[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Oct 16 21:10:38 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3d34dd9e by security tracker role at 2020-10-16T20:10:30+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2020-27190
+ RESERVED
+CVE-2020-27189
+ RESERVED
+CVE-2020-27188
+ RESERVED
+CVE-2020-27187
+ RESERVED
+CVE-2020-27186
+ RESERVED
+CVE-2020-27185
+ RESERVED
+CVE-2020-27184
+ RESERVED
+CVE-2020-27183
+ RESERVED
+CVE-2020-27182
+ RESERVED
+CVE-2020-27181
+ RESERVED
+CVE-2020-27180
+ RESERVED
+CVE-2020-27179
+ RESERVED
+CVE-2020-27178 (Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4 ...)
+ TODO: check
CVE-2020-27177
RESERVED
CVE-2020-27176 (Mutation XSS exists in Mark Text through 0.16.2 that leads to Remote C ...)
@@ -466,8 +492,8 @@ CVE-2020-26946
RESERVED
CVE-2020-26945 (MyBatis before 3.5.6 mishandles deserialization of object streams. ...)
NOT-FOR-US: MyBatis
-CVE-2020-26944
- RESERVED
+CVE-2020-26944 (An issue was discovered in Aptean Product Configurator 4.61.0000 on Wi ...)
+ TODO: check
CVE-2020-26943 (An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2. ...)
NOT-FOR-US: blazar-dashboard
CVE-2020-26942
@@ -570,8 +596,8 @@ CVE-2020-26895
RESERVED
CVE-2020-26894 (Faulkner Wildlife Issues in the New Millennium 18.0.160 on Windows all ...)
NOT-FOR-US: New Millennium
-CVE-2020-26893
- RESERVED
+CVE-2020-26893 (An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor c ...)
+ TODO: check
CVE-2020-26892
RESERVED
CVE-2020-26891
@@ -997,8 +1023,8 @@ CVE-2020-26684
RESERVED
CVE-2020-26683
RESERVED
-CVE-2020-26682
- RESERVED
+CVE-2020-26682 (In libass 0.14.0, the `ass_outline_construct`'s call to `outline_strok ...)
+ TODO: check
CVE-2020-26681
RESERVED
CVE-2020-26680
@@ -1017,8 +1043,8 @@ CVE-2020-26674
RESERVED
CVE-2020-26673
RESERVED
-CVE-2020-26672
- RESERVED
+CVE-2020-26672 (Testimonial Rotator Wordpress Plugin 3.0.2 is affected by Cross Site S ...)
+ TODO: check
CVE-2020-26671
RESERVED
CVE-2020-26670
@@ -2043,10 +2069,10 @@ CVE-2020-26185
RESERVED
CVE-2020-26184
RESERVED
-CVE-2020-26183
- RESERVED
-CVE-2020-26182
- RESERVED
+CVE-2020-26183 (Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper auth ...)
+ TODO: check
+CVE-2020-26182 (Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect pri ...)
+ TODO: check
CVE-2020-26181
RESERVED
CVE-2020-26180
@@ -6013,8 +6039,8 @@ CVE-2020-24410
RESERVED
CVE-2020-24409
RESERVED
-CVE-2020-24408
- RESERVED
+CVE-2020-24408 (Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by a per ...)
+ TODO: check
CVE-2020-24407
RESERVED
CVE-2020-24406
@@ -22487,8 +22513,8 @@ CVE-2020-16272 (The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0
NOT-FOR-US: Kee Vault KeePassRPC
CVE-2020-16271 (The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 genera ...)
NOT-FOR-US: Kee Vault KeePassRPC
-CVE-2020-16270
- RESERVED
+CVE-2020-16270 (OLIMPOKS before 5.1.0 allows Auth/Admin ErrorMessage XSS. ...)
+ TODO: check
CVE-2020-16269 (radare2 4.5.0 misparses DWARF information in executable files, causing ...)
- radare2 <unfixed>
NOTE: https://github.com/radareorg/radare2/issues/17383
@@ -23459,8 +23485,8 @@ CVE-2020-15869 (Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1
NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
CVE-2020-15868 (Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect ...)
NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
-CVE-2020-15867
- RESERVED
+CVE-2020-15867 (The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authentic ...)
