Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d7cbf95d by security tracker role at 2019-07-26T20:10:16Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,47 @@
+CVE-2019-14284 (In the Linux kernel before 5.2.3, drivers/block/floppy.c
allows a deni ...)
+ TODO: check
+CVE-2019-14283 (In the Linux kernel before 5.2.3, set_geometry in
drivers/block/floppy ...)
+ TODO: check
+CVE-2019-1020019
+ RESERVED
+CVE-2019-1020018
+ RESERVED
+CVE-2019-1020017
+ RESERVED
+CVE-2019-1020016
+ RESERVED
+CVE-2019-1020015
+ RESERVED
+CVE-2019-1020014
+ RESERVED
+CVE-2019-1020013
+ RESERVED
+CVE-2019-1020012
+ RESERVED
+CVE-2019-1020011
+ RESERVED
+CVE-2019-1020010
+ RESERVED
+CVE-2019-1020009
+ RESERVED
+CVE-2019-1020008
+ RESERVED
+CVE-2019-1020007
+ RESERVED
+CVE-2019-1020006
+ RESERVED
+CVE-2019-1020005
+ RESERVED
+CVE-2019-1020004
+ RESERVED
+CVE-2019-1020003
+ RESERVED
+CVE-2019-1020002
+ RESERVED
+CVE-2019-1020001
+ RESERVED
+CVE-2018-20857 (Zendesk Samlr before 2.6.2 allows an XML nodes comment attack
such as ...)
+ TODO: check
CVE-2019-14282 (The simple_captcha2 gem 0.2.3 for Ruby, as distributed on
RubyGems.org ...)
TODO: check
CVE-2019-14281 (The datagrid gem 1.0.6 for Ruby, as distributed on
RubyGems.org, inclu ...)
@@ -121,8 +165,8 @@ CVE-2019-14230 (An issue was discovered in the Viral Quiz
Maker - OnionBuzz plug
NOT-FOR-US: Viral Quiz Maker
CVE-2019-14229
RESERVED
-CVE-2019-14228
- RESERVED
+CVE-2019-14228 (Xavier PHP Management Panel 3.0 is vulnerable to Reflected
POST-based ...)
+ TODO: check
CVE-2019-14227
RESERVED
CVE-2019-14226
@@ -597,8 +641,8 @@ CVE-2019-13992
RESERVED
CVE-2019-13991 (Embedded systems based on Arduino before Rev3 allow remote
attackers t ...)
NOT-FOR-US: Issue on embedded systems based on Arduino before Rev3
-CVE-2019-13990
- RESERVED
+CVE-2019-13990 (initDocumentParser in xml/XMLSchedulingDataProcessor.java in
Terracott ...)
+ TODO: check
CVE-2019-13989 (dpic 2019.06.20 has a Stack-based Buffer Overflow in the
wfloat() func ...)
- dpic <itp> (bug #597334)
CVE-2019-13988
@@ -672,10 +716,10 @@ CVE-2019-13957
RESERVED
CVE-2019-13956 (Discuz!ML 3.2 through 3.4 allows remote attackers to execute
arbitrary ...)
NOT-FOR-US: Discuz!ML
-CVE-2019-13955
- RESERVED
-CVE-2019-13954
- RESERVED
+CVE-2019-13955 (Mikrotik RouterOS before 6.44.5 (long-term release tree) is
vulnerable ...)
+ TODO: check
+CVE-2019-13954 (Mikrotik RouterOS before 6.44.5 (long-term release tree) is
vulnerable ...)
+ TODO: check
CVE-2019-13953
RESERVED
CVE-2019-13952 (The set_ipv6() function in zscan_rfc1035.rl in gdnsd before
2.4.3 and ...)
@@ -1335,8 +1379,7 @@ CVE-2019-13640 (In qBittorrent before 4.1.7, the function
Application::runExtern
NOTE: https://github.com/qbittorrent/qBittorrent/issues/10925
CVE-2019-13639
RESERVED
-CVE-2019-13638 [shell command injection]
- RESERVED
+CVE-2019-13638 (GNU patch through 2.7.6 is vulnerable to OS shell command
injection th ...)
{DLA-1864-1}
- patch 2.7.6-5
NOTE:
https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0
@@ -2518,8 +2561,7 @@ CVE-2019-13567 (The Zoom Client before 4.4.53932.0709 on
macOS allows remote cod
NOT-FOR-US: Zoom
CVE-2019-13566
RESERVED
-CVE-2019-13565 [openldap: ACL protections get lost if same identity uses
different SSF levels]
- RESERVED
+CVE-2019-13565 (An issue was discovered in OpenLDAP 2.x before 2.4.48. When
using SASL ...)
