[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0b2cc4de by security tracker role at 2019-01-14T20:10:22Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,51 @@
+CVE-2019-6278 (XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with ...)
+	TODO: check
+CVE-2019-6277
+	RESERVED
+CVE-2019-6276
+	RESERVED
+CVE-2019-6275
+	RESERVED
+CVE-2019-6274
+	RESERVED
+CVE-2019-6273
+	RESERVED
+CVE-2019-6272
+	RESERVED
+CVE-2019-6271
+	RESERVED
+CVE-2019-6270
+	RESERVED
+CVE-2019-6269
+	RESERVED
+CVE-2019-6268
+	RESERVED
+CVE-2019-6267
+	RESERVED
+CVE-2019-6266
+	RESERVED
+CVE-2019-6265
+	RESERVED
+CVE-2019-6264
+	RESERVED
+CVE-2019-6263
+	RESERVED
+CVE-2019-6262
+	RESERVED
+CVE-2019-6261
+	RESERVED
+CVE-2019-6260
+	RESERVED
+CVE-2019-6259 (An issue was discovered in idreamsoft iCMS V7.0.13. There is SQL ...)
+	TODO: check
+CVE-2018-20707
+	RESERVED
+CVE-2018-20706
+	RESERVED
+CVE-2018-20705
+	RESERVED
+CVE-2018-20704
+	RESERVED
 CVE-2019-6258
 	RESERVED
 CVE-2019-6257 (A Server Side Request Forgery (SSRF) vulnerability in elFinder before ...)
@@ -21171,6 +21219,7 @@ CVE-2018-17462 (Incorrect refcounting in AppCache in Google Chrome prior to ...)
 	- chromium-browser 70.0.3538.67-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-17461 (An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 ...)
+	{DSA-4256-1}
 	- chromium-browser 68.0.3440.75-1
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 CVE-2018-17460
@@ -22549,8 +22598,7 @@ CVE-2018-16888 [kills privileged process if unprivileged PIDFile was tampered]
 	NOTE: Upstream patches: https://github.com/systemd/systemd/pull/7816
 CVE-2018-16887 (A cross-site scripting (XSS) flaw was found in the katello component ...)
 	NOT-FOR-US: Katello
-CVE-2018-16886
-	RESERVED
+CVE-2018-16886 (etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are ...)
 	- etcd <unfixed>
 	NOTE: Introduced by: https://github.com/etcd-io/etcd/commit/0191509637546621d6f2e18e074e955ab8ef374d
 	NOTE: Upstream issue: https://github.com/etcd-io/etcd/pull/10366
@@ -63701,12 +63749,12 @@ CVE-2018-1971
 	RESERVED
 CVE-2018-1970
 	RESERVED
-CVE-2018-1969
-	RESERVED
+CVE-2018-1969 (IBM Security Identity Manager 6.0.0 allows the attacker to upload or ...)
+	TODO: check
 CVE-2018-1968
 	RESERVED
-CVE-2018-1967
-	RESERVED
+CVE-2018-1967 (IBM Security Identity Manager 6.0.0 is vulnerable to cross-site ...)
+	TODO: check
 CVE-2018-1966
 	RESERVED
 CVE-2018-1965
@@ -63727,8 +63775,8 @@ CVE-2018-1958
 	RESERVED
 CVE-2018-1957 (IBM WebSphere Application Server 9 could allow sensitive information ...)
 	NOT-FOR-US: IBM
-CVE-2018-1956
-	RESERVED
+CVE-2018-1956 (IBM Security Identity Manager 6.0.0 does not require that users should ...)
+	TODO: check
 CVE-2018-1955
 	RESERVED
 CVE-2018-1954



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b2cc4de10b011fc93173da55d06bc6efd8985ef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b2cc4de10b011fc93173da55d06bc6efd8985ef
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190114/d7d9a20d/attachment.html>