diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-01-16 08:10:18 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-01-16 08:10:18 +0000 |
commit | 0fd7b14a2886fd276ebecc27605c1dc7e76f09e5 (patch) | |
tree | 2730222a2096a24bd6367a40163da78c4e056f0f /data/CVE | |
parent | 5e675a56d0233cffc40ace5682da2a70a23452e8 (diff) |
automatic update
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2009.list | 9 | ||||
-rw-r--r-- | data/CVE/2016.list | 3 | ||||
-rw-r--r-- | data/CVE/2019.list | 38 | ||||
-rw-r--r-- | data/CVE/2020.list | 20 |
4 files changed, 41 insertions, 29 deletions
diff --git a/data/CVE/2009.list b/data/CVE/2009.list index 5e559ab1ff..3bbf15c711 100644 --- a/data/CVE/2009.list +++ b/data/CVE/2009.list @@ -225,8 +225,7 @@ CVE-2009-5070 RESERVED CVE-2009-5069 RESERVED -CVE-2009-5068 - RESERVED +CVE-2009-5068 (There is a file disclosure vulnerability in SMF (Simple Machines Forum ...) NOT-FOR-US: Simple Machines Forum CVE-2009-5067 (Directory traversal vulnerability in html2ps before 1.0b6 allows remot ...) - html2ps 1.0b7-1 (low; bug #548633) @@ -317,8 +316,7 @@ CVE-2009-5027 REJECTED CVE-2009-5026 (The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x ...) - mysql-5.1 5.1.53-1 -CVE-2009-5025 [PyForum XSS+CSRF] - RESERVED +CVE-2009-5025 (A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an att ...) NOT-FOR-US: PyForum CVE-2009-5024 (ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb row_l ...) {DSA-2563-1} @@ -3624,8 +3622,7 @@ CVE-2009-3725 (The connector layer in the Linux kernel before 2.6.31.5 does not - linux-2.6 2.6.31-1 (medium) [etch] - linux-2.6 <not-affected> (Vulnerable code not present) - linux-2.6.24 <removed> (medium) -CVE-2009-3724 - RESERVED +CVE-2009-3724 (python-markdown2 before 1.0.1.14 has multiple cross-site scripting (XS ...) NOT-FOR-US: python-markdown2 (not our markdown, different code base) CVE-2009-3723 (asterisk allows calls on prohibited networks ...) [etch] - asterisk <not-affected> diff --git a/data/CVE/2016.list b/data/CVE/2016.list index 13cf373227..3ef4518404 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -14652,7 +14652,8 @@ CVE-2016-1000025 REJECTED CVE-2016-1000024 RESERVED -CVE-2016-1000022 (negotiator before 0.6.1 is vulnerable to a regular expression DoS ...) +CVE-2016-1000022 + REJECTED - node-negotiator 0.6.1-1 (unimportant) NOTE: https://nodesecurity.io/advisories/106 NOTE: https://github.com/distributedweaknessfiling/DWF-Database/commit/5e607a0cad2769db2be5aafc4d9b1ec49bd7bbbc diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 29fdd9b42d..6586d00d93 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -1,3 +1,5 @@ +CVE-2019-20380 + RESERVED CVE-2019-20379 (ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via th ...) - ganglia-web <unfixed> (unimportant; bug #948664) NOTE: https://github.com/ganglia/ganglia-web/issues/351 @@ -662,8 +664,8 @@ CVE-2019-20099 RESERVED CVE-2019-20098 RESERVED -CVE-2019-20097 - RESERVED +CVE-2019-20097 (Bitbucket Server and Bitbucket Data Center versions starting from 1.0. ...) + TODO: check CVE-2019-20096 (In the Linux kernel before 5.1, there is a memory leak in __feat_regis ...) - linux 5.2.6-1 [jessie] - linux 3.16.72-1 @@ -1301,18 +1303,18 @@ CVE-2019-19861 REJECTED CVE-2019-19860 RESERVED -CVE-2019-19859 - RESERVED -CVE-2019-19858 - RESERVED -CVE-2019-19857 - RESERVED -CVE-2019-19856 - RESERVED -CVE-2019-19855 - RESERVED -CVE-2019-19854 - RESERVED +CVE-2019-19859 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...) + TODO: check +CVE-2019-19858 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...) + TODO: check +CVE-2019-19857 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...) + TODO: check +CVE-2019-19856 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...) + TODO: check +CVE-2019-19855 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...) + TODO: check +CVE-2019-19854 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...) + TODO: check CVE-2019-19853 RESERVED CVE-2019-19852 @@ -13026,12 +13028,12 @@ CVE-2019-15014 (A command injection vulnerability exists in the Zingbox Inspecto NOT-FOR-US: Zingbox Inspector CVE-2019-15013 (The WorkflowResource class removeStatus method in Jira before version ...) NOT-FOR-US: Atlassian -CVE-2019-15012 - RESERVED +CVE-2019-15012 (Bitbucket Server and Bitbucket Data Center from version 4.13. before 5 ...) + TODO: check CVE-2019-15011 (The ListEntityLinksServlet resource in Application Links before versio ...) NOT-FOR-US: Application Links -CVE-2019-15010 - RESERVED +CVE-2019-15010 (Bitbucket Server and Bitbucket Data Center versions starting from vers ...) + TODO: check CVE-2019-15009 (The /json/profile/removeStarAjax.do resource in Atlassian Fisheye and ...) NOT-FOR-US: Atlassian Fisheye and Crucible CVE-2019-15008 (The /plugins/servlet/branchreview resource in Atlassian Fisheye and Cr ...) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index dfc9f7d5b8..6b91c825ea 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,15 @@ +CVE-2020-7109 + RESERVED +CVE-2020-7108 (The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ...) + TODO: check +CVE-2020-7107 (The Ultimate FAQ plugin before 1.8.30 for WordPress allows XSS via Dis ...) + TODO: check +CVE-2020-7106 (Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.p ...) + TODO: check +CVE-2020-7105 (async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a N ...) + TODO: check +CVE-2020-7104 + RESERVED CVE-2020-7103 RESERVED CVE-2020-7102 @@ -120,10 +132,10 @@ CVE-2020-7047 RESERVED CVE-2020-7046 RESERVED -CVE-2020-7045 - RESERVED -CVE-2020-7044 - RESERVED +CVE-2020-7045 (In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. Thi ...) + TODO: check +CVE-2020-7044 (In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This ...) + TODO: check CVE-2020-7043 RESERVED CVE-2020-7042 |