diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-01-16 20:10:25 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-01-16 20:10:25 +0000 |
commit | 6aea38368e1a59f72841e5f8515e5839d7d1e8cc (patch) | |
tree | b5fbd1d584a3e5deeac5b889ba0d854a72debff3 | |
parent | e8748e7dbbcf1ef8fa6715a7dfe9eab135ea3c8c (diff) |
automatic update
-rw-r--r-- | data/CVE/2010.list | 4 | ||||
-rw-r--r-- | data/CVE/2018.list | 8 | ||||
-rw-r--r-- | data/CVE/2019.list | 60 | ||||
-rw-r--r-- | data/CVE/2020.list | 200 |
4 files changed, 235 insertions, 37 deletions
diff --git a/data/CVE/2010.list b/data/CVE/2010.list index d6ebcfce80..bda6b5f300 100644 --- a/data/CVE/2010.list +++ b/data/CVE/2010.list @@ -5844,8 +5844,8 @@ CVE-2010-3050 (Cisco IOS before 12.2(33)SXI allows remote authenticated users to NOT-FOR-US: Cisco CVE-2010-3049 (Cisco IOS before 12.2(33)SXI allows local users to cause a denial of s ...) NOT-FOR-US: Cisco -CVE-2010-3048 - RESERVED +CVE-2010-3048 (Cisco Unified Personal Communicator 7.0 (1.13056) does not free alloca ...) + TODO: check CVE-2010-3047 RESERVED CVE-2010-3046 diff --git a/data/CVE/2018.list b/data/CVE/2018.list index a71ad3d293..837387715f 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -43399,7 +43399,7 @@ CVE-2018-4850 (A vulnerability has been identified in SIMATIC S7-400 (incl. F) C NOT-FOR-US: SIMATIC CVE-2018-4849 (A vulnerability has been identified in Siveillance VMS Video for Andro ...) NOT-FOR-US: Siveillance VMS Video -CVE-2018-4848 (A vulnerability has been identified in SCALANCE X-200 (All versions &l ...) +CVE-2018-4848 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...) NOT-FOR-US: Siemens SCALANCE X switches CVE-2018-4847 (A vulnerability has been identified in SIMATIC WinCC OA Operator iOS A ...) NOT-FOR-US: SIMATIC WinCC OA Operator iOS App @@ -43411,7 +43411,7 @@ CVE-2018-4844 (A vulnerability has been identified in SIMATIC WinCC OA UI for An NOT-FOR-US: SIMATIC CVE-2018-4843 (A vulnerability has been identified in SIMATIC CP 343-1 Advanced (All ...) NOT-FOR-US: SIMATIC -CVE-2018-4842 (A vulnerability has been identified in SCALANCE X-200 IRT (All version ...) +CVE-2018-4842 (A vulnerability has been identified in SCALANCE X-200IRT switch family ...) NOT-FOR-US: Siemens SCALANCE X switches CVE-2018-4841 (A vulnerability has been identified in TIM 1531 IRC (All versions < ...) NOT-FOR-US: TIM @@ -53082,11 +53082,11 @@ CVE-2018-0723 (Cross-site scripting (XSS) vulnerability in Q'center Virtual Appl NOT-FOR-US: Q'center Virtual Appliance CVE-2018-0722 (Path Traversal vulnerability in Photo Station versions: 5.7.2 and earl ...) NOT-FOR-US: QNAP -CVE-2018-0721 (Buffer Overflow vulnerability in QNAP QTS 4.2.6 build 20180711 and ear ...) +CVE-2018-0721 (Buffer Overflow vulnerability in NAS devices. QTS allows attackers to ...) NOT-FOR-US: QNAP QTS CVE-2018-0720 RESERVED -CVE-2018-0719 (Cross-site scripting (XSS) vulnerability in QNAP QTS 4.2.6 build 20180 ...) +CVE-2018-0719 (Cross-site Scripting (XSS) vulnerability in NAS devices of QNAP System ...) NOT-FOR-US: QNAP QTS CVE-2018-0718 (Command injection vulnerability in Music Station 5.1.2 and earlier ver ...) NOT-FOR-US: Music Station diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 496a70c948..4f541bb24a 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -128,8 +128,8 @@ CVE-2019-20329 (OpenLambda 2019-09-10 allows DNS rebinding attacks