[Git][security-tracker-team/security-tracker][master] automatic update

Fri, 05 Apr 2019 13:10:46 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ca824502 by security tracker role at 2019-04-05T20:10:23Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2019-10893
+       RESERVED
+CVE-2019-10892
+       RESERVED
+CVE-2019-10891
+       RESERVED
+CVE-2019-10890
+       RESERVED
+CVE-2019-10889
+       RESERVED
+CVE-2019-10888 (A CSRF Issue that can add an admin user was discovered in 
UKcms v1.1.1 ...)
+       TODO: check
+CVE-2019-10887 (A reflected HTML injection vulnerability on Salicru 
SLC-20-cube3(5) de ...)
+       TODO: check
+CVE-2019-10886
+       RESERVED
+CVE-2019-10885 (An issue was discovered in Ivanti Workspace Control before 
10.3.90.0.  ...)
+       TODO: check
+CVE-2019-10884 (Uniqkey Password Manager 1.14 contains a vulnerability because 
it fail ...)
+       TODO: check
+CVE-2019-10883
+       RESERVED
+CVE-2019-10882
+       RESERVED
+CVE-2019-10881
+       RESERVED
+CVE-2019-10880
+       RESERVED
+CVE-2018-20816 (An XSS combined with CSRF vulnerability discovered in 
SalesAgility Sui ...)
+       TODO: check
 CVE-2019-10879 (In Teeworlds 0.7.2, there is an integer overflow in 
CDataFileReader::O ...)
        - teeworlds <unfixed>
        NOTE: https://github.com/teeworlds/teeworlds/issues/2070
@@ -15,8 +45,8 @@ CVE-2019-10876 (An issue was discovered in OpenStack Neutron 
11.x before 11.0.7,
        - neutron <unfixed>
        NOTE: https://bugs.launchpad.net/ossa/+bug/1813007
        NOTE: https://review.openstack.org/#/q/topic:bug/1813007 
-CVE-2019-10875
-       RESERVED
+CVE-2019-10875 (A URL spoofing vulnerability was found in all international 
versions o ...)
+       TODO: check
 CVE-2019-10874 (Cross Site Request Forgery (CSRF) in the bolt/upload File 
Upload featu ...)
        NOT-FOR-US: Bolt CMS
 CVE-2019-10873 (An issue was discovered in Poppler 0.74.0. There is a NULL 
pointer der ...)
@@ -929,10 +959,10 @@ CVE-2019-10481
        RESERVED
 CVE-2019-10480
        RESERVED
-CVE-2019-10479
-       RESERVED
-CVE-2019-10478
-       RESERVED
+CVE-2019-10479 (An issue was discovered on Glory RBW-100 devices with firmware 
ISP-K05 ...)
+       TODO: check
+CVE-2019-10478 (An issue was discovered on Glory RBW-100 devices with firmware 
ISP-K05 ...)
+       TODO: check
 CVE-2019-10477 (The FusionInventory plugin before 1.4 for GLPI 9.3.x and 
before 1.1 fo ...)
        NOT-FOR-US: GLPI plugin
 CVE-2019-10476
@@ -11058,16 +11088,16 @@ CVE-2019-6556
        RESERVED
 CVE-2019-6555 (Cscape, 9.80 SP4 and prior. An improper input validation 
vulnerability ...)
        NOT-FOR-US: Cscape
-CVE-2019-6554
-       RESERVED
+CVE-2019-6554 (Advantech WebAccess/SCADA, Versions 8.3.5 and prior. An 
improper acces ...)
+       TODO: check
 CVE-2019-6553 (A vulnerability was found in Rockwell Automation RSLinx Classic 
versio ...)
        TODO: check
-CVE-2019-6552
-       RESERVED
+CVE-2019-6552 (Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple 
command  ...)
+       TODO: check
 CVE-2019-6551 (Pangea Communications Internet FAX ATA all Versions 3.1.8 and 
prior al ...)
        NOT-FOR-US: Pangea Communications Internet FAX ATA
-CVE-2019-6550
-       RESERVED
+CVE-2019-6550 (Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple 
stack-ba ...)
+       TODO: check
 CVE-2019-6549 (An attacker could retrieve plain-text credentials stored in a 
XML file ...)
        NOT-FOR-US: PR100088 Modbus
 CVE-2019-6548
@@ -11155,7 +11185,7 @@ CVE-2019-6508 (An issue was discovered in 
creditease-sec insight through 2018-09
        NOT-FOR-US: creditease-sec
 CVE-2019-6507 (An issue was discovered in creditease-sec insight through 
2018-09-11.  ...)
        NOT-FOR-US: creditease-sec
-CVE-2019-6506 (SalesAgility SuiteCRM 7.11.0 allows SQL Injection. ...)
+CVE-2019-6506 (SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 
7.11.x be ...)
        NOT-FOR-US: SalesAgility SuiteCRM
 CVE-2019-6505
        RESERVED



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ca824502ee38e7d8c3f4738835c3e5d7af82deb5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ca824502ee38e7d8c3f4738835c3e5d7af82deb5
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to