Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 654a22d8 by Salvatore Bonaccorso at 2019-10-02T19:39:39Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -34,7 +34,7 @@ CVE-2019-17065 CVE-2019-17064 (Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog ...) TODO: check CVE-2019-17063 (In Snowtide PDFxStream before 3.7.1 (for Java), a crafted PDF file can ...) - TODO: check + NOT-FOR-US: Snowtide PDFxStream CVE-2019-17062 RESERVED CVE-2019-17061 @@ -172,7 +172,7 @@ CVE-2019-17001 CVE-2019-17000 RESERVED CVE-2019-16999 (CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status ...) - TODO: check + NOT-FOR-US: CloudBoot CVE-2019-16998 RESERVED CVE-2019-16997 (In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/lan ...) @@ -180,7 +180,7 @@ CVE-2019-16997 (In Metinfo 7.0.0beta, a SQL Injection was discovered in app/syst CVE-2019-16996 (In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/pro ...) NOT-FOR-US: Metinfo CVE-2017-18636 (CDG through 2017-01-01 allows downloadDocument.jsp?command=download&am ...) - TODO: check + NOT-FOR-US: CDG CVE-2019-16995 (In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_final ...) - linux 4.19.37-1 [stretch] - linux 4.9.168-1 @@ -971,9 +971,9 @@ CVE-2019-16686 (Dolibarr 9.0.5 has stored XSS in a User Note section to note.php CVE-2019-16685 (Dolibarr 9.0.5 has stored XSS vulnerability via a User Group Descripti ...) - dolibarr <removed> CVE-2019-16684 (An issue was discovered in the image-manager in Xoops 2.5.10. When any ...) - TODO: check + NOT-FOR-US: Xoops CVE-2019-16683 (An issue was discovered in the image-manager in Xoops 2.5.10. When the ...) - TODO: check + NOT-FOR-US: Xoops CVE-2019-16682 RESERVED CVE-2018-21018 (Mastodon before 2.6.3 mishandles timeouts of incompletely established ...) @@ -1418,7 +1418,7 @@ CVE-2019-16510 (libIEC61850 through 1.3.3 has a use-after-free in MmsServer_wait CVE-2019-16509 RESERVED CVE-2019-16508 (The Imagination Technologies driver for Chrome OS before R74-11895.B, ...) - TODO: check + NOT-FOR-US: Imagination Technologies driver for Chrome OS CVE-2019-16507 RESERVED CVE-2019-16506 @@ -2973,7 +2973,7 @@ CVE-2019-15941 (OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may all NOTE: were added only in 2.0 the vulnerability has no effect. The vulnerability NOTE: itself exists only with versions >= 1.9.0 (as there is no OIDC before) CVE-2019-15940 (Victure PC530 devices allow unauthenticated TELNET access as root. ...) - TODO: check + NOT-FOR-US: Victure PC530 devices CVE-2019-15939 (An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero err ...) TODO: check CVE-2019-15938 (Pengutronix barebox through 2019.08.1 has a remote buffer overflow in ...) @@ -5660,21 +5660,21 @@ CVE-2019-15044 CVE-2019-15043 (In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow u ...) - grafana <removed> CVE-2019-15042 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL ...) - TODO: check + NOT-FOR-US: JetBrains TeamCity CVE-2019-15041 (JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL ...) - TODO: check + NOT-FOR-US: JetBrains YouTrack CVE-2019-15040 RESERVED CVE-2019-15039 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possi ...) - TODO: check + NOT-FOR-US: JetBrains TeamCity CVE-2019-15038 (An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity s ...) - TODO: check + NOT-FOR-US: JetBrains TeamCity CVE-2019-15037 RESERVED CVE-2019-15036 RESERVED CVE-2019-15035 (An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Pro ...) - TODO: check + NOT-FOR-US: JetBrains TeamCity CVE-2019-15034 RESERVED CVE-2019-15033 (Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature dow ...) @@ -5915,25 +5915,25 @@ CVE-2019-14963 CVE-2019-14962 RESERVED CVE-2019-14961 (JetBrains Upsource before 2019.1.1412 was not properly escaping HTML t ...) - TODO: check + NOT-FOR-US: JetBrains Upsource CVE-2019-14960 (JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider. ...) - TODO: check + NOT-FOR-US: JetBrains Rider CVE-2019-14959 RESERVED CVE-2019-14958 RESERVED CVE-2019-14957 (The JetBrains Vim plugin before version 0.52 was storing individual pr ...) - TODO: check + NOT-FOR-US: JetBrains Vim plugin CVE-2019-14956 RESERVED CVE-2019-14955 (In JetBrains Hub versions earlier than 2018.4.11436, there was no opti ...) - TODO: check + NOT-FOR-US: JetBrains Hub CVE-2019-14954 (JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plant ...) - TODO: check + NOT-FOR-US: JetBrains IntelliJ IDEA CVE-2019-14953 (JetBrains YouTrack versions before 2019.2.53938 had a possible XSS thr ...) - TODO: check + NOT-FOR-US: JetBrains YouTrack CVE-2019-14952 (JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in ...) - TODO: check + NOT-FOR-US: JetBrains YouTrack CVE-2019-14951 (The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Le ...) NOT-FOR-US: Telenav Scout GPS Link app CVE-2019-14950 (The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS vi ...) @@ -26501,15 +26501,15 @@ CVE-2019-8294 CVE-2019-8293 RESERVED CVE-2019-8292 (Online Store System v1.0 delete_product.php doesn't check to see if a ...) - TODO: check + NOT-FOR-US: Online Store System CVE-2019-8291 (Online Store System v1.0 delete_file.php doesn't check to see if a use ...) - TODO: check + NOT-FOR-US: Online Store System CVE-2019-8290 (Vulnerability in Online Store v1.0, The registration form requirements ...) - TODO: check + NOT-FOR-US: Online Store System CVE-2019-8289 (Vulnerability in Online Store v1.0, stored XSS in admin/user_view.php ...) - TODO: check + NOT-FOR-US: Online Store System CVE-2019-8288 (Vulnerability in Online Store v1.0, Stored XSS in user_view.php where ...) - TODO: check + NOT-FOR-US: Online Store System CVE-2019-8287 RESERVED CVE-2019-8286 (Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Sec ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/654a22d8b1e1b3cc429b7dad1d6fafcb5c72f4a7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/654a22d8b1e1b3cc429b7dad1d6fafcb5c72f4a7 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits