[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1887c61e by security tracker role at 2019-03-22T20:10:30Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2019-9941
+	RESERVED
+CVE-2019-9940
+	RESERVED
 CVE-2019-9939 (The SHAREit application before 4.0.36 for Android allows a remote atta ...)
 	NOT-FOR-US: SHAREit
 CVE-2019-9938 (The SHAREit application before 4.0.42 for Android allows a remote atta ...)
@@ -1140,7 +1144,7 @@ CVE-2019-9756
 	RESERVED
 CVE-2019-9755 [heap buffer overflow]
 	RESERVED
-	{DSA-4413-1}
+	{DSA-4413-1 DLA-1724-1}
 	- ntfs-3g 1:2017.3.23AR.3-3 (bug #925255)
 	NOTE: https://sourceforge.net/p/ntfs-3g/ntfs-3g/ci/85c1634a26faa572d3c558d4cf8aaaca5202d4e9/
 CVE-2019-9754 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
@@ -1418,10 +1422,10 @@ CVE-2019-9651 (An issue was discovered in SDCMS V1.7. In the \app\admin\controll
 	NOT-FOR-US: SDCMS
 CVE-2019-9650 (An XSS issue was discovered in upcoming_events.php in the Upcoming Eve ...)
 	NOT-FOR-US: MyBB plugin
-CVE-2019-9649
-	RESERVED
-CVE-2019-9648
-	RESERVED
+CVE-2019-9649 (An issue was discovered in the SFTP Server component in Core FTP 2.0 B ...)
+	TODO: check
+CVE-2019-9648 (An issue was discovered in the SFTP Server component in Core FTP 2.0 B ...)
+	TODO: check
 CVE-2019-9647
 	RESERVED
 CVE-2019-9645
@@ -14423,8 +14427,8 @@ CVE-2019-4054
 	RESERVED
 CVE-2019-4053
 	RESERVED
-CVE-2019-4052
-	RESERVED
+CVE-2019-4052 (IBM API Connect 2018.1 and 2018.4.1.2 apis can be leveraged by unauthe ...)
+	TODO: check
 CVE-2019-4051
 	RESERVED
 CVE-2019-4050
@@ -14457,8 +14461,8 @@ CVE-2019-4037
 	RESERVED
 CVE-2019-4036
 	RESERVED
-CVE-2019-4035
-	RESERVED
+CVE-2019-4035 (IBM Content Navigator 3.0CD could allow attackers to direct web traffi ...)
+	TODO: check
 CVE-2019-4034 (IBM Content Navigator 3.0CD is could allow an attacker to execute arbi ...)
 	NOT-FOR-US: IBM
 CVE-2019-4033
@@ -66299,7 +66303,7 @@ CVE-2018-4840 (A vulnerability has been identified in Siemens DIGSI 4 (All versi
 	NOT-FOR-US: Siemens
 CVE-2018-4839 (A vulnerability has been identified in Siemens DIGSI 4 (All versions & ...)
 	NOT-FOR-US: Siemens
-CVE-2018-4838 (A vulnerability has been identified in Siemens EN100 Ethernet module I ...)
+CVE-2018-4838 (A vulnerability has been identified in EN100 Ethernet module IEC 61850 ...)
 	NOT-FOR-US: Siemens
 CVE-2018-4837 (A vulnerability has been identified in TeleControl Server Basic < V ...)
 	NOT-FOR-US: Siemens / TeleControl Server Basic



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1887c61e68585f29467ffe6f9575a3306ba4769e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1887c61e68585f29467ffe6f9575a3306ba4769e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190322/b60a60f6/attachment.html>