Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8e1632e0 by security tracker role at 2019-05-22T20:10:24Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2019-12287
+ RESERVED
+CVE-2019-12286
+ RESERVED
+CVE-2019-12285
+ RESERVED
+CVE-2019-12284
+ RESERVED
+CVE-2019-12283
+ RESERVED
+CVE-2019-12282
+ RESERVED
+CVE-2019-12281
+ RESERVED
+CVE-2019-12280
+ RESERVED
+CVE-2019-12279 (Nagios XI 5.6.1 allows SQL injection via the username
parameter to log ...)
+ TODO: check
+CVE-2019-12278
+ RESERVED
+CVE-2019-12277 (Blogifier 2.3 before 2019-05-11 does not properly restrict
APIs, as de ...)
+ TODO: check
+CVE-2019-12276
+ RESERVED
+CVE-2019-12275
+ RESERVED
+CVE-2016-10750 (In Hazelcast before 3.11, the cluster join procedure is
vulnerable to ...)
+ TODO: check
CVE-2019-12274
RESERVED
CVE-2019-12273
@@ -53,8 +81,7 @@ CVE-2019-12249
RESERVED
CVE-2019-12248
RESERVED
-CVE-2019-12247 [qemu-guest-agent: integer overflow while running guest-exec
command]
- RESERVED
+CVE-2019-12247 (QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c
files d ...)
- qemu <unfixed> (bug #929365)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2019-05/msg04596.html
@@ -241,8 +268,8 @@ CVE-2019-12169
RESERVED
CVE-2019-12168 (Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow
remote code ...)
NOT-FOR-US: Four-Faith Wireless Mobile Router F3x24 devices
-CVE-2019-12167
- RESERVED
+CVE-2019-12167 (httpGetSet/httpGet.htm on Emerson Network Power Liebert
Challenger 5.1 ...)
+ TODO: check
CVE-2019-12166
RESERVED
CVE-2019-12165
@@ -391,8 +418,8 @@ CVE-2019-12104
RESERVED
CVE-2019-12103
RESERVED
-CVE-2019-12102
- RESERVED
+CVE-2019-12102 (Kentico 11 through 12 lets attackers upload and explore files
without ...)
+ TODO: check
CVE-2019-12101 (coap_decode_option in coap.c in LibNyoci 0.07.00rc1 mishandles
certain ...)
NOT-FOR-US: LibNyoci
CVE-2019-12100
@@ -512,8 +539,8 @@ CVE-2019-12047 (Gridea v0.8.0 has an XSS vulnerability
through which the Nodejs
NOT-FOR-US: Gridea
CVE-2019-12045
RESERVED
-CVE-2019-12044
- RESERVED
+CVE-2019-12044 (A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x
before 10. ...)
+ TODO: check
CVE-2019-12043 (In remarkable 1.7.1, lib/parser_inline.js mishandles URL
filtering, wh ...)
NOT-FOR-US: remarkable
CVE-2019-12042
@@ -820,8 +847,7 @@ CVE-2019-11892
RESERVED
CVE-2019-11891
RESERVED
-CVE-2019-12046 [lemonldap-ng tokens allows anonymous session when stored in
session DB]
- RESERVED
+CVE-2019-12046 (LemonLDAP::NG -2.0.3 has Incorrect Access Control. ...)
{DSA-4446-1 DLA-1790-1}
- lemonldap-ng 2.0.2+ds-7+deb10u1 (bug #928944)
NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1742
@@ -850,8 +876,8 @@ CVE-2019-11882
RESERVED
CVE-2019-11881
RESERVED
-CVE-2019-11880
- RESERVED
+CVE-2019-11880 (CommSy through 8.6.5 has SQL Injection via the cid parameter.
This is ...)
+ TODO: check
CVE-2019-11879 (** DISPUTED ** The WEBrick gem 1.4.2 for Ruby allows directory
travers ...)
TODO: check
CVE-2019-11878 (An issue was discovered on XiongMai Besder IP20H1
V4.02.R12.00035520.1 ...)
