Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b95a0f9f by security tracker role at 2019-08-15T20:10:26Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,75 @@
+CVE-2019-15082
+ RESERVED
+CVE-2019-15081 (OpenCart 3.x, when the attacker has login access to the admin
panel, a ...)
+ TODO: check
+CVE-2019-15080
+ RESERVED
+CVE-2019-15079
+ RESERVED
+CVE-2019-15078
+ RESERVED
+CVE-2019-15077
+ RESERVED
+CVE-2019-15076
+ RESERVED
+CVE-2019-15075
+ RESERVED
+CVE-2019-15074
+ RESERVED
+CVE-2019-15073
+ RESERVED
+CVE-2019-15072
+ RESERVED
+CVE-2019-15071
+ RESERVED
+CVE-2019-15070
+ RESERVED
+CVE-2019-15069
+ RESERVED
+CVE-2019-15068
+ RESERVED
+CVE-2019-15067
+ RESERVED
+CVE-2019-15066
+ RESERVED
+CVE-2019-15065
+ RESERVED
+CVE-2019-15064
+ RESERVED
+CVE-2017-18525
+ RESERVED
+CVE-2017-18524
+ RESERVED
+CVE-2017-18523
+ RESERVED
+CVE-2017-18522
+ RESERVED
+CVE-2017-18521
+ RESERVED
+CVE-2017-18520
+ RESERVED
+CVE-2017-18519
+ RESERVED
+CVE-2017-18518
+ RESERVED
+CVE-2017-18517
+ RESERVED
+CVE-2017-18516
+ RESERVED
+CVE-2016-10893
+ RESERVED
+CVE-2016-10892
+ RESERVED
+CVE-2016-10891
+ RESERVED
+CVE-2016-10890
+ RESERVED
+CVE-2015-9319
+ RESERVED
+CVE-2015-9318
+ RESERVED
+CVE-2015-9317
+ RESERVED
CVE-2019-XXXX [division by zero in the query planner]
- sqlite3 3.29.0-2
NOTE: Fixed by: https://www.sqlite.org/src/info/d93508fc9913cfe6
@@ -739,8 +811,8 @@ CVE-2017-18486 (Jitbit Helpdesk before 9.0.3 allows remote
attackers to escalate
NOT-FOR-US: Jitbit Helpdesk
CVE-2019-14801 (The FV Flowplayer Video Player plugin before 7.3.15.727 for
WordPress ...)
NOT-FOR-US: FV Flowplayer Video Player plugin for WordPress
-CVE-2019-14800
- RESERVED
+CVE-2019-14800 (The FV Flowplayer Video Player plugin before 7.3.15.727 for
WordPress ...)
+ TODO: check
CVE-2019-14799 (The FV Flowplayer Video Player plugin before 7.3.14.727 for
WordPress ...)
NOT-FOR-US: FV Flowplayer Video Player plugin for WordPress
CVE-2019-14798 (The 10Web Photo Gallery plugin before 1.5.25 for WordPress has
Authent ...)
@@ -749,8 +821,8 @@ CVE-2019-14797 (The 10Web Photo Gallery plugin before
1.5.23 for WordPress has a
NOT-FOR-US: 10Web Photo Gallery plugin for WordPress
CVE-2019-14796 (The mq-woocommerce-products-price-bulk-edit (aka Woocommerce
Products ...)
NOT-FOR-US: mq-woocommerce-products-price-bulk-edit (aka Woocommerce
Products Price Bulk Edit) plugin for WordPress
-CVE-2019-14795
- RESERVED
+CVE-2019-14795 (The toggle-the-title (aka Toggle The Title) plugin 1.4 for
WordPress h ...)
+ TODO: check
CVE-2019-14794 (The Meta Box plugin before 4.16.2 for WordPress mishandles the
uploadi ...)
NOT-FOR-US: Meta Box plugin for WordPress
CVE-2019-14793 (The Meta Box plugin before 4.16.3 for WordPress allows file
deletion v ...)
