Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
03695937 by security tracker role at 2019-09-25T08:10:32Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,219 @@
+CVE-2019-16865
+ RESERVED
+CVE-2019-16864
+ RESERVED
+CVE-2019-16863
+ RESERVED
+CVE-2019-16862
+ RESERVED
+CVE-2019-16861
+ RESERVED
+CVE-2019-16860
+ RESERVED
+CVE-2019-16859
+ RESERVED
+CVE-2019-16858
+ RESERVED
+CVE-2019-16857
+ RESERVED
+CVE-2019-16856
+ RESERVED
+CVE-2019-16855
+ RESERVED
+CVE-2019-16854
+ RESERVED
+CVE-2019-16853
+ RESERVED
+CVE-2019-16852
+ RESERVED
+CVE-2019-16851
+ RESERVED
+CVE-2019-16850
+ RESERVED
+CVE-2019-16849
+ RESERVED
+CVE-2019-16848
+ RESERVED
+CVE-2019-16847
+ RESERVED
+CVE-2019-16846
+ RESERVED
+CVE-2019-16845
+ RESERVED
+CVE-2019-16844
+ RESERVED
+CVE-2019-16843
+ RESERVED
+CVE-2019-16842
+ RESERVED
+CVE-2019-16841
+ RESERVED
+CVE-2019-16840
+ RESERVED
+CVE-2019-16839
+ RESERVED
+CVE-2019-16838
+ RESERVED
+CVE-2019-16837
+ RESERVED
+CVE-2019-16836
+ RESERVED
+CVE-2019-16835
+ RESERVED
+CVE-2019-16834
+ RESERVED
+CVE-2019-16833
+ RESERVED
+CVE-2019-16832
+ RESERVED
+CVE-2019-16831
+ RESERVED
+CVE-2019-16830
+ RESERVED
+CVE-2019-16829
+ RESERVED
+CVE-2019-16828
+ RESERVED
+CVE-2019-16827
+ RESERVED
+CVE-2019-16826
+ RESERVED
+CVE-2019-16825
+ RESERVED
+CVE-2019-16824
+ RESERVED
+CVE-2019-16823
+ RESERVED
+CVE-2019-16822
+ RESERVED
+CVE-2019-16821
+ RESERVED
+CVE-2019-16820
+ RESERVED
+CVE-2019-16819
+ RESERVED
+CVE-2019-16818
+ RESERVED
+CVE-2019-16817
+ RESERVED
+CVE-2019-16816
+ RESERVED
+CVE-2019-16815
+ RESERVED
+CVE-2019-16814
+ RESERVED
+CVE-2019-16813
+ RESERVED
+CVE-2019-16812
+ RESERVED
+CVE-2019-16811
+ RESERVED
+CVE-2019-16810
+ RESERVED
+CVE-2019-16809
+ RESERVED
+CVE-2019-16808
+ RESERVED
+CVE-2019-16807
+ RESERVED
+CVE-2019-16806
+ RESERVED
+CVE-2019-16805
+ RESERVED
+CVE-2019-16804
+ RESERVED
+CVE-2019-16803
+ RESERVED
+CVE-2019-16802
+ RESERVED
+CVE-2019-16801
+ RESERVED
+CVE-2019-16800
+ RESERVED
+CVE-2019-16799
+ RESERVED
+CVE-2019-16798
+ RESERVED
+CVE-2019-16797
+ RESERVED
+CVE-2019-16796
+ RESERVED
+CVE-2019-16795
+ RESERVED
+CVE-2019-16794
+ RESERVED
+CVE-2019-16793
+ RESERVED
+CVE-2019-16792
+ RESERVED
+CVE-2019-16791
+ RESERVED
+CVE-2019-16790
+ RESERVED
+CVE-2019-16789
+ RESERVED
+CVE-2019-16788
+ RESERVED
+CVE-2019-16787
+ RESERVED
+CVE-2019-16786
+ RESERVED
+CVE-2019-16785
+ RESERVED
+CVE-2019-16784
+ RESERVED
+CVE-2019-16783
+ RESERVED
+CVE-2019-16782
+ RESERVED
+CVE-2019-16781
+ RESERVED
+CVE-2019-16780
+ RESERVED
+CVE-2019-16779
+ RESERVED
+CVE-2019-16778
+ RESERVED
+CVE-2019-16777
+ RESERVED
+CVE-2019-16776
+ RESERVED
+CVE-2019-16775
+ RESERVED
+CVE-2019-16774
+ RESERVED
+CVE-2019-16773
+ RESERVED
+CVE-2019-16772
+ RESERVED
+CVE-2019-16771
+ RESERVED
+CVE-2019-16770
+ RESERVED
+CVE-2019-16769
+ RESERVED
+CVE-2019-16768
+ RESERVED
+CVE-2019-16767
+ RESERVED
+CVE-2019-16766
+ RESERVED
+CVE-2019-16765
+ RESERVED
+CVE-2019-16764
+ RESERVED
+CVE-2019-16763
+ RESERVED
+CVE-2019-16762
+ RESERVED
+CVE-2019-16761
+ RESERVED
+CVE-2019-16760
+ RESERVED
+CVE-2019-16759 (vBulletin 5.x through 5.5.4 allows remote command execution
via the wi ...)
