[Git][security-tracker-team/security-tracker][master] automatic update

Tue, 22 Oct 2019 13:12:03 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ff6b0bf5 by security tracker role at 2019-10-22T20:10:25Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,103 @@
+CVE-2019-18275
+       RESERVED
+CVE-2019-18274
+       RESERVED
+CVE-2019-18273
+       RESERVED
+CVE-2019-18272
+       RESERVED
+CVE-2019-18271
+       RESERVED
+CVE-2019-18270
+       RESERVED
+CVE-2019-18269
+       RESERVED
+CVE-2019-18268
+       RESERVED
+CVE-2019-18267
+       RESERVED
+CVE-2019-18266
+       RESERVED
+CVE-2019-18265
+       RESERVED
+CVE-2019-18264
+       RESERVED
+CVE-2019-18263
+       RESERVED
+CVE-2019-18262
+       RESERVED
+CVE-2019-18261
+       RESERVED
+CVE-2019-18260
+       RESERVED
+CVE-2019-18259
+       RESERVED
+CVE-2019-18258
+       RESERVED
+CVE-2019-18257
+       RESERVED
+CVE-2019-18256
+       RESERVED
+CVE-2019-18255
+       RESERVED
+CVE-2019-18254
+       RESERVED
+CVE-2019-18253
+       RESERVED
+CVE-2019-18252
+       RESERVED
+CVE-2019-18251
+       RESERVED
+CVE-2019-18250
+       RESERVED
+CVE-2019-18249
+       RESERVED
+CVE-2019-18248
+       RESERVED
+CVE-2019-18247
+       RESERVED
+CVE-2019-18246
+       RESERVED
+CVE-2019-18245
+       RESERVED
+CVE-2019-18244
+       RESERVED
+CVE-2019-18243
+       RESERVED
+CVE-2019-18242
+       RESERVED
+CVE-2019-18241
+       RESERVED
+CVE-2019-18240
+       RESERVED
+CVE-2019-18239
+       RESERVED
+CVE-2019-18238
+       RESERVED
+CVE-2019-18237
+       RESERVED
+CVE-2019-18236
+       RESERVED
+CVE-2019-18235
+       RESERVED
+CVE-2019-18234
+       RESERVED
+CVE-2019-18233
+       RESERVED
+CVE-2019-18232
+       RESERVED
+CVE-2019-18231
+       RESERVED
+CVE-2019-18230
+       RESERVED
+CVE-2019-18229
+       RESERVED
+CVE-2019-18228
+       RESERVED
+CVE-2019-18227
+       RESERVED
+CVE-2019-18226
+       RESERVED
 CVE-2019-18225 (An issue was discovered in Citrix Application Delivery 
Controller (ADC ...)
        NOT-FOR-US: Citrix
 CVE-2019-18224 (idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 
has a hea ...)
@@ -2914,8 +3014,8 @@ CVE-2019-17426 (Automattic Mongoose through 5.7.4 allows 
attackers to bypass acc
        NOT-FOR-US: Automattic Mongoose (different from Cesenta Mongoose)
 CVE-2019-17425
        RESERVED
-CVE-2019-17424
-       RESERVED
+CVE-2019-17424 (A stack-based buffer overflow in the processPrivilage() 
function in IO ...)
+       TODO: check
 CVE-2019-17423
        RESERVED
 CVE-2019-17422
@@ -3401,8 +3501,8 @@ CVE-2019-17191 (The Signal Private Messenger application 
before 4.47.7 for Andro
        NOT-FOR-US: Signal
 CVE-2019-17190
        RESERVED
-CVE-2019-17189
-       RESERVED
+CVE-2019-17189 (totemodata 3.0.0_b936 has XSS via a folder name. ...)
+       TODO: check
 CVE-2019-17188 (An unrestricted file upload vulnerability was discovered in 
catalog/pr ...)
        NOT-FOR-US: Fecshop FecMall
 CVE-2019-17187 (/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 
1.00.M5007_ ...)
@@ -16653,8 +16753,8 @@ CVE-2019-12969
        RESERVED
 CVE-2019-12968 (A vulnerability was found in the Sonic Robo Blast 2 (SRB2) 
plugin (EP_ ...)
        NOT-FOR-US: Sonic Robo Blast 2
-CVE-2019-12967
-       RESERVED
+CVE-2019-12967 (Stephan Mooltipass Moolticute through 0.42.1 (and possibly 
earlier ver ...)
