Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e822b71b by Salvatore Bonaccorso at 2019-04-10T06:04:13Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10113,7 +10113,7 @@ CVE-2019-7175 (In ImageMagick before 7.0.8-25, some
memory leaks exist in Decode
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1450
CVE-2019-7174 (Roxy Fileman 1.4.5 allows attackers to execute renamefile.php
(aka Ren ...)
- TODO: check
+ NOT-FOR-US: Roxy Fileman
CVE-2019-7173 (A stored-self XSS exists in Croogo through v3.0.5, allowing an
attacke ...)
NOT-FOR-US: Croogo
CVE-2019-7172 (A stored-self XSS exists in ATutor through v2.2.4, allowing an
attacke ...)
@@ -27311,7 +27311,7 @@ CVE-2019-0776 (An information disclosure vulnerability
exists when the win32k co
CVE-2019-0775 (An information disclosure vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0774 (An information disclosure vulnerability exists when the Windows
GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2019-0773 (A remote code execution vulnerability exists in the way that
the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0772 (A remote code execution vulnerability exists in the way that
the VBScr ...)
@@ -27411,7 +27411,7 @@ CVE-2019-0728 (A remote code execution vulnerability
exists in Visual Studio Cod
CVE-2019-0727
RESERVED
CVE-2019-0726 (A memory corruption vulnerability exists in the Windows DHCP
client wh ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0725
RESERVED
CVE-2019-0724 (An elevation of privilege vulnerability exists in Microsoft
Exchange S ...)
@@ -27467,25 +27467,25 @@ CVE-2019-0700
CVE-2019-0699
RESERVED
CVE-2019-0698 (A memory corruption vulnerability exists in the Windows DHCP
client wh ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0697 (A memory corruption vulnerability exists in the Windows DHCP
client wh ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0696 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0695 (A denial of service vulnerability exists when Microsoft Hyper-V
on a h ...)
NOT-FOR-US: Microsoft
CVE-2019-0694 (An elevation of privilege vulnerability exists due to an
integer overf ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0693 (An elevation of privilege vulnerability exists due to an
integer overf ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0692 (An elevation of privilege vulnerability exists due to an
integer overf ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0691
RESERVED
CVE-2019-0690 (A denial of service vulnerability exists when Microsoft Hyper-V
Networ ...)
NOT-FOR-US: Microsoft
CVE-2019-0689 (An elevation of privilege vulnerability exists due to an
integer overf ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0688
RESERVED
CVE-2019-0687
@@ -27499,7 +27499,7 @@ CVE-2019-0684
CVE-2019-0683 (An elevation of privilege vulnerability exists in Active
Directory For ...)
NOT-FOR-US: Microsoft
CVE-2019-0682 (An elevation of privilege vulnerability exists due to an
integer overf ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0681
RESERVED
CVE-2019-0680 (A remote code execution vulnerability exists in the way that
the scrip ...)
@@ -27529,11 +27529,11 @@ CVE-2019-0669 (An information disclosure
vulnerability exists when Microsoft Exc
CVE-2019-0668 (An elevation of privilege vulnerability exists when Microsoft
SharePoi ...)
NOT-FOR-US: Microsoft
CVE-2019-0667 (A remote code execution vulnerability exists in the way that
the VBScr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0666 (A remote code execution vulnerability exists in the way that
the VBScr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0665 (A remote code execution vulnerability exists in the way that
the VBScr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0664 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0663 (An information disclosure vulnerability exists when the Windows
kernel ...)
@@ -27585,7 +27585,7 @@ CVE-2019-0641 (A security feature bypass vulnerability
exists in Microsoft Edge
CVE-2019-0640 (A remote code execution vulnerability exists in the way that
the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0639 (A remote code execution vulnerability exists in the way that
the Chakr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0638
RESERVED
CVE-2019-0637 (A security feature bypass vulnerability exists when Windows
Defender F ...)
@@ -27629,13 +27629,13 @@ CVE-2019-0619 (An information disclosure
vulnerability exists when the Windows G
CVE-2019-0618 (A remote code execution vulnerability exists in the way that
the Windo ...)
NOT-FOR-US: Microsoft
CVE-2019-0617 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0616 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0615 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0614 (An information disclosure vulnerability exists when the Windows
GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0613 (A remote code execution vulnerability exists in .NET Framework
and Vis ...)
NOT-FOR-US: Microsoft
CVE-2019-0612 (A security feature bypass vulnerability exists when Click2Play
protect ...)
@@ -190907,7 +190907,7 @@ CVE-2014-9188 (Buffer overflow in an ActiveX control
in MDraw30.ocx in Schneider
CVE-2014-9187 (Multiple heap-based buffer overflow vulnerabilities exist in
Honeywell ...)
NOT-FOR-US: Honeywell Experion PKS
CVE-2014-9186 (A file inclusion vulnerability exists in the confd.exe module
in Honey ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2014-9185 (Static code injection vulnerability in install.php in Morfy CMS
1.05 a ...)
NOT-FOR-US: Morfy CMS
CVE-2014-9184 (ZTE ZXDSL 831CII allows remote attackers to bypass
authentication via ...)
@@ -201128,9 +201128,9 @@ CVE-2014-5438 (Cross-site scripting (XSS)
vulnerability in ARRIS Touchstone TG86
CVE-2014-5437 (Multiple cross-site request forgery (CSRF) vulnerabilities in
ARRIS To ...)
NOT-FOR-US: Arris Touchstone
CVE-2014-5436 (A directory traversal vulnerability exists in the confd.exe
module in ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2014-5435 (An arbitrary memory write vulnerability exists in the
dual_onsrv.exe m ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2014-5434 (Baxter SIGMA Spectrum Infusion System version 6.05 (model
35700BAX) wi ...)
NOT-FOR-US: Baxter SIGMA Spectrum Infusion System
CVE-2014-5433 (An unauthenticated remote attacker may be able to execute
commands to ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e822b71bdb6d53f07a8292b0c8654391c0124a54
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e822b71bdb6d53f07a8292b0c8654391c0124a54
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