+ TODO: check
CVE-2020-15866 (mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yie ...)
- mruby <unfixed> (bug #972051)
[buster] - mruby <no-dsa> (Minor issue)
@@ -25073,20 +25099,20 @@ CVE-2020-15260
RESERVED
CVE-2020-15259
RESERVED
-CVE-2020-15258
- RESERVED
+CVE-2020-15258 (In Wire before 3.20.x, `shell.openExternal` was used without checking ...)
+ TODO: check
CVE-2020-15257
RESERVED
CVE-2020-15256
RESERVED
-CVE-2020-15255
- RESERVED
-CVE-2020-15254
- RESERVED
+CVE-2020-15255 (In Anuko Time Tracker before verion 1.19.23.5325, due to not properly ...)
+ TODO: check
+CVE-2020-15254 (Crossbeam is a set of tools for concurrent programming. In crossbeam-c ...)
+ TODO: check
CVE-2020-15253 (Versions of Grocy <= 2.7.1 are vulnerable to Cross-Site Scripting v ...)
NOT-FOR-US: Grocy
-CVE-2020-15252
- RESERVED
+CVE-2020-15252 (In XWiki before version 12.5 and 11.10.6, any user with SCRIPT right ( ...)
+ TODO: check
CVE-2020-15251 (In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version ...)
NOT-FOR-US: Channelmgnt plug-in for Sopel
CVE-2020-15250 (In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryF ...)
@@ -25300,8 +25326,7 @@ CVE-2020-15159 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (
NOT-FOR-US: baserCMS
CVE-2020-15158 (In libIEC61850 before version 1.4.3, when a message with COTP message ...)
NOT-FOR-US: libIEC61850
-CVE-2020-15157
- RESERVED
+CVE-2020-15157 (In containerd (an industry-standard container runtime) before version ...)
- containerd 1.3.2~ds1-2
NOTE: https://www.openwall.com/lists/oss-security/2020/10/15/1
NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-742w-89gc-8m9c
@@ -27739,8 +27764,7 @@ CVE-2020-14301 [leak of sensitive cookie information via dumpxml]
NOTE: Fixed by: https://github.com/libvirt/libvirt/commit/524de6cc35d3b222f0e940bb0fd027f5482572c5
CVE-2020-14300 (The docker packages version docker-1.13.1-108.git4ef4b30.el7 as releas ...)
- docker.io <not-affected> (Red Hat specific regression)
-CVE-2020-14299
- RESERVED
+CVE-2020-14299 (A flaw was found in JBoss EAP, where the authentication configuration ...)
NOT-FOR-US: JBoss EAP
CVE-2020-14298 (The version of docker as released for Red Hat Enterprise Linux 7 Extra ...)
- docker.io <not-affected> (Red Hat specific regression)
@@ -28127,8 +28151,8 @@ CVE-2020-14145 (The client side in OpenSSH 5.7 through 8.3 has an Observable Dis
NOTE: https://www.fzi.de/fileadmin/user_upload/2020-06-26-FSA-2020-2.pdf
NOTE: The OpenSSH project is not planning to change the behaviour of OpenSSH regarding
NOTE: the issue, details in "3.1 OpenSSH" in the publication.
-CVE-2020-14144
- RESERVED
+CVE-2020-14144 (The git hook feature in Gitea 1.1.0 through 1.12.5 allows for authenti ...)
+ TODO: check
CVE-2020-14143
RESERVED
CVE-2020-14142
@@ -40356,8 +40380,8 @@ CVE-2020-9994
RESERVED
CVE-2020-9993
RESERVED
-CVE-2020-9992
- RESERVED
+CVE-2020-9992 (This issue was addressed by encrypting communications over the network ...)
+ TODO: check
CVE-2020-9991
RESERVED
CVE-2020-9990
@@ -40374,8 +40398,8 @@ CVE-2020-9985
RESERVED
CVE-2020-9984
RESERVED
-CVE-2020-9983
- RESERVED
+CVE-2020-9983 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
CVE-2020-9982
RESERVED
CVE-2020-9981
@@ -40388,8 +40412,8 @@ CVE-2020-9978
RESERVED
CVE-2020-9977
RESERVED
-CVE-2020-9976
- RESERVED
+CVE-2020-9976 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
CVE-2020-9975
RESERVED
CVE-2020-9974
@@ -40404,16 +40428,16 @@ CVE-2020-9970
RESERVED
CVE-2020-9969
RESERVED
-CVE-2020-9968
- RESERVED
+CVE-2020-9968 (A logic issue was addressed with improved restrictions. This issue is ...)
