[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Sat Mar 9 08:10:23 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0afc5f4c by security tracker role at 2019-03-09T08:10:12Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2019-9641 (An issue was discovered in the EXIF component in PHP before 7.1.27, ...)
+ TODO: check
+CVE-2019-9640 (An issue was discovered in the EXIF component in PHP before 7.1.27, ...)
+ TODO: check
+CVE-2019-9639 (An issue was discovered in the EXIF component in PHP before 7.1.27, ...)
+ TODO: check
+CVE-2019-9638 (An issue was discovered in the EXIF component in PHP before 7.1.27, ...)
+ TODO: check
+CVE-2019-9637 (An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and ...)
+ TODO: check
+CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: ...)
+ TODO: check
+CVE-2019-9635
+ RESERVED
+CVE-2019-1003039 (An insufficiently protected credentials vulnerability exists in ...)
+ TODO: check
+CVE-2019-1003038 (An insufficiently protected credentials vulnerability exists in ...)
+ TODO: check
+CVE-2019-1003037 (An information exposure vulnerability exists in Jenkins Azure VM ...)
+ TODO: check
+CVE-2019-1003036 (A data modification vulnerability exists in Jenkins Azure VM Agents ...)
+ TODO: check
+CVE-2019-1003035 (An information exposure vulnerability exists in Jenkins Azure VM ...)
+ TODO: check
+CVE-2019-1003034 (A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 ...)
+ TODO: check
+CVE-2019-1003033 (A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.1 and ...)
+ TODO: check
+CVE-2019-1003032 (A sandbox bypass vulnerability exists in Jenkins Email Extension ...)
+ TODO: check
+CVE-2019-1003031 (A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin ...)
+ TODO: check
+CVE-2019-1003030 (A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy ...)
+ TODO: check
+CVE-2019-1003029 (A sandbox bypass vulnerability exists in Jenkins Script Security ...)
+ TODO: check
CVE-2019-9634 (Go through 1.12 on Windows misuses certain LoadLibrary functionality, ...)
TODO: check
CVE-2019-XXXX [rename() across the device may allow unwanted access during processing]
@@ -138,8 +174,8 @@ CVE-2019-9582
RESERVED
CVE-2019-9581 (phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via ...)
NOT-FOR-US: phpscheduleit Booked Scheduler
-CVE-2019-9580
- RESERVED
+CVE-2019-9580 (In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3, ...)
+ TODO: check
CVE-2019-9579
RESERVED
CVE-2019-9578 (In devs.c in Yubico libu2f-host before 1.1.8, the response to init is ...)
@@ -3134,41 +3170,41 @@ CVE-2019-8282
RESERVED
CVE-2019-8281
RESERVED
-CVE-2019-8280
- RESERVED
+CVE-2019-8280 (UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC ...)
+ TODO: check
CVE-2019-8279 (Multiple stored XSS in Vanilla Forums before 2.5 allow remote ...)
NOT-FOR-US: Vanilla Forums
CVE-2019-8278 (Stored XSS in Invision Power Board versions 3.3.1 - 3.4.8 leads to ...)
NOT-FOR-US: Invision Power Board
-CVE-2019-8277
- RESERVED
-CVE-2019-8276
- RESERVED
-CVE-2019-8275
- RESERVED
-CVE-2019-8274
- RESERVED
-CVE-2019-8273
- RESERVED
-CVE-2019-8272
- RESERVED
-CVE-2019-8271
- RESERVED
-CVE-2019-8270
- RESERVED
-CVE-2019-8269
- RESERVED
-CVE-2019-8268
- RESERVED
-CVE-2019-8267
- RESERVED
-CVE-2019-8266
- RESERVED
-CVE-2019-8265
- RESERVED
-CVE-2019-8264
- RESERVED
-CVE-2019-8263 (UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC ...)
+CVE-2019-8277 (UltraVNC revision 1211 contains multiple memory leaks (CWE-655) in VNC ...)
