[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Fri, 19 Apr 2019 13:10:43 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f07da815 by security tracker role at 2019-04-19T20:10:18Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2019-11346
+       RESERVED
+CVE-2019-11345
+       RESERVED
+CVE-2019-11344 (data/inc/files.php in Pluck 4.7.8 allows remote attackers to 
execute a ...)
+       TODO: check
+CVE-2019-11343
+       RESERVED
+CVE-2019-11342
+       RESERVED
+CVE-2019-11341
+       RESERVED
+CVE-2019-11340 (util/emailutils.py in Matrix Sydent before 1.0.2 mishandles 
registrati ...)
+       TODO: check
 CVE-2019-11339 (The studio profile decoder in libavcodec/mpeg4videodec.c in 
FFmpeg 4.0 ...)
        - ffmpeg <unfixed>
        NOTE: 
https://github.com/FFmpeg/FFmpeg/commit/1f686d023b95219db933394a7704ad9aa5f01cbb
@@ -1075,8 +1089,8 @@ CVE-2019-10888 (A CSRF Issue that can add an admin user 
was discovered in UKcms
        NOT-FOR-US: UKcms
 CVE-2019-10887 (A reflected HTML injection vulnerability on Salicru 
SLC-20-cube3(5) de ...)
        NOT-FOR-US: Salicru SLC-20-cube3(5) devices
-CVE-2019-10886
-       RESERVED
+CVE-2019-10886 (An incorrect access control exists in the Sony Photo Sharing 
Plus appl ...)
+       TODO: check
 CVE-2019-10885 (An issue was discovered in Ivanti Workspace Control before 
10.3.90.0.  ...)
        NOT-FOR-US: Ivanti Workspace Control
 CVE-2019-10884 (Uniqkey Password Manager 1.14 contains a vulnerability because 
it fail ...)
@@ -2552,8 +2566,8 @@ CVE-2019-10247
        RESERVED
 CVE-2019-10246
        RESERVED
-CVE-2019-10245
-       RESERVED
+CVE-2019-10245 (In Eclipse OpenJ9 prior to the 0.14.0 release, the Java 
bytecode verif ...)
+       TODO: check
 CVE-2019-10244 (In Eclipse Kura versions up to 4.0.0, the Web UI package and 
component ...)
        NOT-FOR-US: Eclipse Kura
 CVE-2019-10243 (In Eclipse Kura versions up to 4.0.0, Kura exposes the 
underlying Ui W ...)
@@ -4131,8 +4145,8 @@ CVE-2019-9843 (In DiffPlug Spotless before 1.20.0 
(library and Maven plugin) and
        NOT-FOR-US: DiffPlug Spotless
 CVE-2019-9842
        RESERVED
-CVE-2019-9841
-       RESERVED
+CVE-2019-9841 (Vesta Control Panel 0.9.8-23 allows XSS via a crafted URL. ...)
+       TODO: check
 CVE-2019-9840
        RESERVED
 CVE-2018-20814 (An XSS issue was found with Psaldownload.cgi in Pulse Secure 
Pulse Con ...)
@@ -16036,8 +16050,8 @@ CVE-2018-20671 (load_specific_debug_section in 
objdump.c in GNU Binutils through
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca
 CVE-2018-20670
        RESERVED
-CVE-2019-5008
-       RESERVED
+CVE-2019-5008 (hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL 
pointer dere ...)
+       TODO: check
 CVE-2019-5007 (An issue was discovered in Foxit Reader and PhantomPDF before 
9.4 on W ...)
        NOT-FOR-US: Foxit Reader and PhantomPDF
 CVE-2019-5006 (An issue was discovered in Foxit Reader and PhantomPDF before 
9.4 on W ...)
@@ -17942,8 +17956,8 @@ CVE-2019-4057
        RESERVED
 CVE-2019-4056
        RESERVED
-CVE-2019-4055
-       RESERVED
+CVE-2019-4055 (IBM MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, and 
9.1.0.0  ...)
+       TODO: check
 CVE-2019-4054
        RESERVED
 CVE-2019-4053
@@ -78547,8 +78561,8 @@ CVE-2018-1731 (IBM DOORS Next Generation (DNG/RRC) 5.0 
through 5.0.3 and 6.0 thr
        NOT-FOR-US: IBM
 CVE-2018-1730 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to a XML External 
Entity Inj ...)
        NOT-FOR-US: IBM
-CVE-2018-1729
-       RESERVED
+CVE-2018-1729 (IBM QRadar SIEM 7.3 discloses sensitive information to 
unauthorized us ...)
+       TODO: check
 CVE-2018-1728 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site 
scripting. Thi ...)
        NOT-FOR-US: IBM
 CVE-2018-1727 (IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is 
vulnera ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f07da815926bd3adb14180845155fb2c833bff40

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f07da815926bd3adb14180845155fb2c833bff40
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to