diff -ruN vuxml.orig/vuln.xml vuxml/vuln.xml --- vuxml.orig/vuln.xml 2020-07-19 11:11:25.000000000 +0200 +++ vuxml/vuln.xml 2020-07-21 15:11:49.199320000 +0200 @@ -58,6 +58,45 @@ * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + Cacti -- multiple vulnerabilities + + + cacti + 1.2.13 + + + + +

The Cacti developers reports:

+
Multiple fixes for bundled jQuery to prevent + code exec (CVE-2020-11022, CVE-2020-11023).
+
PHPMail contains a escaping bug + (CVE-2020-13625).
+
SQL Injection via color.php in Cacti + (CVE-2020-14295).
+

+ + + + https://www.cacti.net/release_notes.php?version=1.2.13 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13625 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14295 + CVE-2020-11022 + CVE-2020-11023 + CVE-2020-13625 + CVE-2020-14295 + ports/248139 + + + 2020-07-15 + 2020-07-21 + + + VirtualBox -- Multiple vulnerabilities