Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
805434bc by security tracker role at 2019-05-01T08:10:20Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,53 @@
+CVE-2019-11631 (Moodle 3.6.3 allows remote authenticated administrators to
execute arb ...)
+ TODO: check
+CVE-2019-11630
+ RESERVED
+CVE-2019-11629
+ RESERVED
+CVE-2019-11628 (An issue was discovered in QlikView Server before 11.20 SR19,
12.00 an ...)
+ TODO: check
+CVE-2019-11626 (routers/ajaxRouter.php in doorGets 7.0 has a web site physical
path le ...)
+ TODO: check
+CVE-2019-11625 (doorGets 7.0 has a SQL injection vulnerability in
/doorgets/app/reques ...)
+ TODO: check
+CVE-2019-11624 (doorGets 7.0 has an arbitrary file deletion vulnerability in
/doorgets ...)
+ TODO: check
+CVE-2019-11623 (doorGets 7.0 has a SQL injection vulnerability in
/doorgets/app/reques ...)
+ TODO: check
+CVE-2019-11622 (doorGets 7.0 has a SQL injection vulnerability in
/doorgets/app/reques ...)
+ TODO: check
+CVE-2019-11621 (doorGets 7.0 has a SQL injection vulnerability in
/doorgets/app/reques ...)
+ TODO: check
+CVE-2019-11620 (doorGets 7.0 has a SQL injection vulnerability in
/doorgets/app/reques ...)
+ TODO: check
+CVE-2019-11619 (doorGets 7.0 has a SQL injection vulnerability in
/doorgets/app/reques ...)
+ TODO: check
+CVE-2019-11618 (doorGets 7.0 has a default administrator credential
vulnerability. A r ...)
+ TODO: check
+CVE-2019-11617 (doorGets 7.0 has a CSRF vulnerability in
/doorgets/app/requests/user/c ...)
+ TODO: check
+CVE-2019-11616 (doorGets 7.0 has a sensitive information disclosure
vulnerability in / ...)
+ TODO: check
+CVE-2019-11615 (/fileman/php/upload.php in doorGets 7.0 has an arbitrary file
upload v ...)
+ TODO: check
+CVE-2019-11614 (doorGets 7.0 has a SQL injection vulnerability in
/doorgets/app/views/ ...)
+ TODO: check
+CVE-2019-11613 (doorGets 7.0 has a SQL injection vulnerability in
/doorgets/app/views/ ...)
+ TODO: check
+CVE-2019-11612 (doorGets 7.0 has an arbitrary file deletion vulnerability in
/fileman/ ...)
+ TODO: check
+CVE-2019-11611 (doorGets 7.0 has a sensitive information disclosure
vulnerability in / ...)
+ TODO: check
+CVE-2019-11610 (doorGets 7.0 has a sensitive information disclosure
vulnerability in / ...)
+ TODO: check
+CVE-2019-11609 (doorGets 7.0 has a sensitive information disclosure
vulnerability in / ...)
+ TODO: check
+CVE-2019-11608 (doorGets 7.0 has a sensitive information disclosure
vulnerability in / ...)
+ TODO: check
+CVE-2019-11607 (doorGets 7.0 has a sensitive information disclosure
vulnerability in / ...)
+ TODO: check
+CVE-2019-11606 (doorGets 7.0 has a sensitive information disclosure
vulnerability in / ...)
+ TODO: check
CVE-2019-11605
RESERVED
CVE-2019-11604
@@ -39,7 +89,7 @@ CVE-2018-20824
RESERVED
CVE-2015-9286 (Controllers.outgoing in controllers/index.js in NodeBB before
0.7.3 ha ...)
NOT-FOR-US: NodeBB
-CVE-2019-11627 [gpg-key2ps: Shell injection vulnerability in UIDs rendering]
+CVE-2019-11627 (gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1
contains an un ...)
- signing-party <unfixed> (bug #928256)
[stretch] - signing-party <no-dsa> (Will be fixed via point release)
NOTE:
https://salsa.debian.org/signing-party-team/signing-party/commit/cd69b6c0426a6160ef3de03fce9c7f112166d5a8
@@ -18945,36 +18995,36 @@ CVE-2019-3941 (Advantech WebAccess 8.3.4 allows
unauthenticated, remote attacker
NOT-FOR-US: Advantech WebAccess
CVE-2019-3940 (Advantech WebAccess 8.3.4 is vulnerable to file upload attacks
via una ...)
NOT-FOR-US: Advantech WebAccess
-CVE-2019-3939
- RESERVED
-CVE-2019-3938
- RESERVED
-CVE-2019-3937
- RESERVED
-CVE-2019-3936
- RESERVED
-CVE-2019-3935
- RESERVED
-CVE-2019-3934
- RESERVED
-CVE-2019-3933
- RESERVED
-CVE-2019-3932
- RESERVED
-CVE-2019-3931
- RESERVED
-CVE-2019-3930
- RESERVED
-CVE-2019-3929
- RESERVED
-CVE-2019-3928
- RESERVED
-CVE-2019-3927
- RESERVED
-CVE-2019-3926
- RESERVED
-CVE-2019-3925
- RESERVED
+CVE-2019-3939 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3938 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3937 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3936 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3935 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3934 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3933 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3932 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3931 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3930 (The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware
2.7.0.1 ...)
+ TODO: check
+CVE-2019-3929 (The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware
2.7.0.1 ...)
+ TODO: check
+CVE-2019-3928 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3927 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3926 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
+CVE-2019-3925 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware
2.7.0.2 ...)
+ TODO: check
CVE-2019-3924 (MikroTik RouterOS before 6.43.12 (stable) and 6.42.12
(long-term) is v ...)
NOT-FOR-US: MikroTik
CVE-2019-3923 (Nessus versions 8.2.1 and earlier were found to contain a
stored XSS v ...)
@@ -30982,11 +31032,9 @@ CVE-2019-0215 (In Apache HTTP Server 2.4 releases
2.4.37 and 2.4.38, a bug in mo
[stretch] - apache2 <not-affected> (Vulnerable code introduced later)
[jessie] - apache2 <not-affected> (Vulnerable code introduced later)
NOTE:
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0215
-CVE-2019-0214
- RESERVED
+CVE-2019-0214 (In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files
to the ...)
NOT-FOR-US: Apache Archiva
-CVE-2019-0213
- RESERVED
+CVE-2019-0213 (In Apache Archiva before 2.2.4, it is possible to write files
to the a ...)
NOT-FOR-US: Apache Archiva
CVE-2019-0212 (In all previously released Apache HBase 2.x versions
(2.0.0-2.0.4, 2.1 ...)
NOT-FOR-US: Apache HBase
@@ -31042,8 +31090,8 @@ CVE-2019-0196 [mod_http2, read-after-free on a string
compare]
NOTE: https://svn.apache.org/r1852989
CVE-2019-0195
RESERVED
-CVE-2019-0194
- RESERVED
+CVE-2019-0194 (Apache Camel's File is vulnerable to directory traversal. Camel
2.21.0 ...)
+ TODO: check
CVE-2019-0193
RESERVED
CVE-2019-0192 (In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the
Config ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/805434bca02c27c613769599e5551937c36c2ca1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/805434bca02c27c613769599e5551937c36c2ca1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
