diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-08-03 20:10:26 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-08-03 20:10:26 +0000 |
commit | c303431f2cb0ec588190867e93b3df336bdf7743 (patch) | |
tree | 0fd343883a86d2f4710a11b6ea3e5b0f7865b694 /data/CVE | |
parent | c6be6d4495f9af0329fca62958201e493ad1dbc8 (diff) |
automatic update
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2015.list | 2 | ||||
-rw-r--r-- | data/CVE/2019.list | 16 | ||||
-rw-r--r-- | data/CVE/2020.list | 110 |
3 files changed, 86 insertions, 42 deletions
diff --git a/data/CVE/2015.list b/data/CVE/2015.list index 483e41bcda..a7bf7785ce 100644 --- a/data/CVE/2015.list +++ b/data/CVE/2015.list @@ -1,3 +1,5 @@ +CVE-2015-9549 (A reflected Cross-site Scripting (XSS) vulnerability exists in OcPorta ...) + TODO: check CVE-2015-9548 (An issue was discovered in Mattermost Server before 1.2.0. It allows a ...) NOT-FOR-US: Mattermost CVE-2015-9547 (An issue was discovered on Samsung mobile devices with JBP(4.3) and KK ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 264c2ff89c..7ca998a05a 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -3825,12 +3825,12 @@ CVE-2019-19457 (SALTO ProAccess SPACE 5.4.3.0 allows XSS. ...) NOT-FOR-US: SALTO ProAccess SPACE CVE-2019-19456 (A Reflected XSS was found in the server selection box inside the login ...) NOT-FOR-US: Wowza Streaming Engine -CVE-2019-19455 - RESERVED +CVE-2019-19455 (Wowza Streaming Engine through 2019-11-28 has Insecure Permissions. ...) + TODO: check CVE-2019-19454 (An arbitrary file download was found in the "Download Log" functionali ...) NOT-FOR-US: Wowza Streaming Engine -CVE-2019-19453 - RESERVED +CVE-2019-19453 (Wowza Streaming Engine through 2019-11-28 allows XSS (issue 1 of 2). ...) + TODO: check CVE-2019-19452 (A buffer overflow was found in Patriot Viper RGB through 1.1 when proc ...) NOT-FOR-US: Patriot Viper RGB CVE-2019-19451 (When GNOME Dia before 2019-11-27 is launched with a filename argument ...) @@ -43185,8 +43185,8 @@ CVE-2019-4591 (IBM Maximo Asset Management 7.6.0 and 7.6.1 does not invalidate s NOT-FOR-US: IBM CVE-2019-4590 RESERVED -CVE-2019-4589 - RESERVED +CVE-2019-4589 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to privlege escalatio ...) + TODO: check CVE-2019-4588 RESERVED CVE-2019-4587 @@ -43631,8 +43631,8 @@ CVE-2019-4368 RESERVED CVE-2019-4367 RESERVED -CVE-2019-4366 - RESERVED +CVE-2019-4366 (IBM Cognos Analytics 11.0 and 11.1 is susceptible to an information di ...) + TODO: check CVE-2019-4365 RESERVED CVE-2019-4364 (IBM Maximo Asset Management 7.6 is vulnerable to CSV injection, which ...) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index b3c7f783aa..d1786ef17e 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,45 @@ +CVE-2020-16286 + RESERVED +CVE-2020-16285 + RESERVED +CVE-2020-16284 + RESERVED +CVE-2020-16283 + RESERVED +CVE-2020-16282 + RESERVED +CVE-2020-16281 + RESERVED +CVE-2020-16280 + RESERVED +CVE-2020-16279 + RESERVED +CVE-2020-16278 + RESERVED +CVE-2020-16277 + RESERVED +CVE-2020-16276 + RESERVED +CVE-2020-16275 + RESERVED +CVE-2020-16274 + RESERVED +CVE-2020-16273 + RESERVED +CVE-2020-16272 (The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is mis ...) + TODO: check +CVE-2020-16271 (The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 genera ...) + TODO: check +CVE-2020-16270 + RESERVED +CVE-2020-16269 (radare2 4.5.0 misparses DWARF information in executable files, causing ...) + TODO: check +CVE-2020-16268 + RESERVED +CVE-2020-16267 + RESERVED +CVE-2020-16266 + RESERVED CVE-2020-16265 RESERVED CVE-2020-16264 @@ -271,8 +313,8 @@ CVE-2020-16133 RESERVED CVE-2020-16132 RESERVED -CVE-2020-16131 - RESERVED +CVE-2020-16131 (Tiki before 21.2 allows XSS because [\s\/"\'] is not properly consider ...) + TODO: check CVE-2020-16130 RESERVED CVE-2020-16129 @@ -1021,6 +1063,7 @@ CVE-2020-15805 CVE-2020-15804 RESERVED CVE-2020-15803 (Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x bef ...) + {DLA-2311-1} - zabbix 1:5.0.2+dfsg-1 (bug #966146) [buster] - zabbix <no-dsa> (Minor issue) NOTE: https://support.zabbix.com/browse/ZBX-18057 @@ -4381,8 +4424,7 @@ CVE-2020-14321 