[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu May 16 21:10:27 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ab2c6902 by security tracker role at 2019-05-16T20:10:18Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2019-12149
+ RESERVED
+CVE-2019-12148
+ RESERVED
+CVE-2019-12147
+ RESERVED
+CVE-2019-12146
+ RESERVED
+CVE-2019-12145
+ RESERVED
+CVE-2019-12144
+ RESERVED
+CVE-2019-12143
+ RESERVED
+CVE-2019-12142
+ RESERVED
+CVE-2019-12141
+ RESERVED
+CVE-2019-12140
+ RESERVED
+CVE-2019-12139 (An XSS issue was discovered in the Admin UI in eZ Platform 2.x. This a ...)
+ TODO: check
+CVE-2019-12138 (MacDown 0.7.1 allows directory traversal, for execution of arbitrary p ...)
+ TODO: check
+CVE-2019-12137 (Typora 0.9.9.24.6 on macOS allows directory traversal, for execution o ...)
+ TODO: check
CVE-2019-12136 (There is XSS in BoostIO Boostnote 0.11.15 via a label named mermaid, a ...)
NOT-FOR-US: Boostnote
CVE-2019-12135
@@ -504,7 +530,7 @@ CVE-2019-11891
RESERVED
CVE-2019-12046 [lemonldap-ng tokens allows anonymous session when stored in session DB]
RESERVED
- {DSA-4446-1}
+ {DSA-4446-1 DLA-1790-1}
- lemonldap-ng 2.0.2+ds-7+deb10u1 (bug #928944)
NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1742
CVE-2019-11890
@@ -2569,8 +2595,8 @@ CVE-2019-11034 (When processing certain files, PHP EXIF extension in versions 7.
- php5 <removed>
NOTE: Fixed in 7.1.28, 7.2.17, 7.3.4
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77753
-CVE-2019-11033
- RESERVED
+CVE-2019-11033 (Applaud HCM 4.0.42+ uses HTML tag fields for HTML inputs in a form. Th ...)
+ TODO: check
CVE-2019-11032 (In EasyToRecruit (E2R) before 2.11, the upload feature and the Candida ...)
NOT-FOR-US: EasyToRecruit
CVE-2019-11031
@@ -4775,28 +4801,22 @@ CVE-2019-10119
RESERVED
CVE-2019-10118 (Snipe-IT before 4.6.14 has XSS, as demonstrated by log_meta values and ...)
NOT-FOR-US: Snipe-IT
-CVE-2019-10117 [Recurity assessment: open redirect]
- RESERVED
+CVE-2019-10117 (An Open Redirect issue was discovered in GitLab Community and Enterpri ...)
- gitlab <not-affected> (Only affects 11.9 and later)
NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
-CVE-2019-10116 [Related branches visible in issues for guests]
- RESERVED
+CVE-2019-10116 (An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab ...)
- gitlab 11.8.6+dfsg-1 (bug #926482)
NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
-CVE-2019-10115 [Guest users of private projects have access to releases]
- RESERVED
+CVE-2019-10115 (An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab ...)
- gitlab 11.8.6+dfsg-1 (bug #926482)
NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
-CVE-2019-10114 [Recurity assessment: information exposure through timing discrepancy]
- RESERVED
+CVE-2019-10114 (An Information Exposure issue (issue 2 of 2) was discovered in GitLab ...)
- gitlab <not-affected> (Only affects 11.9 and later)
NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
-CVE-2019-10113 [DoS potential on project languages page]
- RESERVED
+CVE-2019-10113 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
- gitlab 11.8.6+dfsg-1 (bug #926482)
NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
-CVE-2019-10112 [Recurity assessment: loginState HMAC issues]
- RESERVED
+CVE-2019-10112 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
- gitlab <not-affected> (Only affects 11.9 and later)
NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10111 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
@@ -9981,8 +10001,8 @@ CVE-2019-8340
RESERVED
CVE-2019-8339
RESERVED
-CVE-2019-8338
- RESERVED
+CVE-2019-8338 (The signature verification routine in the Airmail GPG-PGP Plugin, vers ...)
+ TODO: check
CVE-2019-8336 (HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a c ...)
NOT-FOR-US: HashiCorp Consul
CVE-2019-8335 (An issue was discovered in SchoolCMS 2.3.1. There is an XSS vulnerabil ...)
