[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sat, 06 Jul 2019 01:11:30 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3efc21db by security tracker role at 2019-07-06T08:10:21Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2019-13360
+       RESERVED
+CVE-2019-13359
+       RESERVED
+CVE-2019-13358 (lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that 
allows  ...)
+       TODO: check
+CVE-2019-13357
+       RESERVED
+CVE-2019-13356
+       RESERVED
+CVE-2019-13355
+       RESERVED
+CVE-2019-13354
+       RESERVED
+CVE-2019-13353
+       RESERVED
+CVE-2019-13352 (WolfVision Cynap before 1.30j uses a static, hard-coded 
cryptographic  ...)
+       TODO: check
+CVE-2019-13351 (posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 
(as dist ...)
+       TODO: check
 CVE-2019-13350
        RESERVED
 CVE-2019-13349
@@ -955,8 +975,8 @@ CVE-2019-12972 (An issue was discovered in the Binary File 
Descriptor (BFD) libr
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24689
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031
        NOTE: binutils not covered by security support
-CVE-2019-12971
-       RESERVED
+CVE-2019-12971 (BKS EBK Ethernet-Buskoppler Pro before 3.01 allows 
Unrestricted Upload ...)
+       TODO: check
 CVE-2019-12970 (XSS was discovered in SquirrelMail through 1.4.22 and 1.5.x 
through 1. ...)
        - squirrelmail <removed>
        NOTE: 
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-016.txt
@@ -6969,12 +6989,10 @@ CVE-2019-10641 (Contao before 3.5.39 and 4.x before 
4.7.3 has a Weak Password Re
 CVE-2019-10640 (An issue was discovered in GitLab Community and Enterprise 
Edition bef ...)
        - gitlab 11.8.6+dfsg-1 (bug #926482)
        NOTE: 
https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
-CVE-2019-10639
-       RESERVED
+CVE-2019-10639 (The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 
allows I ...)
        - linux 4.19.37-1
        NOTE: https://arxiv.org/pdf/1906.10478.pdf
-CVE-2019-10638
-       RESERVED
+CVE-2019-10638 (In the Linux kernel before 5.1.7, a device can be tracked by 
an attack ...)
        - linux <unfixed>
        NOTE: https://arxiv.org/pdf/1906.10478.pdf
 CVE-2019-10637 (Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 
88SS1093, 88SS10 ...)
@@ -30642,14 +30660,14 @@ CVE-2019-1935
        RESERVED
 CVE-2019-1934
        RESERVED
-CVE-2019-1933
-       RESERVED
-CVE-2019-1932
-       RESERVED
-CVE-2019-1931
-       RESERVED
-CVE-2019-1930
-       RESERVED
+CVE-2019-1933 (A vulnerability in the email message scanning of Cisco AsyncOS 
Softwar ...)
+       TODO: check
+CVE-2019-1932 (A vulnerability in Cisco Advanced Malware Protection (AMP) for 
Endpoin ...)
+       TODO: check
+CVE-2019-1931 (Multiple vulnerabilities in the RSS dashboard in the web-based 
managem ...)
+       TODO: check
+CVE-2019-1930 (Multiple vulnerabilities in the RSS dashboard in the web-based 
managem ...)
+       TODO: check
 CVE-2019-1929
        RESERVED
 CVE-2019-1928
@@ -30664,10 +30682,10 @@ CVE-2019-1924
        RESERVED
 CVE-2019-1923
        RESERVED
-CVE-2019-1922
-       RESERVED
-CVE-2019-1921
-       RESERVED
+CVE-2019-1922 (A vulnerability in Cisco SIP IP Phone Software for Cisco IP 
Phone 7800 ...)
+       TODO: check
+CVE-2019-1921 (A vulnerability in the attachment scanning of Cisco AsyncOS 
Software f ...)
+       TODO: check
 CVE-2019-1920
        RESERVED
 CVE-2019-1919
@@ -30686,12 +30704,12 @@ CVE-2019-1913
        RESERVED
 CVE-2019-1912
        RESERVED
-CVE-2019-1911
-       RESERVED
+CVE-2019-1911 (A vulnerability in the CLI of Cisco Unified Communications 
Domain Mana ...)
+       TODO: check
 CVE-2019-1910
        RESERVED
-CVE-2019-1909
-       RESERVED
+CVE-2019-1909 (A vulnerability in the implementation of Border Gateway 
Protocol (BGP) ...)
