Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6d6bff9f by security tracker role at 2019-06-12T20:10:20Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3754,8 +3754,7 @@ CVE-2019-11271
RESERVED
CVE-2019-11270
RESERVED
-CVE-2019-11269
- RESERVED
+CVE-2019-11269 (Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior
to 2.2.5, ...)
NOT-FOR-US: Spring Security OAuth
CVE-2019-11268
RESERVED
@@ -4523,8 +4522,8 @@ CVE-2019-10973
RESERVED
CVE-2019-10972
RESERVED
-CVE-2019-10971
- RESERVED
+CVE-2019-10971 (The application (Network Configurator for DeviceNet Safety
3.41 and pr ...)
+ TODO: check
CVE-2019-10970
RESERVED
CVE-2019-10969
@@ -4613,10 +4612,10 @@ CVE-2019-10928
RESERVED
CVE-2019-10927
RESERVED
-CVE-2019-10926
- RESERVED
-CVE-2019-10925
- RESERVED
+CVE-2019-10926 (A vulnerability has been identified in SIMATIC Ident MV420
family (All ...)
+ TODO: check
+CVE-2019-10925 (A vulnerability has been identified in SIMATIC Ident MV420
family (All ...)
+ TODO: check
CVE-2019-10924 (A vulnerability has been identified in LOGO! Soft Comfort (All
version ...)
NOT-FOR-US: Siemens
CVE-2019-10923
@@ -6484,15 +6483,14 @@ CVE-2019-10159
CVE-2019-10158
RESERVED
NOT-FOR-US: infinispan
-CVE-2019-10157
- RESERVED
+CVE-2019-10157 (It was found that Keycloak's Node.js adapter before version
4.8.3 did ...)
+ TODO: check
CVE-2019-10156 [templating causing an unexpected key file to be set on remote
node]
RESERVED
- ansible <unfixed> (bug #930065)
NOTE: https://github.com/ansible/ansible/pull/57188
TODO: check details
-CVE-2019-10155 [IKEv1 Informational exchange integrity check failure]
- RESERVED
+CVE-2019-10155 (The Libreswan Project has found a vulnerability in the
processing of I ...)
- libreswan 3.27-6 (bug #930338)
NOTE: https://libreswan.org/security/CVE-2019-10155/
CVE-2019-10154
@@ -6509,8 +6507,7 @@ CVE-2019-10152
NOT-FOR-US: Podman
CVE-2019-10151
RESERVED
-CVE-2019-10150
- RESERVED
+CVE-2019-10150 (It was found that OpenShift Container Platform versions 3.6.x
- 4.6.0 ...)
NOT-FOR-US: OpenShift
CVE-2019-10149 (A flaw was found in Exim versions 4.87 to 4.91 (inclusive).
Improper v ...)
{DSA-4456-1}
@@ -8551,8 +8548,8 @@ CVE-2019-9678
RESERVED
CVE-2019-9677
RESERVED
-CVE-2019-9676
- RESERVED
+CVE-2019-9676 (Buffer overflow vulnerability found in some Dahua IP Camera
devices IP ...)
+ TODO: check
CVE-2019-9675 (** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27
and 7. ...)
{DSA-4403-1}
- php7.3 7.3.3-1 (unimportant)
@@ -13043,8 +13040,7 @@ CVE-2019-7847
RESERVED
CVE-2019-7846
RESERVED
-CVE-2019-7845
- RESERVED
+CVE-2019-7845 (Adobe Flash Player versions 32.0.0.192 and earlier, 32.0.0.192
and ear ...)
NOT-FOR-US: Adobe
CVE-2019-7844 (Adobe Media Encoder version 13.0.2 has an out-of-bounds read
vulnerabi ...)
