[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Jun 19 21:10:43 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3f14788b by security tracker role at 2019-06-19T20:10:30Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2019-12892
+ RESERVED
+CVE-2019-12891
+ RESERVED
+CVE-2019-12890 (RedwoodHQ 2.5.5 does not require any authentication for database opera ...)
+ TODO: check
+CVE-2019-12889
+ RESERVED
+CVE-2019-12888
+ RESERVED
+CVE-2019-12887
+ RESERVED
+CVE-2019-12886
+ RESERVED
+CVE-2019-12885
+ RESERVED
+CVE-2019-12884
+ RESERVED
+CVE-2019-12883
+ RESERVED
+CVE-2019-12882
+ RESERVED
CVE-2019-12881 (i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c ...)
- linux <undetermined>
NOTE: https://gist.github.com/oxagast/472866fb2c3d439e10499d7141d0a520
@@ -15,6 +37,7 @@ CVE-2019-12876
CVE-2019-12875 (Alpine Linux abuild through 3.4.0 allows an unprivileged member of the ...)
TODO: check
CVE-2019-12874 (An issue was discovered in zlib_decompress_extra in modules/demux/mkv/ ...)
+ {DSA-4459-1}
- vlc 3.0.7-1
[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=81023659c7de5ac2637b4a879195efef50846102
@@ -150,8 +173,8 @@ CVE-2019-12816 (Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated
NOTE: https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311
CVE-2019-12815
RESERVED
-CVE-2019-12814
- RESERVED
+CVE-2019-12814 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
+ TODO: check
CVE-2019-12813 (An issue was discovered in Digital Persona U.are.U 4500 Fingerprint Re ...)
NOT-FOR-US: Digital Persona U.are.U 4500 Fingerprint Reader
CVE-2019-12812
@@ -203,6 +226,7 @@ CVE-2019-12797
CVE-2019-12796
RESERVED
CVE-2019-12795 (daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x bef ...)
+ {DLA-1827-1}
- gvfs 1.38.1-5 (bug #930376)
NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/70dbfc68a79faac49bd3423e079cb6902522082a (master)
NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/d8c9138bf240975848b1c54db648ec4cd516a48f (gnome-3-32)
@@ -885,8 +909,8 @@ CVE-2019-12493 (A stack-based buffer over-read exists in PostScriptFunction::tra
TODO: check
CVE-2019-12492 (Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961, and ...)
NOT-FOR-US: Gallagher Command Centre
-CVE-2019-12491
- RESERVED
+CVE-2019-12491 (OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to r ...)
+ TODO: check
CVE-2019-12490
RESERVED
CVE-2019-12489
@@ -1009,7 +1033,7 @@ CVE-2019-12456 (An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_ma
CVE-2019-12455 (An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/c ...)
- linux <unfixed> (unimportant)
NOTE: No/negligible security impact
-CVE-2019-12454 (An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codec ...)
+CVE-2019-12454 (** DISPUTED ** An issue was discovered in wcd9335_codec_enable_dec in ...)
- linux <not-affected> (Vulnerable code not present, introduced in 5.1-rc1)
CVE-2019-12453
RESERVED
@@ -1071,12 +1095,10 @@ CVE-2019-12438
RESERVED
CVE-2019-12437
RESERVED
-CVE-2019-12436 [Samba AD DC LDAP server crash (paged searches)]
- RESERVED
+CVE-2019-12436 (Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to ...)
- samba <not-affected> (Only affects Samba since 4.10.0)
NOTE: https://www.samba.org/samba/security/CVE-2019-12436.html
-CVE-2019-12435 [Samba AD DC Denial of Service in DNS management server (dnsserver)]
- RESERVED
+CVE-2019-12435 (Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer d ...)
