[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri May 24 09:10:38 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d0dd2b79 by security tracker role at 2019-05-24T08:10:29Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2019-12311
+ RESERVED
+CVE-2019-12310
+ RESERVED
+CVE-2019-12309 (dotCMS before 5.1.0 has a path traversal vulnerability exploitable by ...)
+ TODO: check
CVE-2019-12308
RESERVED
CVE-2019-12307
@@ -3584,8 +3590,8 @@ CVE-2019-10848
RESERVED
CVE-2019-10847
RESERVED
-CVE-2019-10846
- RESERVED
+CVE-2019-10846 (Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scr ...)
+ TODO: check
CVE-2019-10845 (An issue was discovered in Uniqkey Password Manager 1.14. When enterin ...)
NOT-FOR-US: Uniqkey Password Manager
CVE-2019-10844 (nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka n ...)
@@ -16840,30 +16846,23 @@ CVE-2019-5806
CVE-2019-5805
RESERVED
- chromium 74.0.3729.108-1
-CVE-2019-5804
- RESERVED
+CVE-2019-5804 (Incorrect command line processing in Chrome in Google Chrome prior to ...)
- chromium <not-affected> (Windows-specific)
-CVE-2019-5803
- RESERVED
+CVE-2019-5803 (Insufficient policy enforcement in Content Security Policy in Google C ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5802
- RESERVED
+CVE-2019-5802 (Incorrect handling of download origins in Navigation in Google Chrome ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5801
- RESERVED
+CVE-2019-5801 (Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to ...)
- chromium <not-affected> (iOS specific)
-CVE-2019-5800
- RESERVED
+CVE-2019-5800 (Insufficient policy enforcement in Blink in Google Chrome prior to 73. ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5799
- RESERVED
+CVE-2019-5799 (Incorrect inheritance of a new document's policy in Content Security P ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5798
- RESERVED
+CVE-2019-5798 (Lack of correct bounds checking in Skia in Google Chrome prior to 73.0 ...)
{DSA-4448-1 DSA-4421-1 DLA-1800-1}
- chromium 73.0.3683.75-1
- firefox-esr 60.7.0esr-1
@@ -16874,44 +16873,34 @@ CVE-2019-5797
RESERVED
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5796
- RESERVED
+CVE-2019-5796 (Data race in extensions guest view in Google Chrome prior to 73.0.3683 ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5795
- RESERVED
+CVE-2019-5795 (Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allo ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5794
- RESERVED
+CVE-2019-5794 (Incorrect handling of cancelled requests in Navigation in Google Chrom ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5793
- RESERVED
+CVE-2019-5793 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5792
- RESERVED
+CVE-2019-5792 (Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allo ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5791
- RESERVED
+CVE-2019-5791 (Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.7 ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5790
- RESERVED
+CVE-2019-5790 (An integer overflow leading to an incorrect capacity of a buffer in Ja ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5789
- RESERVED
+CVE-2019-5789 (An integer overflow that leads to a use-after-free in WebMIDI in Googl ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5788
- RESERVED
+CVE-2019-5788 (An integer overflow that leads to a use-after-free in Blink Storage in ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
-CVE-2019-5787
- RESERVED
+CVE-2019-5787 (Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3 ...)
{DSA-4421-1}
- chromium 73.0.3683.75-1
CVE-2019-5786
@@ -29349,8 +29338,8 @@ CVE-2018-19616 (An issue was discovered in Rockwell Automation Allen-Bradley Pow
NOT-FOR-US: Rockwell Automation Allen-Bradley PowerMonitor 1000
CVE-2018-19615 (Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A re ...)
NOT-FOR-US: Rockwell Automation Allen-Bradley PowerMonitor 1000
-CVE-2018-19614
- RESERVED
+CVE-2018-19614 (XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre ...)
+ TODO: check
CVE-2018-19613
RESERVED
CVE-2018-19612
@@ -33023,6 +33012,7 @@ CVE-2019-0203
CVE-2019-0202
RESERVED
CVE-2019-0201 (An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alph ...)
+ {DLA-1801-1}
- zookeeper <unfixed> (bug #929283)
NOTE: https://issues.apache.org/jira/browse/ZOOKEEPER-1392
NOTE: Patch (3.4 branch): https://gitbox.apache.org/repos/asf?p=zookeeper.git;a=commit;h=5ff19e3672987bdde2843a3f031e2bf0010e35f1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d0dd2b79cfe389e78d92e03c45913fdbffa92b2c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d0dd2b79cfe389e78d92e03c45913fdbffa92b2c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190524/b2ee86dc/attachment.html>
More information about the debian-security-tracker-commits
mailing list