NOT-FOR-US: Adobe
@@ -13054,12 +13050,12 @@ CVE-2019-7842 (Adobe Media Encoder version 13.0.2 has
a use-after-free vulnerabi
NOT-FOR-US: Adobe
CVE-2019-7841 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
NOT-FOR-US: Adobe
-CVE-2019-7840
- RESERVED
-CVE-2019-7839
- RESERVED
-CVE-2019-7838
- RESERVED
+CVE-2019-7840 (ColdFusion versions Update 3 and earlier, Update 10 and
earlier, and U ...)
+ TODO: check
+CVE-2019-7839 (ColdFusion versions Update 3 and earlier, Update 10 and
earlier, and U ...)
+ TODO: check
+CVE-2019-7838 (ColdFusion versions Update 3 and earlier, Update 10 and
earlier, and U ...)
+ TODO: check
CVE-2019-7837 (Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171
and ear ...)
NOT-FOR-US: Adobe
CVE-2019-7836 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
@@ -16250,16 +16246,16 @@ CVE-2019-6586
RESERVED
CVE-2019-6585
RESERVED
-CVE-2019-6584
- RESERVED
+CVE-2019-6584 (A vulnerability has been identified in SIEMENS LOGO!8
(6ED1052-xyyxx-0 ...)
+ TODO: check
CVE-2019-6583
RESERVED
-CVE-2019-6582
- RESERVED
-CVE-2019-6581
- RESERVED
-CVE-2019-6580
- RESERVED
+CVE-2019-6582 (A vulnerability has been identified in Siveillance VMS 2017 R2
(All ve ...)
+ TODO: check
+CVE-2019-6581 (A vulnerability has been identified in Siveillance VMS 2017 R2
(All ve ...)
+ TODO: check
+CVE-2019-6580 (A vulnerability has been identified in Siveillance VMS 2017 R2
(All ve ...)
+ TODO: check
CVE-2019-6579 (A vulnerability has been identified in Spectrum Power 4 (with
Web Offi ...)
NOT-FOR-US: Spectrum Power
CVE-2019-6578 (A vulnerability has been identified in SINAMICS PERFECT HARMONY
GH180 ...)
@@ -16276,16 +16272,16 @@ CVE-2019-6573
RESERVED
CVE-2019-6572 (A vulnerability has been identified in SIMATIC HMI Comfort
Panels 4" - ...)
NOT-FOR-US: Siemens
-CVE-2019-6571
- RESERVED
+CVE-2019-6571 (A vulnerability has been identified in SIEMENS LOGO!8
(6ED1052-xyyxx-0 ...)
+ TODO: check
CVE-2019-6570 (A vulnerability has been identified in SINEMA Remote Connect
Server (A ...)
NOT-FOR-US: Siemens
-CVE-2019-6569 (A vulnerability has been identified in Scalance X-200 (All
versions), ...)
+CVE-2019-6569 (A vulnerability has been identified in Scalance X-200 (All
versions &l ...)
NOT-FOR-US: Scalance
CVE-2019-6568 (A vulnerability has been identified in CP1604 (All versions),
CP1616 ( ...)
NOT-FOR-US: Siemens
-CVE-2019-6567
- RESERVED
+CVE-2019-6567 (A vulnerability has been identified in SCALANCE X-200 (All
Versions &l ...)
+ TODO: check
CVE-2019-6566 (GE Communicator, all versions prior to 4.0.517, allows a
non-administr ...)
NOT-FOR-US: GE Communicator
CVE-2019-6565 (Moxa IKS and EDS fails to properly validate user input, giving
unauthe ...)
@@ -19205,10 +19201,10 @@ CVE-2019-5444
RESERVED
CVE-2019-5443
RESERVED
-CVE-2019-5442
- RESERVED
-CVE-2019-5441 (An OS Command Injection has been discovered in the Nextcloud
App: Extr ...)
+CVE-2019-5442 (XML Entity Expansion (Billion Laughs Attack) on Pippo 1.12.0
results i ...)
TODO: check
+CVE-2019-5441
+ REJECTED
CVE-2019-5440 (Use of cryptographically weak PRNG in the password recovery
token gene ...)
