[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Dec 6 08:10:34 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8c75c8f4 by security tracker role at 2019-12-06T08:10:17Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2019-19621
+ RESERVED
+CVE-2019-19620
+ RESERVED
+CVE-2019-19619 (domain/section/markdown/markdown.go in Documize before 3.5.1 mishandle ...)
+ TODO: check
+CVE-2019-19618
+ RESERVED
+CVE-2019-19617 (phpMyAdmin before 4.9.2 does not escape certain Git information, relat ...)
+ TODO: check
+CVE-2019-19616 (An Insecure Direct Object Reference (IDOR) vulnerability in the Xtivia ...)
+ TODO: check
+CVE-2019-19615
+ RESERVED
+CVE-2019-19614
+ RESERVED
+CVE-2019-19613
+ RESERVED
+CVE-2019-19612
+ RESERVED
+CVE-2019-19611
+ RESERVED
+CVE-2019-19610
+ RESERVED
+CVE-2019-19609 (The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Co ...)
+ TODO: check
CVE-2019-19608
RESERVED
CVE-2019-19607
@@ -11892,12 +11918,12 @@ CVE-2019-16772
RESERVED
CVE-2019-16771
RESERVED
-CVE-2019-16770
- RESERVED
+CVE-2019-16770 (A poorly-behaved client could use keepalive requests to monopolize Pum ...)
+ TODO: check
CVE-2019-16769 (Affected versions of this package are vulnerable to Cross-site Scripti ...)
TODO: check
-CVE-2019-16768
- RESERVED
+CVE-2019-16768 (Exception messages from internal exceptions (like database exception) ...)
+ TODO: check
CVE-2019-16767 (The admin sys mode is now conditional and dedicated for the special ca ...)
NOT-FOR-US: ezmaster
CVE-2019-16766 (When using wagtail-2fa before 1.3.0, if someone gains access to someon ...)
@@ -280434,8 +280460,7 @@ CVE-2012-1593 (epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wiresh
- wireshark 1.6.6-1 (unimportant; bug #666058)
[squeeze] - wireshark 1.2.11-6+squeeze7
NOTE: Not suitable for code injection
-CVE-2012-1592
- RESERVED
+CVE-2012-1592 (A local code execution issue exists in Apache Struts2 when processing ...)
- libstruts1.2-java <not-affected> (Only applies to Struts 2, see bug #657870)
CVE-2012-1591 (The image module in Drupal 7.x before 7.14 does not properly check per ...)
- drupal7 7.14-1 (bug #671402)
@@ -281518,14 +281543,12 @@ CVE-2012-1117 (Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5
NOT-FOR-US: Joomla!
CVE-2012-1116 (SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 al ...)
NOT-FOR-US: Joomla!
-CVE-2012-1115
- RESERVED
+CVE-2012-1115 (A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Mana ...)
- phpldapadmin 1.2.2-3 (low; bug #662050)
[squeeze] - phpldapadmin <no-dsa> (Minor issue)
- ldap-account-manager 3.6-2 (low; bug #661904)
[squeeze] - ldap-account-manager <no-dsa> (Minor issue)
-CVE-2012-1114
- RESERVED
+CVE-2012-1114 (A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Mana ...)
- phpldapadmin 1.2.2-3 (low; bug #662050)
[squeeze] - phpldapadmin <no-dsa> (Minor issue)
- ldap-account-manager 3.6-2 (low; bug #661904)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8c75c8f4812bcfda5e3573a6bd1ea540ae7c0628
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8c75c8f4812bcfda5e3573a6bd1ea540ae7c0628
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191206/2d42e985/attachment.html>
More information about the debian-security-tracker-commits
mailing list