@@ -928,8 +954,8 @@ CVE-2019-11844 (An HTML Injection vulnerability has been
discovered on the RICOH
NOT-FOR-US: RICOH
CVE-2019-11843
RESERVED
-CVE-2019-11841
- RESERVED
+CVE-2019-11841 (A message-forgery issue was discovered in
crypto/openpgp/clearsign/cle ...)
+ TODO: check
CVE-2019-11840 (An issue was discovered in supplementary Go cryptography
libraries, ak ...)
TODO: check
CVE-2019-11839 (njs through 0.3.1, used in NGINX, has a heap-based buffer
overflow in ...)
@@ -1243,6 +1269,7 @@ CVE-2019-11699
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11699
CVE-2019-11698
RESERVED
+ {DSA-4448-1}
- firefox <unfixed>
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -1271,6 +1298,7 @@ CVE-2019-11694
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-11694
CVE-2019-11693
RESERVED
+ {DSA-4448-1}
- firefox <unfixed>
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -1279,6 +1307,7 @@ CVE-2019-11693
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-11693
CVE-2019-11692
RESERVED
+ {DSA-4448-1}
- firefox <unfixed>
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -1287,6 +1316,7 @@ CVE-2019-11692
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-11692
CVE-2019-11691
RESERVED
+ {DSA-4448-1}
- firefox <unfixed>
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -1429,8 +1459,8 @@ CVE-2019-11636 (Zcash 2.x allows an inexpensive approach
to "fill all transactio
- zcash <itp> (bug #842388)
CVE-2019-11635
RESERVED
-CVE-2019-11634
- RESERVED
+CVE-2019-11634 (Citrix Workspace App before 1904 for Windows has Incorrect
Access Cont ...)
+ TODO: check
CVE-2019-11633 (HoneyPress through 2016-09-27 can be fingerprinted by
attackers becaus ...)
NOT-FOR-US: HoneyPress
CVE-2019-11632 (In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0
through 2019. ...)
@@ -1703,8 +1733,8 @@ CVE-2019-11538 (In Pulse Secure Pulse Connect Secure
version 9.0RX before 9.0R3.
NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11537 (In osTicket before 1.12, XSS exists via /upload/file.php,
/upload/scp/ ...)
NOT-FOR-US: osTicket
-CVE-2019-11536
- RESERVED
+CVE-2019-11536 (Kalki Kalkitech SYNC3000 Substation DCU GPC v2.22.6, 2.23.0,
2.24.0, 3 ...)
+ TODO: check
CVE-2019-11535
RESERVED
CVE-2019-11534
@@ -2481,8 +2511,8 @@ CVE-2019-11233
RESERVED
CVE-2019-11232
RESERVED
-CVE-2019-11231
- RESERVED
+CVE-2019-11231 (An issue was discovered in GetSimple CMS through 3.3.15.
insufficient ...)
+ TODO: check
CVE-2019-11230
RESERVED
CVE-2019-11229 (models/repo_mirror.go in Gitea before 1.7.6 and 1.8.x before
1.8-RC3 m ...)
@@ -5111,8 +5141,7 @@ CVE-2019-10134
RESERVED
CVE-2019-10133
RESERVED
-CVE-2019-10132 [Insecure permissions for systemd socket for virtlockd/virtlogd]
- RESERVED
+CVE-2019-10132 (A vulnerability was found in libvirt >= 4.1.0 in the
virtlockd-admi ...)
- libvirt 5.0.0-3 (bug #929334)
[stretch] - libvirt <not-affected> (Vulnerable code introduced in
4.1.0-rc1)
[jessie] - libvirt <not-affected> (Vulnerable code introduced in
4.1.0-rc1)
@@ -6597,6 +6626,7 @@ CVE-2019-9821
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9821
CVE-2019-9820
RESERVED
+ {DSA-4448-1}
- firefox <unfixed>
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -6605,6 +6635,7 @@ CVE-2019-9820
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-9820
CVE-2019-9819
RESERVED
+ {DSA-4448-1}
- firefox <unfixed>
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -6621,6 +6652,7 @@ CVE-2019-9818
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-9818
CVE-2019-9817
RESERVED
+ {DSA-4448-1}
- firefox <unfixed>
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -6629,6 +6661,7 @@ CVE-2019-9817
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-9817
CVE-2019-9816
RESERVED
+ {DSA-4448-1}
- firefox <unfixed>
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -6696,6 +6729,7 @@ CVE-2019-9801 (Firefox will accept any registered Program
ID as an external prot
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9801
CVE-2019-9800
RESERVED
+ {DSA-4448-1}
- firefox <unfixed>
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -6709,6 +6743,7 @@ CVE-2019-9798 (On Android systems, Firefox can load a
library from APITRACE_LIB,
- firefox <not-affected> (Android-specific)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9798
CVE-2019-9797 (Cross-origin images can be read in violation of the same-origin
policy ...)
