[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Oct 2 21:10:37 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6188e5bc by security tracker role at 2019-10-02T20:10:25Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2019-17103
+ RESERVED
+CVE-2019-17102
+ RESERVED
+CVE-2019-17101
+ RESERVED
+CVE-2019-17100
+ RESERVED
+CVE-2019-17099
+ RESERVED
+CVE-2019-17098
+ RESERVED
+CVE-2019-17097
+ RESERVED
+CVE-2019-17096
+ RESERVED
+CVE-2019-17095
+ RESERVED
+CVE-2019-17094
+ RESERVED
+CVE-2019-17093
+ RESERVED
+CVE-2019-17092
+ RESERVED
+CVE-2019-17091 (faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used ...)
+ TODO: check
+CVE-2019-17090
+ RESERVED
+CVE-2019-17089
+ RESERVED
+CVE-2019-17088
+ RESERVED
+CVE-2019-17087
+ RESERVED
+CVE-2019-17086
+ RESERVED
+CVE-2019-17085
+ RESERVED
+CVE-2019-17084
+ RESERVED
+CVE-2019-17083
+ RESERVED
+CVE-2019-17082
+ RESERVED
+CVE-2019-17081
+ RESERVED
+CVE-2019-17080 (mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code ex ...)
+ TODO: check
+CVE-2019-17079
+ RESERVED
+CVE-2019-17078
+ RESERVED
+CVE-2019-17077
+ RESERVED
+CVE-2019-17076
+ RESERVED
CVE-2019-17075 (An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cx ...)
- linux <unfixed>
NOTE: https://lore.kernel.org/lkml/20191001165611.GA3542072@kroah.com
@@ -803,7 +859,7 @@ CVE-2019-16757
RESERVED
CVE-2019-16756
RESERVED
-CVE-2019-16755 (An unspecified vulnerability in both DWP and SmartIT components can pe ...)
+CVE-2019-16755 (BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both ...)
NOT-FOR-US: BMC MyIT Digital Workplace DWP
CVE-2019-16754 (RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implem ...)
NOT-FOR-US: RIOT RIOT-OS
@@ -1633,8 +1689,8 @@ CVE-2019-16409 (In the Versioned Files module through 2.0.3 for SilverStripe 3.x
NOT-FOR-US: SilverStripe
CVE-2019-16408
RESERVED
-CVE-2019-16407
- RESERVED
+CVE-2019-16407 (JetBrains ReSharper installers for versions before 2019.2 had a DLL Hi ...)
+ TODO: check
CVE-2019-16406
RESERVED
CVE-2019-16405
@@ -2423,8 +2479,8 @@ CVE-2019-16173 (LimeSurvey before v3.17.14 allows reflected XSS for escalating p
- limesurvey <itp> (bug #472802)
CVE-2019-16172 (LimeSurvey before v3.17.14 allows stored XSS for escalating privileges ...)
- limesurvey <itp> (bug #472802)
-CVE-2019-16171
- RESERVED
+CVE-2019-16171 (In JetBrains YouTrack through 2019.2.56594, stored XSS was found on th ...)
+ TODO: check
CVE-2019-16170 (An issue was discovered in GitLab Enterprise Edition 11.x and 12.x bef ...)
[experimental] - gitlab 12.0.9-1
- gitlab <unfixed> (bug #940007)
@@ -2567,8 +2623,8 @@ CVE-2019-16118 (Cross site scripting (XSS) in the photo-gallery (10Web Photo Gal
NOT-FOR-US: photo-gallery (10Web Photo Gallery) plugin for WordPress
CVE-2019-16117 (Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) ...)
NOT-FOR-US: photo-gallery (10Web Photo Gallery) plugin for WordPress
-CVE-2019-16116
- RESERVED
+CVE-2019-16116 (EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable ...)
+ TODO: check
CVE-2019-16115 (In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in ...)
- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-16114 (In ATutor 2.2.4, an unauthenticated attacker can change the applicatio ...)