against the O NOT-FOR-US: OpenLambda CVE-2019-20328 RESERVED -CVE-2019-20327 - RESERVED +CVE-2019-20327 (Insecure permissions in cwrapper_perl in Centreon Infrastructure Monit ...) + TODO: check CVE-2019-20325 REJECTED CVE-2019-20324 @@ -1787,7 +1787,7 @@ CVE-2019-19682 (nopCommerce through 4.20 allows XSS in the SaveStoreMappings of NOT-FOR-US: nopCommerce CVE-2019-19681 (Pandora FMS 7.x suffers from remote code execution vulnerability. With ...) NOT-FOR-US: Pandora FMS -CVE-2019-19680 (A file-extension filtering vulnerability in ProofPoint Protection Serv ...) +CVE-2019-19680 (A file-extension filtering vulnerability in Proofpoint Enterprise Prot ...) NOT-FOR-US: ProofPoint Protection Server Email Firewall CVE-2019-19679 (In "Xray Test Management for Jira" prior to version 3.5.5, remote auth ...) NOT-FOR-US: Xray Test Management for Jira @@ -2777,8 +2777,8 @@ CVE-2019-19280 RESERVED CVE-2019-19279 RESERVED -CVE-2019-19278 - RESERVED +CVE-2019-19278 (A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 ...) + TODO: check CVE-2019-19277 RESERVED CVE-2019-19276 @@ -5246,8 +5246,8 @@ CVE-2019-18284 (A vulnerability has been identified in SPPA-T3000 Application Se NOT-FOR-US: Siemens CVE-2019-18283 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...) NOT-FOR-US: Siemens -CVE-2019-18282 - RESERVED +CVE-2019-18282 (The flow_dissector feature in the Linux kernel 4.3 through 5.x before ...) + TODO: check CVE-2019-18281 (An out-of-bounds memory access in the generateDirectionalRuns() functi ...) {DSA-4556-1} - qtbase-opensource-src-gles 5.12.5+dfsg-1 @@ -6780,8 +6780,7 @@ CVE-2019-17575 (A file-rename filter bypass exists in admin/media/rename.php in NOT-FOR-US: WBCE CMS CVE-2019-17574 (An issue was discovered in the Popup Maker plugin before 1.8.13 for Wo ...) NOT-FOR-US: Popup Maker plugin for WordPress -CVE-2019-17573 - RESERVED +CVE-2019-17573 (By default, Apache CXF creates a /services page containing a listing o ...) NOT-FOR-US: Apache CFX CVE-2019-17572 RESERVED @@ -15963,8 +15962,8 @@ CVE-2019-13941 RESERVED CVE-2019-13940 RESERVED -CVE-2019-13939 - RESERVED +CVE-2019-13939 (A vulnerability has been identified in Nucleus NET (All versions), Nuc ...) + TODO: check CVE-2019-13938 RESERVED CVE-2019-13937 @@ -15975,8 +15974,8 @@ CVE-2019-13935 (Improper Neutralization of Input During Web Page Generation ('Cr NOT-FOR-US: Siemens CVE-2019-13934 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) NOT-FOR-US: Siemens -CVE-2019-13933 - RESERVED +CVE-2019-13933 (A vulnerability has been identified in SCALANCE X-200RNA switch family ...) + TODO: check CVE-2019-13932 (A vulnerability has been identified in XHQ (All versions < V6.0.0.2 ...) NOT-FOR-US: Siemens CVE-2019-13931 (A vulnerability has been identified in XHQ (All versions < V6.0.0.2 ...) @@ -16956,8 +16955,8 @@ CVE-2019-13526 (Datalogic AV7000 Linear barcode scanner all versions prior to 4. NOT-FOR-US: Datalogic AV7000 Linear barcode scanner CVE-2019-13525 (In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrat ...) NOT-FOR-US: IP-AK2 Access Control Panel -CVE-2019-13524 - RESERVED +CVE-2019-13524 (GE PACSystems RX3i CPE100/115: All versions prior to R9.85,CPE302/305/ ...) + TODO: check CVE-2019-13523 (In Honeywell Performance IP Cameras and Performance NVRs, the integrat ...) NOT-FOR-US: Honeywell CVE-2019-13522 (An attacker could use a specially crafted project file to corrupt