- samba <unfixed> (bug #930748)
[stretch] - samba <not-affected> (Only affects Samba since 4.9)
[jessie] - samba <not-affected> (Only affects Samba since 4.9)
@@ -1211,7 +1233,7 @@ CVE-2019-12383 (Tor Browser before 8.0.1 has an information exposure vulnerabili
NOTE: https://hackerone.com/reports/282748
NOTE: https://trac.torproject.org/projects/tor/ticket/24056
NOTE: This affects Firefox, but it's not a security issue in Firefox by itself
-CVE-2019-12382 (An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/d ...)
+CVE-2019-12382 (** DISPUTED ** An issue was discovered in drm_load_edid_firmware in dr ...)
- linux <unfixed> (unimportant)
NOTE: Issue with no security impact, see kernel-sec, invalid issue
CVE-2019-12381 (An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in ...)
@@ -3000,8 +3022,8 @@ CVE-2019-11651
RESERVED
CVE-2019-11650
RESERVED
-CVE-2019-11649
- RESERVED
+CVE-2019-11649 (Cross-site scripting in Micro Focus Fortify software security center s ...)
+ TODO: check
CVE-2019-11648
RESERVED
CVE-2019-11647
@@ -4113,10 +4135,10 @@ CVE-2019-11234 (FreeRADIUS before 3.0.19 does not prevent use of reflection for
[jessie] - freeradius <not-affected> (EAP-PWD only introduced in 3.0.0)
NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
-CVE-2019-11233
- RESERVED
-CVE-2019-11232
- RESERVED
+CVE-2019-11233 (EXCELLENT INFOTEK BiYan v1.57 ~ v2.8 allows an attacker to leak user i ...)
+ TODO: check
+CVE-2019-11232 (EXCELLENT INFOTEK BiYan v1.57 ~ v2.8 allows an attacker to leak user i ...)
+ TODO: check
CVE-2019-11231 (An issue was discovered in GetSimple CMS through 3.3.15. insufficient ...)
NOT-FOR-US: GetSimple CMS
CVE-2019-11230
@@ -6481,8 +6503,8 @@ CVE-2019-10259
RESERVED
CVE-2019-10258
RESERVED
-CVE-2019-10257
- RESERVED
+CVE-2019-10257 (Zucchetti HR Portal through 2019-03-15 allows Directory Traversal. Una ...)
+ TODO: check
CVE-2019-10256
RESERVED
CVE-2019-10255 (An Open Redirect vulnerability for all browsers in Jupyter Notebook be ...)
@@ -8588,8 +8610,8 @@ CVE-2019-9765 (In Blog_mini 1.0, XSS exists via the author name of a comment rep
NOT-FOR-US: Blog_mini
CVE-2019-9764 (HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to ...)
NOT-FOR-US: HashiCorp Consul
-CVE-2019-9763
- RESERVED
+CVE-2019-9763 (An issue was discovered in Openfind Mail2000 v6 Webmail. XSS can occur ...)
+ TODO: check
CVE-2019-9762 (A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment ...)
NOT-FOR-US: PHPSHE
CVE-2019-9761 (An XXE issue was discovered in PHPSHE 1.7, which can be used to read a ...)
@@ -8781,8 +8803,8 @@ CVE-2019-9703
RESERVED
CVE-2019-9702
RESERVED
-CVE-2019-9701
- RESERVED
+CVE-2019-9701 (DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site ...)
+ TODO: check
CVE-2019-9700
RESERVED
CVE-2019-9699
@@ -15680,10 +15702,10 @@ CVE-2019-6974 (In the Linux kernel before 4.20.8, kvm_ioctl_create_device in vir
NOTE: https://git.kernel.org/linus/cfa39381173d5f969daf43582c95ad679189cbc9
CVE-2019-6973 (Sricam IP CCTV cameras are vulnerable to denial of service via multipl ...)
NOT-FOR-US: Sricam IP CCTV cameras
-CVE-2019-6972
- RESERVED
-CVE-2019-6971
- RESERVED
+CVE-2019-6972 (An issue was discovered on TP-Link TL-WR1043ND V2 devices. The credent ...)