@@ -759,20 +831,20 @@ CVE-2019-14792 (The WP Google Maps plugin before 7.11.35
for WordPress allows XS
NOT-FOR-US: WP Google Maps plugin for WordPress
CVE-2019-14791 (The Appointment Booking Calendar plugin 1.3.18 for WordPress
allows XS ...)
NOT-FOR-US: Appointment Booking Calendar plugin for WordPress
-CVE-2019-14790
- RESERVED
-CVE-2019-14789
- RESERVED
-CVE-2019-14788
- RESERVED
+CVE-2019-14790 (The limb-gallery (aka Limb Gallery) plugin 1.4.0 for WordPress
has XSS ...)
+ TODO: check
+CVE-2019-14789 (The Custom 404 Pro plugin 3.2.8 for WordPress has XSS via the
wp-admin ...)
+ TODO: check
+CVE-2019-14788 (wp-admin/admin-ajax.php?action=newsletters_exportmultiple in
the Tribu ...)
+ TODO: check
CVE-2019-14787 (The Tribulant Newsletters plugin before 4.6.19 for WordPress
allows XS ...)
NOT-FOR-US: Tribulant Newsletters plugin for WordPress
-CVE-2019-14786
- RESERVED
+CVE-2019-14786 (The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin
users t ...)
+ TODO: check
CVE-2019-14785 (The "CP Contact Form with PayPal" plugin before 1.2.99 for
WordPress h ...)
NOT-FOR-US: "CP Contact Form with PayPal" plugin for WordPress
-CVE-2019-14784
- RESERVED
+CVE-2019-14784 (The "CP Contact Form with PayPal" plugin before 1.2.98 for
WordPress h ...)
+ TODO: check
CVE-2019-14783 (On Samsung mobile devices with N(7.x), and O(8.x), P(9.0)
software, Fo ...)
NOT-FOR-US: Samsung
CVE-2019-14782
@@ -840,8 +912,8 @@ CVE-2019-14757
RESERVED
CVE-2019-14756
RESERVED
-CVE-2019-14755
- RESERVED
+CVE-2019-14755 (The profile photo upload feature in Leaf Admin 61.9.0212.10 f
allows U ...)
+ TODO: check
CVE-2019-14754 (Open-School 3.0, and Community Edition 2.3, allows SQL
Injection via t ...)
NOT-FOR-US: Open-School
CVE-2018-20962 (The Backpack\CRUD Backpack component before 3.4.9 for Laravel
allows X ...)
@@ -1409,8 +1481,8 @@ CVE-2019-14520
RESERVED
CVE-2019-14519
RESERVED
-CVE-2019-14518
- RESERVED
+CVE-2019-14518 (** DISPUTED ** Evolution CMS 2.0.x allows XSS via a
description and ne ...)
+ TODO: check
CVE-2019-14517 (pandao Editor.md 1.5.0 allows XSS via the Javascript:
string. ...)
NOT-FOR-US: pandao Editor.md
CVE-2019-14516 (The mAadhaar application 1.2.7 for Android lacks SSL
Certificate Valid ...)
@@ -2221,8 +2293,8 @@ CVE-2019-14424
RESERVED
CVE-2019-14423
RESERVED
-CVE-2019-14422
- RESERVED
+CVE-2019-14422 (An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd:
URI han ...)
+ TODO: check
CVE-2019-14421
RESERVED
CVE-2019-14420
@@ -5238,8 +5310,8 @@ CVE-2019-13580
RESERVED
CVE-2019-13579
RESERVED
-CVE-2019-13578
- RESERVED
+CVE-2019-13578 (A SQL injection vulnerability exists in the Impress GiveWP
Give plugin ...)
+ TODO: check
CVE-2019-13577 (SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an
Unauthe ...)
NOT-FOR-US: SnmpAdm.exe in MAPLE WBT SNMP Administrator
CVE-2018-20852 (http.cookiejar.DefaultPolicy.domain_return_ok in
Lib/http/cookiejar.py ...)
@@ -5380,20 +5452,20 @@ CVE-2019-13518
RESERVED
CVE-2019-13517
RESERVED
-CVE-2019-13516
- RESERVED
-CVE-2019-13515
- RESERVED
-CVE-2019-13514
- RESERVED
-CVE-2019-13513
- RESERVED
-CVE-2019-13512
- RESERVED
-CVE-2019-13511
- RESERVED
-CVE-2019-13510
- RESERVED
+CVE-2019-13516 (In OSIsoft PI Web API and prior, the affected product is
vulnerable to ...)
