[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5ba6b0f4 by security tracker role at 2019-10-12T08:10:23Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2019-17513
+	RESERVED
+CVE-2019-17512
+	RESERVED
+CVE-2019-17511
+	RESERVED
+CVE-2019-17510 (D-Link DIR-846 devices with firmware 100A35 allow remote attackers to  ...)
+	TODO: check
+CVE-2019-17509 (D-Link DIR-846 devices with firmware 100A35 allow remote attackers to  ...)
+	TODO: check
+CVE-2019-17508 (On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEV ...)
+	TODO: check
+CVE-2019-17507 (An issue was discovered on D-Link DIR-816 A1 1.06 devices. An attacker ...)
+	TODO: check
+CVE-2019-17506 (There are some web interfaces without authentication requirements on D ...)
+	TODO: check
+CVE-2019-17505 (D-Link DAP-1320 A2-V1.21 routers have some web interfaces without auth ...)
+	TODO: check
+CVE-2017-18638 (send_email in graphite-web/webapp/graphite/composer/views.py in Graphi ...)
+	TODO: check
 CVE-2019-17504 (An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5. ...)
 	NOT-FOR-US: Kirona Dynamic Resource Scheduling (DRS)
 CVE-2019-17503 (An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5. ...)
@@ -12,10 +32,10 @@ CVE-2019-17499 (The setter.xml component of the Common Gateway Interface on Comp
 	NOT-FOR-US: Compal CH7465LG devices
 CVE-2019-17498
 	RESERVED
-CVE-2018-21028
-	RESERVED
-CVE-2018-21027
-	RESERVED
+CVE-2018-21028 (Boa through 0.94.14rc21 allows remote attackers to trigger a memory le ...)
+	TODO: check
+CVE-2018-21027 (Boa through 0.94.14rc21 allows remote attackers to trigger an out-of-m ...)
+	TODO: check
 CVE-2015-9492 (The ThemeMakers SmartIT Premium Responsive theme through 2015-05-15 fo ...)
 	NOT-FOR-US: ThemeMakers SmartIT Premium Responsive theme for WordPress
 CVE-2015-9491 (The ThemeMakers Blessing Premium Responsive theme through 2015-05-15 f ...)
@@ -763,8 +783,8 @@ CVE-2019-17178 (HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through
 	TODO: check
 CVE-2019-17177 (libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0 ...)
 	TODO: check
-CVE-2019-17176
-	RESERVED
+CVE-2019-17176 (Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPa ...)
+	TODO: check
 CVE-2019-17175 (joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path ...)
 	NOT-FOR-US: joyplus-cms
 CVE-2019-17174
@@ -21259,6 +21279,7 @@ CVE-2019-10207 [bluetooth: hci_uart: 0x0 address  execution as nonprivileged use
 	NOTE: https://lore.kernel.org/linux-bluetooth/20190725120909.31235-1-vdronov@redhat.com/T/#u
 	NOTE: https://git.kernel.org/linus/b36a1552d7319bbfd5cf7f08726c23c5c66d4f73
 CVE-2019-14856 [Incomplete fix for CVE-2019-10206]
+	RESERVED
 	- ansible <not-affected> (Incomplete fix for CVE-2019-10206 not applied)
 	NOTE: https://github.com/ansible/ansible/pull/63351
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1760829
@@ -39569,8 +39590,8 @@ CVE-2018-20584 (JasPer 2.0.14 allows remote attackers to cause a denial of servi
 	NOTE: https://github.com/mdadams/jasper/issues/192
 CVE-2018-20583 (Cross-site scripting (XSS) vulnerability in the PHP League CommonMark  ...)
 	NOT-FOR-US: PHP League CommonMark library
-CVE-2018-20582
-	RESERVED
+CVE-2018-20582 (The GREE+ (aka com.gree.greeplus) application 1.4.0.8 for Android suff ...)
+	TODO: check
 CVE-2018-20581
 	RESERVED
 CVE-2018-20580 (The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 al ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ba6b0f403a451870cdca8dcf00173a7817fcc33

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ba6b0f403a451870cdca8dcf00173a7817fcc33
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191012/8ab9c5b9/attachment-0001.html>