[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Mar 12 08:10:21 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
974757c5 by security tracker role at 2019-03-12T08:10:12Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2019-9721 (A denial of service in the subtitle decoder in FFmpeg 4.1 allows ...)
+ TODO: check
+CVE-2019-9720
+ RESERVED
+CVE-2019-9719
+ RESERVED
+CVE-2019-9718 (In FFmpeg 4.1, a denial of service in the subtitle decoder allows ...)
+ TODO: check
+CVE-2019-9717
+ RESERVED
+CVE-2019-9716
+ RESERVED
+CVE-2019-9715
+ RESERVED
+CVE-2019-9714
+ RESERVED
+CVE-2019-9713
+ RESERVED
+CVE-2019-9712
+ RESERVED
+CVE-2019-9711
+ RESERVED
+CVE-2019-9710 (An issue was discovered in webargs before 5.1.3, as used with ...)
+ TODO: check
+CVE-2019-9709
+ RESERVED
+CVE-2019-9708
+ RESERVED
+CVE-2019-9707
+ RESERVED
+CVE-2019-9706 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to ...)
+ TODO: check
+CVE-2019-9705 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to ...)
+ TODO: check
+CVE-2019-9704 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to ...)
+ TODO: check
CVE-2019-XXXX [Use-after-free]
- cron 3.0pl1-133 (bug #809167)
[stretch] - cron <no-dsa> (Minor issue)
@@ -130,8 +166,8 @@ CVE-2019-9645
RESERVED
CVE-2019-9646 (The Contact Form Email plugin before 1.2.66 for WordPress allows ...)
NOT-FOR-US: WordPress plugin contact-form-to-email
-CVE-2019-9644
- RESERVED
+CVE-2019-9644 (An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook before ...)
+ TODO: check
CVE-2019-9643
RESERVED
CVE-2019-9642
@@ -3082,6 +3118,7 @@ CVE-2019-8402
CVE-2018-20782 (The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages. ...)
NOT-FOR-US: WooCommerce plugin
CVE-2016-10742 (Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before ...)
+ {DLA-1708-1}
- zabbix 1:3.0.17+dfsg-1 (low)
[stretch] - zabbix <no-dsa> (Minor issue)
NOTE: https://support.zabbix.com/browse/ZBX-10272
@@ -13092,10 +13129,10 @@ CVE-2019-4018
RESERVED
CVE-2019-4017
RESERVED
-CVE-2019-4016
- RESERVED
-CVE-2019-4015
- RESERVED
+CVE-2019-4016 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
+CVE-2019-4015 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
CVE-2019-4014
RESERVED
CVE-2019-4013
@@ -20201,8 +20238,8 @@ CVE-2019-1709
RESERVED
CVE-2019-1708
RESERVED
-CVE-2019-1707
- RESERVED
+CVE-2019-1707 (A vulnerability in the web-based management interface of Cisco DNA ...)
+ TODO: check
CVE-2019-1706
RESERVED
CVE-2019-1705
@@ -20211,8 +20248,8 @@ CVE-2019-1704
RESERVED
CVE-2019-1703
RESERVED
-CVE-2019-1702
- RESERVED
+CVE-2019-1702 (Multiple vulnerabilities in the web-based management interface of ...)
+ TODO: check
CVE-2019-1701
RESERVED
CVE-2019-1700 (A vulnerability in field-programmable gate array (FPGA) ingress buffer ...)
@@ -20235,8 +20272,8 @@ CVE-2019-1692
RESERVED
CVE-2019-1691 (A vulnerability in the detection engine of Cisco Firepower Threat ...)
NOT-FOR-US: Cisco
-CVE-2019-1690
- RESERVED
+CVE-2019-1690 (A vulnerability in the management interface of Cisco Application ...)
+ TODO: check
CVE-2019-1689 (A vulnerability in the client application for iOS of Cisco Webex Teams ...)
NOT-FOR-US: Cisco
CVE-2019-1688 (A vulnerability in the management web interface of Cisco Network ...)
@@ -20379,24 +20416,24 @@ CVE-2019-1620
RESERVED
CVE-2019-1619
RESERVED
-CVE-2019-1618
- RESERVED
-CVE-2019-1617
- RESERVED
-CVE-2019-1616
- RESERVED
-CVE-2019-1615
- RESERVED
-CVE-2019-1614
- RESERVED
-CVE-2019-1613
- RESERVED
-CVE-2019-1612
- RESERVED
-CVE-2019-1611
- RESERVED
-CVE-2019-1610
- RESERVED
+CVE-2019-1618 (A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 ...)
+ TODO: check
+CVE-2019-1617 (A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port ...)
+ TODO: check
+CVE-2019-1616 (A vulnerability in the Cisco Fabric Services component of Cisco NX-OS ...)
+ TODO: check
+CVE-2019-1615 (A vulnerability in the Image Signature Verification feature of Cisco ...)