- openldap 2.4.48+dfsg-1 (low; bug #932998)
[buster] - openldap <no-dsa> (Minor issue)
[stretch] - openldap <no-dsa> (Minor issue)
@@ -2923,18 +2965,18 @@ CVE-2019-13389
RESERVED
CVE-2019-13388
RESERVED
-CVE-2019-13387
- RESERVED
-CVE-2019-13386
- RESERVED
-CVE-2019-13385
- RESERVED
+CVE-2019-13387 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846,
Reflected ...)
+ TODO: check
+CVE-2019-13386 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a
hidden ...)
+ TODO: check
+CVE-2019-13385 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.840,
File and ...)
+ TODO: check
CVE-2019-13384
RESERVED
CVE-2019-13383 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846,
the Login ...)
NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
-CVE-2019-13382
- RESERVED
+CVE-2019-13382 (UploaderService in SnagIT 2019.1.2 allows elevation of
privilege by pl ...)
+ TODO: check
CVE-2019-13381
REJECTED
CVE-2019-13380 (KEYNTO Team Password Manager 1.5.0 allows XSS because data
saved from ...)
@@ -3795,8 +3837,7 @@ CVE-2019-13059
RESERVED
CVE-2019-13058
RESERVED
-CVE-2019-13057 [openldap: rootdn of any db can assert any identity]
- RESERVED
+CVE-2019-13057 (An issue was discovered in the server in OpenLDAP before
2.4.48. When ...)
- openldap 2.4.48+dfsg-1 (low; bug #932997)
[buster] - openldap <no-dsa> (Minor issue)
[stretch] - openldap <no-dsa> (Minor issue)
@@ -3879,7 +3920,7 @@ CVE-2019-13026
RESERVED
CVE-2019-13025
RESERVED
-CVE-2019-13024 (Centreon V19.04 allows the attacker to execute arbitrary
system comman ...)
+CVE-2019-13024 (Centreon 18.x before 18.10.6, 19.x before 19.04.3, and
Centreon web be ...)
NOT-FOR-US: Centreon
CVE-2019-13023
RESERVED
@@ -14069,8 +14110,8 @@ CVE-2019-9494 (The implementations of SAE in hostapd
and wpa_supplicant are vuln
NOTE: CONFIG_SAE=y enabled since 2:2.7~git20180706+420b5dd-1
CVE-2019-9493
RESERVED
-CVE-2019-9492
- RESERVED
+CVE-2019-9492 (A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0
SP1 an ...)
+ TODO: check
CVE-2019-9491
RESERVED
CVE-2019-9490 (A vulnerability in Trend Micro InterScan Web Security Virtual
Applianc ...)
@@ -22789,8 +22830,8 @@ CVE-2019-6004
RESERVED
CVE-2019-6003
RESERVED
-CVE-2019-6002
- RESERVED
+CVE-2019-6002 (Cross-site scripting vulnerability in Central Dogma 0.17.0 to
0.40.1 a ...)
+ TODO: check
CVE-2019-6001
RESERVED
CVE-2019-6000
@@ -35221,17 +35262,17 @@ CVE-2018-19804
RESERVED
CVE-2018-19803
RESERVED
-CVE-2018-19802 (aubio v0.4.0 to v0.4.8 has a Buffer Overflow (issue 2 of 3).
...)
+CVE-2018-19802 (aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer
dereference. ...)
- aubio 0.4.9-1 (bug #930186)
[buster] - aubio <no-dsa> (Minor issue)
[stretch] - aubio <no-dsa> (Minor issue)
[jessie] - aubio <no-dsa> (Minor issue)
-CVE-2018-19801 (aubio v0.4.0 to v0.4.8 has a NULL pointer dereference (issue 1
of 6). ...)
+CVE-2018-19801 (aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in
new_aubio_fil ...)
- aubio 0.4.9-1 (bug #930186)
[buster] - aubio <no-dsa> (Minor issue)
[stretch] - aubio <no-dsa> (Minor issue)
[jessie] - aubio <no-dsa> (Minor issue)
-CVE-2018-19800 (aubio v0.4.0 to v0.4.8 has a Buffer Overflow (issue 1 of 3).
...)
+CVE-2018-19800 (aubio v0.4.0 to v0.4.8 has a Buffer Overflow in
new_aubio_tempo. ...)
- aubio 0.4.9-1 (bug #930186)
[buster] - aubio <no-dsa> (Minor issue)
[stretch] - aubio <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d7cbf95d4f40e818611c1301b2bc7c342ff64709
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d7cbf95d4f40e818611c1301b2bc7c342ff64709
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
