diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-11-25 08:10:23 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-11-25 08:10:23 +0000 |
commit | ab28c1a09aa11b29299601bea6b9a0a114ba1dcb (patch) | |
tree | e051be5fe07d164fe245bbf2f54c2423c53f25c4 | |
parent | 0f40fef06686b7db0eb9ac9abedb73c99eb768f6 (diff) |
automatic update
-rw-r--r-- | data/CVE/2015.list | 4 | ||||
-rw-r--r-- | data/CVE/2020.list | 84 |
2 files changed, 70 insertions, 18 deletions
diff --git a/data/CVE/2015.list b/data/CVE/2015.list index a43c1e2e90..07e4a81e02 100644 --- a/data/CVE/2015.list +++ b/data/CVE/2015.list @@ -1,3 +1,7 @@ +CVE-2015-9551 (An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1 ...) + TODO: check +CVE-2015-9550 (An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1 ...) + TODO: check CVE-2015-9549 (A reflected Cross-site Scripting (XSS) vulnerability exists in OcPorta ...) NOT-FOR-US: OcPortal CVE-2015-9548 (An issue was discovered in Mattermost Server before 1.2.0. It allows a ...) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 2b5bacc2d1..c2563dd46f 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,51 @@ +CVE-2020-29073 + RESERVED +CVE-2020-29072 (A Cross-Site Script Inclusion vulnerability was found on LiquidFiles b ...) + TODO: check +CVE-2020-29071 (An XSS issue was found in the Shares feature of LiquidFiles before 3.3 ...) + TODO: check +CVE-2020-29070 + RESERVED +CVE-2020-29069 (_get_flag_ip_localdb in server/mhn/ui/utils.py in Modern Honey Network ...) + TODO: check +CVE-2020-29068 + RESERVED +CVE-2020-29067 + RESERVED +CVE-2020-29066 + RESERVED +CVE-2020-29065 + RESERVED +CVE-2020-29064 + RESERVED +CVE-2020-29063 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...) + TODO: check +CVE-2020-29062 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...) + TODO: check +CVE-2020-29061 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...) + TODO: check +CVE-2020-29060 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...) + TODO: check +CVE-2020-29059 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...) + TODO: check +CVE-2020-29058 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...) + TODO: check +CVE-2020-29057 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...) + TODO: check +CVE-2020-29056 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...) + TODO: check +CVE-2020-29055 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...) + TODO: check +CVE-2020-29054 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...) + TODO: check +CVE-2020-29053 (HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_da ...) + TODO: check +CVE-2020-29052 + RESERVED +CVE-2020-29051 + RESERVED +CVE-2020-29050 + RESERVED CVE-2020-29049 RESERVED CVE-2020-29048 @@ -149,6 +197,7 @@ CVE-2020-28977 CVE-2020-28976 RESERVED CVE-2020-28984 (prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does ...) + {DSA-4798-1} - spip 3.2.8-1 NOTE: https://git.spip.net/spip/spip/commit/ae4267eba1022dabc12831ddb021c5d6e09040f8 CVE-2020-28975 (** DISPUTED ** svm_predict_values in svm.cpp in Libsvm v324, as used i ...) @@ -157,8 +206,7 @@ CVE-2020-28973 RESERVED CVE-2020-28972 RESERVED -CVE-2020-26235 [RUSTSEC-2020-0071: time: Potential segfault in the time crate] - RESERVED +CVE-2020-26235 (In Rust time crate from version 0.2.7 and before version 0.2.23, unix- ...) - rust-time <not-affected> (Vulnerable methods introduced in v0.2.7) NOTE: https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396 NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0071.html @@ -1534,8 +1582,8 @@ CVE-2020-28331 (Barco wePresent WiPG-1600W devices have Improper Access Control. NOT-FOR-US: Barco wePresent WiPG-1600W devices CVE-2020-28330 (Barco wePresent WiPG-1600W devices have Unprotected Transport of Crede ...) NOT-FOR-US: Barco wePresent WiPG-1600W devices -CVE-2020-28329 - RESERVED +CVE-2020-28329 (Barco wePresent WiPG-1600W firmware includes a hardcoded API account a ...) + TODO: check CVE-2020-28328 (SuiteCRM before 7.11.17 is vulnerable to remote code execution via the ...) NOT-FOR-US: SuiteCRM CVE-2020-28327 (A res_pjsip_session crash was discovered in Asterisk Open Source 13.x ...) @@ -6048,26 +6096,26 @@ CVE-2020-26244 RESERVED CVE-2020-26243 RESERVED -CVE-2020-26242 - RESERVED -CVE-2020-26241 - RESERVED -CVE-2020-26240 - RESERVED +CVE-2020-26242 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...) + TODO: check +CVE-2020-26241 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...) + TODO: check +CVE-2020-26240 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...) + TODO: check CVE-2020-26239 (Scratch Addons is a WebExtension that supports both Chrome and Firefox ...) NOT-FOR-US: Scratch Addons -CVE-2020-26238 - RESERVED -CVE-2020-26237 - RESERVED +CVE-2020-26238 (Cron-utils is a Java library to parse, validate, migrate crons as well ...) + TODO: check +CVE-2020-26237 (Highlight.js is a syntax highlighter written in JavaScript. Highlight. ...) + TODO: check CVE-2020-26236 (In ScratchVerifier before commit a603769, an attacker can hijack the v ...) NOT-FOR-US: ScratchVerifier CVE-2020-26234 RESERVED CVE-2020-26233 RESERVED -CVE-2020-26232 - RESERVED +CVE-2020-26232 (Jupyter Server before version 1.0.6 has an Open redirect vulnerability ...) + TODO: check CVE-2020-26231 (October is a free, open-source, self-hosted CMS platform based on the ...) NOT-FOR-US: October CMS CVE-2020-26230 (Radar COVID is the official COVID-19 exposure notification app for Spa ...) @@ -8591,8 +8639,8 @@ CVE-2020-25161 RESERVED CVE-2020-25160 RESERVED -CVE-2020-25159 - RESERVED +CVE-2020-25159 (499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack- ...) + TODO: check CVE-2020-25158 RESERVED CVE-2020-25157 (The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection ...) |