[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Mon Aug 26 21:10:30 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aa0ff251 by security tracker role at 2019-08-26T20:10:20Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,107 +1,243 @@
-CVE-2019-15574
+CVE-2019-15642 (rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execu ...)
+ TODO: check
+CVE-2019-15641 (xmlrpc.cgi in Webmin through 1.930 allows authenticated XXE attacks. B ...)
+ TODO: check
+CVE-2019-15640 (Limesurvey before 3.17.10 does not validate both the MIME type and fil ...)
+ TODO: check
+CVE-2019-15639
+ RESERVED
+CVE-2019-15638
+ RESERVED
+CVE-2019-15637 (Numerous Tableau products are vulnerable to XXE via a malicious workbo ...)
+ TODO: check
+CVE-2019-15636
+ RESERVED
+CVE-2019-15635
+ RESERVED
+CVE-2019-15634
+ RESERVED
+CVE-2019-15633
+ RESERVED
+CVE-2019-15632
+ RESERVED
+CVE-2019-15631
+ RESERVED
+CVE-2019-15630
RESERVED
-CVE-2019-15573
+CVE-2019-15629
RESERVED
-CVE-2019-15572
+CVE-2019-15628
RESERVED
-CVE-2019-15571
+CVE-2019-15627
RESERVED
-CVE-2019-15570
+CVE-2019-15626
RESERVED
-CVE-2019-15569
+CVE-2019-15625
RESERVED
-CVE-2019-15568
+CVE-2019-15624
RESERVED
-CVE-2019-15567
+CVE-2019-15623
RESERVED
-CVE-2019-15566
+CVE-2019-15622
RESERVED
-CVE-2019-15565
+CVE-2019-15621
RESERVED
-CVE-2019-15564
+CVE-2019-15620
RESERVED
-CVE-2019-15563
+CVE-2019-15619
RESERVED
-CVE-2019-15562
+CVE-2019-15618
RESERVED
-CVE-2019-15561
+CVE-2019-15617
RESERVED
-CVE-2019-15560
+CVE-2019-15616
RESERVED
-CVE-2019-15559
+CVE-2019-15615
RESERVED
-CVE-2019-15558
+CVE-2019-15614
RESERVED
-CVE-2019-15557
+CVE-2019-15613
RESERVED
-CVE-2019-15556
+CVE-2019-15612
RESERVED
-CVE-2019-15555
+CVE-2019-15611
RESERVED
-CVE-2019-15554
+CVE-2019-15610
RESERVED
-CVE-2019-15553
+CVE-2019-15609
RESERVED
-CVE-2019-15552
+CVE-2019-15608
RESERVED
-CVE-2019-15551
+CVE-2019-15607
RESERVED
-CVE-2019-15550
+CVE-2019-15606
RESERVED
-CVE-2019-15549
+CVE-2019-15605
RESERVED
-CVE-2019-15548
+CVE-2019-15604
RESERVED
-CVE-2019-15547
+CVE-2019-15603
RESERVED
-CVE-2019-15546
+CVE-2019-15602
RESERVED
-CVE-2019-15545
+CVE-2019-15601
RESERVED
-CVE-2019-15544
+CVE-2019-15600
RESERVED
-CVE-2019-15543
+CVE-2019-15599
RESERVED
-CVE-2019-15542
+CVE-2019-15598
RESERVED
-CVE-2018-21000
+CVE-2019-15597
RESERVED
-CVE-2018-20999
+CVE-2019-15596
RESERVED
-CVE-2018-20998
+CVE-2019-15595
RESERVED
-CVE-2018-20997
+CVE-2019-15594
RESERVED
-CVE-2018-20996
+CVE-2019-15593
RESERVED
-CVE-2018-20995
+CVE-2019-15592
RESERVED
-CVE-2018-20994
+CVE-2019-15591
RESERVED
-CVE-2018-20993
+CVE-2019-15590
RESERVED
-CVE-2018-20992
+CVE-2019-15589
RESERVED
-CVE-2018-20991
+CVE-2019-15588
RESERVED
-CVE-2018-20990
+CVE-2019-15587
RESERVED
-CVE-2018-20989
+CVE-2019-15586
RESERVED
-CVE-2017-18589
+CVE-2019-15585
RESERVED
-CVE-2017-18588
+CVE-2019-15584
RESERVED
-CVE-2017-18587
+CVE-2019-15583
RESERVED
-CVE-2016-10933
+CVE-2019-15582
RESERVED
-CVE-2016-10932
+CVE-2019-15581
RESERVED
-CVE-2016-10931
+CVE-2019-15580
RESERVED
-CVE-2019-15541
+CVE-2019-15579
RESERVED
+CVE-2019-15578
+ RESERVED
+CVE-2019-15577
+ RESERVED
+CVE-2019-15576
+ RESERVED
+CVE-2019-15575
+ RESERVED
+CVE-2019-15574 (Gesior-AAC before 2019-05-01 allows serviceID SQL injection in account ...)