+ TODO: check
+CVE-2019-16758
+ RESERVED
CVE-2019-16757
RESERVED
CVE-2019-16756
@@ -62,10 +278,10 @@ CVE-2019-16727
RESERVED
CVE-2019-16726
RESERVED
-CVE-2019-16725
- RESERVED
-CVE-2019-16724
- RESERVED
+CVE-2019-16725 (In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS
attacks ...)
+ TODO: check
+CVE-2019-16724 (File Sharing Wizard 1.5.0 allows a remote attacker to obtain
arbitrary ...)
+ TODO: check
CVE-2019-16723 (In Cacti through 1.2.6, authenticated users may bypass
authorization c ...)
- cacti <unfixed> (bug #941036)
NOTE: https://github.com/Cacti/cacti/issues/2964
@@ -804,10 +1020,10 @@ CVE-2019-16413 (An issue was discovered in the Linux
kernel before 5.0.4. The 9p
NOTE:
https://git.kernel.org/linus/5e3cc1ee1405a7eb3487ed24f786dec01b4cbe1f
CVE-2019-16412 (In goform/setSysTools on Tenda N301 wireless routers,
attackers can tr ...)
NOT-FOR-US: Tenda
-CVE-2019-16411
- RESERVED
-CVE-2019-16410
- RESERVED
+CVE-2019-16411 (An issue was discovered in Suricata 4.1.4. By sending multiple
IPv4 pa ...)
+ TODO: check
+CVE-2019-16410 (An issue was discovered in Suricata 4.1.4. By sending multiple
fragmen ...)
+ TODO: check
CVE-2019-16409
RESERVED
CVE-2019-16408
@@ -923,18 +1139,22 @@ CVE-2019-16376
CVE-2019-16375
RESERVED
CVE-2019-16394 (SPIP before 3.1.11 and 3.2 before 3.2.5 provides different
error messa ...)
+ {DSA-4532-1}
- spip 3.2.5-1
NOTE: https://core.spip.net/issues/4171
NOTE: https://zone.spip.net/trac/spip-zone/changeset/117577/spip-zone
NOTE: https://zone.spip.net/trac/spip-zone/changeset/117578/spip-zone
CVE-2019-16393 (SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect
URLs in ec ...)
+ {DSA-4532-1}
- spip 3.2.5-1
NOTE: https://core.spip.net/issues/4362
NOTE:
https://git.spip.net/SPIP/spip/commit/0b832408b0aabd5b94a81e261e9413c0f31a19f1
CVE-2019-16392 (SPIP before 3.1.11 and 3.2 before 3.2.5 allows
prive/formulaires/login ...)
+ {DSA-4532-1}
- spip 3.2.5-1
NOTE:
https://git.spip.net/SPIP/spip/commit/3c12a82c7d9d4afd09e708748fa82e7836174028
CVE-2019-16391 (SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated
visitors ...)
