[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Sep 24 21:10:37 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
47d2cc7d by security tracker role at 2020-09-24T20:10:28+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,74 @@
-CVE-2020-26088 [net/nfc/rawsock.c: add CAP_NET_RAW check]
+CVE-2020-26097
+ RESERVED
+CVE-2020-26096
+ RESERVED
+CVE-2020-26095
+ RESERVED
+CVE-2020-26094
+ RESERVED
+CVE-2020-26093
+ RESERVED
+CVE-2020-26092
+ RESERVED
+CVE-2020-26091
+ RESERVED
+CVE-2020-26090
+ RESERVED
+CVE-2020-26089
+ RESERVED
+CVE-2020-26087
+ RESERVED
+CVE-2020-26086
+ RESERVED
+CVE-2020-26085
+ RESERVED
+CVE-2020-26084
+ RESERVED
+CVE-2020-26083
+ RESERVED
+CVE-2020-26082
+ RESERVED
+CVE-2020-26081
+ RESERVED
+CVE-2020-26080
+ RESERVED
+CVE-2020-26079
+ RESERVED
+CVE-2020-26078
+ RESERVED
+CVE-2020-26077
+ RESERVED
+CVE-2020-26076
+ RESERVED
+CVE-2020-26075
+ RESERVED
+CVE-2020-26074
+ RESERVED
+CVE-2020-26073
+ RESERVED
+CVE-2020-26072
+ RESERVED
+CVE-2020-26071
+ RESERVED
+CVE-2020-26070
+ RESERVED
+CVE-2020-26069
+ RESERVED
+CVE-2020-26068
+ RESERVED
+CVE-2020-26067
+ RESERVED
+CVE-2020-26066
+ RESERVED
+CVE-2020-26065
+ RESERVED
+CVE-2020-26064
+ RESERVED
+CVE-2020-26063
+ RESERVED
+CVE-2020-26062
+ RESERVED
+CVE-2020-26088 (A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock. ...)
- linux 5.7.17-1
NOTE: https://git.kernel.org/linus/26896f01467a28651f7a536143fe5ac8449d4041
CVE-2020-26061
@@ -3690,8 +3760,8 @@ CVE-2020-24367
RESERVED
CVE-2020-24366
RESERVED
-CVE-2020-24365
- RESERVED
+CVE-2020-24365 (An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-12 ...)
+ TODO: check
CVE-2020-24364 (MineTime through 1.8.5 allows arbitrary command execution via the note ...)
NOT-FOR-US: MineTime
CVE-2020-24363 (TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticat ...)
@@ -7546,8 +7616,8 @@ CVE-2020-22455
RESERVED
CVE-2020-22454
RESERVED
-CVE-2020-22453
- RESERVED
+CVE-2020-22453 (Untis WebUntis before 2020.9.6 allows XSS in multiple functions that s ...)
+ TODO: check
CVE-2020-22452
RESERVED
CVE-2020-22451
@@ -13558,8 +13628,8 @@ CVE-2020-19449
RESERVED
CVE-2020-19448
RESERVED
-CVE-2020-19447
- RESERVED
+CVE-2020-19447 (SQL injection exists in the jdownloads 3.2.63 component for Joomla! co ...)
+ TODO: check
CVE-2020-19446
RESERVED
CVE-2020-19445
@@ -20306,10 +20376,10 @@ CVE-2020-16150 (A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in lib
NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
CVE-2020-16149
REJECTED
-CVE-2020-16148
- RESERVED
-CVE-2020-16147
- RESERVED
+CVE-2020-16148 (The ping page of the administration panel in Telmat AccessLog <= 6. ...)
+ TODO: check
+CVE-2020-16147 (The login page in Telmat AccessLog <= 6.0 (TAL_20180415) allows an ...)
+ TODO: check
CVE-2020-16146
RESERVED
CVE-2020-16145 (Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML me ...)
@@ -20809,8 +20879,8 @@ CVE-2020-15932 (Overwolf before 0.149.2.30 mishandles Symbolic Links during upda
NOT-FOR-US: Overwolf
CVE-2020-15931
RESERVED
-CVE-2020-15930
- RESERVED
+CVE-2020-15930 (An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary cod ...)
