[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Jan 9 08:10:25 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cd733bc0 by security tracker role at 2019-01-09T08:10:17Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,55 @@
-CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a ...)
- - frontaccounting <removed>
-CVE-2019-5719
+CVE-2019-5736
+ RESERVED
+CVE-2019-5735
+ RESERVED
+CVE-2019-5734
+ RESERVED
+CVE-2019-5733
+ RESERVED
+CVE-2019-5732
+ RESERVED
+CVE-2019-5731
+ RESERVED
+CVE-2019-5730
+ RESERVED
+CVE-2019-5729
+ RESERVED
+CVE-2019-5728
+ RESERVED
+CVE-2019-5727
+ RESERVED
+CVE-2019-5726
RESERVED
-CVE-2019-5718
+CVE-2019-5725 (qibosoft through V7 allows remote attackers to read arbitrary files via ...)
+ TODO: check
+CVE-2019-5724
RESERVED
-CVE-2019-5717
+CVE-2019-5723
RESERVED
-CVE-2019-5716
+CVE-2019-5722
RESERVED
+CVE-2019-5721 (In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was ...)
+ TODO: check
+CVE-2018-20677 (In Bootstrap before 3.4.0, XSS is possible in the affix configuration ...)
+ TODO: check
+CVE-2018-20676 (In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport ...)
+ TODO: check
+CVE-2018-20675 (D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before ...)
+ TODO: check
+CVE-2018-20674 (D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before ...)
+ TODO: check
+CVE-2016-10735 (In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is ...)
+ TODO: check
+CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a ...)
+ - frontaccounting <removed>
+CVE-2019-5719 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector ...)
+ TODO: check
+CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and ...)
+ TODO: check
+CVE-2019-5717 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector ...)
+ TODO: check
+CVE-2019-5716 (In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This ...)
+ TODO: check
CVE-2019-5715
RESERVED
CVE-2019-5714
@@ -4514,7 +4556,7 @@ CVE-2019-3499
RESERVED
CVE-2019-3498 [Content spoofing possibility in the default 404 page]
RESERVED
- {DLA-1629-1}
+ {DSA-4363-1 DLA-1629-1}
- python-django 1:1.11.18-1 (bug #918230)
NOTE: https://www.djangoproject.com/weblog/2019/jan/04/security-releases/
NOTE: https://github.com/django/django/commit/1cd00fcf52d089ef0fe03beabd05d59df8ea052a (1.11.x)
@@ -13261,8 +13303,8 @@ CVE-2019-0624
RESERVED
CVE-2019-0623
RESERVED
-CVE-2019-0622
- RESERVED
+CVE-2019-0622 (An elevation of privilege vulnerability exists when Skype for Andriod ...)
+ TODO: check
CVE-2019-0621
RESERVED
CVE-2019-0620
@@ -13329,112 +13371,112 @@ CVE-2019-0590
RESERVED
CVE-2019-0589
RESERVED
-CVE-2019-0588
- RESERVED
+CVE-2019-0588 (An information disclosure vulnerability exists when the Microsoft ...)
+ TODO: check
CVE-2019-0587
RESERVED
-CVE-2019-0586
- RESERVED
-CVE-2019-0585
- RESERVED
-CVE-2019-0584
- RESERVED
-CVE-2019-0583
- RESERVED
-CVE-2019-0582
- RESERVED
-CVE-2019-0581
- RESERVED
-CVE-2019-0580
- RESERVED
-CVE-2019-0579
- RESERVED
-CVE-2019-0578
- RESERVED
-CVE-2019-0577
- RESERVED
-CVE-2019-0576
- RESERVED
-CVE-2019-0575
- RESERVED
-CVE-2019-0574
- RESERVED
-CVE-2019-0573
- RESERVED
-CVE-2019-0572
- RESERVED
-CVE-2019-0571
- RESERVED
-CVE-2019-0570
- RESERVED
-CVE-2019-0569
- RESERVED
-CVE-2019-0568
- RESERVED
-CVE-2019-0567
- RESERVED
-CVE-2019-0566
- RESERVED
-CVE-2019-0565
- RESERVED
-CVE-2019-0564
- RESERVED
+CVE-2019-0586 (A remote code execution vulnerability exists in Microsoft Exchange ...)
+ TODO: check
+CVE-2019-0585 (A remote code execution vulnerability exists in Microsoft Word ...)
+ TODO: check
+CVE-2019-0584 (A remote code execution vulnerability exists when the Windows Jet ...)
+ TODO: check
+CVE-2019-0583 (A remote code execution vulnerability exists when the Windows Jet ...)
+ TODO: check
+CVE-2019-0582 (A remote code execution vulnerability exists when the Windows Jet ...)
+ TODO: check
+CVE-2019-0581 (A remote code execution vulnerability exists when the Windows Jet ...)
+ TODO: check
+CVE-2019-0580 (A remote code execution vulnerability exists when the Windows Jet ...)
+ TODO: check
+CVE-2019-0579 (A remote code execution vulnerability exists when the Windows Jet ...)
+ TODO: check
+CVE-2019-0578 (A remote code execution vulnerability exists when the Windows Jet ...)
