diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-10-26 20:10:48 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-10-26 20:10:48 +0000 |
commit | 0796916a3377c5b8d6f5ae120a6e22292eddf0d3 (patch) | |
tree | 0c23b12f1f531ff270040faf712dbade2ce2d885 /data | |
parent | e7af3e87079f365038615108071a9eb3e12eb92e (diff) |
automatic update
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 172 |
1 files changed, 129 insertions, 43 deletions
diff --git a/data/CVE/list b/data/CVE/list index cd25c45544..2b728486fb 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,89 @@ +CVE-2020-27734 + RESERVED +CVE-2020-27733 + RESERVED +CVE-2020-27732 + RESERVED +CVE-2020-27731 + RESERVED +CVE-2020-27730 + RESERVED +CVE-2020-27729 + RESERVED +CVE-2020-27728 + RESERVED +CVE-2020-27727 + RESERVED +CVE-2020-27726 + RESERVED +CVE-2020-27725 + RESERVED +CVE-2020-27724 + RESERVED +CVE-2020-27723 + RESERVED +CVE-2020-27722 + RESERVED +CVE-2020-27721 + RESERVED +CVE-2020-27720 + RESERVED +CVE-2020-27719 + RESERVED +CVE-2020-27718 + RESERVED +CVE-2020-27717 + RESERVED +CVE-2020-27716 + RESERVED +CVE-2020-27715 + RESERVED +CVE-2020-27714 + RESERVED +CVE-2020-27713 + RESERVED +CVE-2020-27712 + RESERVED +CVE-2020-27711 + RESERVED +CVE-2020-27710 + RESERVED +CVE-2020-27709 + RESERVED +CVE-2020-27708 + RESERVED +CVE-2020-27707 + RESERVED +CVE-2020-27706 + RESERVED +CVE-2020-27705 + RESERVED +CVE-2020-27704 + RESERVED +CVE-2020-27703 + RESERVED +CVE-2020-27702 + RESERVED +CVE-2020-27701 + RESERVED +CVE-2020-27700 + RESERVED +CVE-2020-27699 + RESERVED +CVE-2020-27698 + RESERVED +CVE-2020-27697 + RESERVED +CVE-2020-27696 + RESERVED +CVE-2020-27695 + RESERVED +CVE-2020-27694 + RESERVED +CVE-2020-27693 + RESERVED +CVE-2017-18925 (opentmpfiles through 0.3.1 allows local users to take ownership of arb ...) + TODO: check CVE-2020-27692 RESERVED CVE-2020-27691 @@ -1451,8 +1537,7 @@ CVE-2020-27189 RESERVED CVE-2020-27188 RESERVED -CVE-2020-27187 [kpmcore_externalcommand helper can be exploited in local privilege escalation] - RESERVED +CVE-2020-27187 (An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. T ...) - kpmcore 4.2.0-1 [buster] - kpmcore <not-affected> (kpmcore_externalcommand not yet present) [stretch] - kpmcore <not-affected> (kpmcore_externalcommand not yet present) @@ -2763,8 +2848,8 @@ CVE-2020-26568 RESERVED CVE-2020-26567 (An issue was discovered on D-Link DSR-250N before 3.17B devices. The C ...) NOT-FOR-US: D-Link -CVE-2020-26566 - RESERVED +CVE-2020-26566 (A Denial of Service condition in Motion-Project Motion 3.2 through 4.3 ...) + TODO: check CVE-2020-26565 RESERVED CVE-2020-26564 @@ -3594,8 +3679,8 @@ CVE-2020-26163 (BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host a NOT-FOR-US: BigBlueButton Greenlight CVE-2020-26162 (Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073 ...) NOT-FOR-US: Xerox -CVE-2020-26161 - RESERVED +CVE-2020-26161 (In Octopus Deploy through 2020.4.2, an attacker could redirect users t ...) + TODO: check CVE-2020-26160 (jwt-go before 4.0.0-preview1 allows attackers to bypass intended acces ...) - golang-github-dgrijalva-jwt-go <unfixed> (bug #971556) NOTE: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515 @@ -5193,8 +5278,8 @@ CVE-2020-25472 RESERVED CVE-2020-25471 RESERVED -CVE-2020-25470 - RESERVED +CVE-2020-25470 (AntSword 2.1.8.1 contains a cross-site scripting (XSS) vulnerability i ...) + TODO: check CVE-2020-25469 RESERVED CVE-2020-25468 @@ -6166,8 +6251,8 @@ CVE-2020-25036 RESERVED CVE-2020-25035 RESERVED -CVE-2020-25034 - RESERVED +CVE-2020-25034 (eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authentic ...) + TODO: check CVE-2020-25033 (The Blubrry subscribe-sidebar (aka Subscribe Sidebar) plugin 1.3.1 for ...) NOT-FOR-US: Blubrry subscribe-sidebar (aka Subscribe Sidebar) plugin for WordPress CVE-2020-25032 (An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) ...) @@ -7032,10 +7117,10 @@ CVE-2020-24634 RESERVED CVE-2020-24633 RESERVED -CVE-2020-24632 - RESERVED -CVE-2020-24631 - RESERVED +CVE-2020-24632 (A remote execution of arbitrary commandss vulnerability was discovered ...) + TODO: check +CVE-2020-24631 (A remote execution of arbitrary commands vulnerability was discovered ...) + TODO: check CVE-2020-24630 (A remote operatoronlinelist_content privilege escalation vulnerability ...) NOT-FOR-US: HPE Intelligent