Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 70334db1 by Salvatore Bonaccorso at 2019-10-15T11:05:46Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -9,7 +9,7 @@ CVE-2019-17594 (There is a heap-based buffer over-read in the _nc_find_entry fun NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html CVE-2019-17593 (JIZHICMS 1.5.1 allows admin.php/Admin/adminadd.html CSRF to add an adm ...) - TODO: check + NOT-FOR-US: JIZHICMS CVE-2019-17592 (The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular ...) TODO: check CVE-2019-17591 @@ -285,7 +285,7 @@ CVE-2019-17513 CVE-2019-17512 RESERVED CVE-2019-17511 (There are some web interfaces without authentication requirements on D ...) - TODO: check + NOT-FOR-US: D-Link CVE-2019-17510 (D-Link DIR-846 devices with firmware 100A35 allow remote attackers to ...) NOT-FOR-US: D-Link CVE-2019-17509 (D-Link DIR-846 devices with firmware 100A35 allow remote attackers to ...) @@ -595,7 +595,7 @@ CVE-2019-17410 CVE-2019-17409 RESERVED CVE-2019-17408 (parserIfLabel in inc/zzz_template.php in ZZZCMS zzzphp 1.7.3 allows re ...) - TODO: check + NOT-FOR-US: ZZZCMS CVE-2019-17407 RESERVED CVE-2019-XXXX [Remote code execution vulnerability] @@ -1073,7 +1073,7 @@ CVE-2019-17178 (HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through CVE-2019-17177 (libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0 ...) TODO: check CVE-2019-17176 (Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPa ...) - TODO: check + NOT-FOR-US: Genesys PureEngage Digital (eServices) CVE-2019-17175 (joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path ...) NOT-FOR-US: joyplus-cms CVE-2019-17174 @@ -1372,9 +1372,9 @@ CVE-2019-17046 (Ilch 2.1.22 allows remote code execution because php is listed u CVE-2019-17045 (Ilch 2.1.22 allows stored XSS via the title, text, or email id to the ...) NOT-FOR-US: Ilch CMS CVE-2019-17044 (An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution pe ...) - TODO: check + NOT-FOR-US: BMC Patrol Agent CVE-2019-17043 (An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution pe ...) - TODO: check + NOT-FOR-US: BMC Patrol Agent CVE-2019-17042 (An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmc ...) {DLA-1952-1} - rsyslog <unfixed> (bug #942065) @@ -2722,7 +2722,7 @@ CVE-2019-16521 CVE-2019-16520 RESERVED CVE-2019-16519 (ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to exe ...) - TODO: check + NOT-FOR-US: ESET Cyber Security CVE-2019-16518 (An issue was discovered on Swell Kit Mod devices that use the Vandy Va ...) NOT-FOR-US: Swell Kit Mod devices CVE-2019-16517 @@ -3156,7 +3156,7 @@ CVE-2019-16346 (ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in CVE-2019-16345 RESERVED CVE-2019-16344 (A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR ...) - TODO: check + NOT-FOR-US: ScadaBR CVE-2019-16343 RESERVED CVE-2018-21017 (GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c. ...) @@ -3306,7 +3306,7 @@ CVE-2019-16284 CVE-2019-16283 RESERVED CVE-2019-16282 (In NCH Express Invoice v7.12, persistent cross site scripting (XSS) ex ...) - TODO: check + NOT-FOR-US: NCH Express Invoice CVE-2019-16281 RESERVED CVE-2019-16280 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70334db1542f5a042eadd3e2a60138f61ced6a78 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70334db1542f5a042eadd3e2a60138f61ced6a78 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits