[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 08 Feb 2019 12:11:03 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
fd7f5eb8 by security tracker role at 2019-02-08T20:10:33Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2019-7649
+       RESERVED
+CVE-2019-7648 (controller/fetchpwd.php and controller/doAction.php in 
Hotels_Server ...)
+       TODO: check
+CVE-2019-7647
+       RESERVED
+CVE-2019-7646
+       RESERVED
+CVE-2019-7645
+       RESERVED
+CVE-2019-7644
+       RESERVED
+CVE-2019-7643
+       RESERVED
+CVE-2019-7642
+       RESERVED
+CVE-2019-7641
+       RESERVED
+CVE-2019-7640
+       RESERVED
+CVE-2019-7639 (An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 
29. If ...)
+       TODO: check
+CVE-2019-7638 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 
2.0.9 has ...)
+       TODO: check
+CVE-2019-7637 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 
2.0.9 has ...)
+       TODO: check
+CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 
2.0.9 has ...)
+       TODO: check
+CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 
2.0.9 has ...)
+       TODO: check
+CVE-2018-20764 (A buffer overflow exists in HelpSystems tcpcrypt on Linux, 
used for ...)
+       TODO: check
 CVE-2019-7634
        RESERVED
 CVE-2019-7633
@@ -2717,7 +2749,7 @@ CVE-2019-6498 (GattLib 0.2 has a stack-based buffer 
over-read in gattlib_connect
        NOT-FOR-US: GattLib
 CVE-2019-6497 (Hotels_Server through 2018-11-05 has SQL Injection via the ...)
        NOT-FOR-US: Hotels_Server
-CVE-2019-6496 (The ThreadX-based firmware on Marvell Avastar Wi-Fi devices 
allows ...)
+CVE-2019-6496 (The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, 
models ...)
        NOT-FOR-US: ThreadX-based firmware on Marvell Avastar Wi-Fi devices
 CVE-2019-6495
        RESERVED
@@ -15248,16 +15280,16 @@ CVE-2019-1678 (A vulnerability in Cisco Meeting 
Server could allow an authentica
        NOT-FOR-US: Cisco
 CVE-2019-1677 (A vulnerability in Cisco Webex Meetings for Android could allow 
an ...)
        NOT-FOR-US: Cisco
-CVE-2019-1676
-       RESERVED
+CVE-2019-1676 (A vulnerability in the Session Initiation Protocol (SIP) call 
...)
+       TODO: check
 CVE-2019-1675 (A vulnerability in the default configuration of the Cisco 
Aironet ...)
        NOT-FOR-US: Cisco
 CVE-2019-1674
        RESERVED
-CVE-2019-1673
-       RESERVED
-CVE-2019-1672
-       RESERVED
+CVE-2019-1673 (A vulnerability in the web-based management interface of Cisco 
...)
+       TODO: check
+CVE-2019-1672 (A vulnerability in the Decryption Policy Default Action 
functionality ...)
+       TODO: check
 CVE-2019-1671 (A vulnerability in the web-based management interface of Cisco 
...)
        NOT-FOR-US: Cisco
 CVE-2019-1670 (A vulnerability in the web-based management interface of Cisco 
Unified ...)
@@ -22528,8 +22560,8 @@ CVE-2018-18366
        RESERVED
 CVE-2018-18365
        RESERVED
-CVE-2018-18364
-       RESERVED
+CVE-2018-18364 (Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 
may be ...)
+       TODO: check
 CVE-2018-18363 (Norton App Lock prior to 1.4.0.445 can be susceptible to a 
bypass ...)
        NOT-FOR-US: Norton App Lock
 CVE-2018-18362 (Norton Password Manager for Android (formerly Norton Identity 
Safe) ...)
@@ -46638,8 +46670,8 @@ CVE-2018-9192 (A plaintext recovery of encrypted 
messages or a Man-in-the-middle
        NOT-FOR-US: Fortinet FortiOS
 CVE-2018-9191
        RESERVED
-CVE-2018-9190
-       RESERVED
+CVE-2018-9190 (A null pointer dereference vulnerability in Fortinet ...)
+       TODO: check
 CVE-2018-9189
        RESERVED
 CVE-2018-9188
@@ -47702,6 +47734,7 @@ CVE-2018-8789 (FreeRDP prior to version 2.0.0-rc4 
contains several Out-Of-Bounds
        - freerdp <removed>
        NOTE: 
https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6
 CVE-2018-8788 (FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds 
Write of ...)
+       {DLA-1666-1}
        - freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
        - freerdp <removed>
        NOTE: 
https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659
@@ -69064,8 +69097,8 @@ CVE-2018-1354 (An improper access control vulnerability 
in Fortinet FortiManager
        NOT-FOR-US: Fortinet
 CVE-2018-1353 (An information disclosure vulnerability in Fortinet 
FortiManager 6.0.1 ...)
        NOT-FOR-US: Fortinet FortiManager
-CVE-2018-1352
-       RESERVED
+CVE-2018-1352 (A format string vulnerability in Fortinet FortiOS 5.6.0 allows 
...)
+       TODO: check
 CVE-2018-1351 (A Cross-site Scripting (XSS) vulnerability in Fortinet 
FortiManager ...)
        NOT-FOR-US: Fortinet
 CVE-2017-17551 (The Backup and Restore feature in Mobotap Dolphin Browser for 
Android ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd7f5eb873ffcf0d152d6de9d1da1e67b1fbb1d3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd7f5eb873ffcf0d152d6de9d1da1e67b1fbb1d3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to