[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Wed Aug 14 09:10:28 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
12d1b227 by security tracker role at 2019-08-14T08:10:17Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,81 @@
+CVE-2019-15033
+	RESERVED
+CVE-2019-15032
+	RESERVED
+CVE-2019-15031
+	RESERVED
+CVE-2019-15030
+	RESERVED
+CVE-2019-15029
+	RESERVED
+CVE-2019-15028 (In Joomla! before 3.9.11, inadequate checks in com_contact could allow ...)
+	TODO: check
+CVE-2019-15027
+	RESERVED
+CVE-2019-15026
+	RESERVED
+CVE-2019-15025
+	RESERVED
+CVE-2018-20968
+	RESERVED
+CVE-2018-20967
+	RESERVED
+CVE-2017-18515
+	RESERVED
+CVE-2017-18514
+	RESERVED
+CVE-2017-18513
+	RESERVED
+CVE-2017-18512
+	RESERVED
+CVE-2017-18511
+	RESERVED
+CVE-2017-18510
+	RESERVED
+CVE-2016-10889
+	RESERVED
+CVE-2016-10888
+	RESERVED
+CVE-2016-10887
+	RESERVED
+CVE-2016-10886
+	RESERVED
+CVE-2016-10885
+	RESERVED
+CVE-2016-10884
+	RESERVED
+CVE-2016-10883
+	RESERVED
+CVE-2016-10882
+	RESERVED
+CVE-2016-10881
+	RESERVED
+CVE-2016-10880
+	RESERVED
+CVE-2015-9316
+	RESERVED
+CVE-2015-9315
+	RESERVED
+CVE-2015-9314
+	RESERVED
+CVE-2015-9313
+	RESERVED
+CVE-2015-9312
+	RESERVED
+CVE-2015-9311
+	RESERVED
+CVE-2015-9310
+	RESERVED
+CVE-2015-9309
+	RESERVED
+CVE-2015-9308
+	RESERVED
+CVE-2015-9307
+	RESERVED
+CVE-2014-10375 (handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a nega ...)
+	TODO: check
+CVE-2013-7476
+	RESERVED
 CVE-2019-15024
 	RESERVED
 CVE-2019-15023
@@ -74,12 +152,12 @@ CVE-2019-14988
 	REJECTED
 CVE-2019-14987 (Adive Framework through 2.0.7 is affected by XSS in the Create New Tab ...)
 	NOT-FOR-US: Adive Framework
-CVE-2019-14986
-	RESERVED
-CVE-2019-14985
-	RESERVED
-CVE-2019-14984
-	RESERVED
+CVE-2019-14986 (eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn before 2.3.0 installe ...)
+	TODO: check
+CVE-2019-14985 (eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remot ...)
+	TODO: check
+CVE-2019-14984 (eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn inst ...)
+	TODO: check
 CVE-2019-14983
 	RESERVED
 CVE-2019-14982 (In Exiv2 before v0.27.2, there is an integer overflow vulnerability in ...)
@@ -105,8 +183,8 @@ CVE-2019-14975
 	RESERVED
 CVE-2019-14974
 	RESERVED
-CVE-2019-14973
-	RESERVED
+CVE-2019-14973 (_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through ...)
+	TODO: check
 CVE-2019-14972
 	RESERVED
 CVE-2019-14971
@@ -558,8 +636,8 @@ CVE-2019-14811
 	RESERVED
 CVE-2019-14810
 	RESERVED
-CVE-2019-14809
-	RESERVED
+CVE-2019-14809 (net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malfo ...)
+	TODO: check
 CVE-2019-14808
 	RESERVED
 CVE-2019-14807 (In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS e ...)
@@ -7116,12 +7194,12 @@ CVE-2019-12810
 	RESERVED
 CVE-2019-12809
 	RESERVED
-CVE-2019-12808
-	RESERVED
-CVE-2019-12807
-	RESERVED
-CVE-2019-12806
-	RESERVED
+CVE-2019-12808 (ALTOOLS update service 18.1 and earlier versions contains a local priv ...)
+	TODO: check
+CVE-2019-12807 (Alzip 10.83 and earlier version contains a stack-based buffer overflow ...)
+	TODO: check
+CVE-2019-12806 (UniSign 2.0.4.0 and earlier version contains a stack-based buffer over ...)
+	TODO: check
 CVE-2019-12805 (NCSOFT Game Launcher, NC Launcher2 2.4.1.691 and earlier versions have ...)
 	NOT-FOR-US: NCSOFT Game Launcher
 CVE-2019-12804 (In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to ...)
