[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Mon, 30 Dec 2019 00:10:40 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b62610c2 by security tracker role at 2019-12-30T08:10:15Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,79 @@
+CVE-2019-20096 (In the Linux kernel before 5.1, there is a memory leak in 
__feat_regis ...)
+       TODO: check
+CVE-2019-20095 (mwifiex_tm_cmd in 
drivers/net/wireless/marvell/mwifiex/cfg80211.c in t ...)
+       TODO: check
+CVE-2019-20094 (An issue was discovered in libsixel 1.8.4. There is a 
heap-based buffe ...)
+       TODO: check
+CVE-2019-20093 (The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h 
in PoDoFo ...)
+       TODO: check
+CVE-2019-20092 (An issue was discovered in Bento4 1.5.1.0. There is a NULL 
pointer der ...)
+       TODO: check
+CVE-2019-20091 (An issue was discovered in Bento4 1.5.1.0. There is a NULL 
pointer der ...)
+       TODO: check
+CVE-2019-20090 (An issue was discovered in Bento4 1.5.1.0. There is a 
use-after-free i ...)
+       TODO: check
+CVE-2019-20089 (GoPro GPMF-parser 1.2.3 has an heap-based buffer over-read in 
GPMF_See ...)
+       TODO: check
+CVE-2019-20088 (GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in 
GetPayloa ...)
+       TODO: check
+CVE-2019-20087 (GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in 
GPMF_seek ...)
+       TODO: check
+CVE-2019-20086 (GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in 
GPMF_Next ...)
+       TODO: check
+CVE-2019-20085 (TVT NVMS-1000 devices allow GET /.. Directory Traversal ...)
+       TODO: check
+CVE-2019-20084
+       RESERVED
+CVE-2019-20083
+       RESERVED
+CVE-2019-20082
+       RESERVED
+CVE-2019-20081
+       RESERVED
+CVE-2019-20080
+       RESERVED
+CVE-2019-20079 (The autocmd feature in window.c in Vim before 8.1.2136 
accesses freed  ...)
+       TODO: check
+CVE-2019-20078
+       RESERVED
+CVE-2019-20077
+       RESERVED
+CVE-2019-20076 (On Netis DL4323 devices, XSS exists via the form2Ddns.cgi 
username par ...)
+       TODO: check
+CVE-2019-20075 (On Netis DL4323 devices, pingrtt_v6.html has XSS (Ping6 
Diagnostic). ...)
+       TODO: check
+CVE-2019-20074 (On Netis DL4323 devices, any user role can view sensitive 
information, ...)
+       TODO: check
+CVE-2019-20073 (On Netis DL4323 devices, XSS exists via the 
form2userconfig.cgi userna ...)
+       TODO: check
+CVE-2019-20072 (On Netis DL4323 devices, XSS exists via the form2Ddns.cgi 
hostname par ...)
+       TODO: check
+CVE-2019-20071 (On Netis DL4323 devices, CSRF exists via form2logaction.cgi to 
delete  ...)
+       TODO: check
+CVE-2019-20070 (On Netis DL4323 devices, XSS exists via the urlFQDN parameter 
to form2 ...)
+       TODO: check
+CVE-2019-20069
+       RESERVED
+CVE-2019-20068
+       RESERVED
+CVE-2019-20067
+       RESERVED
+CVE-2019-20066
+       RESERVED
+CVE-2019-20065
+       RESERVED
+CVE-2019-20064
+       RESERVED
+CVE-2019-20063 (hdf/dataobject.c in libmysofa before 0.8 has an uninitialized 
use of m ...)
+       TODO: check
+CVE-2019-20062
+       RESERVED
+CVE-2019-20061
+       RESERVED
+CVE-2019-20060
+       RESERVED
+CVE-2019-20059
+       RESERVED
 CVE-2019-20058 (** DISPUTED ** Bolt 3.7.0, if Symfony Web Profiler is used, 
allows XSS ...)
        NOT-FOR-US: Bolt CMS
 CVE-2019-20057 (com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in 
Proxyman  ...)
@@ -33943,6 +34019,7 @@ CVE-2019-11052
 CVE-2019-11051
        RESERVED
 CVE-2019-11050 (When PHP EXIF extension is parsing EXIF information from an 
image, e.g ...)
+       {DLA-2050-1}
        - php7.3 <unfixed>
        - php7.0 <removed>
        - php5 <removed>
@@ -33958,18 +34035,21 @@ CVE-2019-11049 (In PHP versions 7.3.x below 7.3.13 
and 7.4.0 on Windows, when su
 CVE-2019-11048
        RESERVED
 CVE-2019-11047 (When PHP EXIF extension is parsing EXIF information from an 
image, e.g ...)
+       {DLA-2050-1}
        - php7.3 <unfixed>
        - php7.0 <removed>
        - php5 <removed>
        NOTE: Fixed in PHP 7.4.1, 7.3.13
        NOTE: PHP Bug: http://bugs.php.net/78910
 CVE-2019-11046 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 
7.4.0, PHP  ...)
+       {DLA-2050-1}
        - php7.3 <unfixed>
        - php7.0 <removed>
        - php5 <removed>
        NOTE: Fixed in PHP 7.4.1, 7.3.13
        NOTE: PHP Bug: http://bugs.php.net/78878
 CVE-2019-11045 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 
7.4.0, PHP  ...)
+       {DLA-2050-1}
        - php7.3 <unfixed>
        - php7.0 <removed>
        - php5 <removed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b62610c24d49ff3e939157e971fb082dcd5ef539

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b62610c24d49ff3e939157e971fb082dcd5ef539
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to