[Git][security-tracker-team/security-tracker][master] automatic update

Thu, 22 Aug 2019 01:11:04 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f8f310d2 by security tracker role at 2019-08-22T08:10:21Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,137 @@
+CVE-2019-15324
+       RESERVED
+CVE-2019-15323
+       RESERVED
+CVE-2019-15322
+       RESERVED
+CVE-2019-15321
+       RESERVED
+CVE-2019-15320
+       RESERVED
+CVE-2019-15319
+       RESERVED
+CVE-2019-15318
+       RESERVED
+CVE-2019-15317
+       RESERVED
+CVE-2019-15316 (Valve Steam Client for Windows through 2019-08-20 has weak 
folder perm ...)
+       TODO: check
+CVE-2019-15315 (Valve Steam Client for Windows through 2019-08-16 allows 
privilege esc ...)
+       TODO: check
+CVE-2018-20986
+       RESERVED
+CVE-2018-20985
+       RESERVED
+CVE-2018-20984
+       RESERVED
+CVE-2018-20983
+       RESERVED
+CVE-2018-20982
+       RESERVED
+CVE-2018-20981
+       RESERVED
+CVE-2018-20980
+       RESERVED
+CVE-2018-20979
+       RESERVED
+CVE-2017-18585
+       RESERVED
+CVE-2017-18584
+       RESERVED
+CVE-2017-18583
+       RESERVED
+CVE-2017-18582
+       RESERVED
+CVE-2017-18581
+       RESERVED
+CVE-2017-18580
+       RESERVED
+CVE-2017-18579
+       RESERVED
+CVE-2017-18578
+       RESERVED
+CVE-2017-18577
+       RESERVED
+CVE-2017-18576
+       RESERVED
+CVE-2017-18575
+       RESERVED
+CVE-2017-18574
+       RESERVED
+CVE-2017-18573
+       RESERVED
+CVE-2017-18572
+       RESERVED
+CVE-2017-18571
+       RESERVED
+CVE-2017-18570
+       RESERVED
+CVE-2016-10929
+       RESERVED
+CVE-2016-10928
+       RESERVED
+CVE-2016-10927
+       RESERVED
+CVE-2016-10926
+       RESERVED
+CVE-2016-10925
+       RESERVED
+CVE-2016-10924
+       RESERVED
+CVE-2016-10923
+       RESERVED
+CVE-2016-10922
+       RESERVED
+CVE-2016-10921
+       RESERVED
+CVE-2016-10920
+       RESERVED
+CVE-2016-10919
+       RESERVED
+CVE-2016-10918
+       RESERVED
+CVE-2016-10917
+       RESERVED
+CVE-2016-10916
+       RESERVED
+CVE-2015-9337
+       RESERVED
+CVE-2015-9336
+       RESERVED
+CVE-2015-9335
+       RESERVED
+CVE-2015-9334
+       RESERVED
+CVE-2015-9333
+       RESERVED
+CVE-2014-10385
+       RESERVED
+CVE-2014-10384
+       RESERVED
+CVE-2014-10383
+       RESERVED
+CVE-2014-10382
+       RESERVED
+CVE-2013-7483
+       RESERVED
+CVE-2013-7482
+       RESERVED
+CVE-2013-7481
+       RESERVED
+CVE-2013-7480
+       RESERVED
+CVE-2013-7479
+       RESERVED
+CVE-2013-7478
+       RESERVED
+CVE-2013-7477
+       RESERVED
+CVE-2012-6716
+       RESERVED
+CVE-2009-5158
+       RESERVED
+CVE-2008-7321
+       RESERVED
 CVE-2019-15314
        RESERVED
 CVE-2019-15313
@@ -1620,6 +1754,7 @@ CVE-2019-14776
 CVE-2019-14775
        RESERVED
 CVE-2019-12625 [clamav zip DoS]
+       RESERVED
        - clamav <unfixed> (bug #934359)
        [buster] - clamav <no-dsa> (ClamAV is updated via -updates)
        [stretch] - clamav <no-dsa> (ClamAV is updated via -updates)
@@ -1831,10 +1966,10 @@ CVE-2019-14688
        RESERVED
 CVE-2019-14687 (A DLL hijacking vulnerability exists in Trend Micro Password 
Manager 5 ...)
        NOT-FOR-US: Trend Micro
-CVE-2019-14686
-       RESERVED
-CVE-2019-14685
-       RESERVED
+CVE-2019-14686 (A DLL hijacking vulnerability exists in the Trend Micro 
Security's 201 ...)
+       TODO: check
