[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 20 Apr 2019 13:11:27 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
46c1ee44 by security tracker role at 2019-04-20T20:10:24Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,8 +1,44 @@
-CVE-2019-11366 [Concurrency issue denial of service]
+CVE-2019-11378 (An issue was discovered in ProjectSend r1053. 
upload-process-form.php  ...)
+       TODO: check
+CVE-2019-11377 (wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File 
Upload  ...)
+       TODO: check
+CVE-2019-11376 (** DISPUTED ** SOY CMS v3.0.2 allows remote attackers to 
execute arbit ...)
+       TODO: check
+CVE-2019-11375 (Msvod v10 has a CSRF vulnerability to change user information 
via the  ...)
+       TODO: check
+CVE-2019-11374 (74CMS v5.0.1 has a CSRF vulnerability to add a new admin user 
via the  ...)
+       TODO: check
+CVE-2019-11373 (An out-of-bounds read in File__Analyze::Get_L8 in 
File__Analyze_Buffer ...)
+       TODO: check
+CVE-2019-11372 (An out-of-bounds read in 
MediaInfoLib::File__Tags_Helper::Synched_Test ...)
+       TODO: check
+CVE-2019-11371 (BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer 
Overflow vi ...)
+       TODO: check
+CVE-2019-11370
+       RESERVED
+CVE-2019-11369
+       RESERVED
+CVE-2019-11368
+       RESERVED
+CVE-2019-11367
+       RESERVED
+CVE-2019-11364
+       RESERVED
+CVE-2019-11363
+       RESERVED
+CVE-2019-11362 (app/controllers/frontend/PostController.php in ROCBOSS V2.2.1 
has SQL  ...)
+       TODO: check
+CVE-2019-11361
+       RESERVED
+CVE-2016-10748
+       RESERVED
+CVE-2016-10747
+       RESERVED
+CVE-2019-11366 (An issue was discovered in atftpd in atftp 0.7.1. It does not 
lock the ...)
        - atftp <unfixed> (bug #927553)
        NOTE: 
https://pulsesecurity.co.nz/advisories/atftpd-multiple-vulnerabilities
        NOTE: 
https://sourceforge.net/p/atftp/code/ci/382f76a90b44f81fec00e2f609a94def4a5d3580/
-CVE-2019-11365 [Error handler stack overflow]
+CVE-2019-11365 (An issue was discovered in atftpd in atftp 0.7.1. A remote 
attacker ma ...)
        - atftp <unfixed> (bug #927553)
        NOTE: 
https://pulsesecurity.co.nz/advisories/atftpd-multiple-vulnerabilities
        NOTE: 
https://sourceforge.net/p/atftp/code/ci/abed7d245d8e8bdfeab24f9f7f55a52c3140f96b/
@@ -202,6 +238,7 @@ CVE-2019-11269
 CVE-2019-11268
        RESERVED
 CVE-2019-11358 (jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and 
other produc ...)
+       {DSA-4434-1}
        - drupal7 <removed> (bug #927330)
        - jquery 3.3.1~dfsg-2 (bug #927385)
        - node-jquery <unfixed> (bug #927466)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/46c1ee44194252aaf9bc1d42498aea4133db59a0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/46c1ee44194252aaf9bc1d42498aea4133db59a0
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to