Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0afc5f4c by security tracker role at 2019-03-09T08:10:12Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2019-9641 (An issue was discovered in the EXIF component in PHP before
7.1.27, ...)
+ TODO: check
+CVE-2019-9640 (An issue was discovered in the EXIF component in PHP before
7.1.27, ...)
+ TODO: check
+CVE-2019-9639 (An issue was discovered in the EXIF component in PHP before
7.1.27, ...)
+ TODO: check
+CVE-2019-9638 (An issue was discovered in the EXIF component in PHP before
7.1.27, ...)
+ TODO: check
+CVE-2019-9637 (An issue was discovered in PHP before 7.1.27, 7.2.x before
7.2.16, and ...)
+ TODO: check
+CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected
by: ...)
+ TODO: check
+CVE-2019-9635
+ RESERVED
+CVE-2019-1003039 (An insufficiently protected credentials vulnerability exists
in ...)
+ TODO: check
+CVE-2019-1003038 (An insufficiently protected credentials vulnerability exists
in ...)
+ TODO: check
+CVE-2019-1003037 (An information exposure vulnerability exists in Jenkins
Azure VM ...)
+ TODO: check
+CVE-2019-1003036 (A data modification vulnerability exists in Jenkins Azure VM
Agents ...)
+ TODO: check
+CVE-2019-1003035 (An information exposure vulnerability exists in Jenkins
Azure VM ...)
+ TODO: check
+CVE-2019-1003034 (A sandbox bypass vulnerability exists in Jenkins Job DSL
Plugin 1.71 ...)
+ TODO: check
+CVE-2019-1003033 (A sandbox bypass vulnerability exists in Jenkins Groovy
Plugin 2.1 and ...)
+ TODO: check
+CVE-2019-1003032 (A sandbox bypass vulnerability exists in Jenkins Email
Extension ...)
+ TODO: check
+CVE-2019-1003031 (A sandbox bypass vulnerability exists in Jenkins Matrix
Project Plugin ...)
+ TODO: check
+CVE-2019-1003030 (A sandbox bypass vulnerability exists in Jenkins Pipeline:
Groovy ...)
+ TODO: check
+CVE-2019-1003029 (A sandbox bypass vulnerability exists in Jenkins Script
Security ...)
+ TODO: check
CVE-2019-9634 (Go through 1.12 on Windows misuses certain LoadLibrary
functionality, ...)
TODO: check
CVE-2019-XXXX [rename() across the device may allow unwanted access during
processing]
@@ -138,8 +174,8 @@ CVE-2019-9582
RESERVED
CVE-2019-9581 (phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file
upload via ...)
NOT-FOR-US: phpscheduleit Booked Scheduler
-CVE-2019-9580
- RESERVED
+CVE-2019-9580 (In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before
2.10.3, ...)
+ TODO: check
CVE-2019-9579
RESERVED
CVE-2019-9578 (In devs.c in Yubico libu2f-host before 1.1.8, the response to
init is ...)
@@ -3134,41 +3170,41 @@ CVE-2019-8282
RESERVED
CVE-2019-8281
RESERVED
-CVE-2019-8280
- RESERVED
+CVE-2019-8280 (UltraVNC revision 1203 has out-of-bounds access vulnerability
in VNC ...)
+ TODO: check
CVE-2019-8279 (Multiple stored XSS in Vanilla Forums before 2.5 allow remote
...)
NOT-FOR-US: Vanilla Forums
CVE-2019-8278 (Stored XSS in Invision Power Board versions 3.3.1 - 3.4.8 leads
to ...)
NOT-FOR-US: Invision Power Board
-CVE-2019-8277
- RESERVED
-CVE-2019-8276
- RESERVED
-CVE-2019-8275
- RESERVED
-CVE-2019-8274
- RESERVED
-CVE-2019-8273
- RESERVED
-CVE-2019-8272
- RESERVED
-CVE-2019-8271
- RESERVED
-CVE-2019-8270
- RESERVED
-CVE-2019-8269
- RESERVED
-CVE-2019-8268
- RESERVED
-CVE-2019-8267
- RESERVED
-CVE-2019-8266
- RESERVED
-CVE-2019-8265
- RESERVED
-CVE-2019-8264
- RESERVED
-CVE-2019-8263 (UltraVNC revision 1203 has out-of-bounds access vulnerability
in VNC ...)
+CVE-2019-8277 (UltraVNC revision 1211 contains multiple memory leaks (CWE-655)
in VNC ...)
+ TODO: check
+CVE-2019-8276 (UltraVNC revision 1211 has a stack buffer overflow
vulnerability in ...)
+ TODO: check
+CVE-2019-8275 (UltraVNC revision 1211 has multiple improper null termination
...)
+ TODO: check
+CVE-2019-8274 (UltraVNC revision 1211 has a heap buffer overflow vulnerability
in VNC ...)