+ TODO: check
+CVE-2019-15573 (Gesior-AAC before 2019-05-01 allows SQL injection in tankyou.php. ...)
+ TODO: check
+CVE-2019-15572 (Gesior-AAC before 2019-05-01 allows ServiceCategoryID SQL injection in ...)
+ TODO: check
+CVE-2019-15571 (The WEB control panel before 2019-04-30 for ClonOS allows SQL injectio ...)
+ TODO: check
+CVE-2019-15570 (BEdita through 4.0.0-RC2 allows SQL injection during a save operation ...)
+ TODO: check
+CVE-2019-15569 (HM Courts & Tribunals ccd-data-store-api before 2019-06-10 allows ...)
+ TODO: check
+CVE-2019-15568 (idseq-web before 2019-07-01 in Infectious Disease Sequencing Platform ...)
+ TODO: check
+CVE-2019-15567 (OpenForis Arena before 2019-05-07 allows SQL injection in the sorting ...)
+ TODO: check
+CVE-2019-15566 (The Alfresco application before 1.8.7 for Android allows SQL injection ...)
+ TODO: check
+CVE-2019-15565 (The ICOMMKT connector before 1.0.7 for PrestaShop allows SQL injection ...)
+ TODO: check
+CVE-2019-15564 (The Compassion Switzerland addons 10.01.4 for Odoo allow SQL injection ...)
+ TODO: check
+CVE-2019-15563 (Observational Health Data Sciences and Informatics (OHDSI) WebAPI befo ...)
+ TODO: check
+CVE-2019-15562 (GORM before 1.9.10 allows SQL injection via incomplete parentheses. ...)
+ TODO: check
+CVE-2019-15561 (FlashLingo before 2019-06-12 allows SQL injection, related to flashlin ...)
+ TODO: check
+CVE-2019-15560 (The Reviews Module before 2019-06-14 for OpenSource Table allows SQL i ...)
+ TODO: check
+CVE-2019-15559 (DianoxDragon Hawn before 2019-07-10 allows SQL injection. ...)
+ TODO: check
+CVE-2019-15558 (XM^online 2 Common Utils and Endpoints 0.2.1 allows SQL injection, rel ...)
+ TODO: check
+CVE-2019-15557 (XM^online 2 User Account and Authentication server 1.0.0 allows SQL in ...)
+ TODO: check
+CVE-2019-15556 (Pvanloon1983 social_network before 2019-07-03 allows SQL injection in ...)
+ TODO: check
+CVE-2019-15555 (FredReinink Wellness-app before 2019-06-19 allows SQL injection, relat ...)
+ TODO: check
+CVE-2019-15554 (An issue was discovered in the smallvec crate before 0.6.10 for Rust. ...)
+ TODO: check
+CVE-2019-15553 (An issue was discovered in the memoffset crate before 0.5.0 for Rust. ...)
+ TODO: check
+CVE-2019-15552 (An issue was discovered in the libflate crate before 0.1.25 for Rust. ...)
+ TODO: check
+CVE-2019-15551 (An issue was discovered in the smallvec crate before 0.6.10 for Rust. ...)
+ TODO: check
+CVE-2019-15550 (An issue was discovered in the simd-json crate before 0.1.15 for Rust. ...)
+ TODO: check
+CVE-2019-15549 (An issue was discovered in the asn1_der crate before 0.6.2 for Rust. A ...)
+ TODO: check
+CVE-2019-15548 (An issue was discovered in the ncurses crate through 5.99.0 for Rust. ...)
+ TODO: check
+CVE-2019-15547 (An issue was discovered in the ncurses crate through 5.99.0 for Rust. ...)
+ TODO: check
+CVE-2019-15546 (An issue was discovered in the pancurses crate through 0.16.1 for Rust ...)
+ TODO: check
+CVE-2019-15545 (An issue was discovered in the libp2p-core crate before 0.8.1 for Rust ...)
+ TODO: check
+CVE-2019-15544 (An issue was discovered in the protobuf crate before 2.6.0 for Rust. A ...)
