automatic update

author: security tracker role <sectracker@soriano.debian.org> 2020-09-16 08:10:14 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2020-09-16 08:10:14 +0000
commit: 05a1b64794065ea8baa4d48936d15e3b2d8cc8e5 (patch)
tree: 183fb7bbdc9c9f13f86e6112438193e5aba93727 /data
parent: 8b7183f32a33513f1901dd2573065f54f2fcc2f6 (diff)
1 files changed, 64 insertions, 32 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 6fb622a397..5654604e2c 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,41 @@
+CVE-2020-25613
+	RESERVED
+CVE-2020-25612
+	RESERVED
+CVE-2020-25611
+	RESERVED
+CVE-2020-25610
+	RESERVED
+CVE-2020-25609
+	RESERVED
+CVE-2020-25608
+	RESERVED
+CVE-2020-25607
+	RESERVED
+CVE-2020-25606
+	RESERVED
+CVE-2020-25605
+	RESERVED
+CVE-2020-25604
+	RESERVED
+CVE-2020-25603
+	RESERVED
+CVE-2020-25602
+	RESERVED
+CVE-2020-25601
+	RESERVED
+CVE-2020-25600
+	RESERVED
+CVE-2020-25599
+	RESERVED
+CVE-2020-25598
+	RESERVED
+CVE-2020-25597
+	RESERVED
+CVE-2020-25596
+	RESERVED
+CVE-2020-25595
+	RESERVED
 CVE-2020-25594
 	RESERVED
 CVE-2020-25593
@@ -272,8 +310,8 @@ CVE-2020-25455
 	RESERVED
 CVE-2020-25454
 	RESERVED
-CVE-2020-25453
-	RESERVED
+CVE-2020-25453 (An issue was discovered in BlackCat CMS v.1.3.6. There is a CSRF vulne ...)
+	TODO: check
 CVE-2020-25452
 	RESERVED
 CVE-2020-25451
@@ -2151,8 +2189,8 @@ CVE-2020-24563
 	RESERVED
 CVE-2020-24562
 	RESERVED
-CVE-2020-24561
-	RESERVED
+CVE-2020-24561 (A command injection vulnerability in Trend Micro ServerProtect for Lin ...)
+	TODO: check
 CVE-2020-24560
 	RESERVED
 CVE-2020-24559 (A vulnerability in Trend Micro Apex One on macOS may allow an attacker ...)
@@ -3675,8 +3713,8 @@ CVE-2020-23835 (A Reflected Cross-Site Scripting (XSS) vulnerability in the inde
 	NOT-FOR-US: SourceCodester Tailor Management System
 CVE-2020-23834 (Insecure Service File Permissions in the bd service in Real Time Logic ...)
 	NOT-FOR-US: Real Time Logic BarracudaDrive
-CVE-2020-23833
-	RESERVED
+CVE-2020-23833 (Projectworlds House Rental v1.0 suffers from an unauthenticated SQL In ...)
+	TODO: check
 CVE-2020-23832
 	RESERVED
 CVE-2020-23831 (A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php  ...)
@@ -3685,8 +3723,8 @@ CVE-2020-23830 (A Cross-Site Request Forgery (CSRF) vulnerability in changeUsern
 	NOT-FOR-US: SourceCodester Stock Management System
 CVE-2020-23829 (interface/new/new_comprehensive_save.php in LibreHealth EHR 2.0.0 suff ...)
 	NOT-FOR-US: LibreHealth EHR
-CVE-2020-23828
-	RESERVED
+CVE-2020-23828 (A File Upload vulnerability in SourceCodester Online Course Registrati ...)
+	TODO: check
 CVE-2020-23827
 	RESERVED
 CVE-2020-23826
@@ -23303,8 +23341,7 @@ CVE-2020-14386 [af_packet memory corruption]
 	RESERVED
 	- linux 5.8.7-1
 	NOTE: https://www.openwall.com/lists/oss-security/2020/09/03/3
-CVE-2020-14385 [xfs: fix boundary test in xfs_attr_shortform_verify]
-	RESERVED
+CVE-2020-14385 (A flaw was found in the Linux kernel before 5.9-rc4. A failure of the  ...)
 	- linux 5.8.7-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/f4020438fab05364018c91f7e02ebdd192085933
@@ -23577,8 +23614,7 @@ CVE-2020-14315
 	[stretch] - bsdiff <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/07/09/2
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-16:29.bspatch.asc
-CVE-2020-14314 [buffer uses out of index in ext3/4 filesystem]
-	RESERVED
+CVE-2020-14314 (A memory out-of-bounds read flaw was found in the Linux kernel before  ...)