+CVE-2019-14685 (A local privilege escalation vulnerability exists in Trend 
Micro Secur ...)
+       TODO: check
 CVE-2019-14684 (A DLL hijacking vulnerability exists in Trend Micro Password 
Manager 5 ...)
        NOT-FOR-US: Trend Micro
 CVE-2019-14683 (The codection "Import users from CSV with meta" plugin before 
1.14.2.2 ...)
@@ -11282,12 +11417,12 @@ CVE-2019-11605
        RESERVED
 CVE-2019-11604 (An issue was discovered in Quest KACE Systems Management 
Appliance bef ...)
        NOT-FOR-US: Quest KACE Systems Management Appliance
-CVE-2019-11603
-       RESERVED
-CVE-2019-11602
-       RESERVED
-CVE-2019-11601
-       RESERVED
+CVE-2019-11603 (A HTTP Traversal Attack in earlier versions than ProSyst mBS 
SDK 8.2.6 ...)
+       TODO: check
+CVE-2019-11602 (Leakage of stack traces in remote access to backup &amp; 
restore in ea ...)
+       TODO: check
+CVE-2019-11601 (A directory traversal vulnerability in remote access to backup 
&amp; r ...)
+       TODO: check
 CVE-2019-11600 (A SQL injection vulnerability in the activities API in 
OpenProject bef ...)
        NOT-FOR-US: OpenProject
 CVE-2018-20835 (A vulnerability was found in tar-fs before 1.16.2. An 
Arbitrary File O ...)
@@ -13824,8 +13959,8 @@ CVE-2019-10689 (VVX products using UCS software version 
5.9.2 and earlier with B
        NOT-FOR-US: VVX products using UCS software
 CVE-2019-10688 (VVX products with software versions including and prior to, 
UCS 5.9.2  ...)
        NOT-FOR-US: VVX products using UCS
-CVE-2019-10687
-       RESERVED
+CVE-2019-10687 (KBPublisher 6.0.2.1 has SQL Injection via the 
admin/index.php?module=r ...)
+       TODO: check
 CVE-2019-10686 (An SSRF vulnerability was found in an API from Ctrip Apollo 
through 1. ...)
        NOT-FOR-US: Ctrip Apollo
 CVE-2019-10685 (A Reflected Cross Site Scripting (XSS) Vulnerability was 
discovered in ...)
@@ -26287,8 +26422,8 @@ CVE-2019-6179
        RESERVED
 CVE-2019-6178 (An information leakage vulnerability in Iomega and LenovoEMC 
NAS produ ...)
        NOT-FOR-US: Iomega and LenovoEMC NAS products
-CVE-2019-6177
-       RESERVED
+CVE-2019-6177 (A vulnerability reported in Lenovo Solution Center version 
03.12.003,  ...)
+       TODO: check
 CVE-2019-6176
        RESERVED
 CVE-2019-6175
@@ -27764,8 +27899,8 @@ CVE-2019-5640
        RESERVED
 CVE-2019-5639
        RESERVED
-CVE-2019-5638
-       RESERVED
+CVE-2019-5638 (Rapid7 Nexpose versions 6.5.50 and prior suffer from 
insufficient sess ...)
+       TODO: check
 CVE-2019-5637
        RESERVED
 CVE-2019-5636
@@ -47837,8 +47972,8 @@ CVE-2018-17793 (** DISPUTED ** Virtualenv 16.0.0 allows 
a sandbox escape via "py
        NOTE: No real security impact. 3rd party requested CVE rejection
 CVE-2018-17792 (MDaemon Webmail (formerly WorldClient) has CSRF. ...)
        NOT-FOR-US: MDaemon Webmail
-CVE-2018-17791
-       RESERVED
+CVE-2018-17791 (Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 
has an " ...)
+       TODO: check
 CVE-2018-17790 (Prospecta Master Data Online (MDO) 2.0 has Stored XSS. ...)
        NOT-FOR-US: Prospecta Master Data Online (MDO)
 CVE-2018-17789



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f8f310d283733764a988b359a009b240020d0898

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f8f310d283733764a988b359a009b240020d0898
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to