diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-06-20 08:10:14 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-06-20 08:10:14 +0000 |
commit | fd84133603a34d4d6e4c89dd3836f7d50821119b (patch) | |
tree | ac57dbb6d8517a0082c67fb16ab8444fb78ff501 | |
parent | 25bd255e8d3054b669a6a56d60020970d7cd572f (diff) |
automatic update
-rw-r--r-- | data/CVE/2015.list | 4 | ||||
-rw-r--r-- | data/CVE/2016.list | 92 | ||||
-rw-r--r-- | data/CVE/2017.list | 52 | ||||
-rw-r--r-- | data/CVE/2019.list | 2 | ||||
-rw-r--r-- | data/CVE/2020.list | 49 |
5 files changed, 103 insertions, 96 deletions
diff --git a/data/CVE/2015.list b/data/CVE/2015.list index 038704d6a8..84b843e695 100644 --- a/data/CVE/2015.list +++ b/data/CVE/2015.list @@ -1,5 +1,5 @@ -CVE-2015-9548 - RESERVED +CVE-2015-9548 (An issue was discovered in Mattermost Server before 1.2.0. It allows a ...) + TODO: check CVE-2015-9547 (An issue was discovered on Samsung mobile devices with JBP(4.3) and KK ...) NOT-FOR-US: Samsung mobile devices CVE-2015-9546 (An issue was discovered on Samsung mobile devices with KK(4.4) and lat ...) diff --git a/data/CVE/2016.list b/data/CVE/2016.list index dad5402272..ecf41aceaa 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -1,49 +1,49 @@ -CVE-2016-11084 - RESERVED -CVE-2016-11083 - RESERVED -CVE-2016-11082 - RESERVED -CVE-2016-11081 - RESERVED -CVE-2016-11080 - RESERVED -CVE-2016-11079 - RESERVED -CVE-2016-11078 - RESERVED -CVE-2016-11077 - RESERVED -CVE-2016-11076 - RESERVED -CVE-2016-11075 - RESERVED -CVE-2016-11074 - RESERVED -CVE-2016-11073 - RESERVED -CVE-2016-11072 - RESERVED -CVE-2016-11071 - RESERVED -CVE-2016-11070 - RESERVED -CVE-2016-11069 - RESERVED -CVE-2016-11068 - RESERVED -CVE-2016-11067 - RESERVED -CVE-2016-11066 - RESERVED -CVE-2016-11065 - RESERVED -CVE-2016-11064 - RESERVED -CVE-2016-11063 - RESERVED -CVE-2016-11062 - RESERVED +CVE-2016-11084 (An issue was discovered in Mattermost Server before 2.1.0. It allows X ...) + TODO: check +CVE-2016-11083 (An issue was discovered in Mattermost Server before 2.2.0. It allows X ...) + TODO: check +CVE-2016-11082 (An issue was discovered in Mattermost Server before 2.2.0. It allows X ...) + TODO: check +CVE-2016-11081 (An issue was discovered in Mattermost Server before 2.2.0. It allows u ...) + TODO: check +CVE-2016-11080 (An issue was discovered in Mattermost Server before 3.0.0. It offers s ...) + TODO: check +CVE-2016-11079 (An issue was discovered in Mattermost Server before 3.0.0. It allows X ...) + TODO: check +CVE-2016-11078 (An issue was discovered in Mattermost Server before 3.0.0. It potentia ...) + TODO: check +CVE-2016-11077 (An issue was discovered in Mattermost Server before 3.0.0. It has a su ...) + TODO: check +CVE-2016-11076 (An issue was discovered in Mattermost Server before 3.0.0. It does not ...) + TODO: check +CVE-2016-11075 (An issue was discovered in Mattermost Server before 3.0.0. It allows a ...) + TODO: check +CVE-2016-11074 (An issue was discovered in Mattermost Server before 3.0.0. A password- ...) + TODO: check +CVE-2016-11073 (An issue was discovered in Mattermost Server before 3.0.0. It allows X ...) + TODO: check +CVE-2016-11072 (An issue was discovered in Mattermost Server before 3.0.2. The purpose ...) + TODO: check +CVE-2016-11071 (An issue was discovered in Mattermost Server before 3.1.0. It allows X ...) + TODO: check +CVE-2016-11070 (An issue was discovered in Mattermost Server before 3.1.0. It allows X ...) + TODO: check +CVE-2016-11069 (An issue was discovered in Mattermost Server before 3.2.0. It