NOT-FOR-US: Revive Adserver
CVE-2019-5439
@@ -22263,10 +22259,10 @@ CVE-2019-3949
RESERVED
CVE-2019-3948
RESERVED
-CVE-2019-3947
- RESERVED
-CVE-2019-3946
- RESERVED
+CVE-2019-3947 (Fuji Electric V-Server before 6.0.33.0 stores database
credentials in ...)
+ TODO: check
+CVE-2019-3946 (Fuji Electric V-Server before 6.0.33.0 is vulnerable to denial
of serv ...)
+ TODO: check
CVE-2019-3945
RESERVED
CVE-2019-3944
@@ -22413,8 +22409,7 @@ CVE-2019-3890
NOTE: Depends on evolution-data-server patch:
https://gitlab.gnome.org/GNOME/evolution-data-server/commit/6672b8236139bd6ef41ecb915f4c72e2a052dba5
CVE-2019-3889
RESERVED
-CVE-2019-3888 [leak credentials to log files
UndertowLogger.REQUEST_LOGGER.undertowRequestFailed]
- RESERVED
+CVE-2019-3888 (A vulnerability was found in Undertow web server before 2.0.21.
An inf ...)
- undertow <unfixed> (bug #930349)
NOTE: https://github.com/undertow-io/undertow/pull/736
CVE-2019-3887 (A flaw was found in the way KVM hypervisor handled x2APIC
Machine Spec ...)
@@ -22484,18 +22479,17 @@ CVE-2019-3877 (A vulnerability was found in
mod_auth_mellon before v0.14.2. An o
NOTE:
https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8
CVE-2019-3876 (A flaw was found in the /oauth/token/request custom endpoint of
the Op ...)
NOT-FOR-US: Openshift OAuth server
-CVE-2019-3875
- RESERVED
+CVE-2019-3875 (A vulnerability was found in keycloak before 6.0.2. The X.509
authenti ...)
NOT-FOR-US: Keycloak
CVE-2019-3874 (The SCTP socket buffer used by a userspace application is not
accounte ...)
- linux <unfixed>
[stretch] - linux <ignored> (Minor issue)
[jessie] - linux <ignored> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1686373
-CVE-2019-3873
- RESERVED
-CVE-2019-3872
- RESERVED
+CVE-2019-3873 (It was found that Picketlink as shipped with Jboss Enterprise
Applicat ...)
+ TODO: check
+CVE-2019-3872 (It was found that a SAMLRequest containing a script could be
processed ...)
+ TODO: check
CVE-2019-3871 (A vulnerability was found in PowerDNS Authoritative Server
before 4.0. ...)
{DSA-4424-1 DLA-1737-1}
- pdns 4.1.6-2 (bug #924966)
@@ -31686,10 +31680,10 @@ CVE-2019-1083
RESERVED
CVE-2019-1082
RESERVED
-CVE-2019-1081
- RESERVED
-CVE-2019-1080
- RESERVED
+CVE-2019-1081 (An information disclosure vulnerability exists when affected
Microsoft ...)
+ TODO: check
+CVE-2019-1080 (A remote code execution vulnerability exists in the way the
scripting ...)
+ TODO: check
CVE-2019-1079
RESERVED
CVE-2019-1078
@@ -31710,18 +31704,18 @@ CVE-2019-1071
RESERVED
CVE-2019-1070
RESERVED
-CVE-2019-1069
- RESERVED
+CVE-2019-1069 (An elevation of privilege vulnerability exists in the way the
Task Sch ...)
+ TODO: check
CVE-2019-1068
RESERVED
CVE-2019-1067
RESERVED
CVE-2019-1066
RESERVED
-CVE-2019-1065
- RESERVED
-CVE-2019-1064
- RESERVED
+CVE-2019-1065 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
+ TODO: check
+CVE-2019-1064 (An elevation of privilege vulnerability exists when Windows
AppX Deplo ...)
