Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
998a8d10 by security tracker role at 2019-07-19T08:10:16Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2019-13978 (Ovidentia 8.4.3 has SQL Injection via the id parameter in an
index.php ...)
+ TODO: check
+CVE-2019-13977 (index.php in Ovidentia 8.4.3 has XSS via tg=groups,
tg=maildoms&id ...)
+ TODO: check
+CVE-2019-13976
+ RESERVED
+CVE-2019-13975
+ RESERVED
+CVE-2019-13974 (LayerBB 1.1.3 allows conversations.php/cmd/new CSRF. ...)
+ TODO: check
+CVE-2019-13973 (LayerBB 1.1.3 allows admin/general.php arbitrary file upload
because t ...)
+ TODO: check
+CVE-2019-13972 (LayerBB 1.1.3 allows XSS via the application/commands/new.php
pm_title ...)
+ TODO: check
+CVE-2019-13971 (OTCMS 3.81 allows XSS via the mode parameter in an
apiRun.php?mudi=aut ...)
+ TODO: check
+CVE-2019-13970 (In antSword before 2.1.0, self-XSS in the database
configuration leads ...)
+ TODO: check
+CVE-2019-13969 (Metinfo 6.x allows SQL Injection via the id parameter in an
admin/inde ...)
+ TODO: check
+CVE-2019-13968
+ RESERVED
+CVE-2019-13967
+ RESERVED
+CVE-2019-13966
+ RESERVED
+CVE-2019-13965
+ RESERVED
+CVE-2019-13964
+ RESERVED
+CVE-2019-13963
+ RESERVED
+CVE-2019-13962 (lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN
VLC medi ...)
+ TODO: check
+CVE-2019-13961 (A CSRF vulnerability was found in flatCore before 1.5, leading
to the ...)
+ TODO: check
CVE-2019-13960 (** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of
memory can be ...)
TODO: check
CVE-2019-13959 (In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not
handle reall ...)
@@ -11447,7 +11483,7 @@ CVE-2019-1010268 (Ladon since 0.6.1 (since
ebef0aae48af78c159b6fce81bc6f5e7e0ddb
TODO: check
CVE-2019-1010267
RESERVED
-CVE-2019-1010266 (lodash prior to 4.7.11 is affected by: CWE-400: Uncontrolled
Resource ...)
+CVE-2019-1010266 (lodash prior to 4.17.11 is affected by: CWE-400:
Uncontrolled Resource ...)
- node-lodash 4.17.11+dfsg-1 (unimportant)
NOTE: https://github.com/lodash/lodash/issues/3359
NOTE: https://snyk.io/vuln/SNYK-JS-LODASH-73639
@@ -16988,8 +17024,8 @@ CVE-2019-7965
RESERVED
CVE-2019-7964
RESERVED
-CVE-2019-7963
- RESERVED
+CVE-2019-7963 (Adobe Bridge CC version 9.0.2 and earlier versions have an out
of boun ...)
+ TODO: check
CVE-2019-7962
RESERVED
CVE-2019-7961
@@ -17002,14 +17038,14 @@ CVE-2019-7958
RESERVED
CVE-2019-7957
RESERVED
-CVE-2019-7956
- RESERVED
-CVE-2019-7955
- RESERVED
-CVE-2019-7954
- RESERVED
-CVE-2019-7953
- RESERVED
+CVE-2019-7956 (Adobe Dreamweaver direct download installer versions 19.0 and
below, 1 ...)
+ TODO: check
+CVE-2019-7955 (Adobe Experience Manager version 6.4 and ealier have a
Reflected Cross ...)
+ TODO: check
+CVE-2019-7954 (Adobe Experience Manager version 6.4 and ealier have a Stored
Cross-si ...)
+ TODO: check
+CVE-2019-7953 (Adobe Experience Manager version 6.4 and ealier have a
Cross-Site Requ ...)
+ TODO: check
CVE-2019-7952
RESERVED
CVE-2019-7951
@@ -17032,8 +17068,8 @@ CVE-2019-7943
RESERVED
CVE-2019-7942
RESERVED
-CVE-2019-7941
- RESERVED
+CVE-2019-7941 (Adobe Campaign Classic version 18.10.5-8984 and earlier
versions have ...)
+ TODO: check
CVE-2019-7940
RESERVED
CVE-2019-7939
@@ -17214,22 +17250,22 @@ CVE-2019-7852
RESERVED
CVE-2019-7851
RESERVED
-CVE-2019-7850
- RESERVED
+CVE-2019-7850 (Adobe Campaign Classic version 18.10.5-8984 and earlier
versions have ...)
+ TODO: check
CVE-2019-7849
RESERVED
-CVE-2019-7848
- RESERVED
-CVE-2019-7847
- RESERVED
-CVE-2019-7846
- RESERVED
+CVE-2019-7848 (Adobe Campaign Classic version 18.10.5-8984 and earlier
versions have ...)
+ TODO: check
+CVE-2019-7847 (Adobe Campaign Classic version 18.10.5-8984 and earlier
versions have ...)
+ TODO: check
+CVE-2019-7846 (Adobe Campaign Classic version 18.10.5-8984 and earlier
versions have ...)
+ TODO: check
CVE-2019-7845 (Adobe Flash Player versions 32.0.0.192 and earlier, 32.0.0.192
and ear ...)
NOT-FOR-US: Adobe
CVE-2019-7844 (Adobe Media Encoder version 13.0.2 has an out-of-bounds read
vulnerabi ...)
NOT-FOR-US: Adobe
-CVE-2019-7843
- RESERVED
+CVE-2019-7843 (Adobe Campaign Classic version 18.10.5-8984 and earlier
versions have ...)
+ TODO: check
CVE-2019-7842 (Adobe Media Encoder version 13.0.2 has a use-after-free
vulnerability. ...)
NOT-FOR-US: Adobe
CVE-2019-7841 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier,
2019.010 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/998a8d10a0093cc86d65a4c20170e5f8e2bb98ea
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/998a8d10a0093cc86d65a4c20170e5f8e2bb98ea
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