+ TODO: check
+CVE-2019-13515 (OSIsoft PI Web API 2018 and prior may allow disclosure of
sensitive in ...)
+ TODO: check
+CVE-2019-13514 (In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and
prior, ...)
+ TODO: check
+CVE-2019-13513 (In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and
prior, ...)
+ TODO: check
+CVE-2019-13512 (Fuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to
an out- ...)
+ TODO: check
+CVE-2019-13511 (Rockwell Automation Arena Simulation Software versions
16.00.00 and ea ...)
+ TODO: check
+CVE-2019-13510 (Rockwell Automation Arena Simulation Software versions
16.00.00 and ea ...)
+ TODO: check
CVE-2019-13509 (In Docker CE and EE before 18.09.8 (as well as Docker EE
before 17.06. ...)
- docker.io 18.09.1+dfsg1-8 (bug #932673)
[buster] - docker.io <no-dsa> (Minor issue)
@@ -5713,8 +5785,7 @@ CVE-2019-13379 (On AVTECH Room Alert 3E devices before
2.2.5, an attacker with a
NOT-FOR-US: AVTECH Room Alert
CVE-2019-13378
RESERVED
-CVE-2019-13377 [Timing-based side-channel attack against WPA3's Dragonfly
handshake when using Brainpool curves]
- RESERVED
+CVE-2019-13377 (The implementations of SAE and EAP-pwd in hostapd and
wpa_supplicant 2 ...)
- wpa 2:2.9-1 (bug #934180)
[stretch] - wpa <not-affected> (Introduced in 2.5)
[jessie] - wpa <not-affected> (Introduced in 2.5)
@@ -6132,20 +6203,20 @@ CVE-2019-13224 (A use-after-free in onig_new_deluxe()
in regext.c in Oniguruma 6
[buster] - libonig <no-dsa> (Minor issue)
[stretch] - libonig <no-dsa> (Minor issue)
NOTE:
https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55
-CVE-2019-13223
- RESERVED
-CVE-2019-13222
- RESERVED
-CVE-2019-13221
- RESERVED
-CVE-2019-13220
- RESERVED
-CVE-2019-13219
- RESERVED
-CVE-2019-13218
- RESERVED
-CVE-2019-13217
- RESERVED
+CVE-2019-13223 (A reachable assertion in the lookup1_values function in
stb_vorbis thr ...)
+ TODO: check
+CVE-2019-13222 (An out-of-bounds read of a global buffer in the draw_line
function in ...)
+ TODO: check
+CVE-2019-13221 (A stack buffer overflow in the compute_codewords function in
stb_vorbi ...)
+ TODO: check
+CVE-2019-13220 (Use of uninitialized stack variables in the start_decoder
function in ...)
+ TODO: check
+CVE-2019-13219 (A NULL pointer dereference in the get_window function in
stb_vorbis th ...)
+ TODO: check
+CVE-2019-13218 (Division by zero in the predict_point function in stb_vorbis
through 2 ...)
+ TODO: check
+CVE-2019-13217 (A heap buffer overflow in the start_decoder function in
stb_vorbis thr ...)
+ TODO: check
CVE-2019-13216
RESERVED
CVE-2019-13215
@@ -7155,8 +7226,7 @@ CVE-2019-12855 (In words.protocols.jabber.xmlstream in
Twisted through 19.2.1, X
[jessie] - twisted <no-dsa> (Minor issue)
NOTE: https://github.com/twisted/twisted/pull/1147
NOTE: https://twistedmatrix.com/trac/ticket/9561
-CVE-2019-12854 [denial of service in cachemgr.cgi]
- RESERVED
+CVE-2019-12854 (Due to incorrect string termination, Squid cachemgr.cgi 4.0
through 4. ...)