+ TODO: check
CVE-2020-15929
RESERVED
CVE-2020-15928
@@ -21026,8 +21096,8 @@ CVE-2020-15842 (Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack
NOT-FOR-US: Liferay
CVE-2020-15841 (Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7 ...)
NOT-FOR-US: Liferay
-CVE-2020-15840
- RESERVED
+CVE-2020-15840 (In Liferay Portal before 7.3.1, Liferay Portal 6.2 EE, and Liferay DXP ...)
+ TODO: check
CVE-2020-15839 (Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 an ...)
NOT-FOR-US: Liferay
CVE-2020-15838
@@ -22643,10 +22713,10 @@ CVE-2020-15225
RESERVED
CVE-2020-15224
RESERVED
-CVE-2020-15223
- RESERVED
-CVE-2020-15222
- RESERVED
+CVE-2020-15223 (In ORY Fosite (the security first OAuth2 & OpenID Connect framewor ...)
+ TODO: check
+CVE-2020-15222 (In ORY Fosite (the security first OAuth2 & OpenID Connect framewor ...)
+ TODO: check
CVE-2020-15221
RESERVED
CVE-2020-15220
@@ -27251,8 +27321,8 @@ CVE-2020-13523 (An exploitable information disclosure vulnerability exists in So
NOT-FOR-US: SoftPerfect
CVE-2020-13522 (An exploitable arbitrary file delete vulnerability exists in SoftPerfe ...)
NOT-FOR-US: SoftPerfect
-CVE-2020-13521
- RESERVED
+CVE-2020-13521 (Parameter psAttribute in ednareporting.asmx is vulnerable to unauthent ...)
+ TODO: check
CVE-2020-13520
RESERVED
CVE-2020-13519
@@ -27277,26 +27347,26 @@ CVE-2020-13510
RESERVED
CVE-2020-13509
RESERVED
-CVE-2020-13508
- RESERVED
-CVE-2020-13507
- RESERVED
+CVE-2020-13508 (An SQL injection vulnerability exists in the Alias.asmx Web Service fu ...)
+ TODO: check
+CVE-2020-13507 (An SQL injection vulnerability exists in the Alias.asmx Web Service fu ...)
+ TODO: check
CVE-2020-13506
RESERVED
-CVE-2020-13505
- RESERVED
-CVE-2020-13504
- RESERVED
-CVE-2020-13503
- RESERVED
-CVE-2020-13502
- RESERVED
-CVE-2020-13501
- RESERVED
-CVE-2020-13500
- RESERVED
-CVE-2020-13499
- RESERVED
+CVE-2020-13505 (Parameter psClass in ednareporting.asmx is vulnerable to unauthenticat ...)
+ TODO: check
+CVE-2020-13504 (Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauth ...)
+ TODO: check
+CVE-2020-13503 (Parameter AttFilterName in ednareporting.asmx is vulnerable to unauthe ...)
+ TODO: check
+CVE-2020-13502 (An exploitable SQL injection vulnerability exists in the DNAPoints.asm ...)
+ TODO: check
+CVE-2020-13501 (An SQL injection vulnerability exists in the CHaD.asmx web service fun ...)
+ TODO: check
+CVE-2020-13500 (SQL injection vulnerability exists in the CHaD.asmx web service functi ...)
+ TODO: check
+CVE-2020-13499 (An SQL injection vulnerability exists in the CHaD.asmx web service fun ...)
+ TODO: check
CVE-2020-13498
RESERVED
CVE-2020-13497
@@ -28239,8 +28309,8 @@ CVE-2020-13121 (Submitty through 20.04.01 has an open redirect via authenticatio
NOT-FOR-US: Submitty
CVE-2020-13120
RESERVED
-CVE-2020-13119
- RESERVED
+CVE-2020-13119 (ismartgate PRO 1.5.9 is vulnerable to clickjacking. ...)