@@ -7924,8 +8002,8 @@ CVE-2019-12481 (An issue was discovered in GPAC 0.7.1. There is a NULL pointer d
 	NOTE: https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1
 CVE-2019-12480 (BACnet Protocol Stack through 0.8.6 has a segmentation fault leading t ...)
 	NOT-FOR-US: BACnet Protocol Stack
-CVE-2019-12479
-	RESERVED
+CVE-2019-12479 (An issue was discovered in 20|20 Storage 2.11.0. A Path Traversal vuln ...)
+	TODO: check
 CVE-2019-12478
 	RESERVED
 CVE-2019-12477 (Supra Smart Cloud TV allows remote file inclusion in the openLiveURL f ...)
@@ -11320,8 +11398,8 @@ CVE-2019-11209
 	RESERVED
 CVE-2019-11208 (The authorization component of TIBCO Software Inc.'s TIBCO API Exchang ...)
 	NOT-FOR-US: TIBCO
-CVE-2019-11207
-	RESERVED
+CVE-2019-11207 (The web server component of TIBCO Software Inc.'s TIBCO LogLogic Enter ...)
+	TODO: check
 CVE-2019-11206 (The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire ...)
 	NOT-FOR-US: TIBCO
 CVE-2019-11205 (The web server component of TIBCO Software Inc.'s TIBCO Spotfire Analy ...)
@@ -16727,22 +16805,22 @@ CVE-2019-9520
 	RESERVED
 CVE-2019-9519
 	RESERVED
-CVE-2019-9518
-	RESERVED
-CVE-2019-9517
-	RESERVED
-CVE-2019-9516
-	RESERVED
-CVE-2019-9515
-	RESERVED
-CVE-2019-9514
-	RESERVED
-CVE-2019-9513
-	RESERVED
-CVE-2019-9512
-	RESERVED
-CVE-2019-9511
-	RESERVED
+CVE-2019-9518 (Some HTTP/2 implementations are vulnerable to a flood of empty frames, ...)
+	TODO: check
+CVE-2019-9517 (Some HTTP/2 implementations are vulnerable to unconstrained interal da ...)
+	TODO: check
+CVE-2019-9516 (Some HTTP/2 implementations are vulnerable to a header leak, potential ...)
+	TODO: check
+CVE-2019-9515 (Some HTTP/2 implementations are vulnerable to a settings flood, potent ...)
+	TODO: check
+CVE-2019-9514 (Some HTTP/2 implementations are vulnerable to a reset flood, potential ...)
+	TODO: check
+CVE-2019-9513 (Some HTTP/2 implementations are vulnerable to resource loops, potentia ...)
+	TODO: check
+CVE-2019-9512 (Some HTTP/2 implementations are vulnerable to ping floods, potentially ...)
+	TODO: check
+CVE-2019-9511 (Some HTTP/2 implementations are vulnerable to window size manipulation ...)
+	TODO: check
 CVE-2019-9510
 	RESERVED
 CVE-2019-9509
@@ -27346,8 +27424,8 @@ CVE-2019-5301 (Huawei smart phones Honor V20 with the versions before 9.0.1.161(
 	NOT-FOR-US: Huawei
 CVE-2019-5300 (There is a digital signature verification bypass vulnerability in AR12 ...)
 	NOT-FOR-US: Huawei
-CVE-2019-5299
-	RESERVED
+CVE-2019-5299 (Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL0 ...)
+	TODO: check
 CVE-2019-5298 (There is an improper authentication vulnerability in some Huawei AP pr ...)
 	NOT-FOR-US: Huawei
 CVE-2019-5297 (Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T ...)
@@ -27384,8 +27462,8 @@ CVE-2019-5282
 	RESERVED
 CVE-2019-5281 (There is an information leak vulnerability in some Huawei phones, vers ...)
 	NOT-FOR-US: Huawei
-CVE-2019-5280
-	RESERVED
+CVE-2019-5280 (The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has ...)
+	TODO: check
 CVE-2019-5279
 	RESERVED
 CVE-2019-5278
@@ -27498,8 +27576,8 @@ CVE-2019-5225
 	RESERVED
 CVE-2019-5224
 	RESERVED
-CVE-2019-5223
-	RESERVED
+CVE-2019-5223 (PCManager 9.1.3.1 has an improper authentication vulnerability. The ce ...)
+	TODO: check
 CVE-2019-5222 (There is an information disclosure vulnerability on Secure Input of ce ...)
 	NOT-FOR-US: Huawei
 CVE-2019-5221 (There is a path traversal vulnerability on Huawei Share. The software  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/12d1b22744f745d4be7a9f12462eee50eab7a86c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/12d1b22744f745d4be7a9f12462eee50eab7a86c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190814/977be534/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list