[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sat, 18 May 2019 01:10:38 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4b02e99a by security tracker role at 2019-05-18T08:10:15Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2019-12174
+       RESERVED
+CVE-2019-12173 (MacDown 0.7.1 (870) allows remote code execution via a 
file:\\\ URI, w ...)
+       TODO: check
+CVE-2019-12172 (Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a 
modifie ...)
+       TODO: check
+CVE-2019-12171
+       RESERVED
+CVE-2019-12170 (ATutor through 2.2.4 is vulnerable to arbitrary file uploads 
via the m ...)
+       TODO: check
+CVE-2019-12169
+       RESERVED
+CVE-2019-12168 (Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow 
remote code ...)
+       TODO: check
+CVE-2019-12167
+       RESERVED
+CVE-2019-12166
+       RESERVED
+CVE-2019-12165
+       RESERVED
+CVE-2019-12164
+       RESERVED
+CVE-2019-12163 (GAT-Ship Web Module through 1.30 allows remote attackers to 
obtain pot ...)
+       TODO: check
 CVE-2019-12162
        RESERVED
 CVE-2019-12161 (WPO WebPageTest 19.04 allows SSRF because ValidateURL in 
www/runtest.p ...)
@@ -1100,8 +1124,8 @@ CVE-2019-11675 (The groonga-httpd package 6.1.5-1 for 
Debian sets the /var/log/g
        - groonga 9.0.1-2 (bug #928304)
        [buster] - groonga 9.0.0-1+deb10u1
        [stretch] - groonga <no-dsa> (Minor issue, can be fixed via point 
release)
-CVE-2019-11644
-       RESERVED
+CVE-2019-11644 (In the F-Secure installer in F-Secure SAFE for Windows before 
17.6, F- ...)
+       TODO: check
 CVE-2019-11643 (Persistent XSS has been found in the OneShield Policy (Dragon 
Core) fr ...)
        NOT-FOR-US: OneShield Policy (Dragon Core) framework
 CVE-2019-11642 (A log poisoning vulnerability has been discovered in the 
OneShield Pol ...)
@@ -10043,8 +10067,8 @@ CVE-2019-8341 (An issue was discovered in Jinja2 2.10. 
The from_string function
        NOTE: No real security impact and upstream indicates the CVE is invalid
 CVE-2019-8340
        RESERVED
-CVE-2019-8339
-       RESERVED
+CVE-2019-8339 (An issue was discovered in Sysdig through 0.24.2, as used in 
Falco thr ...)
+       TODO: check
 CVE-2019-8338 (The signature verification routine in the Airmail GPG-PGP 
Plugin, vers ...)
        TODO: check
 CVE-2019-8336 (HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 
allows a c ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4b02e99a47b30e1629268477cb101ed30a58d4cc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4b02e99a47b30e1629268477cb101ed30a58d4cc
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to