@@ -4836,8 +4892,8 @@ CVE-2019-15274
RESERVED
CVE-2019-15273
RESERVED
-CVE-2019-15272
- RESERVED
+CVE-2019-15272 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
+ TODO: check
CVE-2019-15271
RESERVED
CVE-2019-15270
@@ -4862,14 +4918,14 @@ CVE-2019-15261
RESERVED
CVE-2019-15260
RESERVED
-CVE-2019-15259
- RESERVED
+CVE-2019-15259 (A vulnerability in Cisco Unified Contact Center Express (UCCX) Softwar ...)
+ TODO: check
CVE-2019-15258
RESERVED
CVE-2019-15257
RESERVED
-CVE-2019-15256
- RESERVED
+CVE-2019-15256 (A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature ...)
+ TODO: check
CVE-2019-15255
RESERVED
CVE-2019-15254
@@ -5666,16 +5722,16 @@ CVE-2019-15042 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had n
NOT-FOR-US: JetBrains TeamCity
CVE-2019-15041 (JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL ...)
NOT-FOR-US: JetBrains YouTrack
-CVE-2019-15040
- RESERVED
+CVE-2019-15040 (JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on ...)
+ TODO: check
CVE-2019-15039 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possi ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2019-15038 (An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity s ...)
NOT-FOR-US: JetBrains TeamCity
-CVE-2019-15037
- RESERVED
-CVE-2019-15036
- RESERVED
+CVE-2019-15037 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had several ...)
+ TODO: check
+CVE-2019-15036 (An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Pro ...)
+ TODO: check
CVE-2019-15035 (An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Pro ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2019-15034
@@ -5921,14 +5977,14 @@ CVE-2019-14961 (JetBrains Upsource before 2019.1.1412 was not properly escaping
NOT-FOR-US: JetBrains Upsource
CVE-2019-14960 (JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider. ...)
NOT-FOR-US: JetBrains Rider
-CVE-2019-14959
- RESERVED
-CVE-2019-14958
- RESERVED
+CVE-2019-14959 (JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a ...)
+ TODO: check
+CVE-2019-14958 (JetBrains PyCharm before 2019.2 was allocating a buffer of unknown siz ...)
+ TODO: check
CVE-2019-14957 (The JetBrains Vim plugin before version 0.52 was storing individual pr ...)
NOT-FOR-US: JetBrains Vim plugin
-CVE-2019-14956
- RESERVED
+CVE-2019-14956 (JetBrains YouTrack before 2019.2.53938 was using incorrect settings, a ...)
+ TODO: check
CVE-2019-14955 (In JetBrains Hub versions earlier than 2018.4.11436, there was no opti ...)
NOT-FOR-US: JetBrains Hub
CVE-2019-14954 (JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plant ...)
@@ -6584,7 +6640,7 @@ CVE-2018-20962 (The Backpack\CRUD Backpack component before 3.4.9 for Laravel al
NOT-FOR-US: Backpack\CRUD Backpack
CVE-2019-14753 (SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buff ...)
NOT-FOR-US: SICK FX0-GPNT00000 and FX0-GENT00000 devices
-CVE-2019-14752 (SuiteCRM 7.10.x and 7.11.x has XSS. ...)
+CVE-2019-14752 (SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS. ...)
NOT-FOR-US: SuiteCRM
CVE-2019-14751 (NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, a ...)
- nltk 3.4.5-1 (low; bug #935201)
@@ -7399,8 +7455,8 @@ CVE-2019-14456 (Opengear console server firmware releases prior to 4.5.0 have a
NOT-FOR-US: Opengear console server firmware
CVE-2019-14455
RESERVED
-CVE-2019-14454
- RESERVED
+CVE-2019-14454 (SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to ...)
+ TODO: check
CVE-2013-7474 (Windu CMS 2.2 allows XSS via the name parameter to admin/content/edit ...)
NOT-FOR-US: Windu CMS
CVE-2013-7473 (Windu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to a ...)
@@ -9265,8 +9321,8 @@ CVE-2019-13959 (In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle
NOT-FOR-US: Bento4
CVE-2019-13958
RESERVED
-CVE-2019-13957
- RESERVED
+CVE-2019-13957 (In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprov ...)