- squid 4.8-1
- squid3 <not-affected> (Vulnerable code not present; Vulnerable code
only in 4.x series)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_1.txt
@@ -7271,8 +7341,8 @@ CVE-2019-12811
RESERVED
CVE-2019-12810
RESERVED
-CVE-2019-12809
- RESERVED
+CVE-2019-12809 (Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier
versions contai ...)
+ TODO: check
CVE-2019-12808 (ALTOOLS update service 18.1 and earlier versions contains a
local priv ...)
NOT-FOR-US: ALTOOLS update service
CVE-2019-12807 (Alzip 10.83 and earlier version contains a stack-based buffer
overflow ...)
@@ -11527,8 +11597,7 @@ CVE-2019-11190 (The Linux kernel before 4.8 allows
local users to bypass ASLR on
NOTE: https://www.openwall.com/lists/oss-security/2019/04/03/4
CVE-2019-11188
RESERVED
-CVE-2019-11187 [Perform stricter check on LDAP success/failure]
- RESERVED
+CVE-2019-11187 (Incorrect Access Control in the LDAP class of GONICUS GOsa
through 201 ...)
{DLA-1876-1 DLA-1875-1}
- fusiondirectory 1.2.3-5
[buster] - fusiondirectory <no-dsa> (Minor issue)
@@ -11901,7 +11970,7 @@ CVE-2019-11039 (Function iconv_mime_decode_headers() in
PHP versions 7.1.x below
- php5 <removed>
NOTE: Fixed in 7.1.30, 7.2.19, 7.3.6
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78069
-CVE-2019-11038 (When using gdImageCreateFromXbm() function of PHP gd extension
in PHP ...)
+CVE-2019-11038 (When using the gdImageCreateFromXbm() function in the GD
Graphics Libr ...)
{DLA-1817-1}
- libgd2 2.2.5-5.2 (low; bug #929821)
[stretch] - libgd2 <no-dsa> (Minor issue)
@@ -14261,8 +14330,7 @@ CVE-2019-10141 (A vulnerability was found in
openstack-ironic-inspector all vers
[stretch] - ironic-inspector <no-dsa> (Minor issue)
NOTE: https://review.opendev.org/#/c/660234/
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1711722
-CVE-2019-10140
- RESERVED
+CVE-2019-10140 (A vulnerability was found in Linux kernel's, versions up to
3.10, impl ...)
- linux <not-affected> (Vulnerability introduce in Red Hat specific
backport)
CVE-2019-10139 (During HE deployment via cockpit-ovirt, cockpit-ovirt
generates an ans ...)
NOT-FOR-US: cockpit-ovirt
@@ -15819,10 +15887,13 @@ CVE-2019-9853
RESERVED
CVE-2019-9852
RESERVED
+ {DSA-4501-1}
CVE-2019-9851
RESERVED
+ {DSA-4501-1}
CVE-2019-9850
RESERVED
+ {DSA-4501-1}
CVE-2019-9849 (LibreOffice has a 'stealth mode' in which only documents from
location ...)
{DSA-4483-1}
[experimental] - libreoffice 1:6.3.0~beta2-1
@@ -18265,14 +18336,14 @@ CVE-2019-9015 (A Path Traversal vulnerability was
discovered in MOPCMS through 2
NOT-FOR-US: MOPCMS
CVE-2019-9014
RESERVED
-CVE-2019-9013
- RESERVED
-CVE-2019-9012
- RESERVED
+CVE-2019-9013 (An issue was discovered in 3S-Smart CODESYS V3 products. The
applicati ...)
+ TODO: check
+CVE-2019-9012 (An issue was discovered in 3S-Smart CODESYS V3 products. A
crafted com ...)
+ TODO: check
CVE-2019-9011
RESERVED
-CVE-2019-9010
- RESERVED
+CVE-2019-9010 (An issue was discovered in 3S-Smart CODESYS V3 products. The
CODESYS G ...)
+ TODO: check
CVE-2019-9009
RESERVED
CVE-2019-9008
@@ -30290,8 +30361,8 @@ CVE-2019-3976
RESERVED
CVE-2019-3975
RESERVED
-CVE-2019-3974
- RESERVED
+CVE-2019-3974 (Nessus 8.5.2 and earlier on Windows platforms were found to
contain an ...)
