[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Wed Oct 16 21:10:40 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
67a2bcc0 by security tracker role at 2019-10-16T20:10:26Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,87 @@
+CVE-2019-17663 (D-Link DIR-866L 1.03B04 devices allow XSS via HtmlResponseMessage in t ...)
+	TODO: check
+CVE-2019-17662 (ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a c ...)
+	TODO: check
+CVE-2019-17661
+	RESERVED
+CVE-2019-17660 (A cross-site scripting (XSS) vulnerability in admin/translate/translat ...)
+	TODO: check
+CVE-2019-17659
+	RESERVED
+CVE-2019-17658
+	RESERVED
+CVE-2019-17657
+	RESERVED
+CVE-2019-17656
+	RESERVED
+CVE-2019-17655
+	RESERVED
+CVE-2019-17654
+	RESERVED
+CVE-2019-17653
+	RESERVED
+CVE-2019-17652
+	RESERVED
+CVE-2019-17651
+	RESERVED
+CVE-2019-17650
+	RESERVED
+CVE-2019-17649
+	RESERVED
+CVE-2019-17648
+	RESERVED
+CVE-2019-17647
+	RESERVED
+CVE-2019-17646
+	RESERVED
+CVE-2019-17645
+	RESERVED
+CVE-2019-17644
+	RESERVED
+CVE-2019-17643
+	RESERVED
+CVE-2019-17642
+	RESERVED
+CVE-2019-17641
+	RESERVED
+CVE-2019-17640
+	RESERVED
+CVE-2019-17639
+	RESERVED
+CVE-2019-17638
+	RESERVED
+CVE-2019-17637
+	RESERVED
+CVE-2019-17636
+	RESERVED
+CVE-2019-17635
+	RESERVED
+CVE-2019-17634
+	RESERVED
+CVE-2019-17633
+	RESERVED
+CVE-2019-17632
+	RESERVED
+CVE-2019-17631
+	RESERVED
+CVE-2019-17630 (CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a cra ...)
+	TODO: check
+CVE-2019-17629 (CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a cra ...)
+	TODO: check
+CVE-2019-17628
+	RESERVED
+CVE-2019-17627 (The Yale Bluetooth Key application for mobile devices allows unauthori ...)
+	TODO: check
+CVE-2019-17626 (ReportLab through 3.5.26 allows remote code execution because of toCol ...)
+	TODO: check
+CVE-2019-17625 (There is a stored XSS in Rambox 0.6.9 that can lead to code execution. ...)
+	TODO: check
+CVE-2019-17624 (In X.Org X Server 1.20.4, there is a stack-based buffer overflow in th ...)
+	TODO: check
+CVE-2019-17623
+	RESERVED
+CVE-2019-17622
+	RESERVED
 CVE-2019-XXXX [WordPress 5.2.4 Security Release]
 	- wordpress <unfixed> (bug #942459)
 	NOTE: https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
@@ -104,12 +188,12 @@ CVE-2019-17580 (tonyy dormsystem through 1.3 allows SQL Injection in admin.php.
 	NOT-FOR-US: tonyy dormsystem
 CVE-2019-17579 (SonarSource SonarQube before 7.8 has XSS in project links on account/p ...)
 	NOT-FOR-US: SonarSource SonarQube
-CVE-2019-17578
-	RESERVED
-CVE-2019-17577
-	RESERVED
-CVE-2019-17576
-	RESERVED
+CVE-2019-17578 (An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoi ...)
+	TODO: check
+CVE-2019-17577 (An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoi ...)
+	TODO: check
+CVE-2019-17576 (An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoi ...)
+	TODO: check
 CVE-2019-17575 (A file-rename filter bypass exists in admin/media/rename.php in WBCE C ...)
 	NOT-FOR-US: WBCE CMS
 CVE-2019-17574 (An issue was discovered in the Popup Maker plugin before 1.8.13 for Wo ...)
@@ -352,8 +436,8 @@ CVE-2019-17514 (library/glob.html in the Python 2 and 3 documentation before 201
 	NOT-FOR-US: Non-actionable CVE assignment for Python docs
 CVE-2019-17513
 	RESERVED
-CVE-2019-17512
-	RESERVED
+CVE-2019-17512 (There are some web interfaces without authentication requirements on D ...)
+	TODO: check
 CVE-2019-17511 (There are some web interfaces without authentication requirements on D ...)