 	- linux 5.8.7-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1853922
 	NOTE: https://git.kernel.org/linus/5872331b3d91820e14716632ebb56b1399b34fe1
@@ -23621,8 +23657,7 @@ CVE-2020-14305 [memory corruption in Voice over IP nf_conntrack_h323 module]
 	RESERVED
 	- linux 4.12.6-1
 	NOTE: https://patchwork.ozlabs.org/project/netfilter-devel/patch/c2385b5c-309c-cc64-2e10-a0ef62897502@virtuozzo.com/
-CVE-2020-14304 [ethtool when reading eeprom of device could lead to memory leak]
-	RESERVED
+CVE-2020-14304 (A memory disclosure flaw was found in the Linux kernel's ethernet driv ...)
 	- linux <unfixed> (bug #960702)
 CVE-2020-14303 (A flaw was found in the AD DC NBT server in all Samba versions before  ...)
 	- samba 2:4.12.5+dfsg-1
@@ -32490,24 +32525,21 @@ CVE-2020-10769 (A buffer over-read flaw was found in RH kernel versions before 5
 	[stretch] - linux 4.9.161-1
 	[jessie] - linux 3.16.68-1
 	NOTE: https://git.kernel.org/linus/8f9c469348487844328e162db57112f7d347c49f
-CVE-2020-10768 [Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command]
-	RESERVED
+CVE-2020-10768 (A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() fun ...)
 	{DLA-2323-1}
 	- linux 5.7.6-1
 	[buster] - linux 4.19.131-1
 	[stretch] - linux 4.9.228-1
 	NOTE: https://www.openwall.com/lists/oss-security/2020/06/10/1
 	NOTE: https://git.kernel.org/linus/4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf
-CVE-2020-10767 [Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available]
-	RESERVED
+CVE-2020-10767 (A flaw was found in the Linux kernel before 5.8-rc1 in the implementat ...)
 	{DLA-2323-1}
 	- linux 5.7.6-1
 	[buster] - linux 4.19.131-1
 	[stretch] - linux 4.9.228-1
 	NOTE: https://www.openwall.com/lists/oss-security/2020/06/10/1
 	NOTE: https://git.kernel.org/linus/21998a351512eba4ed5969006f0c55882d995ada
-CVE-2020-10766 [Rogue cross-process SSBD shutdown]
-	RESERVED
+CVE-2020-10766 (A logic bug flaw was found in Linux kernel before 5.8-rc1 in the imple ...)
 	{DLA-2323-1}
 	- linux 5.7.6-1
 	[buster] - linux 4.19.131-1
@@ -40545,16 +40577,16 @@ CVE-2020-7299 (Cleartext Storage of Sensitive Information in Memory vulnerabilit
 	NOT-FOR-US: McAfee
 CVE-2020-7298 (Unexpected behavior violation in McAfee Total Protection (MTP) prior t ...)
 	NOT-FOR-US: McAfee
-CVE-2020-7297
-	RESERVED
-CVE-2020-7296
-	RESERVED
-CVE-2020-7295
-	RESERVED
-CVE-2020-7294
-	RESERVED
-CVE-2020-7293
-	RESERVED
+CVE-2020-7297 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
+	TODO: check
+CVE-2020-7296 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
+	TODO: check
+CVE-2020-7295 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
+	TODO: check
+CVE-2020-7294 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
+	TODO: check
+CVE-2020-7293 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
+	TODO: check
 CVE-2020-7292 (Inappropriate Encoding for output context vulnerability in McAfee Web  ...)
 	NOT-FOR-US: McAfee
 CVE-2020-7291 (Privilege Escalation vulnerability in McAfee Active Response (MAR) for ...)
@@ -40603,8 +40635,8 @@ CVE-2020-7270
 	RESERVED
 CVE-2020-7269
 	RESERVED
-CVE-2020-7268
-	RESERVED
+CVE-2020-7268 (Path Traversal vulnerability in McAfee McAfee Email Gateway (MEG) prio ...)
+	TODO: check
 CVE-2020-7267 (Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE ...)
 	NOT-FOR-US: McAfee
 CVE-2020-7266 (Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE ...)
author	security tracker role <sectracker@soriano.debian.org>	2020-09-16 08:10:14 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2020-09-16 08:10:14 +0000
commit	05a1b64794065ea8baa4d48936d15e3b2d8cc8e5 (patch)
tree	183fb7bbdc9c9f13f86e6112438193e5aba93727 /data
parent	8b7183f32a33513f1901dd2573065f54f2fcc2f6 (diff)