the ...) @@ -19933,8 +19932,7 @@ CVE-2019-12425 RESERVED CVE-2019-12424 REJECTED -CVE-2019-12423 - RESERVED +CVE-2019-12423 (Apache CXF ships with a OpenId Connect JWK Keys service, which allows ...) NOT-FOR-US: Apache CFX CVE-2019-12422 (Apache Shiro before 1.4.2, when using the default "remember me" config ...) - shiro <unfixed> (bug #947945) @@ -21037,10 +21035,10 @@ CVE-2019-12000 RESERVED CVE-2019-11999 RESERVED -CVE-2019-11998 - RESERVED -CVE-2019-11997 - RESERVED +CVE-2019-11998 (HPE Superdome Flex Server is vulnerable to multiple remote vulnerabili ...) + TODO: check +CVE-2019-11997 (A potential security vulnerability has been identified in HPE enhanced ...) + TODO: check CVE-2019-11996 (Potential security vulnerabilities have been identified with HPE Nimbl ...) NOT-FOR-US: HPE CVE-2019-11995 (Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unaut ...) @@ -23995,11 +23993,11 @@ CVE-2019-10942 (A vulnerability has been identified in SCALANCE X-200 (All versi NOT-FOR-US: Siemens CVE-2019-10941 RESERVED -CVE-2019-10940 - RESERVED +CVE-2019-10940 (A vulnerability has been identified in SINEMA Server (All versions < ...) + TODO: check CVE-2019-10939 RESERVED -CVE-2019-10938 (A vulnerability has been identified in Ethernet plug-in communication ...) +CVE-2019-10938 (A vulnerability has been identified in SIPROTEC 5 devices with CPU var ...) NOT-FOR-US: Ethernet plug-in communication modules for SIPROTEC 5 devices CVE-2019-10937 (A vulnerability has been identified in SIMATIC TDC CP51M1 (All version ...) NOT-FOR-US: SIMATIC TDC CP51M1 @@ -24007,8 +24005,8 @@ CVE-2019-10936 (A vulnerability has been identified in Development/Evaluation Ki NOT-FOR-US: Siemens CVE-2019-10935 (A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier ...) NOT-FOR-US: Siemens -CVE-2019-10934 - RESERVED +CVE-2019-10934 (A vulnerability has been identified in TIA Portal V14 (All versions), ...) + TODO: check CVE-2019-10933 (A vulnerability has been identified in Spectrum Power 3 (Corporate Use ...) NOT-FOR-US: Siemens CVE-2019-10932 @@ -36237,7 +36235,7 @@ CVE-2019-6577 (A vulnerability has been identified in SIMATIC HMI Comfort Panels NOT-FOR-US: Siemens CVE-2019-6576 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...) NOT-FOR-US: Siemens -CVE-2019-6575 (A vulnerability has been identified in SIMATIC CP443-1 OPC UA (All ver ...) +CVE-2019-6575 (A vulnerability has been identified in SIMATIC CP443-1 OPC UA (incl. S ...) NOT-FOR-US: Siemens CVE-2019-6574 (A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 ...) NOT-FOR-US: Siemens @@ -36249,11 +36247,11 @@ CVE-2019-6571 (A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xy NOT-FOR-US: Siemens CVE-2019-6570 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...) NOT-FOR-US: Siemens -CVE-2019-6569 (A vulnerability has been identified in Scalance X-200 (All versions &l ...) +CVE-2019-6569 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...) NOT-FOR-US: Scalance -CVE-2019-6568 (A vulnerability has been identified in CP1604, CP1616, SIMATIC CP343-1 ...) +CVE-2019-6568 (A vulnerability has been identified in CP1604, CP1616, CP343-1 Advance ...) NOT-FOR-US: Siemens -CVE-2019-6567 (A vulnerability has been identified in SCALANCE X-200 (All Versions &l ...) +CVE-2019-6567 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...) NOT-FOR-US: Siemens CVE-2019-6566 (GE Communicator, all versions