@@ -20568,8 +20588,7 @@ CVE-2019-3840 (A NULL pointer dereference flaw was discovered in libvirt before
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1663051
NOTE: https://www.redhat.com/archives/libvir-list/2019-January/msg00241.html
NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=7cfd1fbb1332ae5df678b9f41a62156cb2e88c73
-CVE-2019-3839 [missing attack vector protections for CVE-2019-6116]
- RESERVED
+CVE-2019-3839 (It was found that in ghostscript some privileged operators remained ac ...)
{DSA-4442-1}
- ghostscript 9.27~dfsg-1
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4ec9ca74bed49f2a82acb4bf430eae0d8b3b75c9
@@ -26669,8 +26688,8 @@ CVE-2018-1000861 (A code execution vulnerability exists in the Stapler web frame
NOT-FOR-US: Jenkins
CVE-2018-20008
RESERVED
-CVE-2018-20007
- RESERVED
+CVE-2018-20007 (Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access con ...)
+ TODO: check
CVE-2018-20006 (An issue was discovered in PHPok v5.0.055. There is a Stored XSS vulne ...)
NOT-FOR-US: PHPok
CVE-2018-20005 (An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after ...)
@@ -27286,8 +27305,8 @@ CVE-2019-1782 (A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS
NOT-FOR-US: Cisco
CVE-2019-1781 (A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Soft ...)
NOT-FOR-US: Cisco
-CVE-2019-1780
- RESERVED
+CVE-2019-1780 (A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Soft ...)
+ TODO: check
CVE-2019-1779 (A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Soft ...)
NOT-FOR-US: Cisco
CVE-2019-1778 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
@@ -27312,7 +27331,7 @@ CVE-2019-1769 (A vulnerability in the CLI of Cisco NX-OS Software could allow an
NOT-FOR-US: Cisco
CVE-2019-1768 (A vulnerability in the implementation of a specific CLI command for Ci ...)
NOT-FOR-US: Cisco
-CVE-2019-1767 (Multiple vulnerabilities in the implementation of a specific CLI comma ...)
+CVE-2019-1767 (A vulnerability in the implementation of a specific CLI command for Ci ...)
NOT-FOR-US: Cisco
CVE-2019-1766 (A vulnerability in the web-based management interface of Session Initi ...)
NOT-FOR-US: Cisco
@@ -29735,8 +29754,8 @@ CVE-2019-1010
RESERVED
CVE-2019-1009
RESERVED
-CVE-2019-1008
- RESERVED
+CVE-2019-1008 (A security feature bypass vulnerability exists in Dynamics On Premise, ...)
+ TODO: check
CVE-2019-1007
RESERVED
CVE-2019-1006
@@ -29751,8 +29770,8 @@ CVE-2019-1002
RESERVED
CVE-2019-1001
RESERVED
-CVE-2019-1000
- RESERVED
+CVE-2019-1000 (An elevation of privilege vulnerability exists in Microsoft Azure Acti ...)
+ TODO: check
CVE-2019-0999
RESERVED
CVE-2019-0998
@@ -29761,8 +29780,8 @@ CVE-2019-0997
RESERVED
CVE-2019-0996
RESERVED
-CVE-2019-0995
- RESERVED
+CVE-2019-0995 (A security feature bypass vulnerability exists when urlmon.dll imprope ...)
+ TODO: check
CVE-2019-0994
RESERVED
CVE-2019-0993
@@ -29787,22 +29806,20 @@ CVE-2019-0984
RESERVED
CVE-2019-0983
RESERVED
-CVE-2019-0982
- RESERVED
-CVE-2019-0981
- RESERVED
+CVE-2019-0982 (A denial of service vulnerability exists when ASP.NET Core improperly ...)
+ TODO: check
+CVE-2019-0981 (A denial of service vulnerability exists when .NET Framework or .NET C ...)
NOT-FOR-US: Microsoft .NET Core
-CVE-2019-0980
- RESERVED
+CVE-2019-0980 (A denial of service vulnerability exists when .NET Framework or .NET C ...)
NOT-FOR-US: Microsoft .NET Core
-CVE-2019-0979
- RESERVED
+CVE-2019-0979 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
+ TODO: check
CVE-2019-0978
RESERVED
CVE-2019-0977
RESERVED
-CVE-2019-0976
- RESERVED
+CVE-2019-0976 (A tampering vulnerability exists in the NuGet Package Manager for Linu ...)
+ TODO: check
CVE-2019-0975
RESERVED
CVE-2019-0974
@@ -29811,8 +29828,8 @@ CVE-2019-0973
RESERVED
CVE-2019-0972
RESERVED
-CVE-2019-0971
- RESERVED
+CVE-2019-0971 (An information disclosure vulnerability exists when Azure DevOps Serve ...)
+ TODO: check
CVE-2019-0970
RESERVED
CVE-2019-0969
@@ -29827,112 +29844,112 @@ CVE-2019-0965
RESERVED
CVE-2019-0964
RESERVED
-CVE-2019-0963
- RESERVED
+CVE-2019-0963 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
CVE-2019-0962
RESERVED
-CVE-2019-0961
- RESERVED
+CVE-2019-0961 (An information disclosure vulnerability exists when the Windows GDI co ...)
+ TODO: check
CVE-2019-0960
RESERVED
CVE-2019-0959
RESERVED
-CVE-2019-0958
- RESERVED
-CVE-2019-0957
- RESERVED
-CVE-2019-0956
- RESERVED
+CVE-2019-0958 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
+ TODO: check
+CVE-2019-0957 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
+ TODO: check
+CVE-2019-0956 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
+ TODO: check
CVE-2019-0955
RESERVED
CVE-2019-0954
RESERVED
-CVE-2019-0953
- RESERVED
-CVE-2019-0952
- RESERVED
-CVE-2019-0951
- RESERVED
-CVE-2019-0950
- RESERVED
-CVE-2019-0949
- RESERVED
+CVE-2019-0953 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
+ TODO: check
+CVE-2019-0952 (A remote code execution vulnerability exists in Microsoft SharePoint S ...)
+ TODO: check
+CVE-2019-0951 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
+ TODO: check
+CVE-2019-0950 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
+ TODO: check
+CVE-2019-0949 (A spoofing vulnerability exists when Microsoft SharePoint Server does ...)
+ TODO: check
CVE-2019-0948
RESERVED
-CVE-2019-0947
- RESERVED
-CVE-2019-0946
- RESERVED
-CVE-2019-0945
- RESERVED
+CVE-2019-0947 (A remote code execution vulnerability exists when the Microsoft Office ...)
+ TODO: check
+CVE-2019-0946 (A remote code execution vulnerability exists when the Microsoft Office ...)
+ TODO: check
+CVE-2019-0945 (A remote code execution vulnerability exists when the Microsoft Office ...)
+ TODO: check
CVE-2019-0944
RESERVED
CVE-2019-0943
RESERVED
-CVE-2019-0942
- RESERVED
+CVE-2019-0942 (An elevation of privilege vulnerability exists in the Unified Write Fi ...)
+ TODO: check
CVE-2019-0941
RESERVED
-CVE-2019-0940
- RESERVED
+CVE-2019-0940 (A remote code execution vulnerability exists in the way that Microsoft ...)
+ TODO: check
CVE-2019-0939
RESERVED
-CVE-2019-0938
- RESERVED
-CVE-2019-0937
- RESERVED
-CVE-2019-0936
- RESERVED
+CVE-2019-0938 (An elevation of privilege vulnerability exists in Microsoft Edge that ...)
+ TODO: check
+CVE-2019-0937 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0936 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
+ TODO: check
CVE-2019-0935
RESERVED
CVE-2019-0934
RESERVED
-CVE-2019-0933
- RESERVED
-CVE-2019-0932
- RESERVED
-CVE-2019-0931
- RESERVED
-CVE-2019-0930
- RESERVED
-CVE-2019-0929
- RESERVED
+CVE-2019-0933 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0932 (An information disclosure vulnerability exists in Skype for Android, a ...)
+ TODO: check
+CVE-2019-0931 (An elevation of privilege vulnerability exists when the Storage Servic ...)
+ TODO: check
+CVE-2019-0930 (An information disclosure vulnerability exists when Internet Explorer ...)
+ TODO: check
+CVE-2019-0929 (A remote code execution vulnerability exists when Internet Explorer im ...)
+ TODO: check
CVE-2019-0928
RESERVED
-CVE-2019-0927
- RESERVED
-CVE-2019-0926
- RESERVED
-CVE-2019-0925
- RESERVED
-CVE-2019-0924
- RESERVED
-CVE-2019-0923
- RESERVED
-CVE-2019-0922
- RESERVED
-CVE-2019-0921
- RESERVED
+CVE-2019-0927 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0926 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
+ TODO: check
+CVE-2019-0925 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0924 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0923 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0922 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0921 (An spoofing vulnerability exists when Internet Explorer improperly han ...)
+ TODO: check
CVE-2019-0920
RESERVED
CVE-2019-0919
RESERVED
-CVE-2019-0918
- RESERVED
-CVE-2019-0917
- RESERVED
-CVE-2019-0916
- RESERVED
-CVE-2019-0915
- RESERVED
-CVE-2019-0914
- RESERVED
-CVE-2019-0913
- RESERVED
-CVE-2019-0912
- RESERVED
-CVE-2019-0911
- RESERVED
+CVE-2019-0918 (A remote code execution vulnerability exists in the way the scripting ...)
+ TODO: check
+CVE-2019-0917 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0916 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0915 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0914 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0913 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0912 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-0911 (A remote code execution vulnerability exists in the way the scripting ...)
+ TODO: check
CVE-2019-0910
RESERVED
CVE-2019-0909
@@ -29947,52 +29964,52 @@ CVE-2019-0905
RESERVED
CVE-2019-0904
RESERVED
-CVE-2019-0903
- RESERVED
-CVE-2019-0902
- RESERVED
-CVE-2019-0901
- RESERVED
-CVE-2019-0900
- RESERVED
-CVE-2019-0899
- RESERVED
-CVE-2019-0898
- RESERVED
-CVE-2019-0897
- RESERVED
-CVE-2019-0896
- RESERVED
-CVE-2019-0895
- RESERVED
-CVE-2019-0894
- RESERVED
-CVE-2019-0893
- RESERVED
-CVE-2019-0892
- RESERVED
-CVE-2019-0891
- RESERVED
-CVE-2019-0890
- RESERVED
-CVE-2019-0889
- RESERVED
+CVE-2019-0903 (A remote code execution vulnerability exists in the way that the Windo ...)
+ TODO: check
+CVE-2019-0902 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0901 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0900 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0899 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0898 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0897 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0896 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0895 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0894 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0893 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0892 (An elevation of privilege vulnerability exists in Windows when the Win ...)
+ TODO: check
+CVE-2019-0891 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0890 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-0889 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
CVE-2019-0888
RESERVED
CVE-2019-0887
RESERVED
-CVE-2019-0886
- RESERVED
-CVE-2019-0885
- RESERVED
-CVE-2019-0884
- RESERVED
+CVE-2019-0886 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
+ TODO: check
+CVE-2019-0885 (A remote code execution vulnerability exists when Microsoft Windows OL ...)
+ TODO: check
+CVE-2019-0884 (A remote code execution vulnerability exists in the way the scripting ...)
+ TODO: check
CVE-2019-0883
RESERVED
-CVE-2019-0882
- RESERVED
-CVE-2019-0881
- RESERVED
+CVE-2019-0882 (An information disclosure vulnerability exists when the Windows GDI co ...)
+ TODO: check
+CVE-2019-0881 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
+ TODO: check
CVE-2019-0880
RESERVED
CVE-2019-0879 (A remote code execution vulnerability exists when the Windows Jet Data ...)
@@ -30009,8 +30026,8 @@ CVE-2019-0874 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevO
NOT-FOR-US: Microsoft
CVE-2019-0873
RESERVED
-CVE-2019-0872
- RESERVED
+CVE-2019-0872 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
+ TODO: check
CVE-2019-0871 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
NOT-FOR-US: Microsoft
CVE-2019-0870 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
@@ -30025,10 +30042,10 @@ CVE-2019-0866 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevO
NOT-FOR-US: Microsoft
CVE-2019-0865
RESERVED
-CVE-2019-0864
- RESERVED
-CVE-2019-0863
- RESERVED
+CVE-2019-0864 (A denial of service vulnerability exists when .NET Framework improperl ...)
+ TODO: check
+CVE-2019-0863 (An elevation of privilege vulnerability exists in the way Windows Erro ...)
+ TODO: check
CVE-2019-0862 (A remote code execution vulnerability exists in the way that the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0861 (A remote code execution vulnerability exists in the way that the Chakr ...)
@@ -30113,11 +30130,10 @@ CVE-2019-0822 (A remote code execution vulnerability exists in the way that Micr
NOT-FOR-US: Microsoft
CVE-2019-0821 (An information disclosure vulnerability exists in the way that the Win ...)
NOT-FOR-US: Windows SMB Server
-CVE-2019-0820
- RESERVED
+CVE-2019-0820 (A denial of service vulnerability exists when .NET Framework and .NET ...)
NOT-FOR-US: Microsoft .NET Core
-CVE-2019-0819
- RESERVED
+CVE-2019-0819 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
+ TODO: check
CVE-2019-0818
RESERVED
CVE-2019-0817 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
@@ -30243,8 +30259,8 @@ CVE-2019-0760
RESERVED
CVE-2019-0759 (An information disclosure vulnerability exists when the Windows Print ...)