+ TODO: check
+CVE-2019-1614 (A vulnerability in the NX-API feature of Cisco NX-OS Software could ...)
+ TODO: check
+CVE-2019-1613 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+ TODO: check
+CVE-2019-1612 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+ TODO: check
+CVE-2019-1611 (A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS ...)
+ TODO: check
+CVE-2019-1610 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
+ TODO: check
CVE-2019-1609 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
NOT-FOR-US: Cisco
CVE-2019-1608 (A vulnerability in the CLI of Cisco NX-OS Software could allow an ...)
@@ -66610,7 +66647,7 @@ CVE-2018-4058
{DSA-4373-1 DLA-1671-1}
- coturn 4.5.1.0-1
CVE-2018-4057
- RESERVED
+ REJECTED
CVE-2018-4056 (An exploitable SQL injection vulnerability exists in the administrator ...)
{DSA-4373-1 DLA-1671-1}
- coturn 4.5.1.0-1
@@ -72632,8 +72669,8 @@ CVE-2018-2011
RESERVED
CVE-2018-2010
RESERVED
-CVE-2018-2009
- RESERVED
+CVE-2018-2009 (IBM API Connect v2018.1 and 2018.4.1 is affected by an information ...)
+ TODO: check
CVE-2018-2008
RESERVED
CVE-2018-2007
@@ -72654,8 +72691,8 @@ CVE-2018-2000
RESERVED
CVE-2018-1999
RESERVED
-CVE-2018-1998
- RESERVED
+CVE-2018-1998 (IBM WebSphere MQ 8.0.0.0 through 9.1.1 could allow a local user to ...)
+ TODO: check
CVE-2018-1997
RESERVED
CVE-2018-1996 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide ...)
@@ -72690,20 +72727,20 @@ CVE-2018-1982
RESERVED
CVE-2018-1981
RESERVED
-CVE-2018-1980
- RESERVED
+CVE-2018-1980 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
CVE-2018-1979
RESERVED
-CVE-2018-1978
- RESERVED
+CVE-2018-1978 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
CVE-2018-1977 (IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) ...)
NOT-FOR-US: IBM
CVE-2018-1976 (IBM API Connect 5.0.0.0 through 5.0.8.4 is impacted by sensitive ...)
NOT-FOR-US: IBM
CVE-2018-1975
RESERVED
-CVE-2018-1974
- RESERVED
+CVE-2018-1974 (IBM WebSphere 8.0.0.0 through 9.1.1 could allow an authenticated ...)
+ TODO: check
CVE-2018-1973 (IBM API Connect 5.0.0.0 through 5.0.8.4 allows a user with limited ...)
NOT-FOR-US: IBM
CVE-2018-1972
@@ -72804,10 +72841,10 @@ CVE-2018-1925
RESERVED
CVE-2018-1924
RESERVED
-CVE-2018-1923
- RESERVED
-CVE-2018-1922
- RESERVED
+CVE-2018-1923 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
+CVE-2018-1922 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
CVE-2018-1921
RESERVED
CVE-2018-1920 (IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML ...)
@@ -72846,8 +72883,8 @@ CVE-2018-1904 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could all
NOT-FOR-US: IBM
CVE-2018-1903
RESERVED
-CVE-2018-1902
- RESERVED
+CVE-2018-1902 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...)
+ TODO: check
CVE-2018-1901 (IBM WebSphere Application Server 8.5 and 9.0 could allow a remote ...)
NOT-FOR-US: IBM
CVE-2018-1900 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and ...)
@@ -72870,8 +72907,7 @@ CVE-2018-1892
RESERVED
CVE-2018-1891 (IBM Security Guardium 10 and 10.5 is vulnerable to cross-site ...)
NOT-FOR-US: IBM
-CVE-2018-1890
- RESERVED
+CVE-2018-1890 (IBM SDK, Java Technology Edition Version 8 on the AIX platform uses ...)
NOT-FOR-US: IBM Java on AIX
CVE-2018-1889 (IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site ...)
NOT-FOR-US: IBM
@@ -123040,6 +123076,7 @@ CVE-2017-2828 (An exploitable command injection vulnerability exists in the web
CVE-2017-2827 (An exploitable command injection vulnerability exists in the web ...)
NOT-FOR-US: Foscam C1 Indoor HD Camera
CVE-2017-2826 (An information disclosure vulnerability exists in the iConfig proxy ...)
+ {DLA-1708-1}
- zabbix <unfixed> (low)
[buster] - zabbix <ignored> (Minor issue, workaround exists)
[stretch] - zabbix <ignored> (Minor issue, workaround exists)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/974757c53d0e81701e9e026be14100b8b8a9563e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/974757c53d0e81701e9e026be14100b8b8a9563e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190312/6830d6d0/attachment.html>
More information about the debian-security-tracker-commits
mailing list