[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Nov 23 08:10:30 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dafdedd2 by security tracker role at 2019-11-23T08:10:14Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -726,10 +726,10 @@ CVE-2019-18912
 	RESERVED
 CVE-2019-18911
 	RESERVED
-CVE-2019-18910
-	RESERVED
-CVE-2019-18909
-	RESERVED
+CVE-2019-18910 (The Citrix Receiver wrapper function does not safely handle user suppl ...)
+	TODO: check
+CVE-2019-18909 (The VPN software within HP ThinPro does not safely handle user supplie ...)
+	TODO: check
 CVE-2019-18908
 	RESERVED
 CVE-2019-18907
@@ -3591,8 +3591,8 @@ CVE-2019-18624 (Opera Mini for Android allows attackers to bypass intended restr
 	NOT-FOR-US: Opera Mini for Android
 CVE-2019-18623 (Escalation of privileges in EnergyCAP 7 through 7.5.6 allows an attack ...)
 	NOT-FOR-US: EnergyCAP
-CVE-2019-18622
-	RESERVED
+CVE-2019-18622 (An issue was discovered in phpMyAdmin before 4.9.2. A crafted database ...)
+	TODO: check
 CVE-2019-18621
 	RESERVED
 CVE-2019-18620
@@ -10429,12 +10429,12 @@ CVE-2019-16289 (The insert-php (aka Woody ad snippets) plugin before 2.2.8 for W
 	NOT-FOR-US: Wordpress plugin
 CVE-2019-16288 (On Tenda N301 wireless routers, a long string in the wifiSSID paramete ...)
 	NOT-FOR-US: Tenda
-CVE-2019-16287
-	RESERVED
-CVE-2019-16286
-	RESERVED
-CVE-2019-16285
-	RESERVED
+CVE-2019-16287 (An attacker may be able to leverage the application filter bypass vuln ...)
+	TODO: check
+CVE-2019-16286 (An attacker may be able to bypass the OS application filter meant to r ...)
+	TODO: check
+CVE-2019-16285 (If a local user has been configured and logged in, an unauthenticated  ...)
+	TODO: check
 CVE-2019-16284 (A potential security vulnerability has been identified in multiple HP  ...)
 	NOT-FOR-US: HP
 CVE-2019-16283
@@ -12507,8 +12507,8 @@ CVE-2019-15595
 	RESERVED
 CVE-2019-15594
 	RESERVED
-CVE-2019-15593
-	RESERVED
+CVE-2019-15593 (GitLab 12.2.3 contains a security vulnerability that allows a user to  ...)
+	TODO: check
 CVE-2019-15592
 	RESERVED
 CVE-2019-15591
@@ -19983,8 +19983,8 @@ CVE-2019-13568 (CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp
 	NOTE: https://github.com/dtschump/CImg/commit/ac8003393569aba51048c9d67e1491559877b1d1
 CVE-2019-13567 (The Zoom Client before 4.4.53932.0709 on macOS allows remote code exec ...)
 	NOT-FOR-US: Zoom
-CVE-2019-13566
-	RESERVED
+CVE-2019-13566 (An issue was discovered in the ROS communications-related packages (ak ...)
+	TODO: check
 CVE-2019-13565 (An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL ...)
 	{DLA-1891-1}
 	- openldap 2.4.48+dfsg-1 (low; bug #932998)
@@ -26308,16 +26308,16 @@ CVE-2019-11293
 	RESERVED
 CVE-2019-11292
 	RESERVED
-CVE-2019-11291
-	RESERVED
+CVE-2019-11291 (Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior  ...)
+	TODO: check
 CVE-2019-11290
 	RESERVED
 CVE-2019-11289 (Cloud Foundry Routing, all versions before 0.193.0, does not properly  ...)
 	NOT-FOR-US: Cloud Foundry Routing
 CVE-2019-11288
 	RESERVED
-CVE-2019-11287
-	RESERVED
+CVE-2019-11287 (Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3. ...)
+	TODO: check
 CVE-2019-11286
 	RESERVED
 CVE-2019-11285
@@ -46962,8 +46962,8 @@ CVE-2019-3656
 	RESERVED
 CVE-2019-3655
 	RESERVED
-CVE-2019-3654
-	RESERVED
+CVE-2019-3654 (Authentication Bypass vulnerability in the Microsoft Windows client in ...)
+	TODO: check
 CVE-2019-3653 (Improper access control vulnerability in Configuration tool in McAfee  ...)
 	NOT-FOR-US: McAfee Endpoint Security (ENS)
 CVE-2019-3652 (Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Securit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dafdedd2e907b3c1285bfb6b6521897b5c1a8cf9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dafdedd2e907b3c1285bfb6b6521897b5c1a8cf9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191123/3970493a/attachment.html>

More information about the debian-security-tracker-commits mailing list