+ TODO: check
CVE-2020-13118 (An issue was discovered in Mikrotik-Router-Monitoring-System through 2 ...)
NOT-FOR-US: Mikrotik-Router-Monitoring-System
CVE-2020-13117
@@ -28870,20 +28940,20 @@ CVE-2020-12845 (Cherokee 0.4.27 to 1.2.104 is affected by a denial of service du
- cherokee <removed>
CVE-2020-12844
RESERVED
-CVE-2020-12843
- RESERVED
-CVE-2020-12842
- RESERVED
-CVE-2020-12841
- RESERVED
-CVE-2020-12840
- RESERVED
-CVE-2020-12839
- RESERVED
-CVE-2020-12838
- RESERVED
-CVE-2020-12837
- RESERVED
+CVE-2020-12843 (ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the f ...)
+ TODO: check
+CVE-2020-12842 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appendin ...)
+ TODO: check
+CVE-2020-12841 (ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...)
+ TODO: check
+CVE-2020-12840 (ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...)
+ TODO: check
+CVE-2020-12839 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appendin ...)
+ TODO: check
+CVE-2020-12838 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appendin ...)
+ TODO: check
+CVE-2020-12837 (ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the f ...)
+ TODO: check
CVE-2020-12836
RESERVED
CVE-2020-12835 (An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to ...)
@@ -28940,22 +29010,22 @@ CVE-2020-12820
RESERVED
CVE-2020-12819
RESERVED
-CVE-2020-12818
- RESERVED
-CVE-2020-12817
- RESERVED
-CVE-2020-12816
- RESERVED
-CVE-2020-12815
- RESERVED
+CVE-2020-12818 (An insufficient logging vulnerability in FortiGate before 6.4.1 may al ...)
+ TODO: check
+CVE-2020-12817 (An improper neutralization of input vulnerability in FortiAnalyzer bef ...)
+ TODO: check
+CVE-2020-12816 (An improper neutralization of input vulnerability in FortiNAC before 8 ...)
+ TODO: check
+CVE-2020-12815 (An improper neutralization of input vulnerability in FortiTester befor ...)
+ TODO: check
CVE-2020-12814
RESERVED
CVE-2020-12813
RESERVED
CVE-2020-12812 (An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, ...)
NOT-FOR-US: Fortinet
-CVE-2020-12811
- RESERVED
+CVE-2020-12811 (An improper neutralization of script-related HTML tags in a web page i ...)
+ TODO: check
CVE-2020-12810
RESERVED
CVE-2020-12809
@@ -30421,12 +30491,12 @@ CVE-2016-11054 (NETGEAR DGN2200v4 devices before 2017-01-06 are affected by comm
NOT-FOR-US: Netgear
CVE-2020-12283 (Sourcegraph before 3.15.1 has a vulnerable authentication workflow bec ...)
NOT-FOR-US: Sourcegraph
-CVE-2020-12282
- RESERVED
-CVE-2020-12281
- RESERVED
-CVE-2020-12280
- RESERVED
+CVE-2020-12282 (iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in ...)
+ TODO: check
+CVE-2020-12281 (iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...)
+ TODO: check
+CVE-2020-12280 (iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...)
+ TODO: check
CVE-2020-12279 (An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99. ...)
- libgit2 0.28.4+dfsg.1-2
[buster] - libgit2 <no-dsa> (Minor issue; only problematic when used on NTFS like filesystem)
@@ -44791,7 +44861,7 @@ CVE-2020-7070
RESERVED
CVE-2020-7069
RESERVED
-CVE-2020-7068 (In PHP versions 7.2.x below 7.3.21, 7.3.x below 7.3.21 and 7.4.x below ...)
+CVE-2020-7068 (In PHP versions 7.2.x below 7.2.23, 7.3.x below 7.3.21 and 7.4.x below ...)
{DLA-2345-1}
- php7.4 7.4.9-1
- php7.3 <removed>
@@ -47357,8 +47427,8 @@ CVE-2020-6155
RESERVED
CVE-2020-6154
RESERVED
-CVE-2020-6153
- RESERVED
+CVE-2020-6153 (An exploitable SQL injection vulnerability exists in the FavoritesServ ...)