+ TODO: check
CVE-2019-3973 (Comodo Antivirus versions 11.0.0.6582 and below are vulnerable
to Deni ...)
NOT-FOR-US: Comodo Antivirus
CVE-2019-3972 (Comodo Antivirus versions 12.0.0.6810 and below are vulnerable
to Deni ...)
@@ -31811,10 +31882,10 @@ CVE-2019-3420
RESERVED
CVE-2019-3419
RESERVED
-CVE-2019-3418
- RESERVED
-CVE-2019-3417
- RESERVED
+CVE-2019-3418 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are
impacted ...)
+ TODO: check
+CVE-2019-3417 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are
impacted ...)
+ TODO: check
CVE-2019-3416
RESERVED
CVE-2019-3415 (ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path
traver ...)
@@ -34623,7 +34694,7 @@ CVE-2019-2818 (Vulnerability in the Java SE component
of Oracle Java SE (subcomp
CVE-2019-2817 (Vulnerability in the Oracle Agile PLM component of Oracle
Supply Chain ...)
NOT-FOR-US: Oracle
CVE-2019-2816 (Vulnerability in the Java SE, Java SE Embedded component of
Oracle Jav ...)
- {DSA-4486-1 DSA-4485-1}
+ {DSA-4486-1 DSA-4485-1 DLA-1886-1}
- openjdk-12 12.0.2+9-1
- openjdk-11 11.0.4+11-1
- openjdk-8 8u222-b10-1
@@ -34733,7 +34804,7 @@ CVE-2019-2771 (Vulnerability in the BI Publisher
(formerly XML Publisher) compon
CVE-2019-2770 (Vulnerability in the Oracle Hyperion Planning component of
Oracle Hype ...)
NOT-FOR-US: Oracle
CVE-2019-2769 (Vulnerability in the Java SE, Java SE Embedded component of
Oracle Jav ...)
- {DSA-4486-1 DSA-4485-1}
+ {DSA-4486-1 DSA-4485-1 DLA-1886-1}
- openjdk-12 12.0.2+9-1
- openjdk-11 11.0.4+11-1
- openjdk-8 8u222-b10-1
@@ -34754,7 +34825,7 @@ CVE-2019-2764 (Vulnerability in the Oracle Outside In
Technology component of Or
CVE-2019-2763 (Vulnerability in the Oracle Hospitality Gift and Loyalty
component of ...)
NOT-FOR-US: Oracle
CVE-2019-2762 (Vulnerability in the Java SE, Java SE Embedded component of
Oracle Jav ...)
- {DSA-4486-1 DSA-4485-1}
+ {DSA-4486-1 DSA-4485-1 DLA-1886-1}
- openjdk-12 12.0.2+9-1
- openjdk-11 11.0.4+11-1
- openjdk-8 8u222-b10-1
@@ -34797,7 +34868,7 @@ CVE-2019-2747 (Vulnerability in the MySQL Server
component of Oracle MySQL (subc
CVE-2019-2746 (Vulnerability in the MySQL Server component of Oracle MySQL
(subcompon ...)
- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2745 (Vulnerability in the Java SE component of Oracle Java SE
(subcomponent ...)
- {DSA-4486-1 DSA-4485-1}
+ {DSA-4486-1 DSA-4485-1 DLA-1886-1}
- openjdk-11 11.0.4+11-1
- openjdk-8 8u222-b10-1
- openjdk-7 <removed>
@@ -46833,8 +46904,8 @@ CVE-2018-17792 (MDaemon Webmail (formerly WorldClient)
has CSRF. ...)
NOT-FOR-US: MDaemon Webmail
CVE-2018-17791
RESERVED
-CVE-2018-17790
- RESERVED
+CVE-2018-17790 (Prospecta Master Data Online (MDO) 2.0 has Stored XSS. ...)
+ TODO: check
CVE-2018-17789
RESERVED
CVE-2018-17788
@@ -54710,16 +54781,16 @@ CVE-2018-14674
RESERVED
CVE-2018-14673
RESERVED
-CVE-2018-14672
- RESERVED
-CVE-2018-14671
- RESERVED
-CVE-2018-14670
- RESERVED
-CVE-2018-14669
- RESERVED
-CVE-2018-14668
- RESERVED
+CVE-2018-14672 (In ClickHouse before 18.12.13, functions for loading CatBoost
models a ...)
