[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Tue, 21 May 2019 01:10:39 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e21fd778 by security tracker role at 2019-05-21T08:10:20Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2019-12246
+       RESERVED
+CVE-2019-12245
+       RESERVED
+CVE-2019-12244
+       RESERVED
+CVE-2019-12243
+       RESERVED
+CVE-2019-12242
+       RESERVED
+CVE-2019-12241 (The Carts Guru plugin 1.4.5 for WordPress allows Insecure 
Deserializat ...)
+       TODO: check
+CVE-2019-12240 (The Virim plugin 0.4 for WordPress allows Insecure 
Deserialization via ...)
+       TODO: check
+CVE-2019-12239 (The WP Booking System plugin 1.5.1 for WordPress has no CSRF 
protectio ...)
+       TODO: check
 CVE-2019-12238
        RESERVED
 CVE-2019-12237
@@ -905,8 +921,8 @@ CVE-2019-11818 (Alkacon OpenCMS v10.5.4 and before is 
affected by stored cross s
        NOT-FOR-US: Alkacon OpenCMS
 CVE-2019-11817
        RESERVED
-CVE-2019-11816
-       RESERVED
+CVE-2019-11816 (Incorrect access control in the WebUI in OPNsense before 
version 19.1. ...)
+       TODO: check
 CVE-2019-11814 (An issue was discovered in app/webroot/js/misp.js in MISP 
before 2.4.1 ...)
        NOT-FOR-US: MISP
 CVE-2019-11813 (An issue was discovered in 
app/View/Elements/Events/View/value_field.c ...)
@@ -5134,14 +5150,11 @@ CVE-2019-10080
        RESERVED
 CVE-2019-10079
        RESERVED
-CVE-2019-10078
-       RESERVED
+CVE-2019-10078 (A carefully crafted plugin link invocation could trigger an 
XSS vulner ...)
        - jspwiki <removed>
-CVE-2019-10077
-       RESERVED
+CVE-2019-10077 (A carefully crafted InterWiki link could trigger an XSS 
vulnerability  ...)
        - jspwiki <removed>
-CVE-2019-10076
-       RESERVED
+CVE-2019-10076 (A carefully crafted malicious attachment could trigger an XSS 
vulnerab ...)
        - jspwiki <removed>
 CVE-2019-10075
        RESERVED
@@ -28402,7 +28415,7 @@ CVE-2018-19827 (In LibSass 3.5.5, a use-after-free 
vulnerability exists in the S
        - libsass <unfixed>
        [stretch] - libsass <no-dsa> (Minor issue)
        NOTE: https://github.com/sass/libsass/issues/2782
-CVE-2018-19826 (In inspect.cpp in LibSass 3.5.5, a high memory footprint 
caused by an  ...)
+CVE-2018-19826 (** DISPUTED ** In inspect.cpp in LibSass 3.5.5, a high memory 
footprin ...)
        - libsass <unfixed>
        [stretch] - libsass <no-dsa> (Minor issue)
        NOTE: https://github.com/sass/libsass/issues/2781



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e21fd778dd372eb52b3753ccaef71844aa45ab62

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e21fd778dd372eb52b3753ccaef71844aa45ab62
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to