mishandl ...) + TODO: check +CVE-2016-11068 (An issue was discovered in Mattermost Server before 3.2.0. Attackers c ...) + TODO: check +CVE-2016-11067 (An issue was discovered in Mattermost Server before 3.2.0. It allowed ...) + TODO: check +CVE-2016-11066 (An issue was discovered in Mattermost Server before 3.2.0. The initial ...) + TODO: check +CVE-2016-11065 (An issue was discovered in Mattermost Server before 3.3.0. An attacker ...) + TODO: check +CVE-2016-11064 (An issue was discovered in Mattermost Desktop App before 3.4.0. String ...) + TODO: check +CVE-2016-11063 (An issue was discovered in Mattermost Server before 3.5.1. XSS can occ ...) + TODO: check +CVE-2016-11062 (An issue was discovered in Mattermost Server before 3.5.1. E-mail addr ...) + TODO: check CVE-2016-11061 (Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 7 ...) NOT-FOR-US: Xerox CVE-2016-11060 (Certain NETGEAR devices are affected by insecure renegotiation. This a ...) diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 713161aa74..c1e90f8989 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -1,21 +1,21 @@ -CVE-2017-18921 - RESERVED -CVE-2017-18920 - RESERVED -CVE-2017-18919 - RESERVED -CVE-2017-18918 - RESERVED -CVE-2017-18917 - RESERVED -CVE-2017-18916 - RESERVED -CVE-2017-18915 - RESERVED -CVE-2017-18914 - RESERVED -CVE-2017-18913 - RESERVED +CVE-2017-18921 (An issue was discovered in Mattermost Server before 3.6.0 and 3.5.2. X ...) + TODO: check +CVE-2017-18920 (An issue was discovered in Mattermost Server before 3.6.2. The WebSock ...) + TODO: check +CVE-2017-18919 (An issue was discovered in Mattermost Server before 3.7.0 and 3.6.3. A ...) + TODO: check +CVE-2017-18918 (An issue was discovered in Mattermost Server before 3.7.3 and 3.6.5. A ...) + TODO: check +CVE-2017-18917 (An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and ...) + TODO: check +CVE-2017-18916 (An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and ...) + TODO: check +CVE-2017-18915 (An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and ...) + TODO: check +CVE-2017-18914 (An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and ...) + TODO: check +CVE-2017-18913 (An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and ...) + TODO: check CVE-2017-18912 (An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and ...) NOT-FOR-US: Mattermost CVE-2017-18911 (An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and ...) @@ -24,14 +24,14 @@ CVE-2017-18910 (An issue was discovered in Mattermost Server before 3.8.2, 3.7.5 NOT-FOR-US: Mattermost CVE-2017-18909 (An issue was discovered in Mattermost Server before 3.9.0 when SAML is ...) NOT-FOR-US: Mattermost -CVE-2017-18908 - RESERVED -CVE-2017-18907 - RESERVED -CVE-2017-18906 - RESERVED -CVE-2017-18905 - RESERVED +CVE-2017-18908 (An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and ...) + TODO: check +CVE-2017-18907 (An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and ...) + TODO: check +CVE-2017-18906 (An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and ...) + TODO: check +CVE-2017-18905 (An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and ...) + TODO: check CVE-2017-18904 (An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and ...) NOT-FOR-US: Mattermost CVE-2017-18903 (An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index b1d90a6969..7d76d1b2f5 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -1,3 +1,5 @@ +CVE-2019-20891 (WooCommerce before 3.6.5, when it handles CSV imports of products, has ...) + TODO: check CVE-2019-20890 (An issue was discovered in Mattermost Server before 5.7. It allows a b ...) NOT-FOR-US: Mattermost CVE-2019-20889 (An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, ...) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 60ad7122f9..06469ac490 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,7 @@ +CVE-2020-14931 (A stack-based buffer overflow in DMitry (Deepmagic Information Gatheri ...) + TODO: check +CVE-2020-14930 (An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. A ...) + TODO: check CVE-2020-14929 (Alpine before 2.23 silently proceeds to use an insecure connection aft ...) - alpine <unfixed> (bug #963179) NOTE: http://mailman13.u.washington.edu/pipermail/alpine-info/2020-June/008989.html @@ -1741,6 +1745,7 @@ CVE-2020-14095 CVE-2020-14094 RESERVED CVE-2020-14093 (Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attac ...) + {DSA-4707-1} - mutt 1.14.3-1 (bug #962897) - neomutt 20200619+dfsg.1-1 NOTE: https://gitlab.com/muttmua/mutt/commit/3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01 @@ -3614,16 +3619,16 @@ CVE-2020-13278 RESERVED CVE-2020-13277 (An authorization issue in the mirroring logic allowed read access to p ...) TODO: check -CVE-2020-13276 - RESERVED -CVE-2020-13275 - RESERVED -CVE-2020-13274 - RESERVED -CVE-2020-13273 - RESERVED -CVE-2020-13272 - RESERVED +CVE-2020-13276 (User is allowed to set an email as a notification email even without v ...) + TODO: check +CVE-2020-13275 (A user with an unverified email address could request an access to dom ...) + TODO: check +CVE-2020-13274 (A security issue allowed achieving Denial of Service attacks through m ...) + TODO: check +CVE-2020-13273 (A Denial of Service vulnerability allowed exhausting the system resour ...) + TODO: check +CVE-2020-13272 (OAuth flow missing verification checks CE/EE 12.3 and later through 13 ...) + TODO: check CVE-2020-13271 (A Stored Cross-Site Scripting vulnerability allowed the execution of a ...) - gitlab <unfixed> CVE-2020-13270 (Missing permission check on fork relation creation in GitLab CE/EE 11. ...) @@ -3636,16 +3641,16 @@ CVE-2020-13267 (A Stored Cross-Site Scripting vulnerability allowed the executio - gitlab <unfixed> CVE-2020-13266 (Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and ...) - gitlab <unfixed> -CVE-2020-13265 - RESERVED -CVE-2020-13264 - RESERVED -CVE-2020-13263 - RESERVED -CVE-2020-13262 - RESERVED -CVE-2020-13261 - RESERVED +CVE-2020-13265 (User email verification bypass in GitLab CE/EE 12.5 and later through ...) + TODO: check +CVE-2020-13264 (Kubernetes cluster token disclosure in GitLab CE/EE 10.3 and later thr ...) + TODO: check +CVE-2020-13263 (An authorization issue relating to project maintainer impersonation wa ...) + TODO: check +CVE-2020-13262 (Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 ...) + TODO: check +CVE-2020-13261 (Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later throu ...) + TODO: check CVE-2020-13260 RESERVED CVE-2020-13259 @@ -9771,8 +9776,8 @@ CVE-2020-10751 (A flaw was found in the Linux kernels SELinux LSM hook implement {DSA-4699-1 DSA-4698-1 DLA-2242-1 DLA-2241-1} - linux 5.6.14-1 NOTE: https://git.kernel.org/linus/fb73974172ffaaf57a7c42f35424d9aece1a5af6 -CVE-2020-10750 - RESERVED +CVE-2020-10750 (Sensitive information written to a log file vulnerability was found in ...) + TODO: check CVE-2020-10749 (A vulnerability was found in all versions of containernetworking/plugi ...) - golang-github-containernetworking-plugins <unfixed> NOTE: https://github.com/containernetworking/plugins/pull/484 |