+ TODO: check
CVE-2019-1063
RESERVED
CVE-2019-1062
@@ -31738,152 +31732,152 @@ CVE-2019-1057
RESERVED
CVE-2019-1056
RESERVED
-CVE-2019-1055
- RESERVED
-CVE-2019-1054
- RESERVED
-CVE-2019-1053
- RESERVED
-CVE-2019-1052
- RESERVED
-CVE-2019-1051
- RESERVED
-CVE-2019-1050
- RESERVED
-CVE-2019-1049
- RESERVED
-CVE-2019-1048
- RESERVED
-CVE-2019-1047
- RESERVED
-CVE-2019-1046
- RESERVED
-CVE-2019-1045
- RESERVED
-CVE-2019-1044
- RESERVED
-CVE-2019-1043
- RESERVED
+CVE-2019-1055 (A remote code execution vulnerability exists in the way the
scripting ...)
+ TODO: check
+CVE-2019-1054 (A security feature bypass vulnerability exists in Edge that
allows for ...)
+ TODO: check
+CVE-2019-1053 (An elevation of privilege vulnerability exists when the Windows
Shell ...)
+ TODO: check
+CVE-2019-1052 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
+CVE-2019-1051 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
+CVE-2019-1050 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
+CVE-2019-1049 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
+CVE-2019-1048 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
+CVE-2019-1047 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
+CVE-2019-1046 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
+CVE-2019-1045 (An elevation of privilege vulnerability exists in the way that
the Win ...)
+ TODO: check
+CVE-2019-1044 (A security feature bypass vulnerability exists when Windows
Secure Ker ...)
+ TODO: check
+CVE-2019-1043 (A remote code execution vulnerability exists in the way that
comctl32. ...)
+ TODO: check
CVE-2019-1042
RESERVED
-CVE-2019-1041
- RESERVED
-CVE-2019-1040
- RESERVED
-CVE-2019-1039
- RESERVED
-CVE-2019-1038
- RESERVED
+CVE-2019-1041 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
+ TODO: check
+CVE-2019-1040 (A tampering vulnerability exists in Microsoft Windows when a
man-in-th ...)
+ TODO: check
+CVE-2019-1039 (An information disclosure vulnerability exists when the Windows
kernel ...)
+ TODO: check
+CVE-2019-1038 (A remote code execution vulnerability exists in the way that
Microsoft ...)
+ TODO: check
CVE-2019-1037
RESERVED
-CVE-2019-1036
- RESERVED
-CVE-2019-1035
- RESERVED
-CVE-2019-1034
- RESERVED
-CVE-2019-1033
- RESERVED
-CVE-2019-1032
- RESERVED
-CVE-2019-1031
- RESERVED
+CVE-2019-1036 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
+ TODO: check
+CVE-2019-1035 (A remote code execution vulnerability exists in Microsoft Word
softwar ...)
+ TODO: check
+CVE-2019-1034 (A remote code execution vulnerability exists in Microsoft Word
softwar ...)
+ TODO: check
+CVE-2019-1033 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
+ TODO: check
+CVE-2019-1032 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
+ TODO: check
+CVE-2019-1031 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
+ TODO: check
CVE-2019-1030
RESERVED
-CVE-2019-1029
- RESERVED
-CVE-2019-1028
- RESERVED
-CVE-2019-1027
- RESERVED
-CVE-2019-1026
- RESERVED
-CVE-2019-1025
- RESERVED
-CVE-2019-1024
- RESERVED
-CVE-2019-1023
- RESERVED
-CVE-2019-1022
- RESERVED
-CVE-2019-1021
- RESERVED
+CVE-2019-1029 (A denial of service vulnerability exists in Skype for Business,
aka 'S ...)
+ TODO: check
+CVE-2019-1028 (An elevation of privilege exists in Windows Audio Service, aka
'Window ...)
+ TODO: check
+CVE-2019-1027 (An elevation of privilege exists in Windows Audio Service, aka
'Window ...)
+ TODO: check
+CVE-2019-1026 (An elevation of privilege exists in Windows Audio Service, aka
'Window ...)