+ TODO: check
CVE-2020-9967
RESERVED
CVE-2020-9966
RESERVED
CVE-2020-9965
RESERVED
-CVE-2020-9964
- RESERVED
+CVE-2020-9964 (A memory initialization issue was addressed with improved memory handl ...)
+ TODO: check
CVE-2020-9963
RESERVED
CVE-2020-9962
@@ -40422,10 +40446,10 @@ CVE-2020-9961
RESERVED
CVE-2020-9960
RESERVED
-CVE-2020-9959
- RESERVED
-CVE-2020-9958
- RESERVED
+CVE-2020-9959 (A lock screen issue allowed access to messages on a locked device. Thi ...)
+ TODO: check
+CVE-2020-9958 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
CVE-2020-9957
RESERVED
CVE-2020-9956
@@ -40436,20 +40460,20 @@ CVE-2020-9954
RESERVED
CVE-2020-9953
RESERVED
-CVE-2020-9952
- RESERVED
-CVE-2020-9951
- RESERVED
+CVE-2020-9952 (An input validation issue was addressed with improved input validation ...)
+ TODO: check
+CVE-2020-9951 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
CVE-2020-9950
RESERVED
CVE-2020-9949
RESERVED
-CVE-2020-9948
- RESERVED
+CVE-2020-9948 (A type confusion issue was addressed with improved memory handling. Th ...)
+ TODO: check
CVE-2020-9947
RESERVED
-CVE-2020-9946
- RESERVED
+CVE-2020-9946 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
CVE-2020-9945
RESERVED
CVE-2020-9944
@@ -40468,18 +40492,18 @@ CVE-2020-9938
RESERVED
CVE-2020-9937
RESERVED
-CVE-2020-9936
- RESERVED
+CVE-2020-9936 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
CVE-2020-9935
RESERVED
-CVE-2020-9934
- RESERVED
-CVE-2020-9933
- RESERVED
+CVE-2020-9934 (An issue existed in the handling of environment variables. This issue ...)
+ TODO: check
+CVE-2020-9933 (An authorization issue was addressed with improved state management. T ...)
+ TODO: check
CVE-2020-9932
RESERVED
-CVE-2020-9931
- RESERVED
+CVE-2020-9931 (A denial of service issue was addressed with improved input validation ...)
+ TODO: check
CVE-2020-9930
RESERVED
CVE-2020-9929
@@ -40490,8 +40514,7 @@ CVE-2020-9927
RESERVED
CVE-2020-9926
RESERVED
-CVE-2020-9925
- RESERVED
+CVE-2020-9925 (A logic issue was addressed with improved state management. This issue ...)
{DSA-4739-1}
- webkit2gtk 2.28.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
@@ -40500,8 +40523,8 @@ CVE-2020-9925
NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
CVE-2020-9924
RESERVED
-CVE-2020-9923
- RESERVED
+CVE-2020-9923 (A memory corruption issue was addressed with improved memory handling. ...)
+ TODO: check
CVE-2020-9922
RESERVED
CVE-2020-9921
@@ -40510,44 +40533,43 @@ CVE-2020-9920
RESERVED
CVE-2020-9919
RESERVED
-CVE-2020-9918
- RESERVED
-CVE-2020-9917
- RESERVED
-CVE-2020-9916
- RESERVED
-CVE-2020-9915
- RESERVED
+CVE-2020-9918 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2020-9917 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2020-9916 (A URL Unicode encoding issue was addressed with improved state managem ...)
+ TODO: check
+CVE-2020-9915 (An access issue existed in Content Security Policy. This issue was add ...)
{DSA-4739-1}
- webkit2gtk 2.28.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
- wpewebkit 2.28.4-1
NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
-CVE-2020-9914
- RESERVED
-CVE-2020-9913
- RESERVED
-CVE-2020-9912
- RESERVED
-CVE-2020-9911
- RESERVED
-CVE-2020-9910
- RESERVED
-CVE-2020-9909
- RESERVED
+CVE-2020-9914 (An input validation issue existed in Bluetooth. This issue was address ...)