+ {DSA-4448-1}
- firefox 66.0-1
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -10235,10 +10270,10 @@ CVE-2019-8445
RESERVED
CVE-2019-8444
RESERVED
-CVE-2019-8443
- RESERVED
-CVE-2019-8442
- RESERVED
+CVE-2019-8443 (The ViewUpgrades resource in Jira before version 7.13.4, from
version ...)
+ TODO: check
+CVE-2019-8442 (The CachingResourceDownloadRewriteRule class in Jira before
version 7. ...)
+ TODO: check
CVE-2019-8441
RESERVED
CVE-2019-8440 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS
Vulner ...)
@@ -11551,181 +11586,180 @@ CVE-2019-7846
RESERVED
CVE-2019-7845
RESERVED
-CVE-2019-7844
- RESERVED
+CVE-2019-7844 (Adobe Media Encoder version 13.0.2 has an out-of-bounds read
vulnerabi ...)
+ TODO: check
CVE-2019-7843
RESERVED
-CVE-2019-7842
- RESERVED
-CVE-2019-7841
- RESERVED
+CVE-2019-7842 (Adobe Media Encoder version 13.0.2 has a use-after-free
vulnerability. ...)
+ TODO: check
+CVE-2019-7841 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
CVE-2019-7840
RESERVED
CVE-2019-7839
RESERVED
CVE-2019-7838
RESERVED
-CVE-2019-7837
- RESERVED
+CVE-2019-7837 (Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171
and ear ...)
NOT-FOR-US: Adobe
-CVE-2019-7836
- RESERVED
-CVE-2019-7835
- RESERVED
-CVE-2019-7834
- RESERVED
-CVE-2019-7833
- RESERVED
-CVE-2019-7832
- RESERVED
-CVE-2019-7831
- RESERVED
-CVE-2019-7830
- RESERVED
-CVE-2019-7829
- RESERVED
-CVE-2019-7828
- RESERVED
-CVE-2019-7827
- RESERVED
-CVE-2019-7826
- RESERVED
-CVE-2019-7825
- RESERVED
-CVE-2019-7824
- RESERVED
-CVE-2019-7823
- RESERVED
-CVE-2019-7822
- RESERVED
-CVE-2019-7821
- RESERVED
-CVE-2019-7820
- RESERVED
+CVE-2019-7836 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7835 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7834 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7833 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7832 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7831 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7830 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7829 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7828 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7827 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7826 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7825 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7824 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7823 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7822 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7821 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7820 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
CVE-2019-7819
RESERVED
-CVE-2019-7818
- RESERVED
-CVE-2019-7817
- RESERVED
+CVE-2019-7818 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7817 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
CVE-2019-7816
RESERVED
CVE-2019-7815
RESERVED
-CVE-2019-7814
- RESERVED
-CVE-2019-7813
- RESERVED
-CVE-2019-7812
- RESERVED
-CVE-2019-7811
- RESERVED
-CVE-2019-7810
- RESERVED
-CVE-2019-7809
- RESERVED
-CVE-2019-7808
- RESERVED
-CVE-2019-7807
- RESERVED
-CVE-2019-7806
- RESERVED
-CVE-2019-7805
- RESERVED
-CVE-2019-7804
- RESERVED
-CVE-2019-7803
- RESERVED
-CVE-2019-7802
- RESERVED
-CVE-2019-7801
- RESERVED
-CVE-2019-7800
- RESERVED
-CVE-2019-7799
- RESERVED
-CVE-2019-7798
- RESERVED
-CVE-2019-7797
- RESERVED
-CVE-2019-7796
- RESERVED
-CVE-2019-7795
- RESERVED
-CVE-2019-7794
- RESERVED
-CVE-2019-7793
- RESERVED
-CVE-2019-7792
- RESERVED
-CVE-2019-7791
- RESERVED
-CVE-2019-7790
- RESERVED
-CVE-2019-7789
- RESERVED
-CVE-2019-7788
- RESERVED
-CVE-2019-7787
- RESERVED
-CVE-2019-7786
- RESERVED
-CVE-2019-7785
- RESERVED
-CVE-2019-7784
- RESERVED
-CVE-2019-7783
- RESERVED
-CVE-2019-7782
- RESERVED
-CVE-2019-7781
- RESERVED
-CVE-2019-7780
- RESERVED
-CVE-2019-7779
- RESERVED
-CVE-2019-7778
- RESERVED
-CVE-2019-7777
- RESERVED
-CVE-2019-7776
- RESERVED
-CVE-2019-7775
- RESERVED
-CVE-2019-7774
- RESERVED
-CVE-2019-7773
- RESERVED
-CVE-2019-7772
- RESERVED
-CVE-2019-7771
- RESERVED
-CVE-2019-7770
- RESERVED
-CVE-2019-7769
- RESERVED
-CVE-2019-7768
- RESERVED
-CVE-2019-7767
- RESERVED
-CVE-2019-7766
- RESERVED
-CVE-2019-7765
- RESERVED
-CVE-2019-7764
- RESERVED
-CVE-2019-7763
- RESERVED
-CVE-2019-7762
- RESERVED
-CVE-2019-7761
- RESERVED
-CVE-2019-7760
- RESERVED
-CVE-2019-7759
- RESERVED
-CVE-2019-7758
- RESERVED