+ TODO: check
+CVE-2019-1025 (A denial of service vulnerability exists when Windows
improperly handl ...)
+ TODO: check
+CVE-2019-1024 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
+CVE-2019-1023 (An information disclosure vulnerability exists when the
scripting engi ...)
+ TODO: check
+CVE-2019-1022 (An elevation of privilege exists in Windows Audio Service, aka
'Window ...)
+ TODO: check
+CVE-2019-1021 (An elevation of privilege exists in Windows Audio Service, aka
'Window ...)
+ TODO: check
CVE-2019-1020
RESERVED
-CVE-2019-1019
- RESERVED
-CVE-2019-1018
- RESERVED
-CVE-2019-1017
- RESERVED
-CVE-2019-1016
- RESERVED
-CVE-2019-1015
- RESERVED
-CVE-2019-1014
- RESERVED
-CVE-2019-1013
- RESERVED
-CVE-2019-1012
- RESERVED
-CVE-2019-1011
- RESERVED
-CVE-2019-1010
- RESERVED
-CVE-2019-1009
- RESERVED
+CVE-2019-1019 (A security feature bypass vulnerability exists where a NETLOGON
messag ...)
+ TODO: check
+CVE-2019-1018 (An elevation of privilege vulnerability exists when DirectX
improperly ...)
+ TODO: check
+CVE-2019-1017 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
+ TODO: check
+CVE-2019-1016 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
+CVE-2019-1015 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
+CVE-2019-1014 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
+ TODO: check
+CVE-2019-1013 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
+CVE-2019-1012 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
+CVE-2019-1011 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
+CVE-2019-1010 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
+CVE-2019-1009 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
CVE-2019-1008 (A security feature bypass vulnerability exists in Dynamics On
Premise, ...)
NOT-FOR-US: Microsoft Dynamics On-Premise
-CVE-2019-1007
- RESERVED
+CVE-2019-1007 (An elevation of privilege exists in Windows Audio Service, aka
'Window ...)
+ TODO: check
CVE-2019-1006
RESERVED
-CVE-2019-1005
- RESERVED
+CVE-2019-1005 (A remote code execution vulnerability exists in the way the
scripting ...)
+ TODO: check
CVE-2019-1004
RESERVED
-CVE-2019-1003
- RESERVED
-CVE-2019-1002
- RESERVED
+CVE-2019-1003 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
+CVE-2019-1002 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
CVE-2019-1001
RESERVED
CVE-2019-1000 (An elevation of privilege vulnerability exists in Microsoft
Azure Acti ...)
NOT-FOR-US: Microsoft
CVE-2019-0999
RESERVED
-CVE-2019-0998
- RESERVED
+CVE-2019-0998 (An elevation of privilege vulnerability exists when the Storage
Servic ...)
+ TODO: check
CVE-2019-0997
RESERVED
-CVE-2019-0996
- RESERVED
+CVE-2019-0996 (A spoofing vulnerability exists in Azure DevOps Server when it
imprope ...)
+ TODO: check
CVE-2019-0995 (A security feature bypass vulnerability exists when urlmon.dll
imprope ...)
NOT-FOR-US: Microsoft
CVE-2019-0994
RESERVED
-CVE-2019-0993
- RESERVED
-CVE-2019-0992
- RESERVED
-CVE-2019-0991
- RESERVED
-CVE-2019-0990
- RESERVED
-CVE-2019-0989
- RESERVED
-CVE-2019-0988
- RESERVED
+CVE-2019-0993 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
+CVE-2019-0992 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
+CVE-2019-0991 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
+CVE-2019-0990 (An information disclosure vulnerability exists when the
scripting engi ...)
+ TODO: check
+CVE-2019-0989 (A remote code execution vulnerability exists in the way that
the Chakr ...)
+ TODO: check
+CVE-2019-0988 (A remote code execution vulnerability exists in the way that
the scrip ...)