+ TODO: check
+CVE-2019-6971 (An issue was discovered on TP-Link TL-WR1043ND V2 devices. An attacker ...)
+ TODO: check
CVE-2019-6970 (Moodle 3.5.x before 3.5.4 allows SSRF. ...)
- moodle <removed>
CVE-2019-6969
@@ -17812,8 +17834,8 @@ CVE-2019-6116 (In Artifex Ghostscript through 9.26, ephemeral or transient proce
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700317
CVE-2019-6115
RESERVED
-CVE-2019-6114
- RESERVED
+CVE-2019-6114 (An issue was discovered in Corel PaintShop Pro 2019 21.0.0.119. An int ...)
+ TODO: check
CVE-2019-6113
RESERVED
CVE-2019-6112
@@ -21673,10 +21695,10 @@ CVE-2019-4387
RESERVED
CVE-2019-4386
RESERVED
-CVE-2019-4385
- RESERVED
-CVE-2019-4384
- RESERVED
+CVE-2019-4385 (IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password i ...)
+ TODO: check
+CVE-2019-4384 (IBM Campaign 9.1.2 and 10.1 could allow a remote attacker to traverse ...)
+ TODO: check
CVE-2019-4383
RESERVED
CVE-2019-4382
@@ -21715,8 +21737,8 @@ CVE-2019-4366
RESERVED
CVE-2019-4365
RESERVED
-CVE-2019-4364
- RESERVED
+CVE-2019-4364 (IBM Maximo Asset Management 7.6 is vulnerable to CSV injection, which ...)
+ TODO: check
CVE-2019-4363
RESERVED
CVE-2019-4362
@@ -21837,8 +21859,8 @@ CVE-2019-4305
RESERVED
CVE-2019-4304
RESERVED
-CVE-2019-4303
- RESERVED
+CVE-2019-4303 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
+ TODO: check
CVE-2019-4302
RESERVED
CVE-2019-4301
@@ -30239,8 +30261,8 @@ CVE-2018-19880
RESERVED
CVE-2018-19879 (An issue was discovered in /cgi-bin/luci on Teltonika RTU9XX (e.g., RU ...)
NOT-FOR-US: Teltonika devices
-CVE-2018-19878
- RESERVED
+CVE-2018-19878 (An issue was discovered on Teltonika RTU950 R_31.04.89 devices. The ap ...)
+ TODO: check
CVE-2018-19877 (login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login Bu ...)
NOT-FOR-US: Adiscon LogAnalyzer
CVE-2018-19876 (cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would ...)
@@ -35998,8 +36020,8 @@ CVE-2018-18865 (The Royal browser extensions TS before 4.3.60728 (Release Date 2
NOT-FOR-US: Royal browser extensions TS
CVE-2018-18864 (Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache ...)
NOT-FOR-US: Loadbalancer.org Enterprise VA MAX
-CVE-2018-18863
- RESERVED
+CVE-2018-18863 (NGA ResourceLink 20.0.2.1 allows local file inclusion. ...)
+ TODO: check
CVE-2018-18862 (BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has ...)
NOT-FOR-US: BMC
CVE-2018-18861 (Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execu ...)
@@ -36248,10 +36270,10 @@ CVE-2018-18760 (RhinOS 3.0 build 1190 allows CSRF. ...)
NOT-FOR-US: RhinOS
CVE-2018-18759 (Modbus Slave 7.0.0 in modbus tools has a Buffer Overflow. ...)
NOT-FOR-US: Modbus Slave
-CVE-2018-18758
- RESERVED
-CVE-2018-18757
- RESERVED
+CVE-2018-18758 (Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php ...)
+ TODO: check
+CVE-2018-18757 (Open Faculty Evaluation System 5.6 for PHP 5.6 allows submit_feedback. ...)
+ TODO: check
CVE-2018-18756 (Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008 ...)