 	NOT-FOR-US: D-Link
 CVE-2019-17510 (D-Link DIR-846 devices with firmware 100A35 allow remote attackers to  ...)
@@ -532,7 +616,7 @@ CVE-2019-17450 (find_abstract_instance in dwarf2.c in the Binary File Descriptor
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25078
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=063c511bd79281f33fd33f0964541a73511b9e2b
 	NOTE: binutils not covered by security support
-CVE-2019-17449 (Avira Software Updater before 2.0.6.21094 allows a DLL side-loading at ...)
+CVE-2019-17449 (** DISPUTED ** Avira Software Updater before 2.0.6.21094 allows a DLL  ...)
 	NOT-FOR-US: Avira Software Updater
 CVE-2019-17448
 	RESERVED
@@ -558,10 +642,10 @@ CVE-2019-17438
 	RESERVED
 CVE-2019-17437
 	RESERVED
-CVE-2019-17436
-	RESERVED
-CVE-2019-17435
-	RESERVED
+CVE-2019-17436 (A Local Privilege Escalation vulnerability exists in GlobalProtect Age ...)
+	TODO: check
+CVE-2019-17435 (A Local Privilege Escalation vulnerability exists in the GlobalProtect ...)
+	TODO: check
 CVE-2019-17434 (LavaLite through 5.7 has XSS via a crafted account name that is mishan ...)
 	NOT-FOR-US: LavaLite
 CVE-2019-17433 (z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles s ...)
@@ -2330,12 +2414,12 @@ CVE-2019-16702 (Integard Pro 2.2.0.9026 allows remote attackers to execute arbit
 	NOT-FOR-US: Integard Pro
 CVE-2019-16701 (pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection vi ...)
 	NOT-FOR-US: pfSense
-CVE-2019-16700
-	RESERVED
-CVE-2019-16699
-	RESERVED
-CVE-2019-16698
-	RESERVED
+CVE-2019-16700 (The slub_events (aka SLUB: Event Registration) extension through 3.0.2 ...)
+	TODO: check
+CVE-2019-16699 (The sr_freecap (aka freeCap CAPTCHA) extension 2.4.5 and below and 2.5 ...)
+	TODO: check
+CVE-2019-16698 (The direct_mail (aka Direct Mail) extension through 5.2.2 for TYPO3 ha ...)
+	TODO: check
 CVE-2019-16697
 	RESERVED
 CVE-2019-16696 (phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit. ...)
@@ -2366,8 +2450,8 @@ CVE-2019-16684 (An issue was discovered in the image-manager in Xoops 2.5.10. Wh
 	NOT-FOR-US: Xoops
 CVE-2019-16683 (An issue was discovered in the image-manager in Xoops 2.5.10. When the ...)
 	NOT-FOR-US: Xoops
-CVE-2019-16682
-	RESERVED
+CVE-2019-16682 (The url_redirect (aka URL redirect) extension through 1.2.1 for TYPO3  ...)
+	TODO: check
 CVE-2018-21018 (Mastodon before 2.6.3 mishandles timeouts of incompletely established  ...)
 	NOT-FOR-US: Mastodon
 CVE-2019-16681 (The Traveloka application 3.14.0 for Android exports com.traveloka.and ...)
@@ -2784,17 +2868,13 @@ CVE-2019-16525 (An XSS issue was discovered in the checklist plugin before 1.1.9
 	NOT-FOR-US: checklist plugin for WordPress
 CVE-2019-16524 (The easy-fancybox plugin before 1.8.18 for WordPress (aka Easy FancyBo ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2019-16523
-	RESERVED
+CVE-2019-16523 (The events-manager plugin through 5.9.5 for WordPress (aka Events Mana ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2019-16522
-	RESERVED
+CVE-2019-16522 (The eu-cookie-law plugin through 3.0.6 for WordPress (aka EU Cookie La ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2019-16521
-	RESERVED
+CVE-2019-16521 (The broken-link-checker plugin through 1.11.8 for WordPress (aka Broke ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2019-16520
-	RESERVED
+CVE-2019-16520 (The all-in-one-seo-pack plugin before 3.2.7 for WordPress (aka All in  ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2019-16519 (ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to exe ...)
