[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Wed, 27 Feb 2019 12:10:58 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ef7f6ce2 by security tracker role at 2019-02-27T20:10:20Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2019-9212 (SOFA-Hessian through 4.0.2 allows remote attackers to execute 
arbitrary ...)
+       TODO: check
+CVE-2019-9211 (There is a reachable assertion abort in the function ...)
+       TODO: check
+CVE-2019-9210 (In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an 
integer ...)
+       TODO: check
+CVE-2018-20797 (An issue was discovered in PoDoFo 0.9.6. There is an attempted 
...)
+       TODO: check
 CVE-2019-9209
        RESERVED
 CVE-2019-9208
@@ -1825,8 +1833,8 @@ CVE-2019-8412 (FeiFeiCms 4.0.181010 on Windows allows 
remote attackers to read o
        NOT-FOR-US: FeiFeiCms
 CVE-2019-8411 (admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote 
attackers to ...)
        NOT-FOR-US: zzcms
-CVE-2019-8410
-       RESERVED
+CVE-2019-8410 (Maccms 8.0 allows XSS via the inc/config/cache.php t_key 
parameter ...)
+       TODO: check
 CVE-2019-8409
        RESERVED
 CVE-2019-8408 (OneFileCMS 3.6.13 allows remote attackers to modify 
onefilecms.php by ...)
@@ -3728,18 +3736,22 @@ CVE-2019-7543 (In KindEditor 4.1.11, the php/demo.php 
content1 parameter has a .
 CVE-2019-7542
        RESERVED
 CVE-2018-20763 (In GPAC through 0.7.2, gf_text_get_utf8_line in ...)
+       {DLA-1693-1}
        - gpac <unfixed> (bug #921969)
        NOTE: 
https://github.com/gpac/gpac/commit/1c449a34fe0b50aaffb881bfb9d7c5ab0bb18cdd
        NOTE: https://github.com/gpac/gpac/issues/1188
 CVE-2018-20762 (GPAC version 0.7.2 and earlier has a buffer overflow 
vulnerability in ...)
+       {DLA-1693-1}
        - gpac <unfixed> (bug #921969)
        NOTE: 
https://github.com/gpac/gpac/commit/35ab4475a7df9b2a4bcab235e379c0c3ec543658
        NOTE: https://github.com/gpac/gpac/issues/1187
 CVE-2018-20761 (GPAC version 0.7.2 and earlier has a Buffer Overflow 
vulnerability in ...)
+       {DLA-1693-1}
        - gpac <unfixed> (bug #921969)
        NOTE: 
https://github.com/gpac/gpac/commit/35ab4475a7df9b2a4bcab235e379c0c3ec543658
        NOTE: https://github.com/gpac/gpac/issues/1186
 CVE-2018-20760 (In GPAC 0.7.2, gf_text_get_utf8_line in 
media_tools/text_import.c in ...)
+       {DLA-1693-1}
        - gpac <unfixed> (bug #921969)
        NOTE: 
https://github.com/gpac/gpac/commit/4c1360818fc8948e9307059fba4dc47ba8ad255d
        NOTE: https://github.com/gpac/gpac/issues/1177
@@ -5570,6 +5582,7 @@ CVE-2019-6801
 CVE-2019-6800
        RESERVED
 CVE-2019-6799 (An issue was discovered in phpMyAdmin before 4.8.5. When the 
...)
+       {DLA-1692-1}
        - phpmyadmin <unfixed> (bug #920823)
        NOTE: https://www.phpmyadmin.net/security/PMASA-2019-1/
        NOTE: 
https://github.com/phpmyadmin/phpmyadmin/commit/aeac90623e525057a7672ab3d98154b5c57c15ec
@@ -8833,8 +8846,8 @@ CVE-2019-5493
        RESERVED
 CVE-2019-5492
        RESERVED
-CVE-2019-5491
-       RESERVED
+CVE-2019-5491 (Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 
9.3P7 ...)
+       TODO: check
 CVE-2019-5490
        RESERVED
 CVE-2019-5488 (EARCLINK ESPCMS-P8 has SQL injection in the ...)
@@ -14554,8 +14567,8 @@ CVE-2018-20246
        REJECTED
 CVE-2018-20245 (The LDAP auth backend 
(airflow.contrib.auth.backends.ldap_auth) prior ...)
        NOT-FOR-US: Apache Airflow
-CVE-2018-20244
-       RESERVED
+CVE-2018-20244 (In Apache Airflow before 1.10.2, a malicious admin user could 
edit the ...)
+       TODO: check
 CVE-2018-20243
        RESERVED
 CVE-2018-20242 (A carefully crafted URL could trigger an XSS vulnerability on 
Apache ...)
@@ -54216,6 +54229,7 @@ CVE-2018-7720 (A cross-site request forgery (CSRF) 
vulnerability exists in Weste
 CVE-2018-7719 (Acrolinx Server before 5.2.5 on Windows allows Directory 
Traversal. ...)
        NOT-FOR-US: Acrolinx Server
 CVE-2018-7752 (GPAC through 0.7.1 has a Buffer Overflow in the 
gf_media_avc_read_sps ...)
+       {DLA-1693-1}
        - gpac <unfixed> (bug #892526)
        [stretch] - gpac <no-dsa> (Minor issue)
        [wheezy] - gpac <not-affected> (vulnerable code not present)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef7f6ce2ceeb5f747206f81afb40640214e620c9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef7f6ce2ceeb5f747206f81afb40640214e620c9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to