+CVE-2019-7814 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7813 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7812 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7811 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7810 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7809 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7808 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7807 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7806 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7805 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7804 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7803 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7802 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7801 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7800 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7799 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7798 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7797 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7796 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7795 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7794 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7793 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7792 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7791 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7790 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7789 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7788 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7787 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7786 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7785 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7784 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7783 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7782 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7781 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7780 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7779 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7778 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7777 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7776 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7775 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7774 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7773 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7772 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7771 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7770 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7769 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7768 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7767 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7766 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7765 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7764 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7763 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7762 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7761 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7760 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7759 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7758 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
CVE-2019-7757
RESERVED
CVE-2019-7756
@@ -13005,7 +13039,7 @@ CVE-2019-7319
CVE-2019-7318
RESERVED
CVE-2019-7317 (png_image_free in png.c in libpng 1.6.36 has a use-after-free
because ...)
- {DSA-4435-1}
+ {DSA-4448-1 DSA-4435-1}
- libpng1.6 1.6.36-4 (bug #921355)
- firefox <unfixed>
- firefox-esr 60.7.0esr-1
@@ -13471,18 +13505,18 @@ CVE-2019-7146 (In elfutils 0.175, there is a buffer
over-read in the ebl_object_
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24081
NOTE:
https://sourceware.org/git/?p=elfutils.git;a=commit;h=012018907ca05eb0ab51d424a596ef38fc87cae1
NOTE:
https://sourceware.org/git/?p=elfutils.git;a=commit;h=cd7ded3df43f655af945c869976401a602e46fcd
-CVE-2019-7145
- RESERVED
-CVE-2019-7144
- RESERVED
-CVE-2019-7143
- RESERVED
-CVE-2019-7142
- RESERVED
-CVE-2019-7141
- RESERVED
-CVE-2019-7140
- RESERVED
+CVE-2019-7145 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7144 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7143 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7142 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7141 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
+CVE-2019-7140 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
+ TODO: check
CVE-2019-7139 (An unauthenticated user can execute arbitrary code through an
SQL inje ...)
NOT-FOR-US: Magento
CVE-2019-7138
@@ -16729,7 +16763,7 @@ CVE-2019-5799
- chromium 73.0.3683.75-1
CVE-2019-5798
RESERVED
- {DSA-4421-1}
+ {DSA-4448-1 DSA-4421-1}
- chromium 73.0.3683.75-1
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -17309,12 +17343,12 @@ CVE-2019-5629
RESERVED
CVE-2019-5628
RESERVED
-CVE-2019-5627
- RESERVED
-CVE-2019-5626
- RESERVED
-CVE-2019-5625
- RESERVED
+CVE-2019-5627 (The iOS mobile application BlueCats Reveal before 5.14 stores
the user ...)