+ TODO: check
+CVE-2020-9913 (This issue was addressed with improved data protection. This issue is ...)
+ TODO: check
+CVE-2020-9912 (A logic issue was addressed with improved restrictions. This issue is ...)
+ TODO: check
+CVE-2020-9911 (A logic issue was addressed with improved restrictions. This issue is ...)
+ TODO: check
+CVE-2020-9910 (Multiple issues were addressed with improved logic. This issue is fixe ...)
+ TODO: check
+CVE-2020-9909 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
CVE-2020-9908
RESERVED
-CVE-2020-9907
- RESERVED
+CVE-2020-9907 (A memory corruption issue was addressed by removing the vulnerable cod ...)
+ TODO: check
CVE-2020-9906
RESERVED
CVE-2020-9905
RESERVED
CVE-2020-9904
RESERVED
-CVE-2020-9903
- RESERVED
+CVE-2020-9903 (A logic issue was addressed with improved restrictions. This issue is ...)
+ TODO: check
CVE-2020-9902
RESERVED
CVE-2020-9901
@@ -40562,24 +40584,21 @@ CVE-2020-9897
RESERVED
CVE-2020-9896
RESERVED
-CVE-2020-9895
- RESERVED
+CVE-2020-9895 (A use after free issue was addressed with improved memory management. ...)
{DSA-4739-1}
- webkit2gtk 2.28.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
- wpewebkit 2.28.4-1
NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
-CVE-2020-9894
- RESERVED
+CVE-2020-9894 (An out-of-bounds read was addressed with improved input validation. Th ...)
{DSA-4739-1}
- webkit2gtk 2.28.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
- wpewebkit 2.28.4-1
NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
-CVE-2020-9893
- RESERVED
+CVE-2020-9893 (A use after free issue was addressed with improved memory management. ...)
{DSA-4739-1}
- webkit2gtk 2.28.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
@@ -40588,22 +40607,22 @@ CVE-2020-9893
NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
CVE-2020-9892
RESERVED
-CVE-2020-9891
- RESERVED
-CVE-2020-9890
- RESERVED
-CVE-2020-9889
- RESERVED
-CVE-2020-9888
- RESERVED
+CVE-2020-9891 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
+CVE-2020-9890 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
+CVE-2020-9889 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2020-9888 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
CVE-2020-9887
RESERVED
CVE-2020-9886
RESERVED
-CVE-2020-9885
- RESERVED
-CVE-2020-9884
- RESERVED
+CVE-2020-9885 (An issue existed in the handling of iMessage tapbacks. The issue was r ...)
+ TODO: check
+CVE-2020-9884 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
CVE-2020-9883
RESERVED
CVE-2020-9882
@@ -40614,8 +40633,8 @@ CVE-2020-9880
RESERVED
CVE-2020-9879
RESERVED
-CVE-2020-9878
- RESERVED
+CVE-2020-9878 (A buffer overflow issue was addressed with improved memory handling. T ...)
+ TODO: check
CVE-2020-9877
RESERVED
CVE-2020-9876
@@ -40630,8 +40649,8 @@ CVE-2020-9872
RESERVED
CVE-2020-9871
RESERVED
-CVE-2020-9870
- RESERVED
+CVE-2020-9870 (A logic issue was addressed with improved validation. This issue is fi ...)
+ TODO: check
CVE-2020-9869
RESERVED
CVE-2020-9868
@@ -40640,14 +40659,13 @@ CVE-2020-9867
RESERVED
CVE-2020-9866
RESERVED
-CVE-2020-9865
- RESERVED
-CVE-2020-9864
- RESERVED
+CVE-2020-9865 (A memory corruption issue was addressed by removing the vulnerable cod ...)
+ TODO: check
+CVE-2020-9864 (A logic issue was addressed with improved restrictions. This issue is ...)
+ TODO: check
CVE-2020-9863
RESERVED
-CVE-2020-9862
- RESERVED
+CVE-2020-9862 (A command injection issue existed in Web Inspector. This issue was add ...)
