diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2021-02-26 20:10:29 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2021-02-26 20:10:29 +0000 |
| commit | 9f95d697310119bfe8c7ffcc6635a4e4c7ffeb92 (patch) | |
| tree | cd7002f831e3abfc4026c7cd7061cb35ee4d6d05 /data/CVE/2020.list | |
| parent | 18362ca7bddb8165062981d2e48ad1da7fc6b56a (diff) | |
automatic update
Diffstat (limited to 'data/CVE/2020.list')
| -rw-r--r-- | data/CVE/2020.list | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index c96c552f85..ab2378365f 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,5 @@ +CVE-2020-35358 + RESERVED CVE-2020-36254 (scp.c in Dropbear before 2020.79 mishandles the filename of . or an em ...) - dropbear 2020.79-1 NOTE: https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff @@ -2202,7 +2204,6 @@ CVE-2020-35360 RESERVED CVE-2020-35359 (Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server ...) NOTE: Bogus issue, can be configured using MaxClientsPerIP in pure-ftpd.conf configuration file - RESERVED CVE-2020-35357 RESERVED CVE-2020-35356 @@ -5133,8 +5134,8 @@ CVE-2020-28648 (Improper input validation in the Auto-Discovery component of Nag NOT-FOR-US: Nagios XI CVE-2020-28647 (In Progress MOVEit Transfer before 2020.1, a malicious user could craf ...) NOT-FOR-US: Progress MOVEit Transfer -CVE-2020-28646 - RESERVED +CVE-2020-28646 (ownCloud owncloud/client before 2.7 allows DLL Injection. The desktop ...) + TODO: check CVE-2020-28645 (Deleting users with certain names caused system files to be deleted. R ...) - owncloud <removed> CVE-2020-28644 (The CSRF (Cross Site Request Forgery) token check was improperly imple ...) @@ -6124,8 +6125,8 @@ CVE-2020-28201 RESERVED CVE-2020-28200 RESERVED -CVE-2020-28199 - RESERVED +CVE-2020-28199 (best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive ...) + TODO: check CVE-2020-28198 RESERVED CVE-2020-28197 @@ -10820,8 +10821,8 @@ CVE-2020-26202 RESERVED CVE-2020-26201 (Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak pass ...) NOT-FOR-US: Askey -CVE-2020-26200 - RESERVED +CVE-2020-26200 (A component of Kaspersky custom boot loader allowed loading of untrust ...) + TODO: check CVE-2020-26199 (Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 ...) NOT-FOR-US: EMC CVE-2020-26198 (Dell EMC iDRAC9 versions prior to 4.32.10.00 and 4.40.00.00 contain a ...) @@ -14374,8 +14375,8 @@ CVE-2020-24688 RESERVED CVE-2020-24687 RESERVED -CVE-2020-24686 - RESERVED +CVE-2020-24686 (The vulnerabilities can be exploited to cause the web visualization co ...) + TODO: check CVE-2020-24685 (An unauthenticated specially crafted packet sent by an attacker over t ...) NOT-FOR-US: ABB CVE-2020-24684 |