RESERVED CVE-2020-14320 RESERVED -CVE-2020-14319 - RESERVED +CVE-2020-14319 (It was found that the AMQ Online console is vulnerable to a Cross-Site ...) NOT-FOR-US: AMQ Online CVE-2020-14318 RESERVED @@ -5638,8 +5680,8 @@ CVE-2020-13822 (The Elliptic package 6.5.2 for Node.js allows ECDSA signature ma NOTE: https://github.com/indutny/elliptic/issues/226 CVE-2020-13821 RESERVED -CVE-2020-13820 - RESERVED +CVE-2020-13820 (Extreme Management Center 8.4.1.24 allows unauthenticated reflected XS ...) + TODO: check CVE-2020-13819 RESERVED CVE-2020-13818 (In Zoho ManageEngine OpManager before 125144, when <cachestart> ...) @@ -8148,8 +8190,8 @@ CVE-2020-12740 (tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer ov NOTE: Fixed with: https://github.com/appneta/tcpreplay/issues/578 NOTE: --fuzz-seed in PoC not present until version 4.2.0 NOTE: Crash in CLI tool, no security impact -CVE-2020-12739 - RESERVED +CVE-2020-12739 (A vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could ...) + TODO: check CVE-2020-12738 RESERVED CVE-2020-12737 (An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authen ...) @@ -18242,10 +18284,10 @@ CVE-2020-8577 RESERVED CVE-2020-8576 RESERVED -CVE-2020-8575 - RESERVED -CVE-2020-8574 - RESERVED +CVE-2020-8575 (Active IQ Unified Manager for VMware vSphere and Windows versions prio ...) + TODO: check +CVE-2020-8574 (Active IQ Unified Manager for Linux versions prior to 9.6 ship with th ...) + TODO: check CVE-2020-8573 (The NetApp HCI H610C, H615C and H610S Baseboard Management Controllers ...) NOT-FOR-US: NetApp CVE-2020-8572 (Element OS prior to version 12.0 and Element HealthTools prior to vers ...) @@ -19324,8 +19366,8 @@ CVE-2020-8110 RESERVED CVE-2020-8109 RESERVED -CVE-2020-8108 - RESERVED +CVE-2020-8108 (Improper Authentication vulnerability in Bitdefender Endpoint Security ...) + TODO: check CVE-2020-8107 RESERVED CVE-2020-8106 @@ -27468,8 +27510,8 @@ CVE-2020-4562 RESERVED CVE-2020-4561 RESERVED -CVE-2020-4560 - RESERVED +CVE-2020-4560 (IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site sc ...) + TODO: check CVE-2020-4559 RESERVED CVE-2020-4558 @@ -27480,18 +27522,18 @@ CVE-2020-4556 RESERVED CVE-2020-4555 RESERVED -CVE-2020-4554 - RESERVED -CVE-2020-4553 - RESERVED -CVE-2020-4552 - RESERVED -CVE-2020-4551 - RESERVED -CVE-2020-4550 - RESERVED -CVE-2020-4549 - RESERVED +CVE-2020-4554 (IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker t ...) + TODO: check +CVE-2020-4553 (IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker t ...) + TODO: check +CVE-2020-4552 (IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute ...) + TODO: check +CVE-2020-4551 (IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker t ...) + TODO: check +CVE-2020-4550 (IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker t ...) + TODO: check +CVE-2020-4549 (IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute ...) + TODO: check CVE-2020-4548 RESERVED CVE-2020-4547 @@ -27520,8 +27562,8 @@ CVE-2020-4536 RESERVED CVE-2020-4535 RESERVED -CVE-2020-4534 - RESERVED +CVE-2020-4534 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...) + TODO: check CVE-2020-4533 RESERVED CVE-2020-4532 (IBM Business Automation Workflow and IBM Business Process Manager (IBM ...) @@ -27834,8 +27876,8 @@ CVE-2020-4379 (IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expec NOT-FOR-US: IBM CVE-2020-4378 (IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged au ...) NOT-FOR-US: IBM -CVE-2020-4377 - RESERVED +CVE-2020-4377 (IBM Cognos Anaytics 11.0 and 11.1 is vulnerable to an XML External Ent ...) + TODO: check CVE-2020-4376 (IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could ...) NOT-FOR-US: IBM CVE-2020-4375 (IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 ...) @@ -27932,8 +27974,8 @@ CVE-2020-4330 RESERVED CVE-2020-4329 (IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0 ...) NOT-FOR-US: IBM -CVE-2020-4328 - RESERVED +CVE-2020-4328 (IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection ...) + TODO: check CVE-2020-4327 (IBM Security Secret Server 10.7 could allow a remote attacker to obtai ...) NOT-FOR-US: IBM CVE-2020-4326 |