[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Oct 23 21:10:38 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ef83c211 by security tracker role at 2020-10-23T20:10:31+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5161,8 +5161,8 @@ CVE-2020-25485
RESERVED
CVE-2020-25484
RESERVED
-CVE-2020-25483
- RESERVED
+CVE-2020-25483 (An arbitrary command execution vulnerability exists in the fopen() fun ...)
+ TODO: check
CVE-2020-25482
RESERVED
CVE-2020-25481
@@ -5195,8 +5195,8 @@ CVE-2020-25468
RESERVED
CVE-2020-25467
RESERVED
-CVE-2020-25466
- RESERVED
+CVE-2020-25466 (A SSRF vulnerability exists in the downloadimage interface of CRMEB 3. ...)
+ TODO: check
CVE-2020-25465
RESERVED
CVE-2020-25464
@@ -6569,10 +6569,10 @@ CVE-2020-24850
RESERVED
CVE-2020-24849
RESERVED
-CVE-2020-24848
- RESERVED
-CVE-2020-24847
- RESERVED
+CVE-2020-24848 (FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) N ...)
+ TODO: check
+CVE-2020-24847 (A Cross-Site Request Forgery (CSRF) vulnerability is identified in Fru ...)
+ TODO: check
CVE-2020-24846
RESERVED
CVE-2020-24845
@@ -27683,6 +27683,7 @@ CVE-2020-14805 (Vulnerability in the Oracle E-Business Suite Secure Enterprise S
CVE-2020-14804 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2020-14803 (Vulnerability in the Java SE product of Oracle Java SE (component: Lib ...)
+ {DLA-2412-1}
- openjdk-15 15.0.1+9-1
- openjdk-11 11.0.9+11-1
- openjdk-8 <unfixed>
@@ -27695,14 +27696,17 @@ CVE-2020-14800 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
CVE-2020-14799 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 <unfixed>
CVE-2020-14798 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DLA-2412-1}
- openjdk-15 15.0.1+9-1
- openjdk-11 11.0.9+11-1
- openjdk-8 <unfixed>
CVE-2020-14797 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DLA-2412-1}
- openjdk-15 15.0.1+9-1
- openjdk-11 11.0.9+11-1
- openjdk-8 <unfixed>
CVE-2020-14796 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DLA-2412-1}
- openjdk-15 15.0.1+9-1
- openjdk-11 11.0.9+11-1
- openjdk-8 <unfixed>
@@ -27714,6 +27718,7 @@ CVE-2020-14793 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
- mysql-5.7 <unfixed>
- mysql-8.0 <unfixed>
CVE-2020-14792 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DLA-2412-1}
- openjdk-15 15.0.1+9-1
- openjdk-11 11.0.9+11-1
- openjdk-8 <unfixed>
@@ -27738,16 +27743,19 @@ CVE-2020-14784 (Vulnerability in the Oracle BI Publisher product of Oracle Fusio
CVE-2020-14783 (Vulnerability in the Oracle Hospitality RES 3700 product of Oracle Foo ...)
NOT-FOR-US: Oracle
CVE-2020-14782 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DLA-2412-1}
- openjdk-15 15.0.1+9-1
- openjdk-11 11.0.9+11-1
- openjdk-8 <unfixed>
CVE-2020-14781 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DLA-2412-1}
- openjdk-15 15.0.1+9-1
- openjdk-11 11.0.9+11-1
- openjdk-8 <unfixed>
CVE-2020-14780 (Vulnerability in the BI Publisher product of Oracle Fusion Middleware ...)
NOT-FOR-US: Oracle
CVE-2020-14779 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DLA-2412-1}
- openjdk-15 15.0.1+9-1
- openjdk-11 11.0.9+11-1
- openjdk-8 <unfixed>
@@ -52008,8 +52016,8 @@ CVE-2020-5992
RESERVED
CVE-2020-5991
RESERVED
-CVE-2020-5990
- RESERVED
+CVE-2020-5990 (NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a ...)
+ TODO: check
CVE-2020-5989 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5988 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
@@ -52032,10 +52040,10 @@ CVE-2020-5980 (NVIDIA Windows GPU Display Driver, all versions, contains a vulne
NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2020-5979 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
NOT-FOR-US: NVIDIA Windows GPU Display Driver
-CVE-2020-5978
- RESERVED
-CVE-2020-5977
- RESERVED
+CVE-2020-5978 (NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a ...)
+ TODO: check
+CVE-2020-5977 (NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a ...)
+ TODO: check
CVE-2020-5976 (NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and vers ...)
NOT-FOR-US: NVIDIA GeForce NOW
CVE-2020-5975 (NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, con ...)
@@ -56747,10 +56755,10 @@ CVE-2020-4000
RESERVED
CVE-2020-3999
RESERVED
-CVE-2020-3998
- RESERVED
-CVE-2020-3997
- RESERVED
+CVE-2020-3998 (VMware Horizon Client for Windows (5.x prior to 5.5.0) contains an inf ...)
+ TODO: check
+CVE-2020-3997 (VMware Horizon Server (7.x prior to 7.10.3 or 7.13.0) contains a Cross ...)
+ TODO: check
CVE-2020-3996 (Velero (prior to 1.4.3 and 1.5.2) in some instances doesn’t prop ...)
NOT-FOR-US: Velero
CVE-2020-3995 (In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-20 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef83c211b817417e86f2edb5f392dfd34bf2af21
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef83c211b817417e86f2edb5f392dfd34bf2af21
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201023/83cc3c57/attachment.html>
More information about the debian-security-tracker-commits
mailing list