+ TODO: check
CVE-2019-13956 (Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary ...)
NOT-FOR-US: Discuz!ML
CVE-2019-13955 (Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable ...)
@@ -9905,8 +9961,8 @@ CVE-2019-13660
CVE-2019-13659
RESERVED
- chromium <unfixed>
-CVE-2019-13658
- RESERVED
+CVE-2019-13658 (CA Network Flow Analysis 9.x and 10.0.x have a default credential vuln ...)
+ TODO: check
CVE-2019-13657
RESERVED
CVE-2019-13656 (An access vulnerability in CA Common Services DIA of CA Technologies C ...)
@@ -11731,8 +11787,8 @@ CVE-2019-13345 (The cachemgr.cgi web module of Squid through 4.7 has XSS via the
NOTE: Squid 3.x: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-5730c2b5cb56e7639dc423dd62651c8736a54e35.patch
CVE-2019-13344 (An authentication bypass vulnerability in the CRUDLab WP Like Button p ...)
NOT-FOR-US: CRUDLab WP Like Button plugin for WordPress
-CVE-2019-13343
- RESERVED
+CVE-2019-13343 (Butor Portal before 1.0.27 is affected by a Path Traversal vulnerabili ...)
+ TODO: check
CVE-2019-13342
RESERVED
CVE-2019-13341 (In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php (comment b ...)
@@ -11747,8 +11803,8 @@ CVE-2019-13337 (In WESEEK GROWI before 3.5.0, the site-wide basic authentication
NOT-FOR-US: WESEEK GROWI
CVE-2019-13336
RESERVED
-CVE-2019-13335
- RESERVED
+CVE-2019-13335 (SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has ...)
+ TODO: check
CVE-2019-13334
RESERVED
CVE-2019-13333
@@ -12640,8 +12696,8 @@ CVE-2019-13027 (Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071
NOT-FOR-US: Realization Concerto Critical Chain Planner
CVE-2019-13026 (OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Inject ...)
NOT-FOR-US: OXID eShop
-CVE-2019-13025
- RESERVED
+CVE-2019-13025 (Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorre ...)
+ TODO: check
CVE-2019-13024 (Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web be ...)
NOT-FOR-US: Centreon web UI (not packaged in Debian)
CVE-2019-13023
@@ -13469,10 +13525,10 @@ CVE-2019-12739 (lib/Controller/ExtractionController.php in the Extract add-on be
- nextcloud <itp> (bug #835086)
CVE-2019-12738
RESERVED
-CVE-2019-12737
- RESERVED
-CVE-2019-12736
- RESERVED
+CVE-2019-12737 (UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a ...)
+ TODO: check
+CVE-2019-12736 (JetBrains Ktor framework before 1.2.0-rc does not sanitize the usernam ...)
+ TODO: check
CVE-2019-12734
RESERVED
CVE-2019-12733
@@ -13518,28 +13574,28 @@ CVE-2019-12718
RESERVED
CVE-2019-12717 (A vulnerability in a CLI command related to the virtualization manager ...)
NOT-FOR-US: Cisco
-CVE-2019-12716
- RESERVED
-CVE-2019-12715
- RESERVED
-CVE-2019-12714
- RESERVED
-CVE-2019-12713
- RESERVED
-CVE-2019-12712
- RESERVED
-CVE-2019-12711
- RESERVED
-CVE-2019-12710
- RESERVED
+CVE-2019-12716 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
+ TODO: check
+CVE-2019-12715 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
+ TODO: check
+CVE-2019-12714 (A vulnerability in the web-based management interface of Cisco IC3000 ...)
+ TODO: check
+CVE-2019-12713 (A vulnerability in the web-based management interface of Cisco Prime I ...)
+ TODO: check
+CVE-2019-12712 (A vulnerability in the web-based management interface of Cisco Prime I ...)
+ TODO: check
+CVE-2019-12711 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
+ TODO: check
+CVE-2019-12710 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
+ TODO: check
CVE-2019-12709 (A vulnerability in a CLI command related to the virtualization manager ...)
