[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Tue Aug 27 09:10:27 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6979fb26 by security tracker role at 2019-08-27T08:10:13Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,99 @@
+CVE-2019-15666 (An issue was discovered in the Linux kernel before 5.0.19. There is an ...)
+	TODO: check
+CVE-2019-15665
+	RESERVED
+CVE-2019-15664
+	RESERVED
+CVE-2019-15663
+	RESERVED
+CVE-2019-15662
+	RESERVED
+CVE-2019-15661
+	RESERVED
+CVE-2019-15660
+	RESERVED
+CVE-2019-15659
+	RESERVED
+CVE-2019-15658 (connect-pg-simple before 6.0.1 allows SQL injection if tableName or sc ...)
+	TODO: check
+CVE-2019-15657 (In eslint-utils before 1.4.1, the getStaticValue function can execute  ...)
+	TODO: check
+CVE-2019-15656
+	RESERVED
+CVE-2019-15655
+	RESERVED
+CVE-2019-15654
+	RESERVED
+CVE-2019-15653
+	RESERVED
+CVE-2019-15652
+	RESERVED
+CVE-2019-15651 (wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCert ...)
+	TODO: check
+CVE-2019-15650
+	RESERVED
+CVE-2019-15649
+	RESERVED
+CVE-2019-15648
+	RESERVED
+CVE-2019-15647
+	RESERVED
+CVE-2019-15646
+	RESERVED
+CVE-2019-15645
+	RESERVED
+CVE-2019-15644
+	RESERVED
+CVE-2019-15643
+	RESERVED
+CVE-2018-21006
+	RESERVED
+CVE-2018-21005
+	RESERVED
+CVE-2018-21004
+	RESERVED
+CVE-2018-21003
+	RESERVED
+CVE-2018-21002
+	RESERVED
+CVE-2018-21001
+	RESERVED
+CVE-2017-18592
+	RESERVED
+CVE-2017-18591
+	RESERVED
+CVE-2017-18590
+	RESERVED
+CVE-2016-10936
+	RESERVED
+CVE-2016-10935
+	RESERVED
+CVE-2016-10934
+	RESERVED
+CVE-2015-9352
+	RESERVED
+CVE-2015-9351
+	RESERVED
+CVE-2015-9350
+	RESERVED
+CVE-2015-9349
+	RESERVED
+CVE-2015-9348
+	RESERVED
+CVE-2015-9347
+	RESERVED
+CVE-2015-9346
+	RESERVED
+CVE-2015-9345
+	RESERVED
+CVE-2015-9344
+	RESERVED
+CVE-2015-9343
+	RESERVED
+CVE-2015-9342
+	RESERVED
+CVE-2014-10395
+	RESERVED
 CVE-2019-15642 (rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execu ...)
 	- webmin <removed>
 CVE-2019-15641 (xmlrpc.cgi in Webmin through 1.930 allows authenticated XXE attacks. B ...)
@@ -328,8 +424,8 @@ CVE-2019-15499 (CodiMD 1.3.1, when Safari is used, allows XSS via an IFRAME elem
 	TODO: check
 CVE-2019-15498 (cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows rem ...)
 	NOT-FOR-US: Vera Edge Home Controller
-CVE-2019-15497
-	RESERVED
+CVE-2019-15497 (Black Box iCOMPEL 9.2.3 through 11.1.4, as used in ONELAN Net-Top-Box  ...)
+	TODO: check
 CVE-2019-15496
 	RESERVED
 CVE-2019-15495
@@ -1670,8 +1766,8 @@ CVE-2019-15057
 	RESERVED
 CVE-2019-15056
 	RESERVED
-CVE-2019-15055
-	RESERVED
+CVE-2019-15055 (MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly  ...)
+	TODO: check
 CVE-2019-15054
 	RESERVED
 CVE-2019-15053 (The "HTML Include and replace macro" plugin before 1.5.0 for Confluenc ...)
@@ -14434,7 +14530,7 @@ CVE-2019-10749
 	RESERVED
 CVE-2019-10748
 	RESERVED
-CVE-2019-10747 (set-value is vulnerable to Prototype Pollution in versions before 2.0. ...)
+CVE-2019-10747 (set-value is vulnerable to Prototype Pollution in versions lower than  ...)
 	TODO: check
 CVE-2019-10746 (mixin-deep is vulnerable to Prototype Pollution in versions before 1.3 ...)
 	- node-mixin-deep 2.0.1-1 (bug #932500)
@@ -18602,8 +18698,8 @@ CVE-2019-9571
 	RESERVED
 CVE-2019-9570 (An issue was discovered in YzmCMS 5.2.0. It has XSS via the bottom tex ...)
 	NOT-FOR-US: YzmCMS
-CVE-2019-9569
-	RESERVED
+CVE-2019-9569 (Buffer Overflow in dacterea in Delta Controls enteliBUS Manager V3.40_ ...)
+	TODO: check
 CVE-2019-9568 (The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1 ...)
 	NOT-FOR-US: WordPress plugin forminator
 CVE-2019-9567 (The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1 ...)
@@ -21488,8 +21584,8 @@ CVE-2019-8462
 	RESERVED
 CVE-2019-8461
 	RESERVED
-CVE-2019-8460
-	RESERVED
+CVE-2019-8460 (Reuven Plevinsky and Tal Vainshtein of Check Point Software Technologi ...)
+	TODO: check
 CVE-2019-8459 (Check Point Endpoint Security Client for Windows, with the VPN blade,  ...)
 	NOT-FOR-US: Check Point Endpoint Security Client for Windows
 CVE-2019-8458 (Check Point Endpoint Security Client for Windows, with Anti-Malware bl ...)
@@ -46230,8 +46326,8 @@ CVE-2018-18670 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject
 	NOT-FOR-US: GNU Board
 CVE-2018-18669 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbit ...)
 	NOT-FOR-US: GNU Board
-CVE-2018-18668
-	RESERVED
+CVE-2018-18668 (GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to injec ...)
+	TODO: check
 CVE-2018-18667 (The mintToken function of Pylon (PYLNT) aka PylonToken, an Ethereum to ...)
 	NOT-FOR-US: Some Ethereum token
 CVE-2018-18666 (The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum t ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6979fb269b5038e92b14b471f537ecf0c82d0222

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6979fb269b5038e92b14b471f537ecf0c82d0222
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190827/8c6bbdb0/attachment.html>

More information about the debian-security-tracker-commits mailing list