From 669473916a9331d0cc1e96412bbc7829b7b794ef Mon Sep 17 00:00:00 2001 From: security tracker role Date: Fri, 5 Mar 2021 20:10:30 +0000 Subject: automatic update --- data/CVE/2020.list | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'data/CVE/2020.list') diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 2011724d01..61b45d906e 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1564,8 +1564,8 @@ CVE-2020-35596 RESERVED CVE-2020-35595 RESERVED -CVE-2020-35594 - RESERVED +CVE-2020-35594 (Zoho ManageEngine ADManager Plus before 7066 allows XSS. ...) + TODO: check CVE-2020-35593 RESERVED CVE-2020-35592 (Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the a ...) @@ -2795,8 +2795,8 @@ CVE-2020-29660 (A locking inconsistency issue was discovered in the tty subsyste NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2125 CVE-2020-29659 (A buffer overflow in the web server of Flexense DupScout Enterprise 10 ...) NOT-FOR-US: Flexense DupScout Enterprise -CVE-2020-29658 - RESERVED +CVE-2020-29658 (Zoho ManageEngine Application Control Plus before 100523 has an insecu ...) + TODO: check CVE-2020-29657 (In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unh ...) - iotjs (bug #977736; unimportant) NOTE: https://github.com/jerryscript-project/jerryscript/issues/4244 @@ -4040,8 +4040,8 @@ CVE-2020-29136 (In cPanel before 90.0.17, 2FA can be bypassed via a brute-force NOT-FOR-US: cPanel CVE-2020-29135 (cPanel before 90.0.17 has multiple instances of URL parameter injectio ...) NOT-FOR-US: cPanel -CVE-2020-29134 - RESERVED +CVE-2020-29134 (TOTVS Fluig Luke 1.7.0 allows directory traversal via a base64 encoded ...) + TODO: check CVE-2020-29133 (jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal ...) NOT-FOR-US: Coremail XT CVE-2020-29132 @@ -4261,8 +4261,8 @@ CVE-2020-29034 RESERVED CVE-2020-29033 RESERVED -CVE-2020-29032 - RESERVED +CVE-2020-29032 (Upload of Code Without Integrity Check vulnerability in firmware archi ...) + TODO: check CVE-2020-29031 (An Insecure Direct Object Reference vulnerability exists in the web UI ...) NOT-FOR-US: GateManager CVE-2020-29030 @@ -5445,8 +5445,8 @@ CVE-2020-28504 RESERVED CVE-2020-28503 RESERVED -CVE-2020-28502 - RESERVED +CVE-2020-28502 (This affects the package xmlhttprequest before 1.7.0; all versions of ...) + TODO: check CVE-2020-28501 RESERVED CVE-2020-28500 (All versions of package lodash; all versions of package org.fujion.web ...) @@ -6450,8 +6450,8 @@ CVE-2020-28052 (An issue was discovered in Legion of the Bouncy Castle BC Java 1 NOTE: Fixed by: https://github.com/bcgit/bc-java/commit/97578f9b7ed277e6ecb58834e85e3d18385a4219 (r1rv67) CVE-2020-28051 RESERVED -CVE-2020-28050 - RESERVED +CVE-2020-28050 (Zoho ManageEngine Desktop Central before build 10.0.647 allows a singl ...) + TODO: check CVE-2020-28049 (An issue was discovered in SDDM before 0.19.0. It incorrectly starts t ...) {DSA-4783-1 DLA-2436-1} - sddm 0.19.0-1 (bug #973748) -- cgit v1.2.3