NOT-FOR-US: Cisco
CVE-2019-12708
RESERVED
-CVE-2019-12707
- RESERVED
-CVE-2019-12706
- RESERVED
+CVE-2019-12707 (A vulnerability in the web-based interface of multiple Cisco Unified C ...)
+ TODO: check
+CVE-2019-12706 (A vulnerability in the Sender Policy Framework (SPF) functionality of ...)
+ TODO: check
CVE-2019-12705
RESERVED
CVE-2019-12704
@@ -13548,64 +13604,64 @@ CVE-2019-12703
RESERVED
CVE-2019-12702
RESERVED
-CVE-2019-12701
- RESERVED
-CVE-2019-12700
- RESERVED
-CVE-2019-12699
- RESERVED
-CVE-2019-12698
- RESERVED
-CVE-2019-12697
- RESERVED
-CVE-2019-12696
- RESERVED
-CVE-2019-12695
- RESERVED
-CVE-2019-12694
- RESERVED
-CVE-2019-12693
- RESERVED
+CVE-2019-12701 (A vulnerability in the file and malware inspection feature of Cisco Fi ...)
+ TODO: check
+CVE-2019-12700 (A vulnerability in the configuration of the Pluggable Authentication M ...)
+ TODO: check
+CVE-2019-12699 (Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco F ...)
+ TODO: check
+CVE-2019-12698 (A vulnerability in the WebVPN feature of Cisco Adaptive Security Appli ...)
+ TODO: check
+CVE-2019-12697 (Multiple vulnerabilities in the Cisco Firepower System Software Detect ...)
+ TODO: check
+CVE-2019-12696 (Multiple vulnerabilities in the Cisco Firepower System Software Detect ...)
+ TODO: check
+CVE-2019-12695 (A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Ada ...)
+ TODO: check
+CVE-2019-12694 (A vulnerability in the command line interface (CLI) of Cisco Firepower ...)
+ TODO: check
+CVE-2019-12693 (A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Sec ...)
+ TODO: check
CVE-2019-12692
RESERVED
-CVE-2019-12691
- RESERVED
-CVE-2019-12690
- RESERVED
-CVE-2019-12689
- RESERVED
-CVE-2019-12688
- RESERVED
-CVE-2019-12687
- RESERVED
-CVE-2019-12686
- RESERVED
-CVE-2019-12685
- RESERVED
-CVE-2019-12684
- RESERVED
-CVE-2019-12683
- RESERVED
-CVE-2019-12682
- RESERVED
-CVE-2019-12681
- RESERVED
-CVE-2019-12680
- RESERVED
-CVE-2019-12679
- RESERVED
-CVE-2019-12678
- RESERVED
-CVE-2019-12677
- RESERVED
-CVE-2019-12676
- RESERVED
-CVE-2019-12675
- RESERVED
-CVE-2019-12674
- RESERVED
-CVE-2019-12673
- RESERVED
+CVE-2019-12691 (A vulnerability in the web-based management interface of Cisco Firepow ...)
+ TODO: check
+CVE-2019-12690 (A vulnerability in the web UI of the Cisco Firepower Management Center ...)
+ TODO: check
+CVE-2019-12689 (A vulnerability in the web-based management interface of Cisco Firepow ...)
+ TODO: check
+CVE-2019-12688 (A vulnerability in the web UI of the Cisco Firepower Management Center ...)
+ TODO: check
+CVE-2019-12687 (A vulnerability in the web UI of the Cisco Firepower Management Center ...)
+ TODO: check
+CVE-2019-12686 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2019-12685 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2019-12684 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2019-12683 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2019-12682 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2019-12681 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2019-12680 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2019-12679 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+ TODO: check
+CVE-2019-12678 (A vulnerability in the Session Initiation Protocol (SIP) inspection mo ...)
+ TODO: check
+CVE-2019-12677 (A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco ...)
+ TODO: check
+CVE-2019-12676 (A vulnerability in the Open Shortest Path First (OSPF) implementation ...)
