Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6979fb26 by security tracker role at 2019-08-27T08:10:13Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,99 @@
+CVE-2019-15666 (An issue was discovered in the Linux kernel before 5.0.19.
There is an ...)
+ TODO: check
+CVE-2019-15665
+ RESERVED
+CVE-2019-15664
+ RESERVED
+CVE-2019-15663
+ RESERVED
+CVE-2019-15662
+ RESERVED
+CVE-2019-15661
+ RESERVED
+CVE-2019-15660
+ RESERVED
+CVE-2019-15659
+ RESERVED
+CVE-2019-15658 (connect-pg-simple before 6.0.1 allows SQL injection if
tableName or sc ...)
+ TODO: check
+CVE-2019-15657 (In eslint-utils before 1.4.1, the getStaticValue function can
execute ...)
+ TODO: check
+CVE-2019-15656
+ RESERVED
+CVE-2019-15655
+ RESERVED
+CVE-2019-15654
+ RESERVED
+CVE-2019-15653
+ RESERVED
+CVE-2019-15652
+ RESERVED
+CVE-2019-15651 (wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in
DecodeCert ...)
+ TODO: check
+CVE-2019-15650
+ RESERVED
+CVE-2019-15649
+ RESERVED
+CVE-2019-15648
+ RESERVED
+CVE-2019-15647
+ RESERVED
+CVE-2019-15646
+ RESERVED
+CVE-2019-15645
+ RESERVED
+CVE-2019-15644
+ RESERVED
+CVE-2019-15643
+ RESERVED
+CVE-2018-21006
+ RESERVED
+CVE-2018-21005
+ RESERVED
+CVE-2018-21004
+ RESERVED
+CVE-2018-21003
+ RESERVED
+CVE-2018-21002
+ RESERVED
+CVE-2018-21001
+ RESERVED
+CVE-2017-18592
+ RESERVED
+CVE-2017-18591
+ RESERVED
+CVE-2017-18590
+ RESERVED
+CVE-2016-10936
+ RESERVED
+CVE-2016-10935
+ RESERVED
+CVE-2016-10934
+ RESERVED
+CVE-2015-9352
+ RESERVED
+CVE-2015-9351
+ RESERVED
+CVE-2015-9350
+ RESERVED
+CVE-2015-9349
+ RESERVED
+CVE-2015-9348
+ RESERVED
+CVE-2015-9347
+ RESERVED
+CVE-2015-9346
+ RESERVED
+CVE-2015-9345
+ RESERVED
+CVE-2015-9344
+ RESERVED
+CVE-2015-9343
+ RESERVED
+CVE-2015-9342
+ RESERVED
+CVE-2014-10395
+ RESERVED
CVE-2019-15642 (rpc.cgi in Webmin through 1.920 allows authenticated Remote
Code Execu ...)
- webmin <removed>
CVE-2019-15641 (xmlrpc.cgi in Webmin through 1.930 allows authenticated XXE
attacks. B ...)
@@ -328,8 +424,8 @@ CVE-2019-15499 (CodiMD 1.3.1, when Safari is used, allows
XSS via an IFRAME elem
TODO: check
CVE-2019-15498 (cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452
allows rem ...)
NOT-FOR-US: Vera Edge Home Controller
-CVE-2019-15497
- RESERVED
+CVE-2019-15497 (Black Box iCOMPEL 9.2.3 through 11.1.4, as used in ONELAN
Net-Top-Box ...)
+ TODO: check
CVE-2019-15496
RESERVED
CVE-2019-15495
@@ -1670,8 +1766,8 @@ CVE-2019-15057
RESERVED
CVE-2019-15056
RESERVED
-CVE-2019-15055
- RESERVED
+CVE-2019-15055 (MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3
improperly ...)
+ TODO: check
CVE-2019-15054
RESERVED
CVE-2019-15053 (The "HTML Include and replace macro" plugin before 1.5.0 for
Confluenc ...)
@@ -14434,7 +14530,7 @@ CVE-2019-10749
RESERVED
CVE-2019-10748
RESERVED
-CVE-2019-10747 (set-value is vulnerable to Prototype Pollution in versions
before 2.0. ...)
+CVE-2019-10747 (set-value is vulnerable to Prototype Pollution in versions
lower than ...)
TODO: check
CVE-2019-10746 (mixin-deep is vulnerable to Prototype Pollution in versions
before 1.3 ...)
- node-mixin-deep 2.0.1-1 (bug #932500)
@@ -18602,8 +18698,8 @@ CVE-2019-9571
RESERVED
CVE-2019-9570 (An issue was discovered in YzmCMS 5.2.0. It has XSS via the
bottom tex ...)
NOT-FOR-US: YzmCMS
-CVE-2019-9569
- RESERVED
+CVE-2019-9569 (Buffer Overflow in dacterea in Delta Controls enteliBUS Manager
V3.40_ ...)
+ TODO: check
CVE-2019-9568 (The "Forminator Contact Form, Poll & Quiz Builder" plugin
before 1 ...)
NOT-FOR-US: WordPress plugin forminator
CVE-2019-9567 (The "Forminator Contact Form, Poll & Quiz Builder" plugin
before 1 ...)
@@ -21488,8 +21584,8 @@ CVE-2019-8462
RESERVED
CVE-2019-8461
RESERVED
-CVE-2019-8460
- RESERVED
+CVE-2019-8460 (Reuven Plevinsky and Tal Vainshtein of Check Point Software
Technologi ...)
+ TODO: check
CVE-2019-8459 (Check Point Endpoint Security Client for Windows, with the VPN
blade, ...)
NOT-FOR-US: Check Point Endpoint Security Client for Windows
CVE-2019-8458 (Check Point Endpoint Security Client for Windows, with
Anti-Malware bl ...)
@@ -46230,8 +46326,8 @@ CVE-2018-18670 (GNUBOARD5 5.3.1.9 has XSS that allows
remote attackers to inject
NOT-FOR-US: GNU Board
CVE-2018-18669 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to
inject arbit ...)
NOT-FOR-US: GNU Board
-CVE-2018-18668
- RESERVED
+CVE-2018-18668 (GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers
to injec ...)
+ TODO: check
CVE-2018-18667 (The mintToken function of Pylon (PYLNT) aka PylonToken, an
Ethereum to ...)
NOT-FOR-US: Some Ethereum token
CVE-2018-18666 (The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an
Ethereum t ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6979fb269b5038e92b14b471f537ecf0c82d0222
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6979fb269b5038e92b14b471f537ecf0c82d0222
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
