
RESERVED
{DLA-2405-1}
@@ -45800,8 +45800,8 @@ CVE-2020-7745
RESERVED
CVE-2020-7744
RESERVED
-CVE-2020-7743
- RESERVED
+CVE-2020-7743 (The package mathjs before 7.5.1 are vulnerable to Prototype Pollution ...)
+ TODO: check
CVE-2020-7742 (This affects the package simpl-schema before 1.10.2. ...)
NOT-FOR-US: Node simpl-schema
CVE-2020-7741 (This affects the package hellojs before 1.18.6. The code get the param ...)
@@ -46160,8 +46160,8 @@ CVE-2020-7592 (A vulnerability has been identified in SIMATIC HMI Basic Panels 1
NOT-FOR-US: Siemens
CVE-2020-7591
RESERVED
-CVE-2020-7590
- RESERVED
+CVE-2020-7590 (A vulnerability has been identified in DCA Vantage Analyzer (All versi ...)
+ TODO: check
CVE-2020-7589 (A vulnerability has been identified in LOGO!8 BM (incl. SIPLUS variant ...)
NOT-FOR-US: Siemens
CVE-2020-7588 (A vulnerability has been identified in Opcenter Execution Discrete (Al ...)
@@ -113287,8 +113287,7 @@ CVE-2018-20245 (The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth)
- airflow <itp> (bug #819700)
CVE-2018-20244 (In Apache Airflow before 1.10.2, a malicious admin user could edit the ...)
- airflow <itp> (bug #819700)
-CVE-2018-20243
- RESERVED
+CVE-2018-20243 (The implementation of POST with the username and password in the URL p ...)
NOT-FOR-US: Apache Fineract
CVE-2018-20242 (A carefully crafted URL could trigger an XSS vulnerability on Apache J ...)
- jspwiki <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a9654529084c7b20191caefeb65175978d9c470
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a9654529084c7b20191caefeb65175978d9c470
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201013/758d017d/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list