+ TODO: check
CVE-2020-6152 (A code execution vulnerability exists in the DICOM parse_dicom_meta_in ...)
NOT-FOR-US: Accusoft
CVE-2020-6151 (A memory corruption vulnerability exists in the TIFF handle_COMPRESSIO ...)
@@ -47681,8 +47751,8 @@ CVE-2020-6022
RESERVED
CVE-2020-6021
RESERVED
-CVE-2020-6020
- RESERVED
+CVE-2020-6020 (Check Point Security Management's Internal CA web management before Ju ...)
+ TODO: check
CVE-2020-6019
RESERVED
CVE-2020-6018
@@ -54513,10 +54583,10 @@ CVE-2020-3562
RESERVED
CVE-2020-3561
RESERVED
-CVE-2020-3560
- RESERVED
-CVE-2020-3559
- RESERVED
+CVE-2020-3560 (A vulnerability in Cisco Aironet Access Points (APs) could allow an un ...)
+ TODO: check
+CVE-2020-3559 (A vulnerability in Cisco Aironet Access Point (AP) Software could allo ...)
+ TODO: check
CVE-2020-3558
RESERVED
CVE-2020-3557
@@ -54529,8 +54599,8 @@ CVE-2020-3554
RESERVED
CVE-2020-3553
RESERVED
-CVE-2020-3552
- RESERVED
+CVE-2020-3552 (A vulnerability in the Ethernet packet handling of Cisco Aironet Acces ...)
+ TODO: check
CVE-2020-3551
RESERVED
CVE-2020-3550
@@ -54579,14 +54649,14 @@ CVE-2020-3529
RESERVED
CVE-2020-3528
RESERVED
-CVE-2020-3527
- RESERVED
-CVE-2020-3526
- RESERVED
+CVE-2020-3527 (A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Sw ...)
+ TODO: check
+CVE-2020-3526 (A vulnerability in the Common Open Policy Service (COPS) engine of Cis ...)
+ TODO: check
CVE-2020-3525
RESERVED
-CVE-2020-3524
- RESERVED
+CVE-2020-3524 (A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for ...)
+ TODO: check
CVE-2020-3523 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
NOT-FOR-US: Cisco
CVE-2020-3522 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
@@ -54601,24 +54671,24 @@ CVE-2020-3518 (A vulnerability in the web-based management interface of Cisco Da
NOT-FOR-US: Cisco
CVE-2020-3517 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS S ...)
NOT-FOR-US: Cisco
-CVE-2020-3516
- RESERVED
+CVE-2020-3516 (A vulnerability in the web server authentication of Cisco IOS XE Softw ...)
+ TODO: check
CVE-2020-3515
RESERVED
CVE-2020-3514
RESERVED
-CVE-2020-3513
- RESERVED
-CVE-2020-3512
- RESERVED
-CVE-2020-3511
- RESERVED
-CVE-2020-3510
- RESERVED
-CVE-2020-3509
- RESERVED
-CVE-2020-3508
- RESERVED
+CVE-2020-3513 (Multiple vulnerabilities in the initialization routines that are execu ...)
+ TODO: check
+CVE-2020-3512 (A vulnerability in the PROFINET handler for Link Layer Discovery Proto ...)
+ TODO: check
+CVE-2020-3511 (A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco ...)
+ TODO: check
+CVE-2020-3510 (A vulnerability in the Umbrella Connector component of Cisco IOS XE So ...)
+ TODO: check
+CVE-2020-3509 (A vulnerability in the DHCP message handler of Cisco IOS XE Software f ...)
+ TODO: check
+CVE-2020-3508 (A vulnerability in the IP Address Resolution Protocol (ARP) feature of ...)
+ TODO: check
CVE-2020-3507 (Multiple vulnerabilities in the Cisco Discovery Protocol implementatio ...)
NOT-FOR-US: Cisco
CVE-2020-3506 (Multiple vulnerabilities in the Cisco Discovery Protocol implementatio ...)
