Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 024c553b by Salvatore Bonaccorso at 2019-11-07T20:16:46Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,9 +1,9 @@ CVE-2019-18817 RESERVED CVE-2019-18816 (po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 allows pos ...) - TODO: check + NOT-FOR-US: PopojiCMS CVE-2019-18815 (PopojiCMS 2.0.1 allows refer= Open Redirection. ...) - TODO: check + NOT-FOR-US: PopojiCMS CVE-2019-18814 (An issue was discovered in the Linux kernel through 5.3.9. There is a ...) TODO: check CVE-2019-18813 (A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc ...) @@ -5964,9 +5964,9 @@ CVE-2019-17607 (HongCMS 3.0.0 has XSS via the install/index.php servername param CVE-2019-17606 (The Post editor functionality in the hexo-admin plugin versions 2.3.0 ...) NOT-FOR-US: hexo-admin Node module CVE-2019-17605 (A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 ...) - TODO: check + NOT-FOR-US: eyeCMS CVE-2019-17604 (An Insecure Direct Object Reference (IDOR) vulnerability in eyecomms e ...) - TODO: check + NOT-FOR-US: eyeCMS CVE-2019-17603 RESERVED CVE-2019-17602 (An issue was discovered in Zoho ManageEngine OpManager before 12.4 bui ...) @@ -7050,7 +7050,7 @@ CVE-2019-17224 (The web interface of the Compal Broadband CH7465LG modem (versio CVE-2019-17223 (There is HTML Injection in the Note field in Dolibarr ERP/CRM 10.0.2 v ...) - dolibarr <removed> CVE-2019-17222 (An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is ...) - TODO: check + NOT-FOR-US: Intelbras WRN 150 devices CVE-2019-17221 (PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as d ...) - phantomjs <unfixed> NOTE: https://www.darkmatter.ae/blogs/breaching-the-perimeter-phantomjs-arbitrary-file-read/ @@ -22157,7 +22157,7 @@ CVE-2019-12333 CVE-2019-12332 RESERVED CVE-2019-12331 (PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner ...) - TODO: check + NOT-FOR-US: PHPOffice PhpSpreadsheet CVE-2019-12330 RESERVED CVE-2019-12329 @@ -23041,7 +23041,7 @@ CVE-2019-11998 CVE-2019-11997 RESERVED CVE-2019-11996 (Potential security vulnerabilities have been identified with HPE Nimbl ...) - TODO: check + NOT-FOR-US: HPE CVE-2019-11995 RESERVED CVE-2019-11994 @@ -39179,7 +39179,7 @@ CVE-2019-6340 (Some field types do not properly sanitize data from non-form sour - drupal7 <not-affected> (Drupal 7 core not affected) NOTE: https://www.drupal.org/sa-core-2019-003 CVE-2019-6337 (For the printers listed a maliciously crafted print file might cause c ...) - TODO: check + NOT-FOR-US: HP Inkjet printers CVE-2019-6336 RESERVED CVE-2019-6335 (A potential security vulnerability has been identified with Samsung La ...) @@ -39767,11 +39767,11 @@ CVE-2019-6124 CVE-2019-6123 RESERVED CVE-2019-6122 (A Username Enumeration via Error Message issue was discovered in NiceH ...) - TODO: check + NOT-FOR-US: NiceHash Miner CVE-2019-6121 (An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Auth ...) - TODO: check + NOT-FOR-US: NiceHash Miner CVE-2019-6120 (An issue was discovered in NiceHash Miner before 2.0.3.0. A missing ra ...) - TODO: check + NOT-FOR-US: NiceHash Miner CVE-2019-6119 RESERVED CVE-2019-6118 @@ -41115,11 +41115,11 @@ CVE-2019-5646 CVE-2019-5645 RESERVED CVE-2019-5644 (Computing For Good's Basic Laboratory Information System (also known a ...) - TODO: check + NOT-FOR-US: Computing For Good's Basic Laboratory Information System CVE-2019-5643 (Computing For Good's Basic Laboratory Information System (also known a ...) - TODO: check + NOT-FOR-US: Computing For Good's Basic Laboratory Information System CVE-2019-5642 (Rapid7 Metasploit Pro version 4.16.0-2019081901 and prior suffers from ...) - TODO: check + NOT-FOR-US: Rapid7 Metasploit Pro CVE-2019-5641 RESERVED CVE-2019-5640 @@ -41169,7 +41169,7 @@ CVE-2019-5619 CVE-2019-5618 RESERVED CVE-2019-5617 (Computing For Good's Basic Laboratory Information System (also known a ...) - TODO: check + NOT-FOR-US: Computing For Good's Basic Laboratory Information System CVE-2019-5616 (CircuitWerkes Sicon-8, a hardware device used for managing electrical ...) NOT-FOR-US: CircuitWerkes Sicon-8 CVE-2019-5615 (Users with Site-level permissions can access files containing the user ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/024c553b42cc3794a22481c343d087341ad5b0c3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/024c553b42cc3794a22481c343d087341ad5b0c3 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits