Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1dd19593 by security tracker role at 2019-03-19T08:10:18Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2019-9864
+ RESERVED
CVE-2019-9863
RESERVED
CVE-2019-9862
@@ -263,6 +265,7 @@ CVE-2019-9754 (An issue was discovered in Tiny C Compiler
(aka TinyCC or TCC) 0.
CVE-2019-9753
RESERVED
CVE-2019-9752 (An issue was discovered in Open Ticket Request System (OTRS)
5.x befor ...)
+ {DLA-1721-1}
- otrs2 6.0.16-1
NOTE:
https://community.otrs.com/security-advisory-2019-01-security-update-for-otrs-framework/
NOTE: OTRS 6:
https://github.com/OTRS/otrs/commit/341c4096222819a108feb02256aba878943bf810
@@ -325,6 +328,7 @@ CVE-2019-9737 (Editor.md 1.5.0 has DOM-based XSS via
vectors involving the '<
CVE-2019-9736 (DOM-based XSS exists in 1024Tools Markdown 1.0 via vectors
involving t ...)
NOT-FOR-US: 1024Tools Markdown
CVE-2019-9735 (An issue was discovered in the iptables firewall module in
OpenStack N ...)
+ {DSA-4409-1}
- neutron 2:13.0.2-13 (bug #924508)
NOTE: https://launchpad.net/bugs/1818385
CVE-2019-9734
@@ -1877,10 +1881,10 @@ CVE-2019-9096
RESERVED
CVE-2019-9095
RESERVED
-CVE-2019-9094
- RESERVED
-CVE-2019-9093
- RESERVED
+CVE-2019-9094 (A Reflected Cross Site Scripting (XSS) Vulnerability was
discovered in ...)
+ TODO: check
+CVE-2019-9093 (A Reflected Cross Site Scripting (XSS) Vulnerability was
discovered in ...)
+ TODO: check
CVE-2019-9092
RESERVED
CVE-2019-9091
@@ -3667,7 +3671,7 @@ CVE-2019-8333
RESERVED
CVE-2019-8332
RESERVED
-CVE-2019-8331 (In Bootstrap before 4.3.1, XSS is possible in the tooltip or
popover d ...)
+CVE-2019-8331 (In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is
possible in t ...)
- twitter-bootstrap4 4.3.1+dfsg2-1
- twitter-bootstrap3 3.4.1+dfsg-1
[stretch] - twitter-bootstrap3 <no-dsa> (Minor issue)
@@ -6148,8 +6152,8 @@ CVE-2019-7301 (Zen Load Balancer 3.10.1 allows remote
authenticated admin users
NOT-FOR-US: Zen Load Balancer
CVE-2019-7300 (Artica Proxy 3.06.200056 allows remote attackers to execute
arbitrary ...)
NOT-FOR-US: Artica Proxy
-CVE-2019-7299
- RESERVED
+CVE-2019-7299 (A stored cross-site scripting (XSS) vulnerability in the
submit_ticket ...)
+ TODO: check
CVE-2017-18361 (In Pylons Colander through 1.6, the URL validator allows an
attacker t ...)
- python-colander <removed>
[stretch] - python-colander <no-dsa> (Minor issue)
@@ -6456,8 +6460,8 @@ CVE-2019-7163
RESERVED
CVE-2019-7162
RESERVED
-CVE-2019-7161
- RESERVED
+CVE-2019-7161 (An issue was discovered in Zoho ManageEngine ADSelfService Plus
5.x th ...)
+ TODO: check
CVE-2019-7160 (idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../
Directory Trav ...)
NOT-FOR-US: idreamsoft iCMS
CVE-2019-7159
@@ -6934,8 +6938,8 @@ CVE-2019-6972
RESERVED
CVE-2019-6971
RESERVED
-CVE-2019-6970
- RESERVED
+CVE-2019-6970 (Moodle 3.5.x before 3.5.4 allows SSRF. ...)
+ TODO: check
CVE-2019-6969
RESERVED
CVE-2019-6968
@@ -7490,8 +7494,8 @@ CVE-2019-6726
RESERVED
CVE-2019-6725
RESERVED
-CVE-2019-6724
- RESERVED
+CVE-2019-6724 (The barracudavpn component of the Barracuda VPN Client prior to
versio ...)
+ TODO: check
CVE-2019-6723
RESERVED
CVE-2019-6722
@@ -8000,8 +8004,8 @@ CVE-2019-6494
RESERVED
CVE-2019-6493
RESERVED
-CVE-2019-6492
- RESERVED
+CVE-2019-6492 (SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees
an exe ...)
+ TODO: check
CVE-2019-6491
RESERVED
CVE-2019-6490
@@ -8016,10 +8020,10 @@ CVE-2018-20739
RESERVED
CVE-2018-20738
RESERVED
-CVE-2018-20737
- RESERVED
-CVE-2018-20736
- RESERVED
+CVE-2018-20737 (An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0.
Reflected ...)
+ TODO: check
+CVE-2018-20736 (An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. A
DOM-bas ...)
+ TODO: check
CVE-2019-6488 (The string component in the GNU C Library (aka glibc or libc6)
through ...)
- glibc 2.28-6 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24097
@@ -25244,8 +25248,8 @@ CVE-2018-19961 (An issue was discovered in Xen through
4.11.x on AMD x86 platfor
NOTE: https://xenbits.xen.org/xsa/advisory-275.txt
CVE-2018-19366
RESERVED
-CVE-2018-19365
- RESERVED
+CVE-2018-19365 (The REST API in Wowza Streaming Engine 4.7.4.01 allows
traversal of th ...)
+ TODO: check
CVE-2018-19364 (hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid
path while ...)
{DLA-1646-1}
- qemu 1:3.1+dfsg-1 (bug #914599)
@@ -27811,8 +27815,8 @@ CVE-2018-18468
RESERVED
CVE-2018-18467 (An issue was discovered in Daniel Gultsch Conversations 2.3.4.
It is p ...)
NOT-FOR-US: Daniel Gultsch Conversations
-CVE-2018-18466
- RESERVED
+CVE-2018-18466 (An issue was discovered in SecurEnvoy SecurAccess 9.3.502.
When put in ...)
+ TODO: check
CVE-2018-18465
RESERVED
CVE-2018-18464
@@ -37436,8 +37440,8 @@ CVE-2018-14726
RESERVED
CVE-2018-14725
RESERVED
-CVE-2018-14724
- RESERVED
+CVE-2018-14724 (In the Ban List plugin 1.0 for MyBB, any forum user with mod
privilege ...)
+ TODO: check
CVE-2018-14723
RESERVED
CVE-2018-14722 (An issue was discovered in evaluate_auto_mountpoint in
btrfsmaintenanc ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1dd195930ca53a8a00796fbe3819843aff52e17f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1dd195930ca53a8a00796fbe3819843aff52e17f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