{DSA-4739-1}
- webkit2gtk 2.28.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
@@ -40702,7 +40720,7 @@ CVE-2020-9843 (An input validation issue was addressed with improved input valid
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
- wpewebkit 2.28.3-1
NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
-CVE-2020-9842 (This issue was addressed with improved checks. This issue is fixed in ...)
+CVE-2020-9842 (An entitlement parsing issue was addressed with improved parsing. This ...)
NOT-FOR-US: Apple
CVE-2020-9841 (An integer overflow was addressed through improved input validation. T ...)
NOT-FOR-US: Apple
@@ -40813,8 +40831,8 @@ CVE-2020-9801 (A logic issue was addressed with improved restrictions. This issu
NOT-FOR-US: Apple
CVE-2020-9800 (A type confusion issue was addressed with improved memory handling. Th ...)
NOT-FOR-US: Apple
-CVE-2020-9799
- RESERVED
+CVE-2020-9799 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
CVE-2020-9798
RESERVED
CVE-2020-9797 (An information disclosure issue was addressed by removing the vulnerab ...)
@@ -53871,8 +53889,8 @@ CVE-2020-4638 (IBM API Connect's API Manager 2018.4.1.0 through 2018.4.1.12 is v
NOT-FOR-US: IBM
CVE-2020-4637
RESERVED
-CVE-2020-4636
- RESERVED
+CVE-2020-4636 (IBM Resilient OnPrem 38.2 could allow a privileged user to inject mali ...)
+ TODO: check
CVE-2020-4635
RESERVED
CVE-2020-4634
@@ -54635,8 +54653,8 @@ CVE-2020-4256
RESERVED
CVE-2020-4255
RESERVED
-CVE-2020-4254
- RESERVED
+CVE-2020-4254 (IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker t ...)
+ TODO: check
CVE-2020-4253 (IBM Content Navigator 3.0CD does not invalidate session after logout w ...)
NOT-FOR-US: IBM
CVE-2020-4252 (IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulner ...)
@@ -55190,8 +55208,8 @@ CVE-2020-3993
RESERVED
CVE-2020-3992
RESERVED
-CVE-2020-3991
- RESERVED
+CVE-2020-3991 (VMware Horizon Client for Windows (5.x before 5.5.0) contains a denial ...)
+ TODO: check
CVE-2020-3990 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
NOT-FOR-US: VMware
CVE-2020-3989 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
@@ -56337,8 +56355,8 @@ CVE-2019-19886 (Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to
[buster] - modsecurity 3.0.3-1+deb10u1
NOTE: https://github.com/SpiderLabs/ModSecurity/pull/2202
NOTE: https://github.com/SpiderLabs/ModSecurity/commit/7ba77631f9a37e0680d23ee57c455c6a35c65cb9
-CVE-2019-19885
- RESERVED
+CVE-2019-19885 (In Bender COMTRAXX, user authorization is validated for most, but not ...)
+ TODO: check
CVE-2019-19884
RESERVED
CVE-2019-19883
@@ -61561,8 +61579,8 @@ CVE-2019-19515 (Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in w
NOT-FOR-US: Ayision
CVE-2019-19514 (Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in basic r ...)
NOT-FOR-US: Ayision
-CVE-2019-19513
- RESERVED
+CVE-2019-19513 (The BASSMIDI plugin 2.4.12.1 for Un4seen BASS Audio Library on Windows ...)
+ TODO: check
CVE-2020-1924
RESERVED
CVE-2020-1923
@@ -64211,12 +64229,12 @@ CVE-2019-18797 (LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator
[buster] - libsass <no-dsa> (Minor issue)
[stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://github.com/sass/libsass/issues/3000
-CVE-2019-18796
- RESERVED
-CVE-2019-18795
- RESERVED
-CVE-2019-18794
- RESERVED
+CVE-2019-18796 (The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamC ...)
+ TODO: check
+CVE-2019-18795 (The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamC ...)
+ TODO: check
+CVE-2019-18794 (The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamC ...)
+ TODO: check
CVE-2019-18793 (Parallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/inde ...)
NOT-FOR-US: Parallels Plesk Panel
CVE-2017-18639 (Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d34dd9e69bd2c1f0c0cb61fda977e466816a795
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d34dd9e69bd2c1f0c0cb61fda977e466816a795
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201016/45d20bf1/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list