+       TODO: check
 CVE-2019-12966 (FeHelper through 2019-06-19 allows arbitrary code execution 
during a J ...)
        NOT-FOR-US: FeHelper
 CVE-2018-20847 (An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in 
the functi ...)
@@ -18457,8 +18557,8 @@ CVE-2019-12292 (Citrix AppDNA before 7 1906.1.0.472 has 
Incorrect Access Control
        NOT-FOR-US: Citrix AppDNA
 CVE-2019-12291 (HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access 
Control. Key ...)
        NOT-FOR-US: HashiCorp Consul
-CVE-2019-12290
-       RESERVED
+CVE-2019-12290 (GNU libidn2 before 2.2.0 fails to perform the roundtrip checks 
specifi ...)
+       TODO: check
 CVE-2019-12289 (An issue was discovered in upgrade_firmware.cgi on VStarcam 
100T (C782 ...)
        NOT-FOR-US: VStarcam
 CVE-2019-12288 (An issue was discovered in upgrade_htmls.cgi on VStarcam 100T 
(C7824WI ...)
@@ -18862,10 +18962,10 @@ CVE-2018-20839 (systemd 242 changes the VT1 mode upon 
a logout, which allows att
        NOTE: https://gitlab.freedesktop.org/xorg/xserver/issues/857#note_220255
 CVE-2019-12149 (SQL injection vulnerability in silverstripe/restfulserver 
module 1.0.x ...)
        NOT-FOR-US: SilverStripe
-CVE-2019-12148
-       RESERVED
-CVE-2019-12147
-       RESERVED
+CVE-2019-12148 (The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web 
interfac ...)
+       TODO: check
+CVE-2019-12147 (The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web 
interfac ...)
+       TODO: check
 CVE-2019-12146 (A Directory Traversal issue was discovered in SSHServerAPI.dll 
in Prog ...)
        NOT-FOR-US: Progress ipswitch WS_FTP Server
 CVE-2019-12145 (A Directory Traversal issue was discovered in SSHServerAPI.dll 
in Prog ...)
@@ -20232,8 +20332,8 @@ CVE-2017-18369 (The Billion 5200W-T 1.02b.rc5.dt49 
router distributed by TrueOnl
        NOT-FOR-US: Billion 5200W-T router
 CVE-2017-18368 (The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 
3.40(ULM.0)b31 rou ...)
        NOT-FOR-US: ZyXEL
-CVE-2019-11674
-       RESERVED
+CVE-2019-11674 (Man-in-the-middle vulnerability in Micro Focus Self Service 
Password R ...)
+       TODO: check
 CVE-2019-11673
        RESERVED
 CVE-2019-11672
@@ -24545,8 +24645,8 @@ CVE-2019-10081 (HTTP/2 (2.4.20 through 2.4.39) very 
early pushes, for example co
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10081
 CVE-2019-10080
        RESERVED
-CVE-2019-10079
-       RESERVED
+CVE-2019-10079 (Apache Traffic Server is vulnerable to HTTP/2 setting flood 
attacks. E ...)
+       TODO: check
 CVE-2019-10078 (A carefully crafted plugin link invocation could trigger an 
XSS vulner ...)
        - jspwiki <removed>
 CVE-2019-10077 (A carefully crafted InterWiki link could trigger an XSS 
vulnerability  ...)
@@ -39613,8 +39713,8 @@ CVE-2019-4525
        RESERVED
 CVE-2019-4524
        RESERVED
-CVE-2019-4523
-       RESERVED
+CVE-2019-4523 (IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is 
vulnerable ...)
+       TODO: check
 CVE-2019-4522
        RESERVED
 CVE-2019-4521
@@ -134445,8 +134545,8 @@ CVE-2017-8089
        RESERVED
 CVE-2017-8088
        RESERVED
-CVE-2017-8087
-       RESERVED
+CVE-2017-8087 (Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 
7490 with ...)
+       TODO: check
 CVE-2017-8086 (Memory leak in the v9fs_list_xattr function in 
hw/9pfs/9p-xattr.c in Q ...)
        {DLA-1497-1 DLA-1035-1 DLA-965-1}
        - qemu 1:2.8+dfsg-5 (bug #861348)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ff6b0bf5b452d5628b31e03de9b207b75e97a6ef

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ff6b0bf5b452d5628b31e03de9b207b75e97a6ef
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to