[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1ec2a1c7 by security tracker role at 2019-07-28T20:10:19Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,109 @@
+CVE-2019-14373 (An issue was discovered in image_save_png in image/image-png.cpp in Fr ...)
+	TODO: check
+CVE-2019-14372 (In Libav 12.3, there is an infinite loop in the function wv_read_block ...)
+	TODO: check
+CVE-2019-14371 (An issue was discovered in Libav 12.3. There is an infinite loop in th ...)
+	TODO: check
+CVE-2019-14370 (In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage: ...)
+	TODO: check
+CVE-2019-14369 (Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 all ...)
+	TODO: check
+CVE-2019-14368 (Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage:: ...)
+	TODO: check
+CVE-2019-14367
+	RESERVED
+CVE-2019-14366
+	RESERVED
+CVE-2019-14365
+	RESERVED
+CVE-2019-14364 (An XSS vulnerability in the "Email Subscribers & Newsletters" plug ...)
+	TODO: check
+CVE-2019-14363 (A stack-based buffer overflow in the upnpd binary running on NETGEAR W ...)
+	TODO: check
+CVE-2019-14362 (Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. T ...)
+	TODO: check
+CVE-2019-14361
+	RESERVED
+CVE-2019-14360
+	RESERVED
+CVE-2019-14359
+	RESERVED
+CVE-2019-14358
+	RESERVED
+CVE-2019-14357
+	RESERVED
+CVE-2019-14356
+	RESERVED
+CVE-2019-14355
+	RESERVED
+CVE-2019-14354
+	RESERVED
+CVE-2019-14353
+	RESERVED
+CVE-2019-14352 (** DISPUTED ** In Joget Workflow 6.0.20, CSV Injection, also known as  ...)
+	TODO: check
+CVE-2019-14351 (EspoCRM 5.6.4 is vulnerable to user password hash enumeration. A malic ...)
+	TODO: check
+CVE-2019-14350 (EspoCRM 5.6.4 is vulnerable to stored XSS due to lack of filtration of ...)
+	TODO: check
+CVE-2019-14349 (EspoCRM version 5.6.4 is vulnerable to stored XSS due to lack of filtr ...)
+	TODO: check
+CVE-2019-14348
+	RESERVED
+CVE-2019-14347
+	RESERVED
+CVE-2019-14346
+	RESERVED
+CVE-2019-14345
+	RESERVED
+CVE-2019-14344
+	RESERVED
+CVE-2019-14343
+	RESERVED
+CVE-2019-14342
+	RESERVED
+CVE-2019-14341
+	RESERVED
+CVE-2019-14340
+	RESERVED
+CVE-2019-14339
+	RESERVED
+CVE-2019-14338
+	RESERVED
+CVE-2019-14337
+	RESERVED
+CVE-2019-14336
+	RESERVED
+CVE-2019-14335
+	RESERVED
+CVE-2019-14334
+	RESERVED
+CVE-2019-14333
+	RESERVED
+CVE-2019-14332
+	RESERVED
+CVE-2019-14331 (An issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due ...)
+	TODO: check
+CVE-2019-14330 (An issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due ...)
+	TODO: check
+CVE-2019-14329 (An issue was discovered in EspoCRM before 5.6.6. There is stored XSS d ...)
+	TODO: check
+CVE-2019-14328 (The Simple Membership plugin before 3.8.5 for WordPress has CSRF affec ...)
+	TODO: check
+CVE-2019-14327
+	RESERVED
+CVE-2019-14326
+	RESERVED
+CVE-2019-14325
+	RESERVED
+CVE-2019-14324
+	RESERVED
+CVE-2019-14323 (SSDP Responder 1.x through 1.5 mishandles incoming network messages, l ...)
+	TODO: check
+CVE-2019-14322 (In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles dri ...)
+	TODO: check
+CVE-2019-14321
+	RESERVED
 CVE-2019-14320
 	RESERVED
 CVE-2019-14319



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ec2a1c78db8c57919932ca167e75c109d69a948

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ec2a1c78db8c57919932ca167e75c109d69a948
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190728/73d6ea38/attachment.html>