[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e21fd778 by security tracker role at 2019-05-21T08:10:20Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2019-12246
+	RESERVED
+CVE-2019-12245
+	RESERVED
+CVE-2019-12244
+	RESERVED
+CVE-2019-12243
+	RESERVED
+CVE-2019-12242
+	RESERVED
+CVE-2019-12241 (The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserializat ...)
+	TODO: check
+CVE-2019-12240 (The Virim plugin 0.4 for WordPress allows Insecure Deserialization via ...)
+	TODO: check
+CVE-2019-12239 (The WP Booking System plugin 1.5.1 for WordPress has no CSRF protectio ...)
+	TODO: check
 CVE-2019-12238
 	RESERVED
 CVE-2019-12237
@@ -905,8 +921,8 @@ CVE-2019-11818 (Alkacon OpenCMS v10.5.4 and before is affected by stored cross s
 	NOT-FOR-US: Alkacon OpenCMS
 CVE-2019-11817
 	RESERVED
-CVE-2019-11816
-	RESERVED
+CVE-2019-11816 (Incorrect access control in the WebUI in OPNsense before version 19.1. ...)
+	TODO: check
 CVE-2019-11814 (An issue was discovered in app/webroot/js/misp.js in MISP before 2.4.1 ...)
 	NOT-FOR-US: MISP
 CVE-2019-11813 (An issue was discovered in app/View/Elements/Events/View/value_field.c ...)
@@ -5134,14 +5150,11 @@ CVE-2019-10080
 	RESERVED
 CVE-2019-10079
 	RESERVED
-CVE-2019-10078
-	RESERVED
+CVE-2019-10078 (A carefully crafted plugin link invocation could trigger an XSS vulner ...)
 	- jspwiki <removed>
-CVE-2019-10077
-	RESERVED
+CVE-2019-10077 (A carefully crafted InterWiki link could trigger an XSS vulnerability  ...)
 	- jspwiki <removed>
-CVE-2019-10076
-	RESERVED
+CVE-2019-10076 (A carefully crafted malicious attachment could trigger an XSS vulnerab ...)
 	- jspwiki <removed>
 CVE-2019-10075
 	RESERVED
@@ -28402,7 +28415,7 @@ CVE-2018-19827 (In LibSass 3.5.5, a use-after-free vulnerability exists in the S
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2782
-CVE-2018-19826 (In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an  ...)
+CVE-2018-19826 (** DISPUTED ** In inspect.cpp in LibSass 3.5.5, a high memory footprin ...)
 	- libsass <unfixed>
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/2781



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e21fd778dd372eb52b3753ccaef71844aa45ab62

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e21fd778dd372eb52b3753ccaef71844aa45ab62
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190521/46747998/attachment.html>