@@ -54627,8 +54697,8 @@ CVE-2020-3505 (A vulnerability in the Cisco Discovery Protocol of Cisco Video Su
NOT-FOR-US: Cisco
CVE-2020-3504 (A vulnerability in the local management (local-mgmt) CLI of Cisco UCS ...)
NOT-FOR-US: Cisco
-CVE-2020-3503
- RESERVED
+CVE-2020-3503 (A vulnerability in the file system permissions of Cisco IOS XE Softwar ...)
+ TODO: check
CVE-2020-3502 (Multiple vulnerabilities in the user interface of Cisco Webex Meetings ...)
NOT-FOR-US: Cisco
CVE-2020-3501 (Multiple vulnerabilities in the user interface of Cisco Webex Meetings ...)
@@ -54639,30 +54709,30 @@ CVE-2020-3499
RESERVED
CVE-2020-3498 (A vulnerability in Cisco Jabber software could allow an authenticated, ...)
NOT-FOR-US: Cisco
-CVE-2020-3497
- RESERVED
+CVE-2020-3497 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
+ TODO: check
CVE-2020-3496 (A vulnerability in the IPv6 packet processing engine of Cisco Small Bu ...)
NOT-FOR-US: Cisco
CVE-2020-3495 (A vulnerability in Cisco Jabber for Windows could allow an authenticat ...)
NOT-FOR-US: Cisco
-CVE-2020-3494
- RESERVED
-CVE-2020-3493
- RESERVED
-CVE-2020-3492
- RESERVED
+CVE-2020-3494 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
+ TODO: check
+CVE-2020-3493 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
+ TODO: check
+CVE-2020-3492 (A vulnerability in the Flexible NetFlow Version 9 packet processor of ...)
+ TODO: check
CVE-2020-3491 (A vulnerability in the web-based management interface of Cisco Vision ...)
NOT-FOR-US: Cisco
CVE-2020-3490 (A vulnerability in the web-based management interface of Cisco Vision ...)
NOT-FOR-US: Cisco
-CVE-2020-3489
- RESERVED
-CVE-2020-3488
- RESERVED
-CVE-2020-3487
- RESERVED
-CVE-2020-3486
- RESERVED
+CVE-2020-3489 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
+ TODO: check
+CVE-2020-3488 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
+ TODO: check
+CVE-2020-3487 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
+ TODO: check
+CVE-2020-3486 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
+ TODO: check
CVE-2020-3485 (A vulnerability in the role-based access control (RBAC) functionality ...)
NOT-FOR-US: Cisco
CVE-2020-3484 (A vulnerability in the web-based management interface of Cisco Vision ...)
@@ -54676,20 +54746,20 @@ CVE-2020-3481 (A vulnerability in the EGG archive parsing module in Clam AntiVir
- clamav 0.102.4+dfsg-1
[buster] - clamav 0.102.4+dfsg-0+deb10u1
NOTE: https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html
-CVE-2020-3480
- RESERVED
-CVE-2020-3479
- RESERVED
+CVE-2020-3480 (Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco I ...)
+ TODO: check
+CVE-2020-3479 (A vulnerability in the implementation of Multiprotocol Border Gateway ...)
+ TODO: check
CVE-2020-3478 (A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure ...)
NOT-FOR-US: Cisco
-CVE-2020-3477
- RESERVED
-CVE-2020-3476
- RESERVED
-CVE-2020-3475
- RESERVED
-CVE-2020-3474
- RESERVED
+CVE-2020-3477 (A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS ...)
+ TODO: check
+CVE-2020-3476 (A vulnerability in the CLI implementation of a specific command of Cis ...)
+ TODO: check
+CVE-2020-3475 (Multiple vulnerabilities in the web management framework of Cisco IOS ...)
+ TODO: check
+CVE-2020-3474 (Multiple vulnerabilities in the web management framework of Cisco IOS ...)
+ TODO: check
CVE-2020-3473 (A vulnerability in task group assignment for a specific CLI command in ...)