+ TODO: check
CVE-2019-0987
RESERVED
-CVE-2019-0986
- RESERVED
-CVE-2019-0985
- RESERVED
-CVE-2019-0984
- RESERVED
-CVE-2019-0983
- RESERVED
+CVE-2019-0986 (An elevation of privilege vulnerability exists when the Windows
User P ...)
+ TODO: check
+CVE-2019-0985 (A remote code execution vulnerability exists when the Microsoft
Speech ...)
+ TODO: check
+CVE-2019-0984 (An elevation of privilege vulnerability exists when the Windows
Common ...)
+ TODO: check
+CVE-2019-0983 (An elevation of privilege vulnerability exists when the Storage
Servic ...)
+ TODO: check
CVE-2019-0982 (A denial of service vulnerability exists when ASP.NET Core
improperly ...)
NOT-FOR-US: Microsoft
CVE-2019-0981 (A denial of service vulnerability exists when .NET Framework or
.NET C ...)
@@ -31894,8 +31888,8 @@ CVE-2019-0979 (A Cross-site Scripting (XSS)
vulnerability exists when Azure DevO
NOT-FOR-US: Microsoft
CVE-2019-0978
RESERVED
-CVE-2019-0977
- RESERVED
+CVE-2019-0977 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
CVE-2019-0976 (A tampering vulnerability exists in the NuGet Package Manager
for Linu ...)
- nuget <not-affected> (Vulnerable code introduced in 5.0.0)
NOTE: Fixed in NuGet.Client 5.0.2.
@@ -31903,20 +31897,20 @@ CVE-2019-0976 (A tampering vulnerability exists in
the NuGet Package Manager for
NOTE:
https://github.com/NuGet/NuGet.Client/commit/e32a2ea7096debd3e513188f6779bb1041593326
(5.0.2.5988)
CVE-2019-0975
RESERVED
-CVE-2019-0974
- RESERVED
-CVE-2019-0973
- RESERVED
-CVE-2019-0972
- RESERVED
+CVE-2019-0974 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
+ TODO: check
+CVE-2019-0973 (An elevation of privilege vulnerability exists in the Windows
Installe ...)
+ TODO: check
+CVE-2019-0972 (This security update corrects a denial of service in the Local
Securit ...)
+ TODO: check
CVE-2019-0971 (An information disclosure vulnerability exists when Azure
DevOps Serve ...)
NOT-FOR-US: Microsoft
CVE-2019-0970
RESERVED
CVE-2019-0969
RESERVED
-CVE-2019-0968
- RESERVED
+CVE-2019-0968 (An information disclosure vulnerability exists when the Windows
GDI co ...)
+ TODO: check
CVE-2019-0967
RESERVED
CVE-2019-0966
@@ -31931,10 +31925,10 @@ CVE-2019-0962
RESERVED
CVE-2019-0961 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
-CVE-2019-0960
- RESERVED
-CVE-2019-0959
- RESERVED
+CVE-2019-0960 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
+ TODO: check
+CVE-2019-0959 (An elevation of privilege vulnerability exists when the Windows
Common ...)
+ TODO: check
CVE-2019-0958 (An elevation of privilege vulnerability exists when Microsoft
SharePoi ...)
NOT-FOR-US: Microsoft
CVE-2019-0957 (An elevation of privilege vulnerability exists when Microsoft
SharePoi ...)
@@ -31955,8 +31949,8 @@ CVE-2019-0950 (A spoofing vulnerability exists when
Microsoft SharePoint Server
NOT-FOR-US: Microsoft
CVE-2019-0949 (A spoofing vulnerability exists when Microsoft SharePoint
Server does ...)
NOT-FOR-US: Microsoft
-CVE-2019-0948
- RESERVED
+CVE-2019-0948 (An information disclosure vulnerability exists in the Windows
Event Vi ...)
+ TODO: check
CVE-2019-0947 (A remote code execution vulnerability exists when the Microsoft
Office ...)
NOT-FOR-US: Microsoft
CVE-2019-0946 (A remote code execution vulnerability exists when the Microsoft
Office ...)