+ TODO: check
+CVE-2019-5626 (The Android mobile application BlueCats Reveal before 3.0.19
stores th ...)
+ TODO: check
+CVE-2019-5625 (The Android mobile application Halo Home before 1.11.0 stores
OAuth au ...)
+ TODO: check
CVE-2019-5624 (Rapid7 Metasploit Framework suffers from an instance of CWE-22,
Improp ...)
NOT-FOR-US: Rapid7 Metasploit Framework
CVE-2019-5623
@@ -21448,7 +21482,7 @@ CVE-2019-3726
RESERVED
CVE-2019-3725 (RSA Netwitness Platform versions prior to 11.2.1.1 and RSA
Security An ...)
NOT-FOR-US: RSA Netwitness Platform
-CVE-2019-3724 (RSA Netwitness Platform versions prior to 11.2.1.1 and RSA
Security An ...)
+CVE-2019-3724 (RSA Netwitness Platform versions prior to 11.2.1.1 is
vulnerable to an ...)
NOT-FOR-US: RSA Netwitness Platform
CVE-2019-3723
RESERVED
@@ -23399,12 +23433,12 @@ CVE-2019-3405
RESERVED
CVE-2019-3404
RESERVED
-CVE-2019-3403
- RESERVED
-CVE-2019-3402
- RESERVED
-CVE-2019-3401
- RESERVED
+CVE-2019-3403 (The /rest/api/2/user/picker rest resource in Jira before
version 7.13. ...)
+ TODO: check
+CVE-2019-3402 (The ConfigurePortalPages.jspa resource in Jira before version
7.13.3 a ...)
+ TODO: check
+CVE-2019-3401 (The ManageFilters.jspa resource in Jira before version 7.13.3
and from ...)
+ TODO: check
CVE-2019-3400 (The labels gadget in Jira before version 7.13.2, and from
version 8.0. ...)
NOT-FOR-US: Atlassian
CVE-2019-3399 (The BrowseProjects.jspa resource in Jira before version 7.13.2,
and fr ...)
@@ -28856,8 +28890,8 @@ CVE-2018-19727 (Adobe Experience Manager versions 6.4,
6.3, 6.2, 6.1, and 6.0 ha
NOT-FOR-US: Adobe
CVE-2018-19726 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0
have a s ...)
NOT-FOR-US: Adobe
-CVE-2018-19725
- REJECTED
+CVE-2018-19725 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier,
2017.011 ...)
+ TODO: check
CVE-2018-19724 (Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have
a stored ...)
NOT-FOR-US: Adobe
CVE-2018-19723 (Adobe Acrobat and Reader versions 2018.011.20058 and earlier,
2017.011 ...)
@@ -35037,6 +35071,7 @@ CVE-2018-18512 (A use-after-free vulnerability can
occur while playing a sound n
- thunderbird 1:60.5.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2018-18512
CVE-2018-18511 (Cross-origin images can be read from a canvas element in
violation of ...)
+ {DSA-4448-1}
- firefox 65.0.1-1
- firefox-esr 60.7.0esr-1
- thunderbird <unfixed>
@@ -44862,8 +44897,8 @@ CVE-2018-14731 (An issue was discovered in HMRServer.js
in Parcel parcel-bundler
NOT-FOR-US: parcel-bundler
CVE-2018-14730 (An issue was discovered in Browserify-HMR. Attackers are able
to steal ...)
NOT-FOR-US: Browserify-HMR
-CVE-2018-14729
- RESERVED
+CVE-2018-14729 (The database backup feature in
upload/source/admincp/admincp_db.php in ...)
+ TODO: check
CVE-2018-14728 (upload.php in Responsive FileManager 9.13.1 allows SSRF via
the url pa ...)
NOT-FOR-US: Responsive FileManager
CVE-2018-14727
@@ -49565,8 +49600,8 @@ CVE-2018-12888
RESERVED
CVE-2018-12887
RESERVED
-CVE-2018-12886
- RESERVED
+CVE-2018-12886 (stack_protect_prologue in cfgexpand.c and
stack_protect_epilogue in fu ...)
