[Git][security-tracker-team/security-tracker][master] automatic update

Sun Jul 28 09:10:30 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6de4b9ae by security tracker role at 2019-07-28T08:10:19Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,25 +1,73 @@
-CVE-2017-18379 [nvmet-fc: ensure target queue id within range]
+CVE-2019-14320
+	RESERVED
+CVE-2019-14319
+	RESERVED
+CVE-2019-14318
+	RESERVED
+CVE-2019-14317
+	RESERVED
+CVE-2019-14316
+	RESERVED
+CVE-2019-14315 (A cross-site scripting (XSS) vulnerability in upload.php in SunHater K ...)
+	TODO: check
+CVE-2019-14314
+	RESERVED
+CVE-2019-14313
+	RESERVED
+CVE-2019-14312
+	RESERVED
+CVE-2019-14311
+	RESERVED
+CVE-2019-14310
+	RESERVED
+CVE-2019-14309
+	RESERVED
+CVE-2019-14308
+	RESERVED
+CVE-2019-14307
+	RESERVED
+CVE-2019-14306
+	RESERVED
+CVE-2019-14305
+	RESERVED
+CVE-2019-14304
+	RESERVED
+CVE-2019-14303
+	RESERVED
+CVE-2019-14302
+	RESERVED
+CVE-2019-14301
+	RESERVED
+CVE-2019-14300
+	RESERVED
+CVE-2019-14299
+	RESERVED
+CVE-2019-14298 (Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(con ...)
+	TODO: check
+CVE-2019-14297 (Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with  ...)
+	TODO: check
+CVE-2017-18379 (In the Linux kernel before 4.14, an out of boundary access happened in ...)
 	- linux 4.14.2-1
 	NOTE: https://git.kernel.org/linus/0c319d3a144d4b8f1ea2047fd614d2149b68f889
-CVE-2016-10764 [mtd: spi-nor: Off by one in cqspi_setup_flash()]
+CVE-2016-10764 (In the Linux kernel before 4.9.6, there is an off by one in the driver ...)
 	- linux 4.9.6-1
 	NOTE: https://git.kernel.org/linus/193e87143c290ec16838f5368adc0e0bc94eb931
-CVE-2015-9289 [[media] cx24116: fix a buffer overflow when checking userspace params]
+CVE-2015-9289 (In the Linux kernel before 4.1.4, a buffer overflow occurs when checki ...)
 	- linux 4.1.5-1
 	NOTE: https://git.kernel.org/linus/1fa2337a315a2448c5434f41e00d56b01a22283c
-CVE-2012-6712 [iwlwifi: Sanity check for sta_id]
+CVE-2012-6712 (In the Linux kernel before 3.4, a buffer overflow occurs in drivers/ne ...)
 	- linux 3.8.11-1
 	NOTE: https://git.kernel.org/linus/2da424b0773cea3db47e1e81db71eeebde8269d4
-CVE-2011-5327 [loopback: off by one in tcm_loop_make_naa_tpg()]
+CVE-2011-5327 (In the Linux kernel before 3.1, an off by one in the drivers/target/lo ...)
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: https://git.kernel.org/linus/12f09ccb4612734a53e47ed5302e0479c10a50f8
-CVE-2010-5332 [mlx4_en: Fix out of bounds array access]
+CVE-2010-5332 (In the Linux kernel before 2.6.37, an out of bounds array access happe ...)
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: https://git.kernel.org/linus/0926f91083f34d047abc74f1ca4fa6a9c161f7db
-CVE-2010-5331 [drivers/gpu/drm/radeon/radeon_atombios.c: range check issues]
+CVE-2010-5331 (In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/ ...)
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: https://git.kernel.org/linus/0031c41be5c529f8329e327b63cde92ba1284842
-CVE-2007-6762 [NetLabel: correct CIPSO tag handling when adding new DOI definitions]
+CVE-2007-6762 (In the Linux kernel before 2.6.20, there is an off-by-one bug in net/n ...)
 	- linux <not-affected> (Fixed before src:linux-2.6 -> src:linux rename)
 	NOTE: https://git.kernel.org/linus/2a2f11c227bdf292b3a2900ad04139d301b56ac4
 CVE-2019-14296 (canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6de4b9ae2407f03243574aea53e0174502dfe598

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6de4b9ae2407f03243574aea53e0174502dfe598
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190728/aac19ff7/attachment.html>
