[Git][security-tracker-team/security-tracker][master] automatic update

Fri, 11 Jan 2019 00:10:51 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5af0994d by security tracker role at 2019-01-11T08:10:16Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,83 @@
+CVE-2019-6132 (An issue was discovered in Bento4 v1.5.1-627. There is a memory 
leak in ...)
+       TODO: check
+CVE-2019-6131 (svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with 
stack ...)
+       TODO: check
+CVE-2019-6130 (Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of 
the ...)
+       TODO: check
+CVE-2019-6129 (png_create_info_struct in png.c in libpng 1.6.36 has a memory 
leak, as ...)
+       TODO: check
+CVE-2019-6128 (The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a 
memory ...)
+       TODO: check
+CVE-2019-6127 (An issue was discovered in XiaoCms 20141229. It allows ...)
+       TODO: check
+CVE-2019-6126 (The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM 
Script ...)
+       TODO: check
+CVE-2019-6125
+       RESERVED
+CVE-2019-6124
+       RESERVED
+CVE-2019-6123
+       RESERVED
+CVE-2019-6122
+       RESERVED
+CVE-2019-6121
+       RESERVED
+CVE-2019-6120
+       RESERVED
+CVE-2019-6119
+       RESERVED
+CVE-2019-6118
+       RESERVED
+CVE-2019-6117
+       RESERVED
+CVE-2019-6116
+       RESERVED
+CVE-2019-6115
+       RESERVED
+CVE-2019-6114
+       RESERVED
+CVE-2019-6113
+       RESERVED
+CVE-2019-6112
+       RESERVED
+CVE-2019-6111
+       RESERVED
+CVE-2019-6110
+       RESERVED
+CVE-2019-6109
+       RESERVED
+CVE-2018-20698
+       RESERVED
+CVE-2018-20697
+       RESERVED
+CVE-2018-20696
+       RESERVED
+CVE-2018-20695
+       RESERVED
+CVE-2018-20694
+       RESERVED
+CVE-2018-20693
+       RESERVED
+CVE-2018-20692
+       RESERVED
+CVE-2018-20691
+       RESERVED
+CVE-2018-20690
+       RESERVED
+CVE-2018-20689
+       RESERVED
+CVE-2018-20688
+       RESERVED
+CVE-2018-20687
+       RESERVED
+CVE-2018-20686
+       RESERVED
+CVE-2018-20684 (In WinSCP before 5.14 beta, due to missing validation, the scp 
...)
+       TODO: check
+CVE-2017-1002157 (modulemd 1.3.1 and earlier uses an unsafe function for 
processing ...)
+       TODO: check
+CVE-2017-1002152 (Bodhi 2.9.0 and lower is vulnerable to cross-site scripting 
resulting ...)
+       TODO: check
 CVE-2019-6108
        RESERVED
 CVE-2019-6107
@@ -708,7 +788,7 @@ CVE-2019-5755
        RESERVED
 CVE-2019-5754
        RESERVED
-CVE-2018-20685 [scp: bypass of access restrictions via the filename of . or an 
empty filename]
+CVE-2018-20685 (In OpenSSH 7.9, scp.c in the scp client allows remote SSH 
servers to ...)
        - openssh <unfixed>
        NOTE: 
https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2
 CVE-2018-20682 (Fork CMS 5.0.6 allows stored XSS via the private/en/settings 
...)
@@ -5575,6 +5655,7 @@ CVE-2019-3462
        RESERVED
 CVE-2019-3461
        RESERVED
+       {DSA-4365-1}
        - tmpreaper <unfixed> (bug #918956)
 CVE-2019-3460 [Heap data infoleak in multiple locations including 
functionl2cap_parse_conf_rsp]
        RESERVED
@@ -16185,8 +16266,8 @@ CVE-2019-0090
        RESERVED
 CVE-2019-0089
        RESERVED
-CVE-2019-0088
-       RESERVED
+CVE-2019-0088 (Insufficient path checking in Intel(R) System Support Utility 
for ...)
+       TODO: check
 CVE-2019-0087
        RESERVED
 CVE-2019-0086
@@ -19223,8 +19304,8 @@ CVE-2018-18100
        RESERVED
 CVE-2018-18099
        RESERVED
-CVE-2018-18098
-       RESERVED
+CVE-2018-18098 (Improper file verification in install routine for Intel(R) SGX 
SDK and ...)
+       TODO: check
 CVE-2018-18097 (Improper directory permissions in Intel Solid State Drive 
Toolbox ...)
