[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Apr 12 21:10:30 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f8bbf841 by security tracker role at 2019-04-12T20:10:21Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2019-11222 (gf_bin128_parse in utils/os_divers.c in GPAC 0.7.1 has a buffer overfl ...)
+ TODO: check
+CVE-2019-11221 (GPAC 0.7.1 has a buffer overflow issue in gf_import_message() in media ...)
+ TODO: check
+CVE-2019-11220
+ RESERVED
+CVE-2019-11219
+ RESERVED
+CVE-2019-11218
+ RESERVED
+CVE-2019-11217
+ RESERVED
+CVE-2019-11216
+ RESERVED
+CVE-2019-11215
+ RESERVED
+CVE-2019-11214
+ RESERVED
+CVE-2019-11213 (In Pulse Secure Pulse Desktop Client and Network Connect, an attacker ...)
+ TODO: check
+CVE-2019-11212
+ RESERVED
+CVE-2019-11211
+ RESERVED
+CVE-2019-11210
+ RESERVED
+CVE-2019-11209
+ RESERVED
+CVE-2019-11208
+ RESERVED
+CVE-2019-11207
+ RESERVED
+CVE-2019-11206
+ RESERVED
+CVE-2019-11205
+ RESERVED
+CVE-2019-11204
+ RESERVED
+CVE-2019-11203
+ RESERVED
CVE-2019-11202
RESERVED
CVE-2019-11201
@@ -747,8 +787,8 @@ CVE-2019-10882
RESERVED
CVE-2019-10881
RESERVED
-CVE-2019-10880
- RESERVED
+CVE-2019-10880 (Within multiple XEROX products a vulnerability allows remote command e ...)
+ TODO: check
CVE-2018-20816 (An XSS combined with CSRF vulnerability discovered in SalesAgility Sui ...)
NOT-FOR-US: SalesAgility SuiteCRM
CVE-2019-10879 (In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::O ...)
@@ -25266,8 +25306,8 @@ CVE-2019-1576
RESERVED
CVE-2019-1575
RESERVED
-CVE-2019-1574
- RESERVED
+CVE-2019-1574 (Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedit ...)
+ TODO: check
CVE-2019-1573 (GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 a ...)
NOT-FOR-US: GlobalProtect
CVE-2019-1572 (PAN-OS 9.0.0 may allow an unauthenticated remote user to access php fi ...)
@@ -38019,18 +38059,18 @@ CVE-2018-16261 (In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R
NOT-FOR-US: Pulse Secure Pulse Desktop Client
CVE-2018-16260
RESERVED
-CVE-2018-16259
- RESERVED
-CVE-2018-16258
- RESERVED
-CVE-2018-16257
- RESERVED
-CVE-2018-16256
- RESERVED
-CVE-2018-16255
- RESERVED
-CVE-2018-16254
- RESERVED
+CVE-2018-16259 (There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPr ...)
+ TODO: check
+CVE-2018-16258 (There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPr ...)
+ TODO: check
+CVE-2018-16257 (There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 f ...)
+ TODO: check
+CVE-2018-16256 (There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPr ...)
+ TODO: check
+CVE-2018-16255 (There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPr ...)
+ TODO: check
+CVE-2018-16254 (There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPr ...)
+ TODO: check
CVE-2018-16253 (In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS# ...)
NOT-FOR-US: axTLS
CVE-2018-16252 (FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML Exter ...)
@@ -45829,8 +45869,8 @@ CVE-2018-13139 (A stack-based buffer overflow in psf_memset in common.c in libsn
NOTE: security issue in the library.
CVE-2018-13138
RESERVED
-CVE-2018-13137
- RESERVED
+CVE-2018-13137 (The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_eve ...)
+ TODO: check
CVE-2018-13136 (The Ultimate Member (aka ultimatemember) plugin before 2.0.18 for Word ...)
NOT-FOR-US: Wordpress plugin
CVE-2018-13135
@@ -65247,8 +65287,8 @@ CVE-2018-6271 (NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability i
NOT-FOR-US: NVIDIA component for Android
CVE-2018-6270
RESERVED
-CVE-2018-6269
- RESERVED
+CVE-2018-6269 (NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where ...)
+ TODO: check
CVE-2018-6268 (NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, ...)
NOT-FOR-US: NVIDIA component for Android
CVE-2018-6267 (NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in whi ...)
@@ -65341,8 +65381,8 @@ CVE-2018-6241 (NVIDIA Tegra Gralloc module contains a vulnerability in driver in
NOT-FOR-US: NVIDIA
CVE-2018-6240
RESERVED
-CVE-2018-6239
- RESERVED
+CVE-2018-6239 (NVIDIA Jetson TX2 contains a vulnerability by means of speculative exe ...)
+ TODO: check
CVE-2018-6238
RESERVED
CVE-2018-6237 (A vulnerability in Trend Micro Smart Protection Server (Standalone) 3. ...)
@@ -92702,8 +92742,8 @@ CVE-2017-14201
RESERVED
CVE-2017-14200
RESERVED
-CVE-2017-14199
- RESERVED
+CVE-2017-14199 (A buffer overflow has been found in the Zephyr Project's getaddrinfo() ...)
+ TODO: check
CVE-2017-14198 (An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x befor ...)
NOT-FOR-US: Squiz Matrix
CVE-2017-14197 (An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x befor ...)
@@ -112196,8 +112236,7 @@ CVE-2017-7773
- firefox-esr 52.2.0esr-1
- icedove 1:52.2.0-1
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1352747
-CVE-2017-7772
- RESERVED
+CVE-2017-7772 (Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 i ...)
{DSA-3918-1 DSA-3894-1 DSA-3881-1 DLA-1013-1 DLA-1007-1 DLA-991-1}
- graphite2 1.3.10-1
- firefox 54.0-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f8bbf8416ebb9c6bbca5ce9561064ab75a8c3e51
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f8bbf8416ebb9c6bbca5ce9561064ab75a8c3e51
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190412/d2dfd6f6/attachment.html>
More information about the debian-security-tracker-commits
mailing list