[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Sep 15 09:10:26 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bbb606b0 by security tracker role at 2020-09-15T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2020-25591
+ RESERVED
+CVE-2020-25590
+ RESERVED
+CVE-2020-25589
+ RESERVED
+CVE-2020-25588
+ RESERVED
+CVE-2020-25587
+ RESERVED
+CVE-2020-25586
+ RESERVED
+CVE-2020-25585
+ RESERVED
+CVE-2020-25584
+ RESERVED
+CVE-2020-25583
+ RESERVED
+CVE-2020-25582
+ RESERVED
+CVE-2020-25581
+ RESERVED
+CVE-2020-25580
+ RESERVED
+CVE-2020-25579
+ RESERVED
+CVE-2020-25578
+ RESERVED
+CVE-2020-25577
+ RESERVED
CVE-2020-25572
RESERVED
CVE-2020-25571
@@ -20611,8 +20641,8 @@ CVE-2020-15592 (SteelCentral Aternity Agent before 11.0.0.120 on Windows allows
NOT-FOR-US: SteelCentral Aternity Agent
CVE-2020-15591
RESERVED
-CVE-2020-15590
- RESERVED
+CVE-2020-15590 (A vulnerability in the Private Internet Access (PIA) VPN Client for Li ...)
+ TODO: check
CVE-2020-15589
RESERVED
CVE-2020-15588 (An issue was discovered in the client side of Zoho ManageEngine Deskto ...)
@@ -26560,37 +26590,30 @@ CVE-2020-13319
CVE-2020-13318 (A vulnerability was discovered in GitLab versions before 13.0.12, 13.1 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13317
- RESERVED
+CVE-2020-13317 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13316 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13315
- RESERVED
+CVE-2020-13315 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13314
- RESERVED
+CVE-2020-13314 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13313
- RESERVED
+CVE-2020-13313 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13312
- RESERVED
-CVE-2020-13311
- RESERVED
+CVE-2020-13312 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
+ TODO: check
+CVE-2020-13311 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13310
- RESERVED
+CVE-2020-13310 (A vulnerability was discovered in GitLab runner versions before 13.1.3 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13309
- RESERVED
+CVE-2020-13309 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13308
@@ -26601,28 +26624,23 @@ CVE-2020-13307
RESERVED
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13306
- RESERVED
+CVE-2020-13306 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13305
- RESERVED
+CVE-2020-13305 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13304
- RESERVED
+CVE-2020-13304 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13303
RESERVED
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13302
- RESERVED
+CVE-2020-13302 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13301
- RESERVED
+CVE-2020-13301 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13300 (GitLab before version 13.3.4 was vulnerable to an OAuth authorization ...)
@@ -26631,12 +26649,10 @@ CVE-2020-13300 (GitLab before version 13.3.4 was vulnerable to an OAuth authoriz
CVE-2020-13299 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13298
- RESERVED
+CVE-2020-13298 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
-CVE-2020-13297
- RESERVED
+CVE-2020-13297 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
- gitlab 13.2.8-1
NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13296
@@ -30859,8 +30875,8 @@ CVE-2020-11883 (In Divante vue-storefront-api through 1.11.1 and storefront-api
NOT-FOR-US: Divante vue-storefront-api
CVE-2020-11882 (The O2 Business application 1.2.0 for Android exposes the canvasm.myo2 ...)
NOT-FOR-US: O2 Business
-CVE-2020-11881
- RESERVED
+CVE-2020-11881 (An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7 ...)
+ TODO: check
CVE-2020-11880 (An issue was discovered in KDE KMail before 19.12.3. By using the prop ...)
- kmail 4:20.04.1-1 (bug #958054)
[buster] - kmail <no-dsa> (Minor issue)
@@ -36045,12 +36061,12 @@ CVE-2020-10231 (TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Bu
NOT-FOR-US: TP-Link
CVE-2020-10230 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel (for CentOS 6 and 7) al ...)
NOT-FOR-US: CentOS-WebPanel.com
-CVE-2020-10229
- RESERVED
-CVE-2020-10228
- RESERVED
-CVE-2020-10227
- RESERVED
+CVE-2020-10229 (A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unw ...)
+ TODO: check
+CVE-2020-10228 (A file upload vulnerability in vtecrm vtenext 19 CE allows authenticat ...)
+ TODO: check
+CVE-2020-10227 (A cross-site scripting (XSS) vulnerability in the messages module of v ...)
+ TODO: check
CVE-2020-10226
RESERVED
CVE-2020-10225 (An unauthenticated file upload vulnerability has been identified in ad ...)
@@ -75394,14 +75410,14 @@ CVE-2019-14763 (In the Linux kernel before 4.16.4, a double-locking error in dri
[jessie] - linux <not-affected> (Vulnerability introduced later)
CVE-2019-14762
RESERVED
-CVE-2019-14761
- RESERVED
-CVE-2019-14760
- RESERVED
-CVE-2019-14759
- RESERVED
-CVE-2019-14758
- RESERVED
+CVE-2019-14761 (An issue was discovered in KaiOS 2.5. The pre-installed Note applicati ...)
+ TODO: check
+CVE-2019-14760 (An issue was discovered in KaiOS 2.5. The pre-installed Recorder appli ...)
+ TODO: check
+CVE-2019-14759 (An issue was discovered in KaiOS 1.0, 2.5, and 2.5.1. The pre-installe ...)
+ TODO: check
+CVE-2019-14758 (An issue was discovered in KaiOS 2.5 and 2.5.1. The pre-installed File ...)
+ TODO: check
CVE-2019-14757 (An issue was discovered in KaiOS 2.5 and 2.5.1. The pre-installed Cont ...)
NOT-FOR-US: KaiOS
CVE-2019-14756 (An issue was discovered in KaiOS 1.0, 2.5, and 2.5.12.5. The pre-insta ...)
@@ -169463,7 +169479,7 @@ CVE-2018-1287 (In Apache JMeter 2.X and 3.X, when using Distributed Test only (R
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62039
CVE-2018-1286 (In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileged us ...)
NOT-FOR-US: Apache OpenMeetings
-CVE-2018-1285 (Apache log4net before 2.0.8 does not disable XML external entities whe ...)
+CVE-2018-1285 (Apache log4net versions before 2.0.10 do not disable XML external enti ...)
{DLA-2211-1}
- log4net <unfixed> (low)
[buster] - log4net <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbb606b0ece0dec74ab2c085871e672520cf8679
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbb606b0ece0dec74ab2c085871e672520cf8679
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200915/4150cdbf/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list