        NOT-FOR-US: Intel Solid State Drive Toolbox
 CVE-2018-18096 (Improper memory handling in Intel QuickAssist Technology for 
Linux ...)
@@ -25941,10 +26022,10 @@ CVE-2018-15463
        RESERVED
 CVE-2018-15462
        RESERVED
-CVE-2018-15461
-       RESERVED
-CVE-2018-15460
-       RESERVED
+CVE-2018-15461 (A vulnerability in the MyWebex component of Cisco Webex 
Business Suite ...)
+       TODO: check
+CVE-2018-15460 (A vulnerability in the email message filtering feature of 
Cisco ...)
+       TODO: check
 CVE-2018-15459
        RESERVED
 CVE-2018-15458 (A vulnerability in the Shell Access Filter feature of Cisco 
Firepower ...)
@@ -34440,8 +34521,8 @@ CVE-2018-12179
        RESERVED
 CVE-2018-12178
        RESERVED
-CVE-2018-12177
-       RESERVED
+CVE-2018-12177 (Improper directory permissions in the ZeroConfig service in 
Intel(R) ...)
+       TODO: check
 CVE-2018-12176 (Improper input validation in firmware for Intel NUC Kits may 
allow a ...)
        NOT-FOR-US: Intel
 CVE-2018-12175 (Default install directory permissions in Intel Distribution 
for Python ...)
@@ -34461,10 +34542,10 @@ CVE-2018-12169 (Platform sample code firmware in 4th 
Generation Intel Core Proce
        NOTE: 
https://edk2-docs.gitbooks.io/security-advisory/content/unauthenticated-firmware-chain-of-trust-bypass.html
 CVE-2018-12168 (Privilege escalation in file permissions in Intel Computing 
...)
        NOT-FOR-US: Intel
-CVE-2018-12167
-       RESERVED
-CVE-2018-12166
-       RESERVED
+CVE-2018-12167 (Firmware update routine in bootloader for Intel(R) Optane(TM) 
SSD DC ...)
+       TODO: check
+CVE-2018-12166 (Insufficient write protection in firmware for Intel(R) 
Optane(TM) SSD ...)
+       TODO: check
 CVE-2018-12165
        RESERVED
 CVE-2018-12164
@@ -53612,10 +53693,10 @@ CVE-2018-5415
        RESERVED
 CVE-2018-5414
        RESERVED
-CVE-2018-5413
-       RESERVED
-CVE-2018-5412
-       RESERVED
+CVE-2018-5413 (Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low 
...)
+       TODO: check
+CVE-2018-5412 (Imperva SecureSphere running v12.0.0.50 is vulnerable to local 
...)
+       TODO: check
 CVE-2018-5411 (Pixar's Tractor software, versions 2.2 and earlier, contain a 
stored ...)
        NOT-FOR-US: Pixar Tractor
 CVE-2018-5410 (Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are 
vulnerable to a ...)
@@ -53640,8 +53721,8 @@ CVE-2018-5405
        RESERVED
 CVE-2018-5404
        RESERVED
-CVE-2018-5403
-       RESERVED
+CVE-2018-5403 (Imperva SecureSphere gateway (GW) running v13, for both 
pre-First Time ...)
+       TODO: check
 CVE-2018-5402 (The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer 
Android App ...)
        NOT-FOR-US: Auto-Maskin
 CVE-2018-5401 (The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer 
Android App ...)
@@ -58315,8 +58396,8 @@ CVE-2018-3705 (Improper directory permissions in the 
installer for the Intel Sys
        NOT-FOR-US: Intel System Defense Utility
 CVE-2018-3704 (Improper directory permissions in the installer for the Intel 
Parallel ...)
        NOT-FOR-US: Intel Parallel Studio
-CVE-2018-3703
-       RESERVED
+CVE-2018-3703 (Improper directory permissions in the installer for the 
Intel(R) SSD ...)
+       TODO: check
 CVE-2018-3702
        RESERVED
 CVE-2018-3701
@@ -110888,8 +110969,8 @@ CVE-2017-3720
        RESERVED
 CVE-2017-3719
        RESERVED
-CVE-2017-3718
-       RESERVED
+CVE-2017-3718 (Improper setting of device configuration in system firmware for 
...)
+       TODO: check
 CVE-2017-3717
        RESERVED
 CVE-2017-3716



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5af0994d1454150ad84f6e2cfdbd83d4b866d3f0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5af0994d1454150ad84f6e2cfdbd83d4b866d3f0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to