+ TODO: check
+CVE-2019-0577 (A remote code execution vulnerability exists when the Windows Jet ...)
+ TODO: check
+CVE-2019-0576 (A remote code execution vulnerability exists when the Windows Jet ...)
+ TODO: check
+CVE-2019-0575 (A remote code execution vulnerability exists when the Windows Jet ...)
+ TODO: check
+CVE-2019-0574 (An elevation of privilege vulnerability exists when the Windows Data ...)
+ TODO: check
+CVE-2019-0573 (An elevation of privilege vulnerability exists when the Windows Data ...)
+ TODO: check
+CVE-2019-0572 (An elevation of privilege vulnerability exists when the Windows Data ...)
+ TODO: check
+CVE-2019-0571 (An elevation of privilege vulnerability exists when the Windows Data ...)
+ TODO: check
+CVE-2019-0570 (An elevation of privilege vulnerability exists when the Windows ...)
+ TODO: check
+CVE-2019-0569 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2019-0568 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2019-0567 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2019-0566 (An elevation of privilege vulnerability exists in Microsoft Edge ...)
+ TODO: check
+CVE-2019-0565 (A remote code execution vulnerability exists when Microsoft Edge ...)
+ TODO: check
+CVE-2019-0564 (A denial of service vulnerability exists when ASP.NET Core improperly ...)
+ TODO: check
CVE-2019-0563
RESERVED
-CVE-2019-0562
- RESERVED
-CVE-2019-0561
- RESERVED
-CVE-2019-0560
- RESERVED
-CVE-2019-0559
- RESERVED
-CVE-2019-0558
- RESERVED
-CVE-2019-0557
- RESERVED
-CVE-2019-0556
- RESERVED
-CVE-2019-0555
- RESERVED
-CVE-2019-0554
- RESERVED
-CVE-2019-0553
- RESERVED
-CVE-2019-0552
- RESERVED
-CVE-2019-0551
- RESERVED
-CVE-2019-0550
- RESERVED
-CVE-2019-0549
- RESERVED
-CVE-2019-0548
- RESERVED
-CVE-2019-0547
- RESERVED
-CVE-2019-0546
- RESERVED
-CVE-2019-0545
- RESERVED
+CVE-2019-0562 (An elevation of privilege vulnerability exists when Microsoft ...)
+ TODO: check
+CVE-2019-0561 (An information disclosure vulnerability exists when Microsoft Word ...)
+ TODO: check
+CVE-2019-0560 (An information disclosure vulnerability exists when Microsoft Office ...)
+ TODO: check
+CVE-2019-0559 (An information disclosure vulnerability exists when Microsoft Outlook ...)
+ TODO: check
+CVE-2019-0558 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...)
+ TODO: check
+CVE-2019-0557 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...)
+ TODO: check
+CVE-2019-0556 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...)
+ TODO: check
+CVE-2019-0555 (An elevation of privilege vulnerability exists in the Microsoft ...)
+ TODO: check
+CVE-2019-0554 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2019-0553 (An information disclosure vulnerability exists when Windows Subsystem ...)
+ TODO: check
+CVE-2019-0552 (An elevation of privilege exists in Windows COM Desktop Broker, aka ...)
+ TODO: check
+CVE-2019-0551 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+ TODO: check
+CVE-2019-0550 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
+ TODO: check
+CVE-2019-0549 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2019-0548 (A denial of service vulnerability exists when ASP.NET Core improperly ...)
+ TODO: check
+CVE-2019-0547 (A memory corruption vulnerability exists in the Windows DHCP client ...)
+ TODO: check
+CVE-2019-0546 (A remote code execution vulnerability exists in Visual Studio when the ...)
+ TODO: check
+CVE-2019-0545 (An information disclosure vulnerability exists in .NET Framework and ...)
+ TODO: check
CVE-2019-0544
RESERVED
-CVE-2019-0543
- RESERVED
+CVE-2019-0543 (An elevation of privilege vulnerability exists when Windows improperly ...)
+ TODO: check
CVE-2019-0542
RESERVED
-CVE-2019-0541
- RESERVED
+CVE-2019-0541 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
CVE-2019-0540
RESERVED
-CVE-2019-0539
- RESERVED
-CVE-2019-0538
- RESERVED
-CVE-2019-0537
- RESERVED
-CVE-2019-0536
- RESERVED
+CVE-2019-0539 (A remote code execution vulnerability exists in the way that the ...)
+ TODO: check
+CVE-2019-0538 (A remote code execution vulnerability exists when the Windows Jet ...)
+ TODO: check
+CVE-2019-0537 (An information disclosure vulnerability exists when Visual Studio ...)
+ TODO: check
+CVE-2019-0536 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
CVE-2018-19607 (Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote ...)
[experimental] - exiv2 <unfixed> (bug #915134)
- exiv2 <not-affected> (Vulnerable code introduced later)
@@ -14145,30 +14187,30 @@ CVE-2019-0251
RESERVED
CVE-2019-0250
RESERVED
-CVE-2019-0249
- RESERVED
-CVE-2019-0248
- RESERVED
-CVE-2019-0247
- RESERVED
-CVE-2019-0246
- RESERVED
-CVE-2019-0245
- RESERVED
-CVE-2019-0244
- RESERVED
-CVE-2019-0243
- RESERVED
+CVE-2019-0249 (Under certain conditions SAP Landscape Management (VCM 3.0) allows an ...)
