Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5ba6b0f4 by security tracker role at 2019-10-12T08:10:23Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2019-17513
+ RESERVED
+CVE-2019-17512
+ RESERVED
+CVE-2019-17511
+ RESERVED
+CVE-2019-17510 (D-Link DIR-846 devices with firmware 100A35 allow remote
attackers to ...)
+ TODO: check
+CVE-2019-17509 (D-Link DIR-846 devices with firmware 100A35 allow remote
attackers to ...)
+ TODO: check
+CVE-2019-17508 (On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices,
/etc/services/DEV ...)
+ TODO: check
+CVE-2019-17507 (An issue was discovered on D-Link DIR-816 A1 1.06 devices. An
attacker ...)
+ TODO: check
+CVE-2019-17506 (There are some web interfaces without authentication
requirements on D ...)
+ TODO: check
+CVE-2019-17505 (D-Link DAP-1320 A2-V1.21 routers have some web interfaces
without auth ...)
+ TODO: check
+CVE-2017-18638 (send_email in graphite-web/webapp/graphite/composer/views.py
in Graphi ...)
+ TODO: check
CVE-2019-17504 (An issue was discovered in Kirona Dynamic Resource Scheduling
(DRS) 5. ...)
NOT-FOR-US: Kirona Dynamic Resource Scheduling (DRS)
CVE-2019-17503 (An issue was discovered in Kirona Dynamic Resource Scheduling
(DRS) 5. ...)
@@ -12,10 +32,10 @@ CVE-2019-17499 (The setter.xml component of the Common
Gateway Interface on Comp
NOT-FOR-US: Compal CH7465LG devices
CVE-2019-17498
RESERVED
-CVE-2018-21028
- RESERVED
-CVE-2018-21027
- RESERVED
+CVE-2018-21028 (Boa through 0.94.14rc21 allows remote attackers to trigger a
memory le ...)
+ TODO: check
+CVE-2018-21027 (Boa through 0.94.14rc21 allows remote attackers to trigger an
out-of-m ...)
+ TODO: check
CVE-2015-9492 (The ThemeMakers SmartIT Premium Responsive theme through
2015-05-15 fo ...)
NOT-FOR-US: ThemeMakers SmartIT Premium Responsive theme for WordPress
CVE-2015-9491 (The ThemeMakers Blessing Premium Responsive theme through
2015-05-15 f ...)
@@ -763,8 +783,8 @@ CVE-2019-17178 (HuffmanTree_makeFromFrequencies in
lodepng.c in LodePNG through
TODO: check
CVE-2019-17177 (libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x
through 2.0 ...)
TODO: check
-CVE-2019-17176
- RESERVED
+CVE-2019-17176 (Genesys PureEngage Digital (eServices) 8.1.x allows XSS via
HtmlChatPa ...)
+ TODO: check
CVE-2019-17175 (joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath=
absolute path ...)
NOT-FOR-US: joyplus-cms
CVE-2019-17174
@@ -21259,6 +21279,7 @@ CVE-2019-10207 [bluetooth: hci_uart: 0x0 address
execution as nonprivileged use
NOTE:
https://lore.kernel.org/linux-bluetooth/[email protected]/T/#u
NOTE:
https://git.kernel.org/linus/b36a1552d7319bbfd5cf7f08726c23c5c66d4f73
CVE-2019-14856 [Incomplete fix for CVE-2019-10206]
+ RESERVED
- ansible <not-affected> (Incomplete fix for CVE-2019-10206 not applied)
NOTE: https://github.com/ansible/ansible/pull/63351
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1760829
@@ -39569,8 +39590,8 @@ CVE-2018-20584 (JasPer 2.0.14 allows remote attackers
to cause a denial of servi
NOTE: https://github.com/mdadams/jasper/issues/192
CVE-2018-20583 (Cross-site scripting (XSS) vulnerability in the PHP League
CommonMark ...)
NOT-FOR-US: PHP League CommonMark library
-CVE-2018-20582
- RESERVED
+CVE-2018-20582 (The GREE+ (aka com.gree.greeplus) application 1.4.0.8 for
Android suff ...)
+ TODO: check
CVE-2018-20581
RESERVED
CVE-2018-20580 (The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and
2.6.0 al ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ba6b0f403a451870cdca8dcf00173a7817fcc33
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ba6b0f403a451870cdca8dcf00173a7817fcc33
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