NOT-FOR-US: Microsoft
-CVE-2019-0758
- RESERVED
+CVE-2019-0758 (An information disclosure vulnerability exists when the Windows GDI co ...)
+ TODO: check
CVE-2019-0757 (A tampering vulnerability exists in the NuGet Package Manager for Linu ...)
- nuget <not-affected> (NuGet older than 4.3 is not affected, bug #926122)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1685475
@@ -30295,10 +30311,10 @@ CVE-2019-0736
RESERVED
CVE-2019-0735 (An elevation of privilege vulnerability exists when the Windows Client ...)
NOT-FOR-US: Microsoft
-CVE-2019-0734
- RESERVED
-CVE-2019-0733
- RESERVED
+CVE-2019-0734 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
+ TODO: check
+CVE-2019-0733 (A security feature bypass vulnerability exists in Windows Defender App ...)
+ TODO: check
CVE-2019-0732 (A security feature bypass vulnerability exists in Windows which could ...)
NOT-FOR-US: Microsoft
CVE-2019-0731 (An elevation of privilege vulnerability exists when Windows improperly ...)
@@ -30309,12 +30325,12 @@ CVE-2019-0729 (An Elevation of Privilege vulnerability exists in the way Azure I
NOT-FOR-US: Microsoft
CVE-2019-0728 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
NOT-FOR-US: Microsoft
-CVE-2019-0727
- RESERVED
+CVE-2019-0727 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
+ TODO: check
CVE-2019-0726 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
NOT-FOR-US: Microsoft
-CVE-2019-0725
- RESERVED
+CVE-2019-0725 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
+ TODO: check
CVE-2019-0724 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
NOT-FOR-US: Microsoft
CVE-2019-0723
@@ -30347,10 +30363,10 @@ CVE-2019-0710
RESERVED
CVE-2019-0709
RESERVED
-CVE-2019-0708
- RESERVED
-CVE-2019-0707
- RESERVED
+CVE-2019-0708 (A remote code execution vulnerability exists in Remote Desktop Service ...)
+ TODO: check
+CVE-2019-0707 (An elevation of privilege vulnerability exists in the Network Driver I ...)
+ TODO: check
CVE-2019-0706
RESERVED
CVE-2019-0705
@@ -38374,8 +38390,8 @@ CVE-2018-17050 (The mintToken function of a smart contract implementation for Po
NOT-FOR-US: smart contract
CVE-2018-17049 (CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback ...)
NOT-FOR-US: CQU-LANKERS
-CVE-2018-17048
- RESERVED
+CVE-2018-17048 (admin/Lib/Action/FpluginAction.class.php in FDCMS (aka Fangfa Content ...)
+ TODO: check
CVE-2018-17047
RESERVED
CVE-2018-17046 (translate man before 2018-08-21 has XSS via containers/outputBox/outpu ...)
@@ -49997,8 +50013,8 @@ CVE-2018-12558 (The parse() method in the Email::Address module through 1.909 fo
NOTE: Mitigation: https://github.com/Perl-Email-Project/Email-Address/commit/aeaf0d7f1b0897b54cb246b8ac15d3ef177e5cae
CVE-2018-12557 (An issue was discovered in Zuul 3.x before 3.1.0. If nodes become offl ...)
- zuul <itp> (bug #705844)
-CVE-2018-12556
- RESERVED
+CVE-2018-12556 (The signature verification routine in install.sh in yarnpkg/website th ...)
+ TODO: check
CVE-2018-12555
REJECTED
CVE-2018-12554
@@ -80153,8 +80169,8 @@ CVE-2018-1977 (IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Se
NOT-FOR-US: IBM
CVE-2018-1976 (IBM API Connect 5.0.0.0 through 5.0.8.4 is impacted by sensitive infor ...)
NOT-FOR-US: IBM
-CVE-2018-1975
- RESERVED
+CVE-2018-1975 (IBM Rational DOORS Web Access 9.5.1 through 9.5.2.9, and 9.6 through 9 ...)
+ TODO: check
CVE-2018-1974 (IBM WebSphere 8.0.0.0 through 9.1.1 could allow an authenticated attac ...)
NOT-FOR-US: IBM
CVE-2018-1973 (IBM API Connect 5.0.0.0 through 5.0.8.4 allows a user with limited 'AP ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ab2c69026171132acbda06f6a766d237e980651b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ab2c69026171132acbda06f6a766d237e980651b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190516/e1223c89/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list