+ TODO: check
CVE-2018-12885 (The randMod() function of the smart contract implementation
for MyCryp ...)
NOT-FOR-US: MyCryptoChamp
CVE-2018-12884 (In Octopus Deploy 3.0 onwards (before 2018.6.7), an
authenticated user ...)
@@ -65494,8 +65529,8 @@ CVE-2018-7204 (inc/logger.php in the Giribaz File
Manager plugin before 5.0.2 fo
NOT-FOR-US: Wordpress plugin
CVE-2018-7203 (Cross-site scripting (XSS) vulnerability in Twonky Server
7.0.11 throu ...)
NOT-FOR-US: Twonky Server
-CVE-2018-7202
- RESERVED
+CVE-2018-7202 (An issue was discovered in ProjectSend before r1053. XSS exists
in the ...)
+ TODO: check
CVE-2018-7201
RESERVED
CVE-2018-7200
@@ -80687,8 +80722,8 @@ CVE-2018-1993 (IBM Spectrum Scale (GPFS) 4.1.1, 4.2.0,
4.2.1, 4.2.2, 4.2.3, and
NOT-FOR-US: IBM
CVE-2018-1992 (The IBM Power 9 OP910, OP920, and FW910 boot firmware's
bootloader is ...)
NOT-FOR-US: IBM
-CVE-2018-1991
- RESERVED
+CVE-2018-1991 (IBM API Connect 5.0.0.0, and 5.0.8.6 could could return
sensitive info ...)
+ TODO: check
CVE-2018-1990 (IBM Cloud App Management V2018.2.0, V2018.4.0, and V2018.4.1
could all ...)
NOT-FOR-US: IBM
CVE-2018-1989
@@ -107208,10 +107243,10 @@ CVE-2017-9811 (The kluser is able to interact with
the kav4fs-control binary in
NOT-FOR-US: Kaspersky Anti-Virus
CVE-2017-9810 (There are no Anti-CSRF tokens in any forms on the web interface
in Kas ...)
NOT-FOR-US: Kaspersky Anti-Virus
-CVE-2017-9809
- RESERVED
-CVE-2017-9808
- RESERVED
+CVE-2017-9809 (OX Software GmbH OX App Suite 7.8.4 and earlier is affected by:
Inform ...)
+ TODO: check
+CVE-2017-9808 (OX Software GmbH OX App Suite 7.8.4 and earlier is affected by:
Cross ...)
+ TODO: check
CVE-2015-9098 (In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote
attack ...)
NOT-FOR-US: Redgate SQL Monitor
CVE-2017-9807 (An issue was discovered in the OpenWebif plugin through 1.2.4
for E2 o ...)
@@ -112377,8 +112412,8 @@ CVE-2017-8780 (GeniXCMS 1.0.2 has XSS triggered by a
comment that is mishandled
CVE-2017-8778 (GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before
8.16.5 h ...)
- gitlab <not-affected> (SVG rendering feature introduced later, cf.
bug #861870)
NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/27471
-CVE-2017-8777
- RESERVED
+CVE-2017-8777 (Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is
affected by: M ...)
+ TODO: check
CVE-2017-8779 (rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc
through 1.0 ...)
{DSA-3845-1 DLA-937-1 DLA-936-1}
- rpcbind 0.2.3-0.6 (bug #861835)
@@ -119327,8 +119362,8 @@ CVE-2017-6516 (A Local Privilege Escalation
Vulnerability in MagniComp's Sysinfo
NOT-FOR-US: MagniComp
CVE-2017-6515
RESERVED
-CVE-2017-6514
- RESERVED
+CVE-2017-6514 (WordPress 4.7.2 mishandles listings of post authors, which
allows remo ...)
+ TODO: check
CVE-2017-6513 (The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor
before 2 ...)
NOT-FOR-US: Softaculous Virtualizor
CVE-2017-6512 (Race condition in the rmtree and remove_tree functions in the
File-Pat ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8e1632e08ee68a479884479043938f9dd55eabc5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8e1632e08ee68a479884479043938f9dd55eabc5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
