[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Wed, 05 Jun 2019 01:11:14 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0850fe01 by security tracker role at 2019-06-05T08:10:14Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -230,8 +230,8 @@ CVE-2019-12618
        RESERVED
 CVE-2019-12617
        RESERVED
-CVE-2019-12616
-       RESERVED
+CVE-2019-12616 (An issue was discovered in phpMyAdmin before 4.9.0. A 
vulnerability wa ...)
+       TODO: check
 CVE-2019-12613
        RESERVED
 CVE-2019-12612
@@ -1193,10 +1193,10 @@ CVE-2019-12212 (When FreeImage 3.18.0 reads a special 
JXR file, the StreamCalcIF
 CVE-2019-12211 (When FreeImage 3.18.0 reads a tiff file, it will be handed to 
the Load ...)
        - freeimage <unfixed> (bug #929597)
        NOTE: 
https://sourceforge.net/p/freeimage/discussion/36111/thread/e06734bed5/
-CVE-2019-12210
-       RESERVED
-CVE-2019-12209
-       RESERVED
+CVE-2019-12210 (In Yubico pam-u2f 1.0.7, when configured with debug and a 
custom debug ...)
+       TODO: check
+CVE-2019-12209 (Yubico pam-u2f 1.0.7 attempts parsing of the configured 
authfile (defa ...)
+       TODO: check
 CVE-2019-12208 (njs through 0.3.1, used in NGINX, has a heap-based buffer 
overflow in  ...)
        NOT-FOR-US: njs
 CVE-2019-12207 (njs through 0.3.1, used in NGINX, has a heap-based buffer 
over-read in ...)
@@ -2142,8 +2142,8 @@ CVE-2019-11770
        RESERVED
 CVE-2019-11769
        RESERVED
-CVE-2019-11768
-       RESERVED
+CVE-2019-11768 (An issue was discovered in phpMyAdmin before 4.9.0.1. A 
vulnerability  ...)
+       TODO: check
 CVE-2019-11767 (Server side request forgery (SSRF) in phpBB before 3.2.6 
allows checki ...)
        - phpbb3 <removed>
        [jessie] - phpbb3 <postponed> (Minor issue, solution/workaround is to 
disable the remote avatar function)
@@ -5145,8 +5145,8 @@ CVE-2019-10638
        RESERVED
 CVE-2019-10637
        RESERVED
-CVE-2019-10636
-       RESERVED
+CVE-2019-10636 (Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 
88SS1093, 88SS10 ...)
+       TODO: check
 CVE-2019-10635
        RESERVED
 CVE-2019-10634 (An XSS vulnerability in the Zyxel NAS 326 version 5.21 and 
below allow ...)
@@ -18541,12 +18541,12 @@ CVE-2019-5590
        RESERVED
 CVE-2019-5589 (An Unsafe Search Path vulnerability in FortiClient Online 
Installer (W ...)
        NOT-FOR-US: FortiGuard
-CVE-2019-5588
-       RESERVED
-CVE-2019-5587
-       RESERVED
-CVE-2019-5586
-       RESERVED
+CVE-2019-5588 (A reflected Cross-Site-Scripting (XSS) vulnerability in 
Fortinet Forti ...)
+       TODO: check
+CVE-2019-5587 (Lack of root file system integrity checking in Fortinet FortiOS 
VM app ...)
+       TODO: check
+CVE-2019-5586 (A reflected Cross-Site-Scripting (XSS) vulnerability in 
Fortinet Forti ...)
+       TODO: check
 CVE-2019-5585 (An improper access control vulnerability in FortiClientMac 
before 6.0. ...)
        NOT-FOR-US: Fortiguard FortiClientMac
 CVE-2019-5584
@@ -49571,18 +49571,18 @@ CVE-2018-13386 (There was an argument injection 
vulnerability in Sourcetree for
        NOT-FOR-US: Atlassian Sourcetree
 CVE-2018-13385 (There was an argument injection vulnerability in Sourcetree 
for macOS  ...)
        NOT-FOR-US: Atlassian Sourcetree
-CVE-2018-13384
-       RESERVED
+CVE-2018-13384 (A Host Header Redirection vulnerability in Fortinet FortiOS 
all versio ...)
+       TODO: check
 CVE-2018-13383 (A heap buffer overflow in Fortinet FortiOS all versions below 
6.0.5 in ...)
        NOT-FOR-US: Fortinet FortiOS
-CVE-2018-13382
-       RESERVED
-CVE-2018-13381
-       RESERVED
-CVE-2018-13380
-       RESERVED
-CVE-2018-13379
-       RESERVED
+CVE-2018-13382 (An Improper Authorization vulnerability in Fortinet FortiOS 
6.0.0 to 6 ...)
+       TODO: check
+CVE-2018-13381 (A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 to 
6.0.4, 5. ...)
+       TODO: check
+CVE-2018-13380 (A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 
6.0.0 t ...)
+       TODO: check
+CVE-2018-13379 (An Improper Limitation of a Pathname to a Restricted Directory 
("Path  ...)
+       TODO: check
 CVE-2018-13378 (An information disclosure vulnerability in Fortinet FortiSIEM 
5.2.0 an ...)
        NOT-FOR-US: Fortinet FortiSIEM
 CVE-2018-13377



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0850fe0108eb8bca472132e43d1307fc5fc48719

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0850fe0108eb8bca472132e43d1307fc5fc48719
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to