NOT-FOR-US: Cisco
CVE-2020-3472 (A vulnerability in the contacts feature of Cisco Webex Meetings could ...)
@@ -54706,8 +54776,8 @@ CVE-2020-3467
RESERVED
CVE-2020-3466 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
NOT-FOR-US: Cisco
-CVE-2020-3465
- RESERVED
+CVE-2020-3465 (A vulnerability in Cisco IOS XE Software could allow an unauthenticate ...)
+ TODO: check
CVE-2020-3464 (A vulnerability in the web-based management interface of Cisco UCS Dir ...)
NOT-FOR-US: Cisco
CVE-2020-3463 (A vulnerability in the web-based management interface of Cisco Webex M ...)
@@ -54778,38 +54848,38 @@ CVE-2020-3431
RESERVED
CVE-2020-3430 (A vulnerability in the application protocol handling features of Cisco ...)
NOT-FOR-US: Cisco
-CVE-2020-3429
- RESERVED
-CVE-2020-3428
- RESERVED
+CVE-2020-3429 (A vulnerability in the WPA2 and WPA3 security implementation of Cisco ...)
+ TODO: check
+CVE-2020-3428 (A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wi ...)
+ TODO: check
CVE-2020-3427
RESERVED
-CVE-2020-3426
- RESERVED
-CVE-2020-3425
- RESERVED
+CVE-2020-3426 (A vulnerability in the implementation of the Low Power, Wide Area (LPW ...)
+ TODO: check
+CVE-2020-3425 (Multiple vulnerabilities in the web management framework of Cisco IOS ...)
+ TODO: check
CVE-2020-3424
RESERVED
-CVE-2020-3423
- RESERVED
-CVE-2020-3422
- RESERVED
-CVE-2020-3421
- RESERVED
+CVE-2020-3423 (A vulnerability in the implementation of the Lua interpreter that is i ...)
+ TODO: check
+CVE-2020-3422 (A vulnerability in the IP Service Level Agreement (SLA) responder feat ...)
+ TODO: check
+CVE-2020-3421 (Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco I ...)
+ TODO: check
CVE-2020-3420
RESERVED
CVE-2020-3419
RESERVED
-CVE-2020-3418
- RESERVED
-CVE-2020-3417
- RESERVED
-CVE-2020-3416
- RESERVED
+CVE-2020-3418 (A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco ...)
+ TODO: check
+CVE-2020-3417 (A vulnerability in Cisco IOS XE Software could allow an authenticated, ...)
+ TODO: check
+CVE-2020-3416 (Multiple vulnerabilities in the initialization routines that are execu ...)
+ TODO: check
CVE-2020-3415 (A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Sof ...)
NOT-FOR-US: Cisco
-CVE-2020-3414
- RESERVED
+CVE-2020-3414 (A vulnerability in the packet processing of Cisco IOS XE Software for ...)
+ TODO: check
CVE-2020-3413 (A vulnerability in the scheduled meeting template feature of Cisco Web ...)
NOT-FOR-US: Cisco
CVE-2020-3412 (A vulnerability in the scheduled meeting template feature of Cisco Web ...)
@@ -54818,46 +54888,46 @@ CVE-2020-3411 (A vulnerability in Cisco DNA Center software could allow an unaut
NOT-FOR-US: Cisco
CVE-2020-3410
RESERVED
-CVE-2020-3409
- RESERVED
-CVE-2020-3408
- RESERVED
-CVE-2020-3407
- RESERVED
+CVE-2020-3409 (A vulnerability in the PROFINET feature of Cisco IOS Software and Cisc ...)
+ TODO: check
+CVE-2020-3408 (A vulnerability in the Split DNS feature of Cisco IOS Software and Cis ...)
+ TODO: check
+CVE-2020-3407 (A vulnerability in the RESTCONF and NETCONF-YANG access control list ( ...)
+ TODO: check
CVE-2020-3406 (A vulnerability in the web-based management interface of the Cisco SD- ...)
NOT-FOR-US: Cisco
CVE-2020-3405 (A vulnerability in the web UI of Cisco SD-WAN vManage Software could a ...)
