[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Sep 22 21:10:28 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7ec2ab11 by security tracker role at 2020-09-22T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -626,10 +626,10 @@ CVE-2020-25517
RESERVED
CVE-2020-25516
RESERVED
-CVE-2020-25515
- RESERVED
-CVE-2020-25514
- RESERVED
+CVE-2020-25515 (Sourcecodester Simple Library Management System 1.0 is affected by Ins ...)
+ TODO: check
+CVE-2020-25514 (Sourcecodester Simple Library Management System 1.0 is affected by Inc ...)
+ TODO: check
CVE-2020-25513
RESERVED
CVE-2020-25512
@@ -682,8 +682,8 @@ CVE-2020-25489 (A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) be
NOT-FOR-US: Sqreen
CVE-2020-25488
RESERVED
-CVE-2020-25487
- RESERVED
+CVE-2020-25487 (PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is af ...)
+ TODO: check
CVE-2020-25486
RESERVED
CVE-2020-25485
@@ -2572,8 +2572,8 @@ CVE-2020-24621
RESERVED
CVE-2020-24620
RESERVED
-CVE-2020-24619
- RESERVED
+CVE-2020-24619 (In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuse ...)
+ TODO: check
CVE-2020-24618 (In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020. ...)
NOT-FOR-US: JetBrains
CVE-2020-24617
@@ -3210,8 +3210,8 @@ CVE-2020-24335
RESERVED
CVE-2020-24334
RESERVED
-CVE-2020-24333
- RESERVED
+CVE-2020-24333 (A vulnerability in Arista’s CloudVision Portal (CVP) prior to 20 ...)
+ TODO: check
CVE-2020-24332 (An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...)
- trousers <unfixed> (unimportant)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1164472
@@ -5006,8 +5006,8 @@ CVE-2020-23448
RESERVED
CVE-2020-23447
RESERVED
-CVE-2020-23446
- RESERVED
+CVE-2020-23446 (Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenti ...)
+ TODO: check
CVE-2020-23445
RESERVED
CVE-2020-23444
@@ -19639,8 +19639,8 @@ CVE-2020-16204 (The affected product is vulnerable due to an undocumented interf
NOT-FOR-US: N-Tron
CVE-2020-16203 (Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and ...)
NOT-FOR-US: Delta Industrial Automation
-CVE-2020-16202
- RESERVED
+CVE-2020-16202 (WebAccess Node (All versions prior to 9.0.1) has incorrect permissions ...)
+ TODO: check
CVE-2020-16201 (Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and ...)
NOT-FOR-US: Delta Industrial Automation
CVE-2020-16200 (Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. Th ...)
@@ -20468,8 +20468,8 @@ CVE-2020-15841 (Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack
NOT-FOR-US: Liferay
CVE-2020-15840
RESERVED
-CVE-2020-15839
- RESERVED
+CVE-2020-15839 (Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 an ...)
+ TODO: check
CVE-2020-15838
RESERVED
CVE-2020-15837
@@ -25328,26 +25328,26 @@ CVE-2020-14033 (An issue was discovered in janus-gateway (aka Janus WebRTC Serve
NOTE: https://github.com/meetecho/janus-gateway/commit/dacb4edfad8e77f73b64d8c175cca0a7796ebf80
CVE-2020-14032
RESERVED
-CVE-2020-14031
- RESERVED
+CVE-2020-14031 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The ou ...)
+ TODO: check
CVE-2020-14030
RESERVED
CVE-2020-14029 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The RS ...)
NOT-FOR-US: Ozeki NG SMS Gateway
-CVE-2020-14028
- RESERVED
-CVE-2020-14027
- RESERVED
-CVE-2020-14026
- RESERVED
-CVE-2020-14025
- RESERVED
-CVE-2020-14024
- RESERVED
-CVE-2020-14023
- RESERVED
-CVE-2020-14022
- RESERVED
+CVE-2020-14028 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. By lev ...)
+ TODO: check
+CVE-2020-14027 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The da ...)
+ TODO: check
+CVE-2020-14026 (CSV Injection (aka Excel Macro Injection or Formula Injection) exists ...)
+ TODO: check
+CVE-2020-14025 (Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. ...)
+ TODO: check
+CVE-2020-14024 (Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored ...)
+ TODO: check
+CVE-2020-14023 (Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To ...)
+ TODO: check
+CVE-2020-14022 (Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file typ ...)
+ TODO: check
CVE-2020-14021 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The AS ...)
NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14020
@@ -31546,12 +31546,12 @@ CVE-2020-11859
RESERVED
CVE-2020-11858
RESERVED
-CVE-2020-11857
- RESERVED
-CVE-2020-11856
- RESERVED
-CVE-2020-11855
- RESERVED
+CVE-2020-11857 (An Authorization Bypass vulnerability on Micro Focus Operation Bridge ...)
+ TODO: check
+CVE-2020-11856 (Arbitrary code execution vulnerability on Micro Focus Operation Bridge ...)
+ TODO: check
+CVE-2020-11855 (An Authorization Bypass vulnerability on Micro Focus Operation Bridge ...)
+ TODO: check
CVE-2020-11854
RESERVED
CVE-2020-11853
@@ -39812,8 +39812,8 @@ CVE-2020-8889
RESERVED
CVE-2020-8888
RESERVED
-CVE-2020-8887
- RESERVED
+CVE-2020-8887 (Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 hav ...)
+ TODO: check
CVE-2020-8886
RESERVED
CVE-2020-8885
@@ -42736,8 +42736,8 @@ CVE-2020-7736
RESERVED
CVE-2020-7735
RESERVED
-CVE-2020-7734
- RESERVED
+CVE-2020-7734 (All versions of package cabot are vulnerable to Cross-site Scripting ( ...)
+ TODO: check
CVE-2020-7733 (The package ua-parser-js before 0.7.22 are vulnerable to Regular Expre ...)
- node-ua-parser-js <not-affected> (No affected version present in the archive, introduced after 0.7.14 and fixed in 0.7.22)
NOTE: https://github.com/faisalman/ua-parser-js/commit/233d3bae22a795153a7e6638887ce159c63e557d
@@ -50631,30 +50631,30 @@ CVE-2020-4624
RESERVED
CVE-2020-4623
RESERVED
-CVE-2020-4622
- RESERVED
-CVE-2020-4621
- RESERVED
-CVE-2020-4620
- RESERVED
-CVE-2020-4619
- RESERVED
-CVE-2020-4618
- RESERVED
-CVE-2020-4617
- RESERVED
-CVE-2020-4616
- RESERVED
-CVE-2020-4615
- RESERVED
-CVE-2020-4614
- RESERVED
-CVE-2020-4613
- RESERVED
-CVE-2020-4612
- RESERVED
-CVE-2020-4611
- RESERVED
+CVE-2020-4622 (IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded credentials, su ...)
+ TODO: check
+CVE-2020-4621 (IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user t ...)
+ TODO: check
+CVE-2020-4620 (IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated ...)
+ TODO: check
+CVE-2020-4619 (IBM Data Risk Manager (iDNA) 2.0.6 stores user credentials in plain in ...)
+ TODO: check
+CVE-2020-4618 (IBM Data Risk Manager (iDNA) 2.0.6 could allow a privileged user to ca ...)
+ TODO: check
+CVE-2020-4617 (IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site request ...)
+ TODO: check
+CVE-2020-4616 (IBM Data Risk Manager (iDNA) 2.0.6 could disclose sensitive username i ...)
+ TODO: check
+CVE-2020-4615 (IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site scripti ...)
+ TODO: check
+CVE-2020-4614 (IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptogra ...)
+ TODO: check
+CVE-2020-4613 (IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptogra ...)
+ TODO: check
+CVE-2020-4612 (IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user t ...)
+ TODO: check
+CVE-2020-4611 (IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user t ...)
+ TODO: check
CVE-2020-4610
RESERVED
CVE-2020-4609
@@ -51950,8 +51950,8 @@ CVE-2020-3979 (InstallBuilder for Qt Windows (versions prior to 20.7.0) installe
NOT-FOR-US: InstallBuilder for Qt Windows installers
CVE-2020-3978
RESERVED
-CVE-2020-3977
- RESERVED
+CVE-2020-3977 (VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a bro ...)
+ TODO: check
CVE-2020-3976 (VMware ESXi and vCenter Server contain a partial denial of service vul ...)
NOT-FOR-US: VMware
CVE-2020-3975 (VMware App Volumes 2.x prior to 2.18.6 and VMware App Volumes 4 prior ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ec2ab11e6a725e9388fe3afc8a60762f81be65a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ec2ab11e6a725e9388fe3afc8a60762f81be65a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200922/e4113817/attachment.html>
More information about the debian-security-tracker-commits
mailing list