NOT-FOR-US: Local Server
CVE-2018-18755 (K-iwi Framework 1775 has SQL Injection via the admin/user/group/update ...)
@@ -37038,10 +37060,10 @@ CVE-2018-18474
RESERVED
CVE-2018-18473 (A hidden backdoor on PATLITE NBM-D88N, NHL-3FB1, and NHL-3FV1N devices ...)
NOT-FOR-US: PATLITE NBM-D88N
-CVE-2018-18472
- RESERVED
-CVE-2018-18471
- RESERVED
+CVE-2018-18472 (Western Digital WD My Book Live (all versions) has a root Remote Comma ...)
+ TODO: check
+CVE-2018-18471 (/api/2.0/rest/aggregator/xml in Axentra firmware, used by NETGEAR Stor ...)
+ TODO: check
CVE-2018-18470
RESERVED
CVE-2018-18469
@@ -37179,8 +37201,8 @@ CVE-2018-18427 (s-cms 3.0 allows SQL Injection via the member/post.php 0_id para
NOT-FOR-US: s-cms
CVE-2018-18426 (s-cms 3.0 allows remote attackers to execute arbitrary PHP code by pla ...)
NOT-FOR-US: s-cms
-CVE-2018-18425
- RESERVED
+CVE-2018-18425 (The doAirdrop function of a smart contract implementation for Primeo ( ...)
+ TODO: check
CVE-2018-18424
RESERVED
CVE-2018-18423
@@ -37228,8 +37250,8 @@ CVE-2018-18407 (A heap-based buffer over-read was discovered in the tcpreplay-ed
[jessie] - tcpreplay <no-dsa> (Minor issue)
NOTE: https://github.com/appneta/tcpreplay/issues/488
NOTE: https://github.com/appneta/tcpreplay/commit/1d7561a4d542842a1aeabf55bfd4aaf88b3a1071
-CVE-2018-18406
- RESERVED
+CVE-2018-18406 (An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 bu ...)
+ TODO: check
CVE-2018-18405
RESERVED
CVE-2018-18404
@@ -38839,12 +38861,12 @@ CVE-2018-17844
RESERVED
CVE-2018-17843 (SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Soft ...)
NOT-FOR-US: ADD Clicking MLM
-CVE-2018-17842
- RESERVED
-CVE-2018-17841
- RESERVED
-CVE-2018-17840
- RESERVED
+CVE-2018-17842 (SQL injection exists in Scriptzee Hotel Booking Engine 1.0 via the hot ...)
+ TODO: check
+CVE-2018-17841 (SQL injection exists in Scriptzee Flippa Marketplace Clone 1.0 via the ...)
+ TODO: check
+CVE-2018-17840 (SQL injection exists in Scriptzee Education Website 1.0 via the colleg ...)
+ TODO: check
CVE-2018-17839
RESERVED
CVE-2018-17838 (An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file read oper ...)
@@ -39847,8 +39869,8 @@ CVE-2018-17425 (WUZHI CMS 4.1.0 has stored XSS via the "Membership Center" "I wa
NOT-FOR-US: WUZHI CMS
CVE-2018-17424
RESERVED
-CVE-2018-17423
- RESERVED
+CVE-2018-17423 (An issue was discovered in e107 v2.1.9. There is a XSS attack on e107_ ...)
+ TODO: check
CVE-2018-17422 (dotCMS before 5.0.2 has open redirects via the html/common/forward_js. ...)
NOT-FOR-US: dotCMS
CVE-2018-17421 (An issue was discovered in ZrLog 2.0.3. There is stored XSS in the fil ...)
@@ -39893,10 +39915,10 @@ CVE-2018-17401 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) applicat
NOT-FOR-US: PhonePe wallet application
CVE-2018-17400 (** DISPUTED ** The PhonePe wallet (aka com.PhonePe.app) application 3. ...)