+ {DSA-4532-1}
- spip 3.2.5-1
NOTE:
https://git.spip.net/SPIP/spip/commit/187952ce85e73b52c2753f2d54fc2c44807b8f79
NOTE:
https://git.spip.net/SPIP/spip/commit/3cbc758400323ab006c00ea78eacdb8f76aa5f66
@@ -2846,8 +3066,8 @@ CVE-2019-15701 (components/Modals/HelpModal.jsx in
BloodHound 2.2.0 allows remot
NOT-FOR-US: BloodHound
CVE-2019-15700 (public/js/frappe/form/footer/timeline.js in Frappe Framework
12 throug ...)
NOT-FOR-US: Frappe Framework
-CVE-2019-15699
- RESERVED
+CVE-2019-15699 (An issue was discovered in app-layer-ssl.c in Suricata 4.1.4.
Upon rec ...)
+ TODO: check
CVE-2019-15698 (In Octopus Deploy 2019.7.3 through 2019.7.9, in certain
circumstances, ...)
NOT-FOR-US: Octopus Deploy
CVE-2019-15697
@@ -7771,8 +7991,8 @@ CVE-2019-14222 (An issue was discovered in Alfresco
Community Edition versions 6
NOT-FOR-US: Alfresco
CVE-2019-14221 (1CRM On-Premise Software 8.5.7 allows XSS via a payload that
is mishan ...)
NOT-FOR-US: 1CRM On-Premise Software
-CVE-2019-14220
- RESERVED
+CVE-2019-14220 (An issue was discovered in BlueStacks 4.110 and below on macOS
and on ...)
+ TODO: check
CVE-2019-14219
RESERVED
CVE-2019-14218
@@ -10333,10 +10553,10 @@ CVE-2019-13530 (Philips IntelliVue WLAN, portable
patient monitors, WLAN Version
NOT-FOR-US: Philips
CVE-2019-13529
RESERVED
-CVE-2019-13528
- RESERVED
-CVE-2019-13527
- RESERVED
+CVE-2019-13528 (A specific utility may allow an attacker to gain read access
to privil ...)
+ TODO: check
+CVE-2019-13527 (In Rockwell Automation Arena Simulation Software Cat. 9502-Ax,
Version ...)
+ TODO: check
CVE-2019-13526 (Datalogic AV7000 Linear barcode scanner all versions prior to
4.6.0.0 ...)
NOT-FOR-US: Datalogic AV7000 Linear barcode scanner
CVE-2019-13525
@@ -14261,8 +14481,7 @@ CVE-2019-12070
RESERVED
CVE-2019-12069
RESERVED
-CVE-2019-12068 [scsi: lsi: exit infinite loop while executing script]
- RESERVED
+CVE-2019-12068 (In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8,
1:3.1+dfsg ...)
{DLA-1927-1}
- qemu <unfixed> (low)
[buster] - qemu <postponed> (Minor issue, can be fixed along in future
update)
@@ -32542,10 +32761,10 @@ CVE-2019-5507
RESERVED
CVE-2019-5506
RESERVED
-CVE-2019-5505
- RESERVED
-CVE-2019-5504
- RESERVED
+CVE-2019-5505 (ONTAP Select Deploy administration utility versions 2.2 through
2.12.1 ...)
+ TODO: check
+CVE-2019-5504 (ONTAP Select Deploy administration utility versions 2.12 &
2.12.1 ...)
+ TODO: check
CVE-2019-5503 (OnCommand Workflow Automation versions prior to 5.0 shipped
without ce ...)
NOT-FOR-US: OnCommand Workflow Automation
CVE-2019-5502 (SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3
has we ...)
@@ -33454,8 +33673,7 @@ CVE-2019-5096
RESERVED
CVE-2019-5095
RESERVED
-CVE-2019-5094 [A maliciously corrupted file systems can trigger buffer
overruns in the quota code used by e2fsck]
- RESERVED
+CVE-2019-5094 (An exploitable code execution vulnerability exists in the quota
file f ...)
- e2fsprogs 1.45.4-1
NOTE:
https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=maint&id=8dbe7b475ec5e91ed767239f0e85880f416fc384
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0887
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0369593780a6b95cabbf8e96d3911fa0b55f4e93
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0369593780a6b95cabbf8e96d3911fa0b55f4e93
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
