From f48d5603a0ca5df1679a566934c3f8d5b49065b9 Mon Sep 17 00:00:00 2001 From: security tracker role Date: Fri, 5 Mar 2021 08:10:19 +0000 Subject: automatic update --- data/CVE/2020.list | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) (limited to 'data/CVE/2020.list') diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 0faa1f6d7e..cf23d7f2fd 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,5 @@ +CVE-2020-36255 (An issue was discovered in IdentityModel (aka ScottBrady.IdentityModel ...) + TODO: check CVE-2020-35358 RESERVED CVE-2020-36254 (scp.c in Dropbear before 2020.79 mishandles the filename of . or an em ...) @@ -1475,8 +1477,8 @@ CVE-2020-35638 RESERVED CVE-2020-35637 RESERVED -CVE-2020-35636 - RESERVED +CVE-2020-35636 (A code execution vulnerability exists in the Nef polygon-parsing funct ...) + TODO: check CVE-2020-35635 RESERVED CVE-2020-35634 @@ -1491,8 +1493,8 @@ CVE-2020-35630 RESERVED CVE-2020-35629 RESERVED -CVE-2020-35628 - RESERVED +CVE-2020-35628 (A code execution vulnerability exists in the Nef polygon-parsing funct ...) + TODO: check CVE-2020-35627 (Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vul ...) NOT-FOR-US: Ultimate WooCommerce Gift Cards CVE-2020-35626 (An issue was discovered in the PushToWatch extension for MediaWiki thr ...) @@ -5165,8 +5167,8 @@ CVE-2020-28638 (ask_password in Tomb 2.0 through 2.7 returns a warning when pine NOTE: https://github.com/dyne/Tomb/issues/392 CVE-2020-28637 RESERVED -CVE-2020-28636 - RESERVED +CVE-2020-28636 (A code execution vulnerability exists in the Nef polygon-parsing funct ...) + TODO: check CVE-2020-28635 RESERVED CVE-2020-28634 @@ -5235,8 +5237,8 @@ CVE-2020-28603 RESERVED CVE-2020-28602 RESERVED -CVE-2020-28601 - RESERVED +CVE-2020-28601 (A code execution vulnerability exists in the Nef polygon-parsing funct ...) + TODO: check CVE-2020-28600 RESERVED CVE-2020-28599 (A stack-based buffer overflow vulnerability exists in the import_stl.c ...) @@ -12278,8 +12280,7 @@ CVE-2020-25641 (A flaw was found in the Linux kernel's implementation of biovecs NOTE: https://git.kernel.org/linus/7e24969022cbd61ddc586f14824fc205661bb124 CVE-2020-25640 (A flaw was discovered in WildFly before 21.0.0.Final where, Resource a ...) - wildfly (bug #752018) -CVE-2020-25639 [NULL pointer dereference via nouveau ioctl can lead to DoS] - RESERVED +CVE-2020-25639 (A NULL pointer dereference flaw was found in the Linux kernel’s ...) - linux 5.10.19-1 [buster] - linux (Vulnerable code introduced later) [stretch] - linux (Vulnerable code introduced later) @@ -51692,8 +51693,8 @@ CVE-2020-8300 RESERVED CVE-2020-8299 RESERVED -CVE-2020-8298 - RESERVED +CVE-2020-8298 (fs-path node module before 0.0.25 is vulnerable to command injection b ...) + TODO: check CVE-2020-8297 (Nextcloud Deck before 1.0.2 suffers from an insecure direct object ref ...) NOT-FOR-US: Nextcloud Deck CVE-2020-8296 (Nextcloud Server prior to 20.0.0 stores passwords in a recoverable for ...) @@ -59428,8 +59429,8 @@ CVE-2020-5150 RESERVED CVE-2020-5149 RESERVED -CVE-2020-5148 - RESERVED +CVE-2020-5148 (SonicWall SSO-agent default configuration uses NetAPI to probe the ass ...) + TODO: check CVE-2020-5147 (SonicWall NetExtender Windows client vulnerable to unquoted service pa ...) NOT-FOR-US: SonicWall CVE-2020-5146 (A vulnerability in SonicWall SMA100 appliance allow an authenticated m ...) -- cgit v1.2.3