[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 23 Nov 2019 00:10:56 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
dafdedd2 by security tracker role at 2019-11-23T08:10:14Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -726,10 +726,10 @@ CVE-2019-18912
        RESERVED
 CVE-2019-18911
        RESERVED
-CVE-2019-18910
-       RESERVED
-CVE-2019-18909
-       RESERVED
+CVE-2019-18910 (The Citrix Receiver wrapper function does not safely handle 
user suppl ...)
+       TODO: check
+CVE-2019-18909 (The VPN software within HP ThinPro does not safely handle user 
supplie ...)
+       TODO: check
 CVE-2019-18908
        RESERVED
 CVE-2019-18907
@@ -3591,8 +3591,8 @@ CVE-2019-18624 (Opera Mini for Android allows attackers 
to bypass intended restr
        NOT-FOR-US: Opera Mini for Android
 CVE-2019-18623 (Escalation of privileges in EnergyCAP 7 through 7.5.6 allows 
an attack ...)
        NOT-FOR-US: EnergyCAP
-CVE-2019-18622
-       RESERVED
+CVE-2019-18622 (An issue was discovered in phpMyAdmin before 4.9.2. A crafted 
database ...)
+       TODO: check
 CVE-2019-18621
        RESERVED
 CVE-2019-18620
@@ -10429,12 +10429,12 @@ CVE-2019-16289 (The insert-php (aka Woody ad 
snippets) plugin before 2.2.8 for W
        NOT-FOR-US: Wordpress plugin
 CVE-2019-16288 (On Tenda N301 wireless routers, a long string in the wifiSSID 
paramete ...)
        NOT-FOR-US: Tenda
-CVE-2019-16287
-       RESERVED
-CVE-2019-16286
-       RESERVED
-CVE-2019-16285
-       RESERVED
+CVE-2019-16287 (An attacker may be able to leverage the application filter 
bypass vuln ...)
+       TODO: check
+CVE-2019-16286 (An attacker may be able to bypass the OS application filter 
meant to r ...)
+       TODO: check
+CVE-2019-16285 (If a local user has been configured and logged in, an 
unauthenticated  ...)
+       TODO: check
 CVE-2019-16284 (A potential security vulnerability has been identified in 
multiple HP  ...)
        NOT-FOR-US: HP
 CVE-2019-16283
@@ -12507,8 +12507,8 @@ CVE-2019-15595
        RESERVED
 CVE-2019-15594
        RESERVED
-CVE-2019-15593
-       RESERVED
+CVE-2019-15593 (GitLab 12.2.3 contains a security vulnerability that allows a 
user to  ...)
+       TODO: check
 CVE-2019-15592
        RESERVED
 CVE-2019-15591
@@ -19983,8 +19983,8 @@ CVE-2019-13568 (CImg through 2.6.7 has a heap-based 
buffer overflow in _load_bmp
        NOTE: 
https://github.com/dtschump/CImg/commit/ac8003393569aba51048c9d67e1491559877b1d1
 CVE-2019-13567 (The Zoom Client before 4.4.53932.0709 on macOS allows remote 
code exec ...)
        NOT-FOR-US: Zoom
-CVE-2019-13566
-       RESERVED
+CVE-2019-13566 (An issue was discovered in the ROS communications-related 
packages (ak ...)
+       TODO: check
 CVE-2019-13565 (An issue was discovered in OpenLDAP 2.x before 2.4.48. When 
using SASL ...)
        {DLA-1891-1}
        - openldap 2.4.48+dfsg-1 (low; bug #932998)
@@ -26308,16 +26308,16 @@ CVE-2019-11293
        RESERVED
 CVE-2019-11292
        RESERVED
-CVE-2019-11291
-       RESERVED
+CVE-2019-11291 (Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 
version prior  ...)
+       TODO: check
 CVE-2019-11290
        RESERVED
 CVE-2019-11289 (Cloud Foundry Routing, all versions before 0.193.0, does not 
properly  ...)
        NOT-FOR-US: Cloud Foundry Routing
 CVE-2019-11288
        RESERVED
-CVE-2019-11287
-       RESERVED
+CVE-2019-11287 (Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x 
prior to 3. ...)
+       TODO: check
 CVE-2019-11286
        RESERVED
 CVE-2019-11285
@@ -46962,8 +46962,8 @@ CVE-2019-3656
        RESERVED
 CVE-2019-3655
        RESERVED
-CVE-2019-3654
-       RESERVED
+CVE-2019-3654 (Authentication Bypass vulnerability in the Microsoft Windows 
client in ...)
+       TODO: check
 CVE-2019-3653 (Improper access control vulnerability in Configuration tool in 
McAfee  ...)
        NOT-FOR-US: McAfee Endpoint Security (ENS)
 CVE-2019-3652 (Code Injection vulnerability in EPSetup.exe in McAfee Endpoint 
Securit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dafdedd2e907b3c1285bfb6b6521897b5c1a8cf9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dafdedd2e907b3c1285bfb6b6521897b5c1a8cf9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to