[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Sat Mar 30 20:10:26 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
267df51b by security tracker role at 2019-03-30T20:10:17Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2019-10663 (Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticate ...)
+ TODO: check
+CVE-2019-10662 (Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticate ...)
+ TODO: check
+CVE-2019-10661 (On Grandstream GXV3611IR_HD before 1.0.3.23 devices, the root account ...)
+ TODO: check
+CVE-2019-10660 (Grandstream GXV3611IR_HD before 1.0.3.23 devices allow remote authenti ...)
+ TODO: check
+CVE-2019-10659 (Grandstream GXV3370 before 1.0.1.41 and WP820 before 1.0.3.6 devices a ...)
+ TODO: check
+CVE-2019-10658 (Grandstream GWN7610 before 1.0.8.18 devices allow remote authenticated ...)
+ TODO: check
+CVE-2019-10657 (Grandstream GWN7000 before 1.0.6.32 and GWN7610 before 1.0.8.18 device ...)
+ TODO: check
+CVE-2019-10656 (Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated ...)
+ TODO: check
+CVE-2019-10655 (Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3 ...)
+ TODO: check
+CVE-2019-10654 (The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in ...)
+ TODO: check
+CVE-2019-10653
+ RESERVED
+CVE-2019-10652 (An issue was discovered in flatCore 1.4.7. acp/acp.php allows remote a ...)
+ TODO: check
+CVE-2019-10651
+ RESERVED
+CVE-2019-10650 (In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in ...)
+ TODO: check
+CVE-2019-10649 (In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SV ...)
+ TODO: check
+CVE-2019-10648 (Robocode through 1.9.3.5 allows remote attackers to cause external ser ...)
+ TODO: check
+CVE-2019-10647 (ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP ...)
+ TODO: check
CVE-2019-10646 (Wolf CMS v0.8.3.1 is affected by cross site scripting (XSS) in the mod ...)
NOT-FOR-US: Wolf CMS
CVE-2019-10645
@@ -2546,7 +2580,7 @@ CVE-2019-9797
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9797
CVE-2019-9796
RESERVED
- {DSA-4411-1 DLA-1722-1}
+ {DSA-4420-1 DSA-4411-1 DLA-1722-1}
- firefox-esr 60.6.0esr-1
- firefox 66.0-1
- thunderbird 1:60.6.1-1
@@ -2555,7 +2589,7 @@ CVE-2019-9796
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9796
CVE-2019-9795
RESERVED
- {DSA-4411-1 DLA-1722-1}
+ {DSA-4420-1 DSA-4411-1 DLA-1722-1}
- firefox-esr 60.6.0esr-1
- firefox 66.0-1
- thunderbird 1:60.6.1-1
@@ -2572,7 +2606,7 @@ CVE-2019-9794
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9794
CVE-2019-9793
RESERVED
- {DSA-4411-1 DLA-1722-1}
+ {DSA-4420-1 DSA-4411-1 DLA-1722-1}
- firefox-esr 60.6.0esr-1
- firefox 66.0-1
- thunderbird 1:60.6.1-1
@@ -2581,7 +2615,7 @@ CVE-2019-9793
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9793
CVE-2019-9792
RESERVED
- {DSA-4411-1 DLA-1722-1}
+ {DSA-4420-1 DSA-4411-1 DLA-1722-1}
- firefox-esr 60.6.0esr-1
- firefox 66.0-1
- thunderbird 1:60.6.1-1
@@ -2590,7 +2624,7 @@ CVE-2019-9792
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9792
CVE-2019-9791
RESERVED
- {DSA-4411-1 DLA-1722-1}
+ {DSA-4420-1 DSA-4411-1 DLA-1722-1}
- firefox-esr 60.6.0esr-1
- firefox 66.0-1
- thunderbird 1:60.6.1-1
@@ -2599,7 +2633,7 @@ CVE-2019-9791
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9791
CVE-2019-9790
RESERVED
- {DSA-4411-1 DLA-1722-1}
+ {DSA-4420-1 DSA-4411-1 DLA-1722-1}
- firefox-esr 60.6.0esr-1
- firefox 66.0-1
- thunderbird 1:60.6.1-1
@@ -2612,7 +2646,7 @@ CVE-2019-9789
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9789
CVE-2019-9788
RESERVED
- {DSA-4411-1 DLA-1722-1}
+ {DSA-4420-1 DSA-4411-1 DLA-1722-1}
- firefox-esr 60.6.0esr-1
- firefox 66.0-1
- thunderbird 1:60.6.1-1
@@ -13288,9 +13322,11 @@ CVE-2019-5420 (A remote code execution vulnerability in development mode Rails &
[jessie] - rails <not-affected> (vulnerable code is not present in 4.x)
NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/3
CVE-2019-5419 (There is a possible denial of service vulnerability in Action View (Ra ...)
+ {DLA-1739-1}
- rails 2:5.2.2.1+dfsg-1 (bug #924520)
NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/4
CVE-2019-5418 (There is a File Content Disclosure vulnerability in Action View (Rails ...)
+ {DLA-1739-1}
- rails 2:5.2.2.1+dfsg-1 (bug #924520)
NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/5
CVE-2019-5417 (A path traversal vulnerability in serve npm package version 7.0.1 allo ...)
@@ -30297,7 +30333,7 @@ CVE-2018-18508 [NULL pointer dereference in several CMS functions resulting in a
CVE-2018-18507
RESERVED
CVE-2018-18506 (When proxy auto-detection is enabled, if a web server serves a Proxy A ...)
- {DSA-4411-1 DLA-1722-1}
+ {DSA-4420-1 DSA-4411-1 DLA-1722-1}
- firefox 65.0-1
- firefox-esr 60.6.0esr-1
- thunderbird 1:60.6.1-1
@@ -32013,6 +32049,7 @@ CVE-2018-17939 (An issue was discovered in GitLab Community and Enterprise Editi
CVE-2018-17938 (Zimbra Collaboration before 8.8.10 GA allows text content spoofing via ...)
NOT-FOR-US: Zimbra
CVE-2018-17937 (gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open ...)
+ {DLA-1738-1}
[experimental] - gpsd 3.18.1-1
- gpsd <unfixed> (bug #925327)
NOTE: http://git.savannah.nongnu.org/cgit/gpsd.git/commit/?id=7646cbd04055a50b157312ba6b376e88bd398c19
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/267df51b5ace4b8ede8cd961dc731790e09c5bb7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/267df51b5ace4b8ede8cd961dc731790e09c5bb7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190330/b5a7fe5a/attachment.html>
More information about the debian-security-tracker-commits
mailing list