prior to 4.0.517, allows a non-administr ...) NOT-FOR-US: GE Communicator @@ -42806,7 +42804,7 @@ CVE-2019-3766 (Dell EMC ECS versions prior to 3.4.0.0 contain an improper restri NOT-FOR-US: EMC CVE-2019-3765 (Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and ...) NOT-FOR-US: EMC -CVE-2019-3764 (Dell EMC iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior ...) +CVE-2019-3764 (Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to ...) NOT-FOR-US: EMC CVE-2019-3763 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...) NOT-FOR-US: RSA diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 26389d8711..3157099425 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,203 @@ +CVE-2020-7209 + RESERVED +CVE-2020-7208 + RESERVED +CVE-2020-7207 + RESERVED +CVE-2020-7206 + RESERVED +CVE-2020-7205 + RESERVED +CVE-2020-7204 + RESERVED +CVE-2020-7203 + RESERVED +CVE-2020-7202 + RESERVED +CVE-2020-7201 + RESERVED +CVE-2020-7200 + RESERVED +CVE-2020-7199 + RESERVED +CVE-2020-7198 + RESERVED +CVE-2020-7197 + RESERVED +CVE-2020-7196 + RESERVED +CVE-2020-7195 + RESERVED +CVE-2020-7194 + RESERVED +CVE-2020-7193 + RESERVED +CVE-2020-7192 + RESERVED +CVE-2020-7191 + RESERVED +CVE-2020-7190 + RESERVED +CVE-2020-7189 + RESERVED +CVE-2020-7188 + RESERVED +CVE-2020-7187 + RESERVED +CVE-2020-7186 + RESERVED +CVE-2020-7185 + RESERVED +CVE-2020-7184 + RESERVED +CVE-2020-7183 + RESERVED +CVE-2020-7182 + RESERVED +CVE-2020-7181 + RESERVED +CVE-2020-7180 + RESERVED +CVE-2020-7179 + RESERVED +CVE-2020-7178 + RESERVED +CVE-2020-7177 + RESERVED +CVE-2020-7176 + RESERVED +CVE-2020-7175 + RESERVED +CVE-2020-7174 + RESERVED +CVE-2020-7173 + RESERVED +CVE-2020-7172 + RESERVED +CVE-2020-7171 + RESERVED +CVE-2020-7170 + RESERVED +CVE-2020-7169 + RESERVED +CVE-2020-7168 + RESERVED +CVE-2020-7167 + RESERVED +CVE-2020-7166 + RESERVED +CVE-2020-7165 + RESERVED +CVE-2020-7164 + RESERVED +CVE-2020-7163 + RESERVED +CVE-2020-7162 + RESERVED +CVE-2020-7161 + RESERVED +CVE-2020-7160 + RESERVED +CVE-2020-7159 + RESERVED +CVE-2020-7158 + RESERVED +CVE-2020-7157 + RESERVED +CVE-2020-7156 + RESERVED +CVE-2020-7155 + RESERVED +CVE-2020-7154 + RESERVED +CVE-2020-7153 + RESERVED +CVE-2020-7152 + RESERVED +CVE-2020-7151 + RESERVED +CVE-2020-7150 + RESERVED +CVE-2020-7149 + RESERVED +CVE-2020-7148 + RESERVED +CVE-2020-7147 + RESERVED +CVE-2020-7146 + RESERVED +CVE-2020-7145 + RESERVED +CVE-2020-7144 + RESERVED +CVE-2020-7143 + RESERVED +CVE-2020-7142 + RESERVED +CVE-2020-7141 + RESERVED +CVE-2020-7140 + RESERVED +CVE-2020-7139 + RESERVED +CVE-2020-7138 + RESERVED +CVE-2020-7137 + RESERVED +CVE-2020-7136 + RESERVED +CVE-2020-7135 + RESERVED +CVE-2020-7134 + RESERVED +CVE-2020-7133 + RESERVED +CVE-2020-7132 + RESERVED +CVE-2020-7131 + RESERVED +CVE-2020-7130 + RESERVED +CVE-2020-7129 + RESERVED +CVE-2020-7128 + RESERVED +CVE-2020-7127 + RESERVED +CVE-2020-7126 + RESERVED +CVE-2020-7125 + RESERVED +CVE-2020-7124 + RESERVED +CVE-2020-7123 + RESERVED +CVE-2020-7122 + RESERVED +CVE-2020-7121 + RESERVED +CVE-2020-7120 + RESERVED +CVE-2020-7119 + RESERVED +CVE-2020-7118 + RESERVED +CVE-2020-7117 + RESERVED +CVE-2020-7116 + RESERVED +CVE-2020-7115 + RESERVED +CVE-2020-7114 + RESERVED +CVE-2020-7113 + RESERVED +CVE-2020-7112 + RESERVED +CVE-2020-7111 + RESERVED +CVE-2020-7110 + RESERVED CVE-2020-7109 RESERVED CVE-2020-7108 (The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ...) |