@@ -31965,12 +31959,12 @@ CVE-2019-0945 (A remote code execution vulnerability
exists when the Microsoft O
NOT-FOR-US: Microsoft
CVE-2019-0944
RESERVED
-CVE-2019-0943
- RESERVED
+CVE-2019-0943 (An elevation of privilege vulnerability exists when Windows
improperly ...)
+ TODO: check
CVE-2019-0942 (An elevation of privilege vulnerability exists in the Unified
Write Fi ...)
NOT-FOR-US: Microsoft
-CVE-2019-0941
- RESERVED
+CVE-2019-0941 (A denial of service exists in Microsoft IIS Server when the
optional r ...)
+ TODO: check
CVE-2019-0940 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2019-0939
@@ -32011,8 +32005,8 @@ CVE-2019-0922 (A remote code execution vulnerability
exists in the way that the
NOT-FOR-US: Microsoft
CVE-2019-0921 (An spoofing vulnerability exists when Internet Explorer
improperly han ...)
NOT-FOR-US: Microsoft
-CVE-2019-0920
- RESERVED
+CVE-2019-0920 (A remote code execution vulnerability exists in the way the
scripting ...)
+ TODO: check
CVE-2019-0919
RESERVED
CVE-2019-0918 (A remote code execution vulnerability exists in the way the
scripting ...)
@@ -32033,18 +32027,18 @@ CVE-2019-0911 (A remote code execution vulnerability
exists in the way the scrip
NOT-FOR-US: Microsoft
CVE-2019-0910
RESERVED
-CVE-2019-0909
- RESERVED
-CVE-2019-0908
- RESERVED
-CVE-2019-0907
- RESERVED
-CVE-2019-0906
- RESERVED
-CVE-2019-0905
- RESERVED
-CVE-2019-0904
- RESERVED
+CVE-2019-0909 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
+ TODO: check
+CVE-2019-0908 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
+ TODO: check
+CVE-2019-0907 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
+ TODO: check
+CVE-2019-0906 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
+ TODO: check
+CVE-2019-0905 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
+ TODO: check
+CVE-2019-0904 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
+ TODO: check
CVE-2019-0903 (A remote code execution vulnerability exists in the way that
the Windo ...)
NOT-FOR-US: Microsoft
CVE-2019-0902 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
@@ -32075,8 +32069,8 @@ CVE-2019-0890 (A remote code execution vulnerability
exists when the Windows Jet
NOT-FOR-US: Microsoft
CVE-2019-0889 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
-CVE-2019-0888
- RESERVED
+CVE-2019-0888 (A remote code execution vulnerability exists in the way that
ActiveX D ...)
+ TODO: check
CVE-2019-0887
RESERVED
CVE-2019-0886 (An information disclosure vulnerability exists when Windows
Hyper-V on ...)
@@ -32416,8 +32410,8 @@ CVE-2019-0724 (An elevation of privilege vulnerability
exists in Microsoft Excha
NOT-FOR-US: Microsoft
CVE-2019-0723
RESERVED
-CVE-2019-0722
- RESERVED
+CVE-2019-0722 (A remote code execution vulnerability exists when Windows
Hyper-V on a ...)
+ TODO: check
CVE-2019-0721
RESERVED
CVE-2019-0720
@@ -32434,16 +32428,16 @@ CVE-2019-0715
RESERVED
CVE-2019-0714
RESERVED
-CVE-2019-0713
- RESERVED
+CVE-2019-0713 (A denial of service vulnerability exists when Microsoft Hyper-V
on a h ...)
+ TODO: check
CVE-2019-0712
RESERVED
-CVE-2019-0711
- RESERVED
-CVE-2019-0710
- RESERVED
-CVE-2019-0709
- RESERVED
+CVE-2019-0711 (A denial of service vulnerability exists when Microsoft Hyper-V
on a h ...)
+ TODO: check
+CVE-2019-0710 (A denial of service vulnerability exists when Microsoft Hyper-V
on a h ...)
