[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Mar 7 08:10:33 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b0e58b99 by security tracker role at 2019-03-07T08:10:24Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,45 @@
+CVE-2019-9624 (Webmin 1.900 allows remote attackers to execute arbitrary code by ...)
+	TODO: check
+CVE-2019-9623 (Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code ...)
+	TODO: check
+CVE-2019-9622 (eBrigade through 4.5 allows Arbitrary File Download via ../ directory ...)
+	TODO: check
+CVE-2019-9621
+	RESERVED
+CVE-2019-9620
+	RESERVED
+CVE-2019-9619
+	RESERVED
+CVE-2019-9618
+	RESERVED
+CVE-2019-9617 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+	TODO: check
+CVE-2019-9616 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+	TODO: check
+CVE-2019-9615 (An issue was discovered in OFCMS before 1.1.3. It allows ...)
+	TODO: check
+CVE-2019-9614 (An issue was discovered in OFCMS before 1.1.3. A command execution ...)
+	TODO: check
+CVE-2019-9613 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+	TODO: check
+CVE-2019-9612 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+	TODO: check
+CVE-2019-9611 (An issue was discovered in OFCMS before 1.1.3. It allows ...)
+	TODO: check
+CVE-2019-9610 (An issue was discovered in OFCMS before 1.1.3. It has ...)
+	TODO: check
+CVE-2019-9609 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+	TODO: check
+CVE-2019-9608 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ...)
+	TODO: check
+CVE-2019-9607 (PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by ...)
+	TODO: check
+CVE-2019-9606 (PHP Scripts Mall Personal Video Collection Script 4.0.4 has Stored XSS ...)
+	TODO: check
+CVE-2019-9605
+	RESERVED
+CVE-2019-9604
+	RESERVED
 CVE-2019-9603 (MiniCMS 1.10 allows mc-admin/post.php?state=publish&delete= CSRF to ...)
 	NOT-FOR-US: MiniCMS
 CVE-2019-9602
@@ -12731,8 +12773,8 @@ CVE-2019-4032 (IBM Financial Transaction Manager for Digital Payments for ...)
 	NOT-FOR-US: IBM
 CVE-2019-4031
 	RESERVED
-CVE-2019-4030
-	RESERVED
+CVE-2019-4030 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to ...)
+	TODO: check
 CVE-2019-4029 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to ...)
 	NOT-FOR-US: IBM
 CVE-2019-4028 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to ...)
@@ -20066,28 +20108,28 @@ CVE-2019-1597
 	RESERVED
 CVE-2019-1596
 	RESERVED
-CVE-2019-1595
-	RESERVED
-CVE-2019-1594
-	RESERVED
-CVE-2019-1593
-	RESERVED
+CVE-2019-1595 (A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol ...)
+	TODO: check
+CVE-2019-1594 (A vulnerability in the 802.1X implementation for Cisco NX-OS Software ...)
+	TODO: check
+CVE-2019-1593 (A vulnerability in the Bash shell implementation for Cisco NX-OS ...)
+	TODO: check
 CVE-2019-1592
 	RESERVED
-CVE-2019-1591
-	RESERVED
+CVE-2019-1591 (A vulnerability in a specific CLI command implementation of Cisco ...)
+	TODO: check
 CVE-2019-1590
 	RESERVED
 CVE-2019-1589
 	RESERVED
-CVE-2019-1588
-	RESERVED
+CVE-2019-1588 (A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running ...)
+	TODO: check
 CVE-2019-1587
 	RESERVED
 CVE-2019-1586
 	RESERVED
-CVE-2019-1585
-	RESERVED
+CVE-2019-1585 (A vulnerability in the controller authorization functionality of Cisco ...)
+	TODO: check
 CVE-2018-19960 (The debug_mode function in web/web.py in OnionShare through 1.3.1, when ...)
 	- onionshare 1.3.2-1 (bug #915859; unimportant)
 	[jessie] - onionshare <no-dsa> (contrib not supported)
@@ -20940,8 +20982,7 @@ CVE-2019-1545
 	RESERVED
 CVE-2019-1544
 	RESERVED
-CVE-2019-1543 [ChaCha20-Poly1305 with long nonces]
-	RESERVED
+CVE-2019-1543 (ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input ...)
 	- openssl <unfixed>
 	[stretch] - openssl <postponed> (Minor issue, fix along in future DSA)
 	- openssl1.0 <not-affected> (Vulnerability does not impact 1.0.2 series)
@@ -72436,10 +72477,10 @@ CVE-2018-1914
 	RESERVED
 CVE-2018-1913
 	RESERVED
-CVE-2018-1912
-	RESERVED
-CVE-2018-1911
-	RESERVED
+CVE-2018-1912 (IBM DOORS Next Generation (DNG/RRC) 6.0.2 through 6.0.6 is vulnerable ...)
+	TODO: check
+CVE-2018-1911 (IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through ...)
+	TODO: check
 CVE-2018-1910
 	RESERVED
 CVE-2018-1909



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b0e58b995fc797a7bce36439ee40bfef7fa8f626

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b0e58b995fc797a7bce36439ee40bfef7fa8f626
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190307/03b309d2/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list