Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0b2cc4de by security tracker role at 2019-01-14T20:10:22Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,51 @@
+CVE-2019-6278 (XSS exists in JPress v1.0.4 via Markdown input, or Markdown
input with ...)
+ TODO: check
+CVE-2019-6277
+ RESERVED
+CVE-2019-6276
+ RESERVED
+CVE-2019-6275
+ RESERVED
+CVE-2019-6274
+ RESERVED
+CVE-2019-6273
+ RESERVED
+CVE-2019-6272
+ RESERVED
+CVE-2019-6271
+ RESERVED
+CVE-2019-6270
+ RESERVED
+CVE-2019-6269
+ RESERVED
+CVE-2019-6268
+ RESERVED
+CVE-2019-6267
+ RESERVED
+CVE-2019-6266
+ RESERVED
+CVE-2019-6265
+ RESERVED
+CVE-2019-6264
+ RESERVED
+CVE-2019-6263
+ RESERVED
+CVE-2019-6262
+ RESERVED
+CVE-2019-6261
+ RESERVED
+CVE-2019-6260
+ RESERVED
+CVE-2019-6259 (An issue was discovered in idreamsoft iCMS V7.0.13. There is
SQL ...)
+ TODO: check
+CVE-2018-20707
+ RESERVED
+CVE-2018-20706
+ RESERVED
+CVE-2018-20705
+ RESERVED
+CVE-2018-20704
+ RESERVED
CVE-2019-6258
RESERVED
CVE-2019-6257 (A Server Side Request Forgery (SSRF) vulnerability in elFinder
before ...)
@@ -21171,6 +21219,7 @@ CVE-2018-17462 (Incorrect refcounting in AppCache in
Google Chrome prior to ...)
- chromium-browser 70.0.3538.67-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
CVE-2018-17461 (An out of bounds read in PDFium in Google Chrome prior to
68.0.3440.75 ...)
+ {DSA-4256-1}
- chromium-browser 68.0.3440.75-1
[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
CVE-2018-17460
@@ -22549,8 +22598,7 @@ CVE-2018-16888 [kills privileged process if
unprivileged PIDFile was tampered]
NOTE: Upstream patches: https://github.com/systemd/systemd/pull/7816
CVE-2018-16887 (A cross-site scripting (XSS) flaw was found in the katello
component ...)
NOT-FOR-US: Katello
-CVE-2018-16886
- RESERVED
+CVE-2018-16886 (etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are
...)
- etcd <unfixed>
NOTE: Introduced by:
https://github.com/etcd-io/etcd/commit/0191509637546621d6f2e18e074e955ab8ef374d
NOTE: Upstream issue: https://github.com/etcd-io/etcd/pull/10366
@@ -63701,12 +63749,12 @@ CVE-2018-1971
RESERVED
CVE-2018-1970
RESERVED
-CVE-2018-1969
- RESERVED
+CVE-2018-1969 (IBM Security Identity Manager 6.0.0 allows the attacker to
upload or ...)
+ TODO: check
CVE-2018-1968
RESERVED
-CVE-2018-1967
- RESERVED
+CVE-2018-1967 (IBM Security Identity Manager 6.0.0 is vulnerable to cross-site
...)
+ TODO: check
CVE-2018-1966
RESERVED
CVE-2018-1965
@@ -63727,8 +63775,8 @@ CVE-2018-1958
RESERVED
CVE-2018-1957 (IBM WebSphere Application Server 9 could allow sensitive
information ...)
NOT-FOR-US: IBM
-CVE-2018-1956
- RESERVED
+CVE-2018-1956 (IBM Security Identity Manager 6.0.0 does not require that users
should ...)
+ TODO: check
CVE-2018-1955
RESERVED
CVE-2018-1954
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b2cc4de10b011fc93173da55d06bc6efd8985ef
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b2cc4de10b011fc93173da55d06bc6efd8985ef
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