+ TODO: check
+CVE-2019-8273 (UltraVNC revision 1211 has a heap buffer overflow vulnerability
in VNC ...)
+ TODO: check
+CVE-2019-8272 (UltraVNC revision 1211 has multiple off-by-one vulnerabilities
in VNC ...)
+ TODO: check
+CVE-2019-8271 (UltraVNC revision 1211 has a heap buffer overflow vulnerability
in VNC ...)
+ TODO: check
+CVE-2019-8270 (UltraVNC revision 1210 has out-of-bounds read vulnerability in
VNC ...)
+ TODO: check
+CVE-2019-8269 (UltraVNC revision 1206 has stack-based Buffer overflow
vulnerability ...)
+ TODO: check
+CVE-2019-8268 (UltraVNC revision 1206 has multiple off-by-one vulnerabilities
in VNC ...)
+ TODO: check
+CVE-2019-8267 (UltraVNC revision 1207 has out-of-bounds read vulnerability in
VNC ...)
+ TODO: check
+CVE-2019-8266 (UltraVNC revision 1207 has multiple out-of-bounds access ...)
+ TODO: check
+CVE-2019-8265 (UltraVNC revision 1207 has multiple out-of-bounds access ...)
+ TODO: check
+CVE-2019-8264 (UltraVNC revision 1203 has out-of-bounds access vulnerability
in VNC ...)
+ TODO: check
+CVE-2019-8263 (UltraVNC revision 1205 has stack-based buffer overflow
vulnerability ...)
NOT-FOR-US: UltraVNC
CVE-2019-8262 (UltraVNC revision 1203 has multiple heap buffer overflow ...)
NOT-FOR-US: UltraVNC
@@ -10837,8 +10873,8 @@ CVE-2019-5017
RESERVED
CVE-2019-5016
RESERVED
-CVE-2019-5015
- RESERVED
+CVE-2019-5015 (A local privilege escalation vulnerability exists in the Mac OS
X ...)
+ TODO: check
CVE-2019-5014
RESERVED
CVE-2019-5013
@@ -20164,16 +20200,16 @@ CVE-2019-1611
RESERVED
CVE-2019-1610
RESERVED
-CVE-2019-1609
- RESERVED
-CVE-2019-1608
- RESERVED
-CVE-2019-1607
- RESERVED
-CVE-2019-1606
- RESERVED
-CVE-2019-1605
- RESERVED
+CVE-2019-1609 (A vulnerability in the CLI of Cisco NX-OS Software could allow
an ...)
+ TODO: check
+CVE-2019-1608 (A vulnerability in the CLI of Cisco NX-OS Software could allow
an ...)
+ TODO: check
+CVE-2019-1607 (A vulnerability in the CLI of Cisco NX-OS Software could allow
an ...)
+ TODO: check
+CVE-2019-1606 (A vulnerability in the CLI of Cisco NX-OS Software could allow
an ...)
+ TODO: check
+CVE-2019-1605 (A vulnerability in the NX-API feature of Cisco NX-OS Software
could ...)
+ TODO: check
CVE-2019-1604 (A vulnerability in the user account management interface of
Cisco ...)
TODO: check
CVE-2019-1603 (A vulnerability in the CLI of Cisco NX-OS Software could allow
an ...)
@@ -66370,10 +66406,10 @@ CVE-2018-4057
CVE-2018-4056 (An exploitable SQL injection vulnerability exists in the
administrator ...)
{DSA-4373-1 DLA-1671-1}
- coturn 4.5.1.0-1
-CVE-2018-4055
- RESERVED
-CVE-2018-4054
- RESERVED
+CVE-2018-4055 (A local privilege escalation vulnerability exists in the
install ...)
+ TODO: check
+CVE-2018-4054 (A local privilege escalation vulnerability exists in the
install ...)
+ TODO: check
CVE-2018-4053
RESERVED
CVE-2018-4052
@@ -121647,8 +121683,7 @@ CVE-2017-3166 (In Apache Hadoop versions 2.6.1 to
2.6.5, 2.7.0 to 2.7.3, and ...
- hadoop <itp> (bug #793644)
CVE-2017-3165 (In Apache Brooklyn before 0.10.0, the REST server is vulnerable
to ...)
NOT-FOR-US: Apache Brooklyn
-CVE-2017-3164 [SSRF issue]
- RESERVED
+CVE-2017-3164 (Server Side Request Forgery in Apache Solr, versions 1.3 until
7.6 ...)
- lucene-solr <unfixed> (unimportant; bug #922242)
NOTE: https://issues.apache.org/jira/browse/SOLR-12770
CVE-2017-3163 (When using the Index Replication feature, Apache Solr nodes can
pull ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0afc5f4c18ee496fa6bfc701f8c3899c487d7e11
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0afc5f4c18ee496fa6bfc701f8c3899c487d7e11
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