NOT-FOR-US: PhonePe wallet application
-CVE-2018-17399
- RESERVED
-CVE-2018-17398
- RESERVED
+CVE-2018-17399 (SQL Injection exists in the Jimtawl 2.2.7 component for Joomla! via th ...)
+ TODO: check
+CVE-2018-17398 (SQL Injection exists in the AMGallery 1.2.3 component for Joomla! via ...)
+ TODO: check
CVE-2018-17397 (SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for ...)
NOT-FOR-US: AlphaIndex Dictionaries component for Joomla!
CVE-2018-17396
@@ -39905,22 +39927,22 @@ CVE-2018-17395
RESERVED
CVE-2018-17394 (SQL Injection exists in the Timetable Schedule 3.6.8 component for Joo ...)
NOT-FOR-US: Timetable Schedule component for Joomla!
-CVE-2018-17393
- RESERVED
+CVE-2018-17393 (SQL Injection exists in HealthNode Hospital Management System 1.0 via ...)
+ TODO: check
CVE-2018-17392
RESERVED
CVE-2018-17391 (SQL Injection exists in authors_post.php in Super Cms Blog Pro 1.0 via ...)
NOT-FOR-US: Super Cms Blog Pro
CVE-2018-17390
RESERVED
-CVE-2018-17389
- RESERVED
-CVE-2018-17388
- RESERVED
-CVE-2018-17387
- RESERVED
-CVE-2018-17386
- RESERVED
+CVE-2018-17389 (CSRF exists in server.php in Live Call Support Application 1.5 for add ...)
+ TODO: check
+CVE-2018-17388 (SQL Injection exists in Twilio WEB To Fax Machine System 1.0 via the e ...)
+ TODO: check
+CVE-2018-17387 (CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for ...)
+ TODO: check
+CVE-2018-17386 (SQL Injection exists in the Micro Deal Factory 2.4.0 component for Joo ...)
+ TODO: check
CVE-2018-17385 (SQL Injection exists in the Social Factory 3.8.3 component for Joomla! ...)
NOT-FOR-US: Social Factory component for Joomla!
CVE-2018-17384 (SQL Injection exists in the Swap Factory 2.2.1 component for Joomla! v ...)
@@ -39929,8 +39951,8 @@ CVE-2018-17383 (SQL Injection exists in the Collection Factory 4.1.9 component f
NOT-FOR-US: Collection Factory component for Joomla!
CVE-2018-17382 (SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! v ...)
NOT-FOR-US: Jobs Factory component for Joomla!
-CVE-2018-17381
- RESERVED
+CVE-2018-17381 (SQL Injection exists in the Dutch Auction Factory 2.0.2 component for ...)
+ TODO: check
CVE-2018-17380 (SQL Injection exists in the Article Factory Manager 4.3.9 component fo ...)
NOT-FOR-US: Article Factory Manager component for Joomla!
CVE-2018-17379 (SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! ...)
@@ -39943,8 +39965,8 @@ CVE-2018-17376 (SQL Injection exists in the Reverse Auction Factory 4.3.8 compon
NOT-FOR-US: Reverse Auction Factory component for Joomla!
CVE-2018-17375 (SQL Injection exists in the Music Collection 3.0.3 component for Jooml ...)
NOT-FOR-US: Music Collection component for Joomla!
-CVE-2018-17374
- RESERVED
+CVE-2018-17374 (SQL Injection exists in the Auction Factory 4.5.5 component for Joomla ...)
+ TODO: check
CVE-2018-17373
RESERVED
CVE-2018-17372
@@ -40522,12 +40544,12 @@ CVE-2018-17150
RESERVED
CVE-2018-17149
RESERVED
-CVE-2018-17148
- RESERVED
+CVE-2018-17148 (An Insufficient Access Control vulnerability (leading to credential di ...)
+ TODO: check
CVE-2018-17147
RESERVED
-CVE-2018-17146
- RESERVED
+CVE-2018-17146 (A cross-site scripting vulnerability exists in Nagios XI before 5.5.4 ...)