NOT-FOR-US: Cisco
-CVE-2020-3404
- RESERVED
-CVE-2020-3403
- RESERVED
+CVE-2020-3404 (A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cis ...)
+ TODO: check
+CVE-2020-3403 (A vulnerability in the CLI of Cisco IOS XE Software could allow an aut ...)
+ TODO: check
CVE-2020-3402 (A vulnerability in the Java Remote Method Invocation (RMI) interface o ...)
NOT-FOR-US: Cisco
CVE-2020-3401 (A vulnerability in the web-based management interface of Cisco SD-WAN ...)
NOT-FOR-US: Cisco
-CVE-2020-3400
- RESERVED
-CVE-2020-3399
- RESERVED
+CVE-2020-3400 (A vulnerability in the web UI feature of Cisco IOS XE Software could a ...)
+ TODO: check
+CVE-2020-3399 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
+ TODO: check
CVE-2020-3398 (A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MV ...)
NOT-FOR-US: Cisco
CVE-2020-3397 (A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MV ...)
NOT-FOR-US: Cisco
-CVE-2020-3396
- RESERVED
+CVE-2020-3396 (A vulnerability in the file system on the pluggable USB 3.0 Solid Stat ...)
+ TODO: check
CVE-2020-3395
RESERVED
CVE-2020-3394 (A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Serie ...)
NOT-FOR-US: Cisco
-CVE-2020-3393
- RESERVED
+CVE-2020-3393 (A vulnerability in the application-hosting subsystem of Cisco IOS XE S ...)
+ TODO: check
CVE-2020-3392
RESERVED
CVE-2020-3391 (A vulnerability in Cisco Digital Network Architecture (DNA) Center cou ...)
NOT-FOR-US: Cisco
-CVE-2020-3390
- RESERVED
+CVE-2020-3390 (A vulnerability in Simple Network Management Protocol (SNMP) trap gene ...)
+ TODO: check
CVE-2020-3389 (A vulnerability in the installation component of Cisco Hyperflex HX-Se ...)
NOT-FOR-US: Cisco
CVE-2020-3388 (A vulnerability in the CLI of Cisco SD-WAN vManage Software could allo ...)
@@ -54918,8 +54988,8 @@ CVE-2020-3361 (A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings
NOT-FOR-US: Cisco
CVE-2020-3360 (A vulnerability in the Web Access feature of Cisco IP Phones Series 78 ...)
NOT-FOR-US: Cisco
-CVE-2020-3359
- RESERVED
+CVE-2020-3359 (A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE So ...)
+ TODO: check
CVE-2020-3358 (A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisc ...)
NOT-FOR-US: Cisco
CVE-2020-3357 (A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco ...)
@@ -55366,8 +55436,8 @@ CVE-2020-3143 (A vulnerability in the video endpoint API (xAPI) of Cisco TelePre
NOT-FOR-US: Cisco
CVE-2020-3142 (A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Me ...)
NOT-FOR-US: Cisco
-CVE-2020-3141
- RESERVED
+CVE-2020-3141 (Multiple vulnerabilities in the web management framework of Cisco IOS ...)
+ TODO: check
CVE-2020-3140 (A vulnerability in the web management interface of Cisco Prime License ...)
NOT-FOR-US: Cisco
CVE-2020-3139 (A vulnerability in the out of band (OOB) management interface IP table ...)
@@ -65503,7 +65573,8 @@ CVE-2020-0437
RESERVED
CVE-2020-0436
RESERVED
-CVE-2020-0435 (In inline_data_addr of f2fs.h, there is a possible out of bounds write ...)
+CVE-2020-0435
+ REJECTED
- linux 4.19.9-1
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: git.kernel.org/linus/18dd6470c2d14d10f5a2dd926925dc80dbd3abfd
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47d2cc7d24d7b2d511f864f668c83dbf42ea0352
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47d2cc7d24d7b2d511f864f668c83dbf42ea0352
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200924/4177d6b7/attachment.html>
More information about the debian-security-tracker-commits
mailing list