Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8f6fc2ed by security tracker role at 2019-02-08T08:10:13Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2019-7634
+ RESERVED
+CVE-2019-7633
+ RESERVED
+CVE-2019-7632 (LifeSize Team, Room, Passport, and Networker 220 devices allow
...)
+ TODO: check
+CVE-2019-7631
+ RESERVED
+CVE-2019-7630
+ RESERVED
+CVE-2019-7629
+ RESERVED
+CVE-2019-7628 (Pagure 5.2 leaks API keys by e-mailing them to users. Few
e-mail ...)
+ TODO: check
CVE-2019-7627
RESERVED
CVE-2019-7626
@@ -544,8 +558,8 @@ CVE-2019-7403 (An issue was discovered in PHPMyWind 5.5. It
allows remote attack
NOT-FOR-US: PHPMyWind
CVE-2019-7402 (An issue was discovered in PHPMyWind 5.5. The GetQQ function in
...)
NOT-FOR-US: PHPMyWind
-CVE-2019-7401
- RESERVED
+CVE-2019-7401 (NGINX Unit before 1.7.1 might allow an attacker to cause a
heap-based ...)
+ TODO: check
CVE-2017-1000000
RESERVED
CVE-2014-1000000
@@ -3417,8 +3431,8 @@ CVE-2019-6244 (An issue was discovered in UsualToolCMS
8.0. ...)
NOT-FOR-US: UsualToolCMS
CVE-2019-6243 (Frog CMS 0.9.5 allows XSS via the forgot password page (aka the
...)
NOT-FOR-US: Frog CMS
-CVE-2019-6242
- RESERVED
+CVE-2019-6242 (** DISPUTED ** Kentico v10.0.42 allows Global Administrators to
read ...)
+ TODO: check
CVE-2019-6241
RESERVED
CVE-2019-6240 [Arbitrary repo read in Gitlab project import]
@@ -3629,8 +3643,8 @@ CVE-2019-6141
RESERVED
CVE-2019-6140
RESERVED
-CVE-2019-6139
- RESERVED
+CVE-2019-6139 (Forcepoint User ID (FUID) server versions up to 1.2 have a
remote ...)
+ TODO: check
CVE-2019-6138 (An issue has been found in libIEC61850 v1.3.1. Memory_malloc
and ...)
NOT-FOR-US: libIEC61850
CVE-2019-6137 (An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress
in ...)
@@ -15211,28 +15225,28 @@ CVE-2019-1682
RESERVED
CVE-2019-1681
RESERVED
-CVE-2019-1680
- RESERVED
-CVE-2019-1679
- RESERVED
-CVE-2019-1678
- RESERVED
+CVE-2019-1680 (A vulnerability in Cisco Webex Business Suite could allow an
...)
+ TODO: check
+CVE-2019-1679 (A vulnerability in the web interface of Cisco TelePresence
Conductor, ...)
+ TODO: check
+CVE-2019-1678 (A vulnerability in Cisco Meeting Server could allow an
authenticated, ...)
+ TODO: check
CVE-2019-1677 (A vulnerability in Cisco Webex Meetings for Android could allow
an ...)
TODO: check
CVE-2019-1676
RESERVED
-CVE-2019-1675
- RESERVED
+CVE-2019-1675 (A vulnerability in the default configuration of the Cisco
Aironet ...)
+ TODO: check
CVE-2019-1674
RESERVED
CVE-2019-1673
RESERVED
CVE-2019-1672
RESERVED
-CVE-2019-1671
- RESERVED
-CVE-2019-1670
- RESERVED
+CVE-2019-1671 (A vulnerability in the web-based management interface of Cisco
...)
+ TODO: check
+CVE-2019-1670 (A vulnerability in the web-based management interface of Cisco
Unified ...)
+ TODO: check
CVE-2019-1669 (A vulnerability in the data acquisition (DAQ) component of
Cisco ...)
NOT-FOR-US: Cisco
CVE-2019-1668 (A vulnerability in the chat feed feature of Cisco SocialMiner
could ...)
@@ -15249,10 +15263,10 @@ CVE-2019-1663
RESERVED
CVE-2019-1662
RESERVED
-CVE-2019-1661
- RESERVED
-CVE-2019-1660
- RESERVED
+CVE-2019-1661 (A vulnerability in the web-based management interface of Cisco
...)
+ TODO: check
+CVE-2019-1660 (A vulnerability in the Simple Object Access Protocol (SOAP) of
Cisco ...)
+ TODO: check
CVE-2019-1659
RESERVED
CVE-2019-1658 (A vulnerability in the web-based management interface of Cisco
Unified ...)
@@ -63140,7 +63154,7 @@ CVE-2017-17836 (In Apache Airflow 1.8.2 and earlier, an
experimental Airflow fea
CVE-2017-17835 (In Apache Airflow 1.8.2 and earlier, a CSRF vulnerability
allowed for ...)
NOT-FOR-US: Apache Airflow
CVE-2017-17834
- RESERVED
+ REJECTED
CVE-2017-17833 (OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a
...)
{DLA-1364-1}
- openslp-dfsg <removed> (low)
@@ -69377,8 +69391,7 @@ CVE-2017-17461
REJECTED
CVE-2017-17460
RESERVED
-CVE-2018-1340 [Secure flag missing from session cookie]
- RESERVED
+CVE-2018-1340 (Prior to 1.0.0, Apache Guacamole used a cookie for client-side
storage ...)
- guacamole-client <unfixed> (bug #920796)
[jessie] - guacamole-client <not-affected> (Vulnerable code not present)
- guacamole <removed>
@@ -69562,8 +69575,7 @@ CVE-2018-1297 (When using Distributed Test only (RMI
based), Apache JMeter 2.x a
[wheezy] - jakarta-jmeter <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2018/02/11/1
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62039
-CVE-2018-1296
- RESERVED
+CVE-2018-1296 (In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3,
and ...)
- hadoop <itp> (bug #793644)
CVE-2018-1295 (In Apache Ignite 2.3 or earlier, the serialization mechanism
does not ...)
NOT-FOR-US: Apache Ignite
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8f6fc2ed21cfd2504962d43bd0d649d72e9c98ed
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8f6fc2ed21cfd2504962d43bd0d649d72e9c98ed
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