+ TODO: check
+CVE-2019-8276 (UltraVNC revision 1211 has a stack buffer overflow vulnerability in ...)
+ TODO: check
+CVE-2019-8275 (UltraVNC revision 1211 has multiple improper null termination ...)
+ TODO: check
+CVE-2019-8274 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
+ TODO: check
+CVE-2019-8273 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
+ TODO: check
+CVE-2019-8272 (UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC ...)
+ TODO: check
+CVE-2019-8271 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
+ TODO: check
+CVE-2019-8270 (UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC ...)
+ TODO: check
+CVE-2019-8269 (UltraVNC revision 1206 has stack-based Buffer overflow vulnerability ...)
+ TODO: check
+CVE-2019-8268 (UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC ...)
+ TODO: check
+CVE-2019-8267 (UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC ...)
+ TODO: check
+CVE-2019-8266 (UltraVNC revision 1207 has multiple out-of-bounds access ...)
+ TODO: check
+CVE-2019-8265 (UltraVNC revision 1207 has multiple out-of-bounds access ...)
+ TODO: check
+CVE-2019-8264 (UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC ...)
+ TODO: check
+CVE-2019-8263 (UltraVNC revision 1205 has stack-based buffer overflow vulnerability ...)
NOT-FOR-US: UltraVNC
CVE-2019-8262 (UltraVNC revision 1203 has multiple heap buffer overflow ...)
NOT-FOR-US: UltraVNC
@@ -10837,8 +10873,8 @@ CVE-2019-5017
RESERVED
CVE-2019-5016
RESERVED
-CVE-2019-5015
- RESERVED
+CVE-2019-5015 (A local privilege escalation vulnerability exists in the Mac OS X ...)
+ TODO: check
CVE-2019-5014
RESERVED
CVE-2019-5013
@@ -20164,16 +20200,16 @@ CVE-2019-1611
RESERVED
CVE-2019-1610
RESERVED
-CVE-2019-1609
- RESERVED
-CVE-2019-1608
- RESERVED
-CVE-2019-1607
- RESERVED
-CVE-2019-1606
- RESERVED
-CVE-2019-1605
- RESERVED
+CVE-2019-1609 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+ TODO: check
+CVE-2019-1608 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+ TODO: check
+CVE-2019-1607 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+ TODO: check
+CVE-2019-1606 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+ TODO: check
+CVE-2019-1605 (A vulnerability in the NX-API feature of Cisco NX-OS Software could ...)
+ TODO: check
CVE-2019-1604 (A vulnerability in the user account management interface of Cisco ...)
TODO: check
CVE-2019-1603 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
@@ -66370,10 +66406,10 @@ CVE-2018-4057
CVE-2018-4056 (An exploitable SQL injection vulnerability exists in the administrator ...)
{DSA-4373-1 DLA-1671-1}
- coturn 4.5.1.0-1
-CVE-2018-4055
- RESERVED
-CVE-2018-4054
- RESERVED
+CVE-2018-4055 (A local privilege escalation vulnerability exists in the install ...)
+ TODO: check
+CVE-2018-4054 (A local privilege escalation vulnerability exists in the install ...)
+ TODO: check
CVE-2018-4053
RESERVED
CVE-2018-4052
@@ -121647,8 +121683,7 @@ CVE-2017-3166 (In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and ...
- hadoop <itp> (bug #793644)
CVE-2017-3165 (In Apache Brooklyn before 0.10.0, the REST server is vulnerable to ...)
NOT-FOR-US: Apache Brooklyn
-CVE-2017-3164 [SSRF issue]
- RESERVED
+CVE-2017-3164 (Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 ...)
- lucene-solr <unfixed> (unimportant; bug #922242)
NOTE: https://issues.apache.org/jira/browse/SOLR-12770
CVE-2017-3163 (When using the Index Replication feature, Apache Solr nodes can pull ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0afc5f4c18ee496fa6bfc701f8c3899c487d7e11
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0afc5f4c18ee496fa6bfc701f8c3899c487d7e11
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190309/4a4bd402/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list