[Git][security-tracker-team/security-tracker][master] automatic update

Fri, 05 Apr 2019 01:10:54 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
39af65bc by security tracker role at 2019-04-05T08:10:20Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2019-10879 (In Teeworlds 0.7.2, there is an integer overflow in 
CDataFileReader::O ...)
+       TODO: check
+CVE-2019-10878 (In Teeworlds 0.7.2, there is a failed bounds check in 
CDataFileReader: ...)
+       TODO: check
+CVE-2019-10877 (In Teeworlds 0.7.2, there is an integer overflow in 
CMap::Load() in en ...)
+       TODO: check
+CVE-2019-10876 (An issue was discovered in OpenStack Neutron 11.x before 
11.0.7, 12.x  ...)
+       TODO: check
+CVE-2019-10875
+       RESERVED
+CVE-2019-10874 (Cross Site Request Forgery (CSRF) in the bolt/upload File 
Upload featu ...)
+       TODO: check
+CVE-2019-10873 (An issue was discovered in Poppler 0.74.0. There is a NULL 
pointer der ...)
+       TODO: check
+CVE-2019-10872 (An issue was discovered in Poppler 0.74.0. There is a 
heap-based buffe ...)
+       TODO: check
+CVE-2019-10871 (An issue was discovered in Poppler 0.74.0. There is a 
heap-based buffe ...)
+       TODO: check
+CVE-2019-10870
+       RESERVED
+CVE-2019-10869
+       RESERVED
 CVE-2019-10867 (An issue was discovered in Pimcore before 5.7.1. An attacker 
with clas ...)
        NOT-FOR-US: Pimcore
 CVE-2019-10866
@@ -389,7 +411,7 @@ CVE-2019-1003052 (Jenkins AWS Elastic Beanstalk Publisher 
Plugin stores credenti
        TODO: check
 CVE-2019-1003051 (Jenkins IRC Plugin stores credentials unencrypted in its 
global config ...)
        TODO: check
-CVE-2019-10868 [Guessing order on field without access]
+CVE-2019-10868 (In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 
4.4 befo ...)
        - tryton-server <unfixed>
        NOTE: https://discuss.tryton.org/t/security-release-for-issue8189/1262
        NOTE: https://bugs.tryton.org/issue8189
@@ -28770,8 +28792,8 @@ CVE-2018-19284
        RESERVED
 CVE-2018-19283
        RESERVED
-CVE-2018-19282
-       RESERVED
+CVE-2018-19282 (Rockwell Automation PowerFlex 525 AC Drives 5.001 and earlier 
allow re ...)
+       TODO: check
 CVE-2018-19281 (Centreon 3.4.x allows SNMP trap SQL Injection. ...)
        NOT-FOR-US: Centreon
 CVE-2018-19280 (Centreon 3.4.x has XSS via the resource name or macro 
expression of a  ...)
@@ -32347,8 +32369,8 @@ CVE-2018-18070 (An issue was discovered in Daimler 
Mercedes-Benz COMAND 17/13.0
        NOT-FOR-US: Daimler Mercedes-Benz COMAND on Mercedes-Benz C-Class 2018 
vehicles
 CVE-2018-18069 (process_forms in the WPML (aka sitepress-multilingual-cms) 
plugin thro ...)
        NOT-FOR-US: Wordpress plugin
-CVE-2018-18068
-       RESERVED
+CVE-2018-18068 (The ARM-based hardware debugging feature on Raspberry Pi 3 
module B+ a ...)
+       TODO: check
 CVE-2018-18067
        RESERVED
 CVE-2018-18066 (snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 
has a NU ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/39af65bc95178fa6247c47abb6bd1aa34f56df0d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/39af65bc95178fa6247c47abb6bd1aa34f56df0d
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to