[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
40537a7f by security tracker role at 2019-02-17T20:10:27Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2019-8413 (On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer ...)
+	TODO: check
+CVE-2019-8412 (FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or ...)
+	TODO: check
+CVE-2019-8411 (admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to ...)
+	TODO: check
+CVE-2019-8410
+	RESERVED
+CVE-2019-8409
+	RESERVED
+CVE-2019-8408 (OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by ...)
+	TODO: check
+CVE-2019-8407 (HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ ...)
+	TODO: check
+CVE-2019-8406
+	RESERVED
+CVE-2019-8405
+	RESERVED
+CVE-2019-8404
+	RESERVED
+CVE-2019-8403
+	RESERVED
+CVE-2019-8402
+	RESERVED
+CVE-2018-20782 (The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages. ...)
+	TODO: check
+CVE-2016-10742 (Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before ...)
+	TODO: check
 CVE-2019-8401
 	RESERVED
 CVE-2019-8400 (ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the ...)
@@ -20,8 +48,8 @@ CVE-2019-8395 (An Insecure Direct Object Reference (IDOR) vulnerability exists i
 	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
 CVE-2019-8394 (Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows ...)
 	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
-CVE-2019-8393
-	RESERVED
+CVE-2019-8393 (Hotels_Server through 2018-11-05 has SQL Injection via the API because ...)
+	TODO: check
 CVE-2019-8392 (An issue was discovered on D-Link DIR-823G devices with firmware ...)
 	NOT-FOR-US: D-Link
 CVE-2019-8391



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/40537a7fb84956b44459a226f0d6806d07b3027f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/40537a7fb84956b44459a226f0d6806d07b3027f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190217/ad8dff2b/attachment.html>