[Git][security-tracker-team/security-tracker][master] "new" cvsweb issue
Moritz Muehlenhoff
jmm at debian.org
Tue Feb 5 21:38:51 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9925a79f by Moritz Muehlenhoff at 2019-02-05T21:38:22Z
"new" cvsweb issue
new gitea issue
NFU
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -180,7 +180,8 @@ CVE-2019-1000004 (yugandhargangu JspMyAdmin2 version 1.0.6 and earlier contains
CVE-2019-1000003 (MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery ...)
NOT-FOR-US: Wordpress plugin
CVE-2019-1000002 (Gitea version 1.6.2 and earlier contains a Incorrect Access Control ...)
- TODO: check
+ - gitea <removed>
+ NOTE: https://github.com/go-gitea/gitea/pull/5631
CVE-2019-1000001 (TeamPass version 2.1.27 and earlier contains a Storing Passwords in a ...)
NOT-FOR-US: TeamPass
CVE-2018-20753 (Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 ...)
@@ -191,11 +192,12 @@ CVE-2018-20752 (An issue was discovered in Recon-ng before 4.9.5. Lack of valida
CVE-2018-1000999 (Fastnet SA MailCleaner version 2018092601 contains a Command Injection ...)
NOT-FOR-US: Fastnet SA MailCleaner
CVE-2018-1000998 (FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) ...)
- TODO: check
+ - cvsweb 3:3.0.0-1
+ NOTE: https://www.kvakil.me/posts/cvsweb/
CVE-2017-18362 (ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is ...)
NOT-FOR-US: ConnectWise ManagedITSync
CVE-2016-1000282 (Haraka version 2.8.8 and earlier comes with a plugin for processing ...)
- TODO: check
+ NOT-FOR-US: Haraka
CVE-2016-1000276 (Audacity version 2.1.2 is vulnerable to DLL Hijack, it tries to load ...)
TODO: check, probably a dupe of CVE-2017-1000010
CVE-2016-1000271 (Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9925a79f265d3bc694f3a13322b54e6ee84901e9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9925a79f265d3bc694f3a13322b54e6ee84901e9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190205/ccd94f4e/attachment.html>
More information about the debian-security-tracker-commits
mailing list