+ TODO: check
+CVE-2019-15543 (An issue was discovered in the slice-deque crate before 0.2.0 for Rust ...)
+ TODO: check
+CVE-2019-15542 (An issue was discovered in the ammonia crate before 2.1.0 for Rust. Th ...)
+ TODO: check
+CVE-2018-21000 (An issue was discovered in the safe-transmute crate before 0.10.1 for ...)
+ TODO: check
+CVE-2018-20999 (An issue was discovered in the orion crate before 0.11.2 for Rust. res ...)
+ TODO: check
+CVE-2018-20998 (An issue was discovered in the arrayfire crate before 3.6.0 for Rust. ...)
+ TODO: check
+CVE-2018-20997 (An issue was discovered in the openssl crate before 0.10.9 for Rust. A ...)
+ TODO: check
+CVE-2018-20996 (An issue was discovered in the crossbeam crate before 0.4.1 for Rust. ...)
+ TODO: check
+CVE-2018-20995 (An issue was discovered in the slice-deque crate before 0.1.16 for Rus ...)
+ TODO: check
+CVE-2018-20994 (An issue was discovered in the trust-dns-proto crate before 0.5.0-alph ...)
+ TODO: check
+CVE-2018-20993 (An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. ...)
+ TODO: check
+CVE-2018-20992 (An issue was discovered in the claxon crate before 0.4.1 for Rust. Uni ...)
+ TODO: check
+CVE-2018-20991 (An issue was discovered in the smallvec crate before 0.6.3 for Rust. T ...)
+ TODO: check
+CVE-2018-20990 (An issue was discovered in the tar crate before 0.4.16 for Rust. Arbit ...)
+ TODO: check
+CVE-2018-20989 (An issue was discovered in the untrusted crate before 0.6.2 for Rust. ...)
+ TODO: check
+CVE-2017-18589 (An issue was discovered in the cookie crate before 0.7.6 for Rust. Lar ...)
+ TODO: check
+CVE-2017-18588 (An issue was discovered in the security-framework crate before 0.1.12 ...)
+ TODO: check
+CVE-2017-18587 (An issue was discovered in the hyper crate before 0.9.18 for Rust. It ...)
+ TODO: check
+CVE-2016-10933 (An issue was discovered in the portaudio crate through 0.7.0 for Rust. ...)
+ TODO: check
+CVE-2016-10932 (An issue was discovered in the hyper crate before 0.9.4 for Rust on Wi ...)
+ TODO: check
+CVE-2016-10931 (An issue was discovered in the openssl crate before 0.9.0 for Rust. Th ...)
+ TODO: check
+CVE-2019-15541 (rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for ...)
+ TODO: check
CVE-2019-15540 (filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2. ...)
NOT-FOR-US: libMirage
CVE-2019-15539
@@ -116,12 +252,12 @@ CVE-2019-15536 (The Acclaim block plugin before 2019-06-26 for Moodle allows SQL
NOT-FOR-US: Acclaim block plugin for Moodle
CVE-2019-15535 (Tasking Manager before 3.4.0 allows SQL Injection via custom SQL. ...)
NOT-FOR-US: Tasking Manager
-CVE-2019-15534
- RESERVED
-CVE-2019-15533
- RESERVED
-CVE-2019-15532
- RESERVED
+CVE-2019-15534 (Raml-Module-Builder 26.4.0 allows SQL Injection in PostgresClient.upda ...)
+ TODO: check
+CVE-2019-15533 (XENFCoreSharp before 2019-07-16 allows SQL injection in web/verify.php ...)
+ TODO: check
+CVE-2019-15532 (CyberChef before 8.31.2 allows XSS in core/operations/TextEncodingBrut ...)
+ TODO: check
CVE-2019-15531 (GNU Libextractor through 1.9 has a heap-based buffer over-read in the ...)
- libextractor <unfixed> (bug #935553)
NOTE: https://bugs.gnunet.org/view.php?id=5846
@@ -138,14 +274,14 @@ CVE-2019-15526 (An issue was discovered on D-Link DIR-823G devices with firmware
NOT-FOR-US: D-Link
CVE-2019-15525 (There is Missing SSL Certificate Validation in the pw3270 terminal emu ...)
TODO: check
-CVE-2019-15524
- RESERVED
+CVE-2019-15524 (CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by a .php ...)
+ TODO: check
CVE-2019-15523
RESERVED
CVE-2019-15522
RESERVED
-CVE-2019-15521
- RESERVED
+CVE-2019-15521 (Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and ...)
+ TODO: check
CVE-2019-15520 (comelz Quark before 2019-03-26 allows directory traversal to locations ...)
TODO: check
CVE-2019-15519 (Power-Response before 2019-02-02 allows directory traversal (up to the ...)
@@ -156,8 +292,8 @@ CVE-2019-15517 (jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f director
TODO: check
CVE-2019-15516 (Cuberite before 2019-06-11 allows webadmin directory traversal via ... ...)
TODO: check
-CVE-2019-15515
- RESERVED
+CVE-2019-15515 (Discourse 2.3.2 sends the CSRF token in the query string. ...)
+ TODO: check
CVE-2019-15514 (The Privacy > Phone Number feature in the Telegram app 5.10 for And ...)
TODO: check
CVE-2019-15513 (An issue was discovered in OpenWrt libuci (aka Library for the Unified ...)
@@ -174,18 +310,18 @@ CVE-2019-15508 (In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request
TODO: check
CVE-2019-15507 (In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request pr ...)
TODO: check
-CVE-2019-15506
- RESERVED
+CVE-2019-15506 (An issue was discovered in Kaseya Virtual System Administrator (VSA) t ...)
+ TODO: check
CVE-2019-15505 (drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through ...)
- linux <unfixed>
CVE-2019-15504 (drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2 ...)
- linux <unfixed>
-CVE-2019-15503
- RESERVED
+CVE-2019-15503 (cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCM ...)
+ TODO: check
CVE-2019-15502
RESERVED
-CVE-2019-15501
- RESERVED
+CVE-2019-15501 (Reflected cross site scripting (XSS) in L-Soft LISTSERV before 16.5-20 ...)
+ TODO: check
CVE-2019-15500
RESERVED
CVE-2019-15499 (CodiMD 1.3.1, when Safari is used, allows XSS via an IFRAME element wi ...)
@@ -208,8 +344,8 @@ CVE-2019-15491 (openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21. ...)
NOT-FOR-US: openITCOCKPIT
CVE-2019-15490 (openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21. ...)
NOT-FOR-US: openITCOCKPIT
-CVE-2019-15489
- RESERVED
+CVE-2019-15489 (laracom (aka Laravel FREE E-Commerce Software) 1.4.11 has search?q= XS ...)
+ TODO: check
CVE-2019-15488 (Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP se ...)
TODO: check
CVE-2019-15487 (DfE School Experience before v16333-GA has XSS via a teacher training ...)
@@ -228,10 +364,10 @@ CVE-2019-15481 (Kimai v2 before 1.1 has XSS via a timesheet description. ...)
TODO: check
CVE-2019-15480 (Domoticz 4.10717 has XSS via item.Name. ...)
TODO: check
-CVE-2019-15479
- RESERVED
-CVE-2019-15478
- RESERVED
+CVE-2019-15479 (Status Board 1.1.81 has reflected XSS via dashboard.ts. ...)
+ TODO: check
+CVE-2019-15478 (Status Board 1.1.81 has reflected XSS via logic.ts. ...)
+ TODO: check
CVE-2019-15477 (Jooby before 1.6.4 has XSS via the default error handler. ...)
TODO: check
CVE-2019-15476 (Former before 4.2.1 has XSS via a checkbox value. ...)
@@ -726,8 +862,8 @@ CVE-2019-15306
RESERVED
CVE-2019-15305
RESERVED
-CVE-2019-15304
- RESERVED
+CVE-2019-15304 (Lierda Grill Temperature Monitor V1.00_50006 has a default password of ...)
+ TODO: check
CVE-2019-15303
RESERVED
CVE-2019-15302
@@ -4085,14 +4221,14 @@ CVE-2019-14310
RESERVED
CVE-2019-14309
RESERVED
-CVE-2019-14308
- RESERVED
-CVE-2019-14307
- RESERVED
+CVE-2019-14308 (Several Ricoh printers have multiple buffer overflows parsing LPD pack ...)
+ TODO: check
+CVE-2019-14307 (Several Ricoh printers have multiple buffer overflows parsing HTTP par ...)
+ TODO: check
CVE-2019-14306
RESERVED
-CVE-2019-14305
- RESERVED
+CVE-2019-14305 (Several Ricoh printers have multiple buffer overflows parsing HTTP par ...)