+ TODO: check
+CVE-2019-12675 (Multiple vulnerabilities in the multi-instance feature of Cisco Firepo ...)
+ TODO: check
+CVE-2019-12674 (Multiple vulnerabilities in the multi-instance feature of Cisco Firepo ...)
+ TODO: check
+CVE-2019-12673 (A vulnerability in the FTP inspection engine of Cisco Adaptive Securit ...)
+ TODO: check
CVE-2019-12672 (A vulnerability in the filesystem of Cisco IOS XE Software could allow ...)
NOT-FOR-US: Cisco
CVE-2019-12671 (A vulnerability in the CLI of Cisco IOS XE Software could allow an aut ...)
@@ -13688,10 +13744,10 @@ CVE-2019-12633 (A vulnerability in Cisco Unified Contact Center Express (Unified
NOT-FOR-US: Cisco
CVE-2019-12632 (A vulnerability in Cisco Finesse could allow an unauthenticated, remot ...)
NOT-FOR-US: Cisco
-CVE-2019-12631
- RESERVED
-CVE-2019-12630
- RESERVED
+CVE-2019-12631 (A vulnerability in the web-based guest portal of Cisco Identity Servic ...)
+ TODO: check
+CVE-2019-12630 (A vulnerability in the Java deserialization function used by Cisco Sec ...)
+ TODO: check
CVE-2019-12629
RESERVED
CVE-2019-12628
@@ -14687,7 +14743,7 @@ CVE-2019-12257 (Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the
NOT-FOR-US: Wind River VxWorks
CVE-2019-12256 (Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 compo ...)
NOT-FOR-US: Wind River VxWorks
-CVE-2019-12255 (Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the TCP co ...)
+CVE-2019-12255 (Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 ...)
NOT-FOR-US: Wind River VxWorks
CVE-2019-12254
RESERVED
@@ -14973,10 +15029,10 @@ CVE-2019-12159 (GoHTTP through 2017-07-25 has a stack-based buffer over-read in
NOT-FOR-US: GoHTTP
CVE-2019-12158 (GoHTTP through 2017-07-25 has a GetExtension heap-based buffer overflo ...)
NOT-FOR-US: GoHTTP
-CVE-2019-12157
- RESERVED
-CVE-2019-12156
- RESERVED
+CVE-2019-12157 (In JetBrains TeamCity versions before 2018.2.5 and UpSource versions b ...)
+ TODO: check
+CVE-2019-12156 (Server metadata could be exposed because one of the error messages ref ...)
+ TODO: check
CVE-2019-12155 (interface_release_resource in hw/display/qxl.c in QEMU 4.0.0 has a NUL ...)
{DSA-4454-1 DLA-1927-1}
- qemu 1:3.1+dfsg-8 (bug #929353)
@@ -15500,8 +15556,8 @@ CVE-2019-11931
RESERVED
CVE-2019-11930
RESERVED
-CVE-2019-11929
- RESERVED
+CVE-2019-11929 (Insufficient boundary checks when formatting numbers in number_format ...)
+ TODO: check
CVE-2019-11928
RESERVED
CVE-2019-11927 (An integer overflow in WhatsApp media parsing libraries allows a remot ...)
@@ -18451,7 +18507,7 @@ CVE-2019-10893 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/O
NOT-FOR-US: CentOS-WebPanel.com
CVE-2019-10892 (An issue was discovered in D-Link DIR-806 devices.There is an stack ov ...)
NOT-FOR-US: D-Link
-CVE-2019-10891 (D-Link DIR-806 devices allow remote attackers to execute arbitrary she ...)
+CVE-2019-10891 (An issue was discovered in D-Link DIR-806 devices. There is a command ...)
NOT-FOR-US: D-Link
CVE-2019-10890
RESERVED
@@ -20116,8 +20172,7 @@ CVE-2019-10214
CVE-2019-10213
RESERVED
NOT-FOR-US: OpenShift
-CVE-2019-10212
- RESERVED
+CVE-2019-10212 (A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for i ...)