+ TODO: check
CVE-2018-17145
RESERVED
CVE-2018-17144 (Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x be ...)
@@ -40706,8 +40728,8 @@ CVE-2018-17081 (e107 2.1.9 allows CSRF via e107_admin/wmessage.php?mode=&act
NOT-FOR-US: e107
CVE-2018-17080
RESERVED
-CVE-2018-17079
- RESERVED
+CVE-2018-17079 (An issue was discovered in ZRLOG 2.0.1. There is a Stored XSS vulnerab ...)
+ TODO: check
CVE-2018-17078
RESERVED
CVE-2018-17077 (An issue was discovered in yiqicms through 2016-11-20. There is stored ...)
@@ -42014,8 +42036,8 @@ CVE-2018-16620 (Sonatype Nexus Repository Manager before 3.14 has Incorrect Acce
NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2018-16619 (Sonatype Nexus Repository Manager before 3.14 allows XSS. ...)
NOT-FOR-US: Sonatype Nexus Repository Manager
-CVE-2018-16618
- RESERVED
+CVE-2018-16618 (VTech Storio Max before 56.D3JM6 allows remote command execution via s ...)
+ TODO: check
CVE-2018-1000670 (KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (u ...)
- koha <itp> (bug #702134)
NOTE: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19086
@@ -42030,8 +42052,8 @@ CVE-2018-16615
RESERVED
CVE-2018-16614
RESERVED
-CVE-2018-16613
- RESERVED
+CVE-2018-16613 (An issue was discovered in the update function in the wpForo Forum plu ...)
+ TODO: check
CVE-2018-16612
RESERVED
CVE-2018-16611
@@ -42069,12 +42091,12 @@ CVE-2018-16597 (An issue was discovered in the Linux kernel before 4.8. Incorrec
NOTE: https://git.kernel.org/linus/c0ca3d70e8d3cf81e2255a217f7ca402f5ed0862
CVE-2018-16596 (A stack-based buffer overflow in the LAN UPnP service running on UDP p ...)
NOT-FOR-US: Swisscom
-CVE-2018-16595
- RESERVED
-CVE-2018-16594
- RESERVED
-CVE-2018-16593
- RESERVED
+CVE-2018-16595 (The Photo Sharing Plus component on Sony Bravia TV through 8.587 devic ...)
+ TODO: check
+CVE-2018-16594 (The Photo Sharing Plus component on Sony Bravia TV through 8.587 devic ...)
+ TODO: check
+CVE-2018-16593 (The Photo Sharing Plus component on Sony Bravia TV through 8.587 devic ...)
+ TODO: check
CVE-2018-16592
RESERVED
CVE-2018-16591 (FURUNO FELCOM 250 and 500 devices allow unauthenticated users to chang ...)
@@ -44942,8 +44964,8 @@ CVE-2018-15508 (Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control al
NOT-FOR-US: Five9 Agent Desktop Plus
CVE-2018-15507
RESERVED
-CVE-2018-15506
- RESERVED
+CVE-2018-15506 (In BubbleUPnP 0.9 update 30, the XML parsing engine for SSDP/UPnP func ...)
+ TODO: check
CVE-2018-15505 (An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb b ...)
NOT-FOR-US: Embedthis GoAhead
CVE-2018-15504 (An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb b ...)
@@ -136643,8 +136665,8 @@ CVE-2017-1109
RESERVED
CVE-2017-1108
RESERVED
-CVE-2017-1107
- RESERVED
+CVE-2017-1107 (IBM Marketing Platform 9.1.0, 9.1.2, 10.0, and 10.1 exposes sensitive ...)
+ TODO: check
CVE-2017-1106 (IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to ...)
NOT-FOR-US: IBM
CVE-2017-1105 (IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (include ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f14788b9093f2be86c145fa70f9441a2270dafe
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f14788b9093f2be86c145fa70f9441a2270dafe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190619/698113ac/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list