[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1021a552 by security tracker role at 2019-02-12T20:10:25Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2019-7754
+	RESERVED
+CVE-2019-7753 (Verydows 2.0 has XSS via the index.php?m=api&c=stats&a=count referrer ...)
+	TODO: check
+CVE-2018-20781 (In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's ...)
+	TODO: check
 CVE-2019-7752
 	RESERVED
 CVE-2019-7751
@@ -14,18 +20,18 @@ CVE-2019-7746
 	RESERVED
 CVE-2019-7745
 	RESERVED
-CVE-2019-7744
-	RESERVED
-CVE-2019-7743
-	RESERVED
-CVE-2019-7742
-	RESERVED
-CVE-2019-7741
-	RESERVED
-CVE-2019-7740
-	RESERVED
-CVE-2019-7739
-	RESERVED
+CVE-2019-7744 (An issue was discovered in Joomla! before 3.9.3. Inadequate filtering ...)
+	TODO: check
+CVE-2019-7743 (An issue was discovered in Joomla! before 3.9.3. The phar:// stream ...)
+	TODO: check
+CVE-2019-7742 (An issue was discovered in Joomla! before 3.9.3. A combination of ...)
+	TODO: check
+CVE-2019-7741 (An issue was discovered in Joomla! before 3.9.3. Inadequate checks at ...)
+	TODO: check
+CVE-2019-7740 (An issue was discovered in Joomla! before 3.9.3. Inadequate parameter ...)
+	TODO: check
+CVE-2019-7739 (An issue was discovered in Joomla! before 3.9.3. The "No Filtering" ...)
+	TODO: check
 CVE-2019-7738 (C.P.Sub before 5.3 allows CSRF via a manage.php?p=article_del&id= URI. ...)
 	TODO: check
 CVE-2019-7737 (A CSRF vulnerability was found in Verydows v2.0 that can add an admin ...)
@@ -2897,8 +2903,8 @@ CVE-2019-6551
 	RESERVED
 CVE-2019-6550
 	RESERVED
-CVE-2019-6549
-	RESERVED
+CVE-2019-6549 (An attacker could retrieve plain-text credentials stored in a XML file ...)
+	TODO: check
 CVE-2019-6548
 	RESERVED
 CVE-2019-6547
@@ -2929,8 +2935,8 @@ CVE-2019-6535 (Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 an
 	NOT-FOR-US: Mitsubishi Electric MELSEC-Q Series PLCs
 CVE-2019-6534
 	RESERVED
-CVE-2019-6533
-	RESERVED
+CVE-2019-6533 (Registers used to store Modbus values can be read and written from the ...)
+	TODO: check
 CVE-2019-6532
 	RESERVED
 CVE-2019-6531
@@ -2941,8 +2947,8 @@ CVE-2019-6529
 	RESERVED
 CVE-2019-6528
 	RESERVED
-CVE-2019-6527
-	RESERVED
+CVE-2019-6527 (PR100088 Modbus gateway versions prior to Release R02 (or Software ...)
+	TODO: check
 CVE-2019-6526
 	RESERVED
 CVE-2019-6525
@@ -21515,6 +21521,7 @@ CVE-2018-18897 (An issue was discovered in Poppler 0.71.0. There is a memory lea
 CVE-2018-18896
 	RESERVED
 CVE-2018-18895
+	REJECTED
 	NOT-FOR-US: Cisco
 CVE-2018-18894
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1021a552915318a962f4666ab1cd42427713cee3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1021a552915318a962f4666ab1cd42427713cee3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190212/ee42e277/attachment.html>