+ TODO: check
+CVE-2019-0709 (A remote code execution vulnerability exists when Windows
Hyper-V on a ...)
+ TODO: check
CVE-2019-0708 (A remote code execution vulnerability exists in Remote Desktop
Service ...)
NOT-FOR-US: Microsoft
CVE-2019-0707 (An elevation of privilege vulnerability exists in the Network
Driver I ...)
@@ -32620,8 +32614,8 @@ CVE-2019-0622 (An elevation of privilege vulnerability
exists when Skype for And
NOT-FOR-US: Skype for Android
CVE-2019-0621 (An information disclosure vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
-CVE-2019-0620
- RESERVED
+CVE-2019-0620 (A remote code execution vulnerability exists when Windows
Hyper-V on a ...)
+ TODO: check
CVE-2019-0619 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0618 (A remote code execution vulnerability exists in the way that
the Windo ...)
@@ -33368,30 +33362,30 @@ CVE-2019-0317
RESERVED
CVE-2019-0316
RESERVED
-CVE-2019-0315
- RESERVED
-CVE-2019-0314
- RESERVED
+CVE-2019-0315 (Under certain conditions the PI Integration Builder Web UI of
SAP NetW ...)
+ TODO: check
+CVE-2019-0314 (SAP Work Manager, versions: 6.3, 6.4, 6.5 and SAP Inventory
Manager, v ...)
+ TODO: check
CVE-2019-0313
RESERVED
-CVE-2019-0312
- RESERVED
-CVE-2019-0311
- RESERVED
+CVE-2019-0312 (Several web pages provided SAP NetWeaver Process Integration
(versions ...)
+ TODO: check
+CVE-2019-0311 (Automotive Dealer Portal in SAP R/3 Enterprise Application
(versions: ...)
+ TODO: check
CVE-2019-0310
RESERVED
CVE-2019-0309
RESERVED
-CVE-2019-0308
- RESERVED
-CVE-2019-0307
- RESERVED
-CVE-2019-0306
- RESERVED
-CVE-2019-0305
- RESERVED
-CVE-2019-0304
- RESERVED
+CVE-2019-0308 (An authenticated attacker in SAP E-Commerce
(Business-to-Consumer appl ...)
+ TODO: check
+CVE-2019-0307 (Diagnostics Agent in Solution Manager, version 7.2, stores
several cre ...)
+ TODO: check
+CVE-2019-0306 (SAP HANA Extended Application Services (advanced model),
version 1, al ...)
+ TODO: check
+CVE-2019-0305 (Java Server Pages (JSPs) provided by the SAP NetWeaver Process
Integra ...)
+ TODO: check
+CVE-2019-0304 (FTP Function of SAP NetWeaver AS ABAP Platform, versions-
KRNL32NUC 7. ...)
+ TODO: check
CVE-2019-0303
RESERVED
CVE-2019-0302
@@ -68483,7 +68477,7 @@ CVE-2018-6676
RESERVED
CVE-2018-6675
RESERVED
-CVE-2018-6674 (Privilege Escalation vulnerability in Microsoft Windows client
in McAf ...)
+CVE-2018-6674 (Privilege Escalation vulnerability in Microsoft Windows client
(McTray ...)
NOT-FOR-US: McAfee
CVE-2018-6673
RESERVED
@@ -94481,8 +94475,7 @@ CVE-2017-15124 (VNC server implementation in Quick
Emulator (QEMU) 2.11.0 and ol
- qemu-kvm <removed>
[wheezy] - qemu-kvm <postponed> (Can be fixed along in later update)
NOTE: http://www.openwall.com/lists/oss-security/2017/12/19/4
-CVE-2017-15123
- RESERVED
+CVE-2017-15123 (A flaw was found in the CloudForms web interface, versions 5.8
- 5.10, ...)
NOT-FOR-US: CloudForms
CVE-2017-15122
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d6bff9f2138287fe32363464043236723b96208
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d6bff9f2138287fe32363464043236723b96208
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