- undertow <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1731984
CVE-2019-10211
@@ -26032,8 +26087,8 @@ CVE-2019-8464
RESERVED
CVE-2019-8463
RESERVED
-CVE-2019-8462
- RESERVED
+CVE-2019-8462 (In a rare scenario, Check Point R80.30 Security Gateway before JHF Tak ...)
+ TODO: check
CVE-2019-8461 (Check Point Endpoint Security Initial Client for Windows before versio ...)
NOT-FOR-US: Check Point
CVE-2019-8460 (Reuven Plevinsky and Tal Vainshtein of Check Point Software Technologi ...)
@@ -34608,8 +34663,8 @@ CVE-2019-5033 (An exploitable out-of-bounds read vulnerability exists in the Num
NOT-FOR-US: Aspose
CVE-2019-5032 (An exploitable out-of-bounds read vulnerability exists in the LabelSst ...)
NOT-FOR-US: Aspose
-CVE-2019-5031
- RESERVED
+CVE-2019-5031 (An exploitable memory corruption vulnerability exists in the JavaScrip ...)
+ TODO: check
CVE-2019-5030
RESERVED
CVE-2019-5029
@@ -35613,8 +35668,8 @@ CVE-2019-4551
RESERVED
CVE-2019-4550
RESERVED
-CVE-2019-4549
- RESERVED
+CVE-2019-4549 (IBM Security Directory Server 6.4.0 discloses sensitive information to ...)
+ TODO: check
CVE-2019-4548
RESERVED
CVE-2019-4547
@@ -35627,16 +35682,16 @@ CVE-2019-4544
RESERVED
CVE-2019-4543
RESERVED
-CVE-2019-4542
- RESERVED
+CVE-2019-4542 (IBM Security Directory Server 6.4.0 is vulnerable to cross-site script ...)
+ TODO: check
CVE-2019-4541
RESERVED
CVE-2019-4540
RESERVED
-CVE-2019-4539
- RESERVED
-CVE-2019-4538
- RESERVED
+CVE-2019-4539 (IBM Security Directory Server 6.4.0 does not properly neutralize speci ...)
+ TODO: check
+CVE-2019-4538 (IBM Security Directory Server 6.4.0 could allow a remote attacker to c ...)
+ TODO: check
CVE-2019-4537
RESERVED
CVE-2019-4536 (IBM i 7.4 users who have done a Restore User Profile (RSTUSRPRF) on a ...)
@@ -35671,8 +35726,8 @@ CVE-2019-4522
RESERVED
CVE-2019-4521
RESERVED
-CVE-2019-4520
- RESERVED
+CVE-2019-4520 (IBM Security Directory Server 6.4.0 uses an inadequate account lockout ...)
+ TODO: check
CVE-2019-4519
RESERVED
CVE-2019-4518
@@ -43734,8 +43789,8 @@ CVE-2019-1917 (A vulnerability in the REST API interface of Cisco Vision Dynamic
NOT-FOR-US: Cisco
CVE-2019-1916
RESERVED
-CVE-2019-1915
- RESERVED
+CVE-2019-1915 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
+ TODO: check
CVE-2019-1914 (A vulnerability in the web management interface of Cisco Small Busines ...)
NOT-FOR-US: Cisco
CVE-2019-1913 (Multiple vulnerabilities in the web management interface of Cisco Smal ...)
@@ -104214,7 +104269,7 @@ CVE-2017-16810 (Cross-site scripting (XSS) vulnerability in the All Variables ta
NOT-FOR-US: Octopus Deploy
CVE-2017-16809
RESERVED
-CVE-2017-16808 (tcpdump 4.9.2 has a heap-based buffer over-read related to aoe_print i ...)
+CVE-2017-16808 (tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_ ...)
- tcpdump 4.9.3~git20190901-1 (unimportant; bug #881862)
NOTE: https://github.com/the-tcpdump-group/tcpdump/issues/645
NOTE: Crash in CLI tool, no security impact
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6188e5bc75052001129a4a99c2f14cb0dca11cb0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6188e5bc75052001129a4a99c2f14cb0dca11cb0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191002/3fd58689/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list