+ TODO: check
+CVE-2019-0248 (Under certain conditions SAP Gateway of ABAP Application Server (fixed ...)
+ TODO: check
+CVE-2019-0247 (SAP Cloud Connector, before version 2.11.3, allows an attacker to ...)
+ TODO: check
+CVE-2019-0246 (SAP Cloud Connector, before version 2.11.3, does not perform any ...)
+ TODO: check
+CVE-2019-0245 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF ...)
+ TODO: check
+CVE-2019-0244 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF ...)
+ TODO: check
+CVE-2019-0243 (Under some circumstances, masterdata maintenance in SAP BW/4HANA ...)
+ TODO: check
CVE-2019-0242
RESERVED
-CVE-2019-0241
- RESERVED
-CVE-2019-0240
- RESERVED
+CVE-2019-0241 (SAP Work and Inventory Manager (Agentry_SDK , before 7.0, 7.1) allows ...)
+ TODO: check
+CVE-2019-0240 (SAP Business Objects Mobile for Android (before 6.3.5) application ...)
+ TODO: check
CVE-2019-0239
RESERVED
-CVE-2019-0238
- RESERVED
+CVE-2019-0238 (SAP Commerce (previously known as SAP Hybris Commerce), before version ...)
+ TODO: check
CVE-2019-0237
RESERVED
CVE-2019-0236
@@ -15250,45 +15292,45 @@ CVE-2019-0087
CVE-2019-0086
RESERVED
CVE-2018-19269
- RESERVED
+ REJECTED
CVE-2018-19268
- RESERVED
+ REJECTED
CVE-2018-19267
- RESERVED
+ REJECTED
CVE-2018-19266
- RESERVED
+ REJECTED
CVE-2018-19265
- RESERVED
+ REJECTED
CVE-2018-19264
- RESERVED
+ REJECTED
CVE-2018-19263
- RESERVED
+ REJECTED
CVE-2018-19262
- RESERVED
+ REJECTED
CVE-2018-19261
- RESERVED
+ REJECTED
CVE-2018-19260
- RESERVED
+ REJECTED
CVE-2018-19259
- RESERVED
+ REJECTED
CVE-2018-19258
- RESERVED
+ REJECTED
CVE-2018-19257
- RESERVED
+ REJECTED
CVE-2018-19256
- RESERVED
+ REJECTED
CVE-2018-19255
- RESERVED
+ REJECTED
CVE-2018-19254
- RESERVED
+ REJECTED
CVE-2018-19253
- RESERVED
+ REJECTED
CVE-2018-19252
- RESERVED
+ REJECTED
CVE-2018-19251
- RESERVED
+ REJECTED
CVE-2018-19250
- RESERVED
+ REJECTED
CVE-2018-19249 (The Stripe API v1 allows remote attackers to bypass intended access ...)
TODO: check
CVE-2018-19248 (The web service on Epson WorkForce WF-2861 10.48 ...)
@@ -22366,6 +22408,7 @@ CVE-2018-16470 (There is a possible DoS vulnerability in the multipart parser in
CVE-2018-16469 (The merge.recursive function in the merge package v <1.2 can be ...)
NOT-FOR-US: merge package v
CVE-2018-16468 (In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may ...)
+ {DSA-4364-1}
- ruby-loofah 2.2.3-1 (bug #912398)
NOTE: https://github.com/flavorjones/loofah/issues/154
NOTE: https://github.com/flavorjones/loofah/commit/71e4b5434fbcb2ad87643f0c9fecfc3a847943c4 (v2.2.3)
@@ -61279,8 +61322,8 @@ CVE-2018-2501
RESERVED
CVE-2018-2500 (Under certain conditions SAP Mobile Secure Android client (before ...)
NOT-FOR-US: SAP
-CVE-2018-2499
- RESERVED
+CVE-2018-2499 (A security weakness in SAP Financial Consolidation Cube Designer ...)
+ TODO: check
CVE-2018-2498
RESERVED
CVE-2018-2497 (The security audit log of SAP HANA, versions 1.0 and 2.0, does not log ...)
@@ -61309,8 +61352,8 @@ CVE-2018-2486 (SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14))
NOT-FOR-US: SAP
CVE-2018-2485 (It is possible for a malicious application or malware to execute ...)
NOT-FOR-US: SAP
-CVE-2018-2484
- RESERVED
+CVE-2018-2484 (SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; ...)
+ TODO: check
CVE-2018-2483 (HTTP Verb Tampering is possible in SAP BusinessObjects Business ...)
NOT-FOR-US: SAP
CVE-2018-2482 (SAP Mobile Secure Android Application, Mobile-secure.apk Android ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd733bc0f4a60b1f85bc5de8eeb99f5e8a005bb0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd733bc0f4a60b1f85bc5de8eeb99f5e8a005bb0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190109/380daaac/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list