[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Tue, 16 Jul 2019 01:11:06 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
716a4bc2 by security tracker role at 2019-07-16T08:10:12Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2019-13611 (An issue was discovered in python-engineio through 3.8.2. 
There is a C ...)
+       TODO: check
+CVE-2019-13610
+       RESERVED
+CVE-2019-13609
+       RESERVED
+CVE-2019-13608
+       RESERVED
 CVE-2014-1200
        RESERVED
 CVE-2014-1199
@@ -19100,18 +19108,18 @@ CVE-2019-6829
        RESERVED
 CVE-2019-6828
        RESERVED
-CVE-2019-6827
-       RESERVED
+CVE-2019-6827 (A CWE-787: Out-of-bounds Write vulnerability exists in 
Interactive Gra ...)
+       TODO: check
 CVE-2019-6826
        RESERVED
-CVE-2019-6825
-       RESERVED
-CVE-2019-6824
-       RESERVED
-CVE-2019-6823
-       RESERVED
-CVE-2019-6822
-       RESERVED
+CVE-2019-6825 (A CWE-427: Uncontrolled Search Path Element vulnerability 
exists in Pr ...)
+       TODO: check
+CVE-2019-6824 (A CWE-119: Buffer Errors vulnerability exists in ProClima (all 
version ...)
+       TODO: check
+CVE-2019-6823 (A CWE-94: Code Injection vulnerability exists in ProClima (all 
version ...)
+       TODO: check
+CVE-2019-6822 (A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, 
V5.2 a ...)
+       TODO: check
 CVE-2019-6821 (CWE-330: Use of Insufficiently Random Values vulnerability, 
which coul ...)
        NOT-FOR-US: Schneider Electric
 CVE-2019-6820 (A CWE-306: Missing Authentication for Critical Function 
vulnerability  ...)
@@ -37703,8 +37711,8 @@ CVE-2015-9274 (HarfBuzz before 1.0.4 allows remote 
attackers to cause a denial o
        NOTE: 
https://github.com/harfbuzz/harfbuzz/commit/c917965b9e6fe2b21ed6c51559673288fa3af4b7
 CVE-2019-0235
        RESERVED
-CVE-2019-0234
-       RESERVED
+CVE-2019-0234 (A Reflected Cross-site Scripting (XSS) vulnerability exists in 
Apache  ...)
+       TODO: check
 CVE-2019-0233
        RESERVED
 CVE-2019-0232 (When running on Windows with enableCmdLineArguments enabled, 
the CGI S ...)
@@ -68278,8 +68286,8 @@ CVE-2018-7840 (A Uncontrolled Search Path Element 
(CWE-427) vulnerability exists
        NOT-FOR-US: Schneider Electric
 CVE-2018-7839 (A Cryptographic Issue (CWE-310) vulnerability exists in IIoT 
Monitor 3 ...)
        NOT-FOR-US: Schneider
-CVE-2018-7838
-       RESERVED
+CVE-2018-7838 (A CWE-119 Buffer Errors vulnerability exists in Modicon M580 
CPU - BME ...)
+       TODO: check
 CVE-2018-7837 (An Improper Restriction of XML External Entity Reference 
('XXE') vulne ...)
        NOT-FOR-US: IIoT Monitor (Schneider Electric)
 CVE-2018-7836 (An unrestricted Upload of File with Dangerous Type 
vulnerability exist ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/716a4bc247cb1d28a51672ea562d1730ed39c5c7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/716a4bc247cb1d28a51672ea562d1730ed39c5c7
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to