diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-02-19 08:10:23 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-02-19 08:10:23 +0000 |
commit | d1f470faa64a24c48b839d8bc1f23b5d3a387cdc (patch) | |
tree | 2317492b166ef0cbb97447f85b6d56327e67fba9 | |
parent | f3d4fe7818eabd361ab28e95c8f3ac7b75d0b3ce (diff) |
automatic update
-rw-r--r-- | data/CVE/2011.list | 3 | ||||
-rw-r--r-- | data/CVE/2015.list | 6 | ||||
-rw-r--r-- | data/CVE/2018.list | 4 | ||||
-rw-r--r-- | data/CVE/2019.list | 16 | ||||
-rw-r--r-- | data/CVE/2020.list | 43 |
5 files changed, 55 insertions, 17 deletions
diff --git a/data/CVE/2011.list b/data/CVE/2011.list index 93c797b60c..3aa891ebbd 100644 --- a/data/CVE/2011.list +++ b/data/CVE/2011.list @@ -8633,8 +8633,7 @@ CVE-2011-2056 RESERVED CVE-2011-2055 RESERVED -CVE-2011-2054 - RESERVED +CVE-2011-2054 (A vulnerability in the Cisco ASA that could allow a remote attacker to ...) NOT-FOR-US: ** REJECT ** CVE-2011-2054 misused as CVE-2011-2524 CVE-2011-2053 RESERVED diff --git a/data/CVE/2015.list b/data/CVE/2015.list index 1ec2384d63..048c36e903 100644 --- a/data/CVE/2015.list +++ b/data/CVE/2015.list @@ -1,3 +1,5 @@ +CVE-2015-9543 (An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 1 ...) + TODO: check CVE-2015-9542 [buffer overflow in password field] RESERVED - libpam-radius-auth <unfixed> (bug #951396) @@ -25274,8 +25276,8 @@ CVE-2015-0751 (Cisco IP Phone 7861, when firmware from Cisco Unified Communicati NOT-FOR-US: Cisco CVE-2015-0750 (The administrative web interface in Cisco Hosted Collaboration Solutio ...) NOT-FOR-US: Cisco -CVE-2015-0749 - RESERVED +CVE-2015-0749 (A vulnerability in Cisco Unified Communications Manager could allow an ...) + TODO: check CVE-2015-0748 RESERVED CVE-2015-0747 (Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release al ...) diff --git a/data/CVE/2018.list b/data/CVE/2018.list index f4a69f633d..b411fade96 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -10933,8 +10933,8 @@ CVE-2018-16996 RESERVED CVE-2018-16995 RESERVED -CVE-2018-16994 - RESERVED +CVE-2018-16994 (An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL ...) + TODO: check CVE-2018-16993 RESERVED CVE-2018-16992 diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 72b57c0b18..15717c3e5e 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -1,3 +1,11 @@ +CVE-2019-20478 (In ruamel.yaml through 0.16.7, the load method allows remote code exec ...) + TODO: check +CVE-2019-20477 (PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and ...) + TODO: check +CVE-2019-20476 + RESERVED +CVE-2019-20475 + RESERVED CVE-2019-20474 (An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.4 ...) NOT-FOR-US: Zoho ManageEngine Remote Access Plus CVE-2019-20473 @@ -24421,7 +24429,7 @@ CVE-2019-11052 CVE-2019-11051 RESERVED CVE-2019-11050 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...) - {DSA-4626-1 DLA-2050-1} + {DSA-4628-1 DSA-4626-1 DLA-2050-1} - php7.3 <unfixed> - php7.0 <removed> - php5 <removed> @@ -24436,14 +24444,14 @@ CVE-2019-11049 (In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when su CVE-2019-11048 RESERVED CVE-2019-11047 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...) - {DSA-4626-1 DLA-2050-1} + {DSA-4628-1 DSA-4626-1 DLA-2050-1} - php7.3 <unfixed> - php7.0 <removed> - php5 <removed> NOTE: Fixed in PHP 7.4.1, 7.3.13 NOTE: PHP Bug: http://bugs.php.net/78910 CVE-2019-11046 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP ...) - {DSA-4626-1 DLA-2050-1} + {DSA-4628-1 DSA-4626-1 DLA-2050-1} - php7.3 <unfixed> - php7.0 <removed> - php5 <removed> @@ -24451,7 +24459,7 @@ CVE-2019-11046 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 NOTE: PHP Bug: http://bugs.php.net/78878 NOTE: http://git.php.net/?p=php-src.git;a=patch;h=2d07f00b73d8f94099850e0f5983e1cc5817c196 CVE-2019-11045 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP ...) - {DSA-4626-1 DLA-2050-1} + {DSA-4628-1 DSA-4626-1 DLA-2050-1} - php7.3 <unfixed> - php7.0 <removed> - php5 <removed> diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 589ec31c85..d834d6ad08 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,31 @@ +CVE-2020-9285 + RESERVED +CVE-2020-9284 + RESERVED +CVE-2020-9283 + RESERVED +CVE-2020-9282 + RESERVED +CVE-2020-9281 + RESERVED +CVE-2020-9280 + RESERVED +CVE-2020-9279 + RESERVED +CVE-2020-9278 + RESERVED +CVE-2020-9277 + RESERVED +CVE-2020-9276 + RESERVED +CVE-2020-9275 + RESERVED +CVE-2020-9274 + RESERVED +CVE-2020-9273 + RESERVED +CVE-2020-9272 + RESERVED CVE-2020-9271 (ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via s ...) NOT-FOR-US: ICE Hrm CVE-2020-9270 (ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via ...) @@ -551,7 +579,7 @@ CVE-2020-8999 RESERVED CVE-2020-8998 REJECTED -CVE-2020-8997 (Abbott FreeStyle Libre 14-day before February 2020 and FreeStyle Libre ...) +CVE-2020-8997 (Older generation Abbott FreeStyle Libre sensors allow remote attackers ...) NOT-FOR-US: Abbott FreeStyle Libre CVE-2020-8996 (AnyShare Cloud 6.0.9 allows authenticated directory traversal to read ...) NOT-FOR-US: AnyShare Cloud @@ -1291,8 +1319,8 @@ CVE-2020-8635 RESERVED CVE-2020-8634 RESERVED -CVE-2020-8633 - RESERVED +CVE-2020-8633 (An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8 ...) + TODO: check CVE-2020-8632 (In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_ ...) - cloud-init 19.4-2 (bug #951363) [buster] - cloud-init <no-dsa> (Minor issue) @@ -3076,8 +3104,8 @@ CVE-2020-7798 RESERVED CVE-2020-7797 RESERVED -CVE-2020-7796 - RESERVED +CVE-2020-7796 (Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF whe ...) + TODO: check CVE-2020-7795 RESERVED CVE-2020-7794 @@ -3729,6 +3757,7 @@ CVE-2020-7473 CVE-2020-7472 RESERVED CVE-2020-7471 (Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 al ...) + {DSA-4629-1} - python-django 2:2.2.10-1 (bug #950581) [jessie] - python-django <not-affected> (Vulnerable code introduced in Django ~1.9) NOTE: https://www.djangoproject.com/weblog/2020/feb/03/security-releases/ @@ -4593,7 +4622,7 @@ CVE-2020-7062 CVE-2020-7061 RESERVED CVE-2020-7060 (When using certain mbstring functions to convert multibyte encodings, ...) - {DSA-4626-1} + {DSA-4628-1 DSA-4626-1} - php7.4 7.4.2-7 - php7.3 <unfixed> - php7.0 <removed> @@ -4601,7 +4630,7 @@ CVE-2020-7060 (When using certain mbstring functions to convert multibyte encodi NOTE: Fixed in PHP 7.4.2, 7.3.14, 7.2.27 NOTE: PHP Bug: http://bugs.php.net/79037 CVE-2020-7059 (When using fgetss() function to read data with stripping tags, in PHP ...) - {DSA-4626-1} + {DSA-4628-1 DSA-4626-1} - php7.4 7.4.2-7 - php7.3 <unfixed> - php7.0 <removed> |