Management Center (iMC) CVE-2020-24629 (A remote urlaccesscontroller authentication bypass vulnerability was d ...) @@ -18867,8 +18952,8 @@ CVE-2020-18768 RESERVED CVE-2020-18767 RESERVED -CVE-2020-18766 - RESERVED +CVE-2020-18766 (A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotel ...) + TODO: check CVE-2020-18765 RESERVED CVE-2020-18764 @@ -24917,8 +25002,8 @@ CVE-2020-15899 (Grin 3.0.0 before 4.0.0 has insufficient validation of data rela NOT-FOR-US: Grin CVE-2020-15898 RESERVED -CVE-2020-15897 - RESERVED +CVE-2020-15897 (Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23. ...) + TODO: check CVE-2020-15896 (An authentication-bypass issue was discovered on D-Link DAP-1522 devic ...) NOT-FOR-US: D-Link CVE-2020-15895 (An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10 ...) @@ -26583,14 +26668,14 @@ CVE-2020-15276 RESERVED CVE-2020-15275 RESERVED -CVE-2020-15274 - RESERVED +CVE-2020-15274 (In Wiki.js before version 2.5.162, an XSS payload can be injected in a ...) + TODO: check CVE-2020-15273 RESERVED -CVE-2020-15272 - RESERVED -CVE-2020-15271 - RESERVED +CVE-2020-15272 (In the git-tag-annotation-action (open source GitHub Action) before ve ...) + TODO: check +CVE-2020-15271 (In lookatme (python/pypi package) versions prior to 2.3.0, the package ...) + TODO: check CVE-2020-15270 (Parse Server (npm package parse-server) broadcasts events to all clien ...) NOT-FOR-US: Node parse-server CVE-2020-15269 (In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens ...) @@ -31856,7 +31941,8 @@ CVE-2020-13334 (In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper - gitlab 13.2.10-1 CVE-2020-13333 (A potential DOS vulnerability was discovered in GitLab versions 13.1, ...) - gitlab 13.2.10-1 -CVE-2020-13332 (Improper access expiration date validation in GitLab version >=8.11 ...) +CVE-2020-13332 + REJECTED - gitlab 13.2.10-1 CVE-2020-13331 (An issue has been discovered in GitLab affecting versions prior to 12. ...) - gitlab 13.2.3-2 @@ -32459,8 +32545,8 @@ CVE-2020-13102 RESERVED CVE-2020-13101 (In OASIS Digital Signature Services (DSS) 1.0, an attacker can control ...) NOT-FOR-US: OASIS Digital Signature Services (DSS) -CVE-2020-13100 - RESERVED +CVE-2020-13100 (Arista’s CloudVision eXchange (CVX) server before 4.21.12M, 4.22 ...) + TODO: check CVE-2020-13099 RESERVED CVE-2020-13098 @@ -47530,8 +47616,8 @@ CVE-2020-7754 RESERVED CVE-2020-7753 RESERVED -CVE-2020-7752 - RESERVED +CVE-2020-7752 (This affects the package systeminformation before 4.27.11. This packag ...) + TODO: check CVE-2020-7751 (This affects all versions of package pathval. ...) - node-pathval 1.1.0-4 (bug #972895) [buster] - node-pathval <no-dsa> (Minor issue) @@ -48783,10 +48869,10 @@ CVE-2020-7199 RESERVED CVE-2020-7198 RESERVED -CVE-2020-7197 - RESERVED -CVE-2020-7196 - RESERVED +CVE-2020-7197 (SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreSe ...) + TODO: check +CVE-2020-7196 (The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Co ...) + TODO: check CVE-2020-7195 (A iccselectrules expression language injection remote code execution v ...) NOT-FOR-US: HPE Intelligent Management Center (iMC) CVE-2020-7194 (A perfaddormoddevicemonitor expression language injection remote code ...) @@ -48923,14 +49009,14 @@ CVE-2020-7129 RESERVED CVE-2020-7128 RESERVED -CVE-2020-7127 - RESERVED -CVE-2020-7126 - RESERVED -CVE-2020-7125 - RESERVED -CVE-2020-7124 - RESERVED +CVE-2020-7127 (A remote unauthenticated arbitrary code execution vulnerability was di ...) + TODO: check +CVE-2020-7126 (A remote server-side request forgery (ssrf) vulnerability was discover ...) + TODO: check +CVE-2020-7125 (A remote escalation of privilege vulnerability was discovered in Aruba ...) + TODO: check +CVE-2020-7124 (A remote unauthorized access vulnerability was discovered in Aruba Air ...) + TODO: check CVE-2020-7123 RESERVED CVE-2020-7122 (Two memory corruption vulnerabilities in the Aruba CX Switches Series ...) @@ -49564,8 +49650,8 @@ CVE-2020-6878 RESERVED CVE-2020-6877 RESERVED -CVE-2020-6876 - RESERVED +CVE-2020-6876 (A ZTE product is impacted by an XSS vulnerability. The vulnerability i ...) + TODO: check CVE-2020-6875 (A ZTE product is impacted by the improper access control vulnerability ...) NOT-FOR-US: ZTE CVE-2020-6874 (A ZTE product is impacted by the cryptographic issues vulnerability. T ...) |