+ TODO: check
CVE-2019-14304
RESERVED
CVE-2019-14303
@@ -4101,8 +4237,8 @@ CVE-2019-14302
RESERVED
CVE-2019-14301
RESERVED
-CVE-2019-14300
- RESERVED
+CVE-2019-14300 (Several Ricoh printers have multiple buffer overflows parsing HTTP coo ...)
+ TODO: check
CVE-2019-14299
RESERVED
CVE-2019-14298 (Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(con ...)
@@ -7039,18 +7175,21 @@ CVE-2019-13487
RESERVED
CVE-2019-13486
RESERVED
+ {DLA-1898-1}
- xymon 4.3.29-1
[buster] - xymon <no-dsa> (Minor issue)
[stretch] - xymon <no-dsa> (Minor issue)
NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-13485
RESERVED
+ {DLA-1898-1}
- xymon 4.3.29-1
[buster] - xymon <no-dsa> (Minor issue)
[stretch] - xymon <no-dsa> (Minor issue)
NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-13484
RESERVED
+ {DLA-1898-1}
- xymon 4.3.29-1
[buster] - xymon <no-dsa> (Minor issue)
[stretch] - xymon <no-dsa> (Minor issue)
@@ -7130,6 +7269,7 @@ CVE-2019-13456
TODO: double check assessment and classification
CVE-2019-13455
RESERVED
+ {DLA-1898-1}
- xymon 4.3.29-1
[buster] - xymon <no-dsa> (Minor issue)
[stretch] - xymon <no-dsa> (Minor issue)
@@ -7148,12 +7288,14 @@ CVE-2019-13453 (Zipios before 0.1.7 does not properly handle certain malformed z
NOTE: Patch: https://sourceforge.net/p/zipios/code-git/ci/96e26640573410709bb863b8916a8216f4c6a546/tree/infinite_loop.patch
CVE-2019-13452
RESERVED
+ {DLA-1898-1}
- xymon 4.3.29-1
[buster] - xymon <no-dsa> (Minor issue)
[stretch] - xymon <no-dsa> (Minor issue)
NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-13451
RESERVED
+ {DLA-1898-1}
- xymon 4.3.29-1
[buster] - xymon <no-dsa> (Minor issue)
[stretch] - xymon <no-dsa> (Minor issue)
@@ -7602,12 +7744,14 @@ CVE-2019-13275 (An issue was discovered in the VeronaLabs wp-statistics plugin b
NOT-FOR-US: VeronaLabs wp-statistics plugin for WordPress
CVE-2019-13274
RESERVED
+ {DLA-1898-1}
- xymon 4.3.29-1
[buster] - xymon <no-dsa> (Minor issue)
[stretch] - xymon <no-dsa> (Minor issue)
NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-13273
RESERVED
+ {DLA-1898-1}
- xymon 4.3.29-1
[buster] - xymon <no-dsa> (Minor issue)
[stretch] - xymon <no-dsa> (Minor issue)
@@ -8316,8 +8460,8 @@ CVE-2019-13022
RESERVED
CVE-2019-13021
RESERVED
-CVE-2019-13020
- RESERVED
+CVE-2019-13020 (The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI ...)
+ TODO: check
CVE-2019-13019
RESERVED
CVE-2019-13018
@@ -9552,8 +9696,8 @@ CVE-2019-12534
RESERVED
CVE-2019-12533
RESERVED
-CVE-2019-12532
- RESERVED
+CVE-2019-12532 (Improper access control in the Insyde software tools may allow an auth ...)
+ TODO: check
CVE-2019-12531
RESERVED
CVE-2019-12530 (Incorrect access control was discovered in the stdonato Dashboard plug ...)
@@ -16037,6 +16181,7 @@ CVE-2019-10099 (Prior to Spark 2.3.3, in certain situations Spark would write us
NOT-FOR-US: Apache Spark
CVE-2019-10098 [mod_rewrite configurations vulnerable to open redirect]
RESERVED
+ {DSA-4509-1}
- apache2 2.4.41-1
NOTE: Affects upstream versions 2.4.0 to 2.4.39
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10098
@@ -16065,6 +16210,7 @@ CVE-2019-10093 (In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006m
NOTE: https://github.com/apache/tika/commit/81c21ab0aac6b3e4102a1a8906c8c7eab6f96dae
CVE-2019-10092 [Limited cross-site scripting in mod_proxy]
RESERVED
+ {DSA-4509-1}
- apache2 2.4.41-1
NOTE: Affects upstream versions 2.4.0 to 2.4.39
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10092
@@ -16096,10 +16242,12 @@ CVE-2019-10083
RESERVED
CVE-2019-10082 [mod_http2, read-after-free in h2 connection shutdown]
RESERVED
+ {DSA-4509-1}
- apache2 2.4.41-1
NOTE: Affects upstream versions 2.4.18 to 2.4.39
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10082
CVE-2019-10081 (HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configur ...)