+ TODO: check
+CVE-2018-14671 (In ClickHouse before 18.10.3, unixODBC allowed loading
arbitrary share ...)
+ TODO: check
+CVE-2018-14670 (Incorrect configuration in deb package in ClickHouse before
1.1.54131 ...)
+ TODO: check
+CVE-2018-14669 (ClickHouse MySQL client before versions 1.1.54390 had "LOAD
DATA LOCAL ...)
+ TODO: check
+CVE-2018-14668 (In ClickHouse before 1.1.54388, "remote" table function
allowed arbitr ...)
+ TODO: check
CVE-2018-14679 (An issue was discovered in mspack/chmd.c in libmspack before
0.7alpha. ...)
{DSA-4260-1 DLA-1460-1}
- libmspack 0.7-1 (bug #904802)
@@ -56741,8 +56812,8 @@ CVE-2018-14010 (OS command injection in the guest Wi-Fi
settings feature in /cgi
NOT-FOR-US: Xiaomi
CVE-2018-14009 (Codiad through 2.8.4 allows Remote Code Execution, a different
vulnera ...)
NOT-FOR-US: Codiad
-CVE-2018-14008
- RESERVED
+CVE-2018-14008 (Arista EOS through 4.21.0F allows a crash because 802.1x
authenticatio ...)
+ TODO: check
CVE-2018-14007 (Citrix XenServer 7.1 and newer allows Directory Traversal. ...)
NOT-FOR-US: xapi
CVE-2018-14006 (An integer overflow vulnerability exists in the function
multipleTrans ...)
@@ -61036,8 +61107,8 @@ CVE-2018-12358 (Service workers can use redirection to
avoid the tainting of cro
CVE-2018-12423 (In Synapse before 0.31.2, unauthorised users can hijack rooms
when the ...)
- matrix-synapse 0.31.2+dfsg-1 (bug #901549)
NOTE: https://github.com/matrix-org/synapse/pull/3397
-CVE-2018-12357
- RESERVED
+CVE-2018-12357 (Arista CloudVision Portal through 2018.1.1 has Incorrect
Permissions. ...)
+ TODO: check
CVE-2018-12356 (An issue was discovered in password-store.sh in pass in Simple
Passwor ...)
- password-store 1.7.2-1 (bug #901574)
[stretch] - password-store <not-affected> (Signature verification
support added in 1.7)
@@ -61687,8 +61758,8 @@ CVE-2018-12103 (An issue was discovered on D-Link
DIR-890L with firmware 1.21B02
NOT-FOR-US: D-Link
CVE-2018-12102 (md4c 0.2.6 has a NULL pointer dereference in the function
md_process_l ...)
NOT-FOR-US: md4c
-CVE-2018-12101
- RESERVED
+CVE-2018-12101 (CMS Clipper 1.3.3 has XSS in the Security tab search, User
Groups, Res ...)
+ TODO: check
CVE-2018-12100 (Sonatype Nexus Repository Manager versions 3.x before 3.12.0
has XSS i ...)
NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2018-12099 (Grafana before 5.2.0-beta1 has XSS vulnerabilities in
dashboard links. ...)
@@ -105429,8 +105500,8 @@ CVE-2017-14234
RESERVED
CVE-2017-14233
RESERVED
-CVE-2017-14232
- RESERVED
+CVE-2017-14232 (The read_chunk function in flif-dec.cpp in Free Lossless Image
Format ...)
+ TODO: check
CVE-2017-14231 (GeniXCMS before 1.1.0 allows remote attackers to cause a
denial of ser ...)
NOT-FOR-US: GenixCMS
CVE-2017-14230 (In the mboxlist_do_find function in imap/mboxlist.c in Cyrus
IMAP befo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b95a0f9f9da235deb33ceff6bdd5f4fd34c2047b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b95a0f9f9da235deb33ceff6bdd5f4fd34c2047b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