+       TODO: check
 CVE-2019-1908
        RESERVED
 CVE-2019-1907
@@ -30720,22 +30738,22 @@ CVE-2019-1896
        RESERVED
 CVE-2019-1895
        RESERVED
-CVE-2019-1894
-       RESERVED
-CVE-2019-1893
-       RESERVED
-CVE-2019-1892
-       RESERVED
-CVE-2019-1891
-       RESERVED
+CVE-2019-1894 (A vulnerability in Cisco Enterprise NFV Infrastructure Software 
(NFVIS ...)
+       TODO: check
+CVE-2019-1893 (A vulnerability in Cisco Enterprise NFV Infrastructure Software 
(NFVIS ...)
+       TODO: check
+CVE-2019-1892 (A vulnerability in the Secure Sockets Layer (SSL) input packet 
process ...)
+       TODO: check
+CVE-2019-1891 (A vulnerability in the web interface of Cisco Small Business 
200, 300, ...)
+       TODO: check
 CVE-2019-1890 (A vulnerability in the fabric infrastructure VLAN connection 
establish ...)
        NOT-FOR-US: Cisco
 CVE-2019-1889 (A vulnerability in the REST API for software device management 
in Cisc ...)
        NOT-FOR-US: Cisco
 CVE-2019-1888
        RESERVED
-CVE-2019-1887
-       RESERVED
+CVE-2019-1887 (A vulnerability in the Session Initiation Protocol (SIP) 
protocol impl ...)
+       TODO: check
 CVE-2019-1886 (A vulnerability in the HTTPS decryption feature of Cisco Web 
Security  ...)
        NOT-FOR-US: Cisco
 CVE-2019-1885
@@ -44024,8 +44042,8 @@ CVE-2018-16388 (e107_web/js/plupload/upload.php in e107 
2.1.8 allows remote atta
        NOT-FOR-US: e107
 CVE-2018-16387 (An issue was discovered in Elefant CMS before 2.0.5. There is 
a CSRF v ...)
        NOT-FOR-US: Elefant CMS
-CVE-2018-16386
-       RESERVED
+CVE-2018-16386 (An issue was discovered in SWIFT Alliance Web Platform 7.1.23. 
A log i ...)
+       TODO: check
 CVE-2018-16385 (ThinkPHP before 5.1.23 allows SQL Injection via the 
public/index/index ...)
        NOT-FOR-US: ThinkPHP
 CVE-2018-16384 (A SQL injection bypass (aka PL1 bypass) exists in OWASP 
ModSecurity Co ...)
@@ -48051,8 +48069,8 @@ CVE-2018-14736 (An issue was discovered in libpbc.a in 
cloudwu PBC through 2017-
        NOT-FOR-US: cloudwu PBC
 CVE-2018-14735 (An Information Exposure issue was discovered in Hitachi 
Command Suite  ...)
        NOT-FOR-US: Hitachi
-CVE-2018-14733
-       RESERVED
+CVE-2018-14733 (The Odoo Community Association (OCA) dbfilter_from_header 
module makes ...)
+       TODO: check
 CVE-2018-14734 (drivers/infiniband/core/ucma.c in the Linux kernel through 
4.17.11 all ...)
        {DSA-4308-1 DLA-1531-1 DLA-1529-1}
        - linux 4.17.14-1
@@ -48798,10 +48816,10 @@ CVE-2018-14531 (An issue was discovered in Bento4 
1.5.1-624. There is an unspeci
        NOT-FOR-US: Bento4
 CVE-2018-14530
        RESERVED
-CVE-2018-14529
-       RESERVED
-CVE-2018-14528
-       RESERVED
+CVE-2018-14529 (Invoxia NVX220 devices allow access to /bin/sh via escape from 
a restr ...)
+       TODO: check
+CVE-2018-14528 (Invoxia NVX220 devices allow TELNET access as admin with a 
default pas ...)
+       TODO: check
 CVE-2018-14527 (Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS 
protection m ...)
        NOT-FOR-US: Xiao5uCompany
 CVE-2018-14526 (An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 
2.0 throug ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3efc21db029b1a199be0aa66b7883d10a9133b79

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3efc21db029b1a199be0aa66b7883d10a9133b79
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to