[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Fri Feb 8 20:10:43 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fd7f5eb8 by security tracker role at 2019-02-08T20:10:33Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2019-7649
+	RESERVED
+CVE-2019-7648 (controller/fetchpwd.php and controller/doAction.php in Hotels_Server ...)
+	TODO: check
+CVE-2019-7647
+	RESERVED
+CVE-2019-7646
+	RESERVED
+CVE-2019-7645
+	RESERVED
+CVE-2019-7644
+	RESERVED
+CVE-2019-7643
+	RESERVED
+CVE-2019-7642
+	RESERVED
+CVE-2019-7641
+	RESERVED
+CVE-2019-7640
+	RESERVED
+CVE-2019-7639 (An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If ...)
+	TODO: check
+CVE-2019-7638 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+	TODO: check
+CVE-2019-7637 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+	TODO: check
+CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+	TODO: check
+CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
+	TODO: check
+CVE-2018-20764 (A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for ...)
+	TODO: check
 CVE-2019-7634
 	RESERVED
 CVE-2019-7633
@@ -2717,7 +2749,7 @@ CVE-2019-6498 (GattLib 0.2 has a stack-based buffer over-read in gattlib_connect
 	NOT-FOR-US: GattLib
 CVE-2019-6497 (Hotels_Server through 2018-11-05 has SQL Injection via the ...)
 	NOT-FOR-US: Hotels_Server
-CVE-2019-6496 (The ThreadX-based firmware on Marvell Avastar Wi-Fi devices allows ...)
+CVE-2019-6496 (The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models ...)
 	NOT-FOR-US: ThreadX-based firmware on Marvell Avastar Wi-Fi devices
 CVE-2019-6495
 	RESERVED
@@ -15248,16 +15280,16 @@ CVE-2019-1678 (A vulnerability in Cisco Meeting Server could allow an authentica
 	NOT-FOR-US: Cisco
 CVE-2019-1677 (A vulnerability in Cisco Webex Meetings for Android could allow an ...)
 	NOT-FOR-US: Cisco
-CVE-2019-1676
-	RESERVED
+CVE-2019-1676 (A vulnerability in the Session Initiation Protocol (SIP) call ...)
+	TODO: check
 CVE-2019-1675 (A vulnerability in the default configuration of the Cisco Aironet ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1674
 	RESERVED
-CVE-2019-1673
-	RESERVED
-CVE-2019-1672
-	RESERVED
+CVE-2019-1673 (A vulnerability in the web-based management interface of Cisco ...)
+	TODO: check
+CVE-2019-1672 (A vulnerability in the Decryption Policy Default Action functionality ...)
+	TODO: check
 CVE-2019-1671 (A vulnerability in the web-based management interface of Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1670 (A vulnerability in the web-based management interface of Cisco Unified ...)
@@ -22528,8 +22560,8 @@ CVE-2018-18366
 	RESERVED
 CVE-2018-18365
 	RESERVED
-CVE-2018-18364
-	RESERVED
+CVE-2018-18364 (Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be ...)
+	TODO: check
 CVE-2018-18363 (Norton App Lock prior to 1.4.0.445 can be susceptible to a bypass ...)
 	NOT-FOR-US: Norton App Lock
 CVE-2018-18362 (Norton Password Manager for Android (formerly Norton Identity Safe) ...)
@@ -46638,8 +46670,8 @@ CVE-2018-9192 (A plaintext recovery of encrypted messages or a Man-in-the-middle
 	NOT-FOR-US: Fortinet FortiOS
 CVE-2018-9191
 	RESERVED
-CVE-2018-9190
-	RESERVED
+CVE-2018-9190 (A null pointer dereference vulnerability in Fortinet ...)
+	TODO: check
 CVE-2018-9189
 	RESERVED
 CVE-2018-9188
@@ -47702,6 +47734,7 @@ CVE-2018-8789 (FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds
 	- freerdp <removed>
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6
 CVE-2018-8788 (FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of ...)
+	{DLA-1666-1}
 	- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
 	- freerdp <removed>
 	NOTE: https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659
@@ -69064,8 +69097,8 @@ CVE-2018-1354 (An improper access control vulnerability in Fortinet FortiManager
 	NOT-FOR-US: Fortinet
 CVE-2018-1353 (An information disclosure vulnerability in Fortinet FortiManager 6.0.1 ...)
 	NOT-FOR-US: Fortinet FortiManager
-CVE-2018-1352
-	RESERVED
+CVE-2018-1352 (A format string vulnerability in Fortinet FortiOS 5.6.0 allows ...)
+	TODO: check
 CVE-2018-1351 (A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager ...)
 	NOT-FOR-US: Fortinet
 CVE-2017-17551 (The Backup and Restore feature in Mobotap Dolphin Browser for Android ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd7f5eb873ffcf0d152d6de9d1da1e67b1fbb1d3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd7f5eb873ffcf0d152d6de9d1da1e67b1fbb1d3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190208/f5de0612/attachment.html>

More information about the debian-security-tracker-commits mailing list