+ {DSA-4509-1}
- apache2 2.4.41-1
NOTE: Affects upstream versions 2.4.20 to 2.4.39
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10081
@@ -18578,6 +18726,7 @@ CVE-2019-9518 (Some HTTP/2 implementations are vulnerable to a flood of empty fr
NOTE: https://github.com/apache/trafficserver/pull/5850
NOTE: https://github.com/apache/trafficserver/blob/8.0.x/CHANGELOG-8.0.5
CVE-2019-9517 (Some HTTP/2 implementations are vulnerable to unconstrained interal da ...)
+ {DSA-4509-1}
- apache2 2.4.41-1
NOTE: Affects upstream versions 2.4.20 to 2.4.39
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-9517
@@ -22386,74 +22535,74 @@ CVE-2019-8003 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2
NOT-FOR-US: Adobe
CVE-2019-8002 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
NOT-FOR-US: Adobe
-CVE-2019-8001
- RESERVED
-CVE-2019-8000
- RESERVED
-CVE-2019-7999
- RESERVED
-CVE-2019-7998
- RESERVED
-CVE-2019-7997
- RESERVED
-CVE-2019-7996
- RESERVED
-CVE-2019-7995
- RESERVED
-CVE-2019-7994
- RESERVED
-CVE-2019-7993
- RESERVED
-CVE-2019-7992
- RESERVED
-CVE-2019-7991
- RESERVED
-CVE-2019-7990
- RESERVED
-CVE-2019-7989
- RESERVED
-CVE-2019-7988
- RESERVED
-CVE-2019-7987
- RESERVED
-CVE-2019-7986
- RESERVED
-CVE-2019-7985
- RESERVED
-CVE-2019-7984
- RESERVED
-CVE-2019-7983
- RESERVED
-CVE-2019-7982
- RESERVED
-CVE-2019-7981
- RESERVED
-CVE-2019-7980
- RESERVED
-CVE-2019-7979
- RESERVED
-CVE-2019-7978
- RESERVED
-CVE-2019-7977
- RESERVED
-CVE-2019-7976
- RESERVED
-CVE-2019-7975
- RESERVED
-CVE-2019-7974
- RESERVED
-CVE-2019-7973
- RESERVED
-CVE-2019-7972
- RESERVED
-CVE-2019-7971
- RESERVED
-CVE-2019-7970
- RESERVED
-CVE-2019-7969
- RESERVED
-CVE-2019-7968
- RESERVED
+CVE-2019-8001 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-8000 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7999 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7998 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7997 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7996 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7995 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7994 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7993 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7992 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7991 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7990 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7989 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7988 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7987 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7986 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7985 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7984 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7983 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7982 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7981 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7980 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7979 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7978 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7977 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7976 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7975 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7974 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7973 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7972 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7971 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7970 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7969 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
+CVE-2019-7968 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier ...)
+ TODO: check
CVE-2019-7967
RESERVED
CVE-2019-7966
@@ -30956,8 +31105,8 @@ CVE-2019-4515
RESERVED
CVE-2019-4514
RESERVED
-CVE-2019-4513
- RESERVED
+CVE-2019-4513 (IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vul ...)
+ TODO: check
CVE-2019-4512
RESERVED
CVE-2019-4511
@@ -31086,10 +31235,10 @@ CVE-2019-4450
RESERVED
CVE-2019-4449
RESERVED
-CVE-2019-4448
- RESERVED
-CVE-2019-4447
- RESERVED
+CVE-2019-4448 (IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1 ...)
+ TODO: check
+CVE-2019-4447 (IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1 ...)
+ TODO: check
CVE-2019-4446
RESERVED
CVE-2019-4445
@@ -31644,8 +31793,8 @@ CVE-2019-4171
RESERVED
CVE-2019-4170
RESERVED
-CVE-2019-4169
- RESERVED
+CVE-2019-4169 (IBM Open Power Firmware OP910 and OP920 could allow access to BMC via ...)
+ TODO: check
CVE-2019-4168
RESERVED
CVE-2019-4167 (IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which c ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/aa0ff25106ec925297076823c106e1878c6d5133
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/aa0ff25106ec925297076823c106e1878c6d5133
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190826/e1eba944/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list