[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d2701210 by security tracker role at 2019-07-09T08:10:15Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2019-13450 (In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on ma ...)
+	TODO: check
+CVE-2019-13449 (In the Zoom Client before 4.4.2 on macOS, remote attackers can cause a ...)
+	TODO: check
+CVE-2019-13448
+	RESERVED
+CVE-2019-13447
+	RESERVED
+CVE-2019-13446
+	RESERVED
+CVE-2019-13445
+	RESERVED
 CVE-2019-13444
 	RESERVED
 CVE-2019-13443
@@ -153,11 +165,11 @@ CVE-2019-13371
 CVE-2019-13370 (index.php/admin/permissions in Ignited CMS through 2017-02-19 allows C ...)
 	NOT-FOR-US: Ignited CMS
 CVE-2019-13369
-	RESERVED
+	REJECTED
 CVE-2019-13368
-	RESERVED
+	REJECTED
 CVE-2019-13367
-	RESERVED
+	REJECTED
 CVE-2019-13366
 	RESERVED
 CVE-2019-13365
@@ -1290,8 +1302,8 @@ CVE-2019-12932 (A stored XSS vulnerability was found in SeedDMS 5.1.11 due to po
 	NOT-FOR-US: SeedDMS
 CVE-2019-12931
 	RESERVED
-CVE-2019-12930
-	RESERVED
+CVE-2019-12930 (A cross-site scripting (XSS) vulnerability in noMenu() and noSubMenu() ...)
+	TODO: check
 CVE-2019-12929 (** DISPUTED ** The QMP guest_exec command in QEMU 4.0.0 and earlier is ...)
 	- qemu <unfixed> (unimportant)
 	- qemu-kvm <removed> (unimportant)
@@ -1304,16 +1316,16 @@ CVE-2019-12928 (** DISPUTED ** The QMP migrate command in QEMU version 4.0.0 and
 	NOTE: https://fakhrizulkifli.github.io/posts/2019/06/05/CVE-2019-12928/
 	NOTE: The QEMU machine protocol (QMP) should not be exposed to unprivileged users,
 	NOTE: and is only intended for administrative control of QEMU instances.
-CVE-2019-12927
-	RESERVED
-CVE-2019-12926
-	RESERVED
-CVE-2019-12925
-	RESERVED
-CVE-2019-12924
-	RESERVED
-CVE-2019-12923
-	RESERVED
+CVE-2019-12927 (MailEnable Enterprise Premium 10.23 was vulnerable to stored and refle ...)
+	TODO: check
+CVE-2019-12926 (MailEnable Enterprise Premium 10.23 did not use appropriate access con ...)
+	TODO: check
+CVE-2019-12925 (MailEnable Enterprise Premium 10.23 was vulnerable to multiple directo ...)
+	TODO: check
+CVE-2019-12924 (MailEnable Enterprise Premium 10.23 was vulnerable to XML External Ent ...)
+	TODO: check
+CVE-2019-12923 (In MailEnable Enterprise Premium 10.23, the potential cross-site reque ...)
+	TODO: check
 CVE-2019-12922
 	RESERVED
 CVE-2019-12921



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d270121091faabadc42a627b12e5d0c915bfc247

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d270121091faabadc42a627b12e5d0c915bfc247
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190709/e46c6cc4/attachment.html>