From 532d162355544dc667fc667d155deae3c6439ef8 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Thu, 25 Feb 2021 20:10:23 +0000 Subject: automatic update --- data/CVE/2020.list | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'data/CVE/2020.list') diff --git a/data/CVE/2020.list b/data/CVE/2020.list index de6ff1bfdb..917f68a05a 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,4 +1,4 @@ -CVE-2020-36254 +CVE-2020-36254 (scp.c in Dropbear before 2020.79 mishandles the filename of . or an em ...) - dropbear 2020.79-1 NOTE: https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff CVE-2020-36253 @@ -7843,8 +7843,8 @@ CVE-2020-27545 RESERVED CVE-2020-27544 RESERVED -CVE-2020-27543 - RESERVED +CVE-2020-27543 (The restify-paginate package 0.0.5 for Node.js allows remote attackers ...) + TODO: check CVE-2020-27542 (Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. ...) NOT-FOR-US: Rostelecom CS-C2SHW CVE-2020-27541 (Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. Agen ...) @@ -16826,8 +16826,8 @@ CVE-2020-23536 RESERVED CVE-2020-23535 RESERVED -CVE-2020-23534 - RESERVED +CVE-2020-23534 (A server-side request forgery (SSRF) vulnerability in Upgrade.php of g ...) + TODO: check CVE-2020-23533 RESERVED CVE-2020-23532 @@ -52359,8 +52359,8 @@ CVE-2020-8034 (Gollem before 3.0.13, as used in Horde Groupware Webmail Edition NOTE: https://github.com/horde/gollem/commit/a73bef1aef27d4cbfc7b939c2a81dea69aabb083 CVE-2020-8033 (Ruckus R500 3.4.2.0.384 devices allow XSS via the index.asp Device Nam ...) NOT-FOR-US: Ruckus -CVE-2020-8032 - RESERVED +CVE-2020-8032 (A Insecure Temporary File vulnerability in the packaging of cyrus-sasl ...) + TODO: check CVE-2020-8031 (A Improper Neutralization of Input During Web Page Generation ('Cross- ...) - open-build-service NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1178880 -- cgit v1.2.3