 	NOT-FOR-US: ESET Cyber Security
@@ -3692,22 +3772,29 @@ CVE-2019-16224 (An issue was discovered in py-lmdb 0.97. For certain values of m
 	NOTE: No real security issue in py-lmdb and disputed (MITRE contacted). If at all
 	NOTE: then issues in underlying library but cf. https://github.com/jnwatson/py-lmdb/issues/210#issuecomment-531015023
 CVE-2019-16223 (WordPress before 5.2.3 allows XSS in post previews by authenticated us ...)
+	{DLA-1960-1}
 	- wordpress 5.2.3+dfsg1-1 (bug #939543)
 CVE-2019-16222 (WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_b ...)
+	{DLA-1960-1}
 	- wordpress 5.2.3+dfsg1-1 (bug #939543)
 	NOTE: https://core.trac.wordpress.org/changeset/45997
 	NOTE: https://github.com/WordPress/WordPress/commit/30ac67579559fe42251b5a9f887211bf61a8ed68
 CVE-2019-16221 (WordPress before 5.2.3 allows reflected XSS in the dashboard. ...)
+	{DLA-1960-1}
 	- wordpress 5.2.3+dfsg1-1 (bug #939543)
 CVE-2019-16220 (In WordPress before 5.2.3, validation and sanitization of a URL in wp_ ...)
+	{DLA-1960-1}
 	- wordpress 5.2.3+dfsg1-1 (bug #939543)
 	NOTE: https://core.trac.wordpress.org/changeset/45971
 	NOTE: https://github.com/WordPress/WordPress/commit/c86ee39ff4c1a79b93c967eb88522f5c09614a28
 CVE-2019-16219 (WordPress before 5.2.3 allows XSS in shortcode previews. ...)
+	{DLA-1960-1}
 	- wordpress 5.2.3+dfsg1-1 (bug #939543)
 CVE-2019-16218 (WordPress before 5.2.3 allows XSS in stored comments. ...)
+	{DLA-1960-1}
 	- wordpress 5.2.3+dfsg1-1 (bug #939543)
 CVE-2019-16217 (WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upl ...)
+	{DLA-1960-1}
 	- wordpress 5.2.3+dfsg1-1 (bug #939543)
 	NOTE: https://core.trac.wordpress.org/changeset/45936
 CVE-2019-16216 (Zulip server before 2.0.5 incompletely validated the MIME types of upl ...)
@@ -4326,8 +4413,8 @@ CVE-2019-15964
 	RESERVED
 CVE-2019-15963
 	RESERVED
-CVE-2019-15962
-	RESERVED
+CVE-2019-15962 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
+	TODO: check
 CVE-2019-15961
 	RESERVED
 CVE-2019-15960
@@ -4543,8 +4630,8 @@ CVE-2019-15895 (search-exclude.php in the "Search Exclude" plugin before 1.2.4 f
 	NOT-FOR-US: "Search Exclude" plugin for WordPress
 CVE-2019-15894 (An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, ...)
 	NOT-FOR-US: Espressif
-CVE-2019-15893
-	RESERVED
+CVE-2019-15893 (Sonatype Nexus Repository Manager 2.x before 2.14.15 allows Remote Cod ...)
+	TODO: check
 CVE-2019-15891 (An issue was discovered in CKFinder through 2.6.2.1 and 3.x through 3. ...)
 	NOT-FOR-US: CKFinder
 CVE-2019-15890 (libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reas ...)
@@ -6229,58 +6316,58 @@ CVE-2019-15284
 	RESERVED
 CVE-2019-15283
 	RESERVED
-CVE-2019-15282
-	RESERVED
-CVE-2019-15281
-	RESERVED
-CVE-2019-15280
-	RESERVED
+CVE-2019-15282 (A vulnerability in the web-based management interface of Cisco Identit ...)
+	TODO: check
+CVE-2019-15281 (A vulnerability in the web-based management interface of Cisco Identit ...)
+	TODO: check
+CVE-2019-15280 (A vulnerability in the web-based management interface of Cisco Firepow ...)
+	TODO: check
 CVE-2019-15279
 	RESERVED
 CVE-2019-15278
 	RESERVED
-CVE-2019-15277
-	RESERVED
+CVE-2019-15277 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
+	TODO: check
 CVE-2019-15276
 	RESERVED
-CVE-2019-15275
-	RESERVED
-CVE-2019-15274
-	RESERVED
-CVE-2019-15273
-	RESERVED
+CVE-2019-15275 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
+	TODO: check
+CVE-2019-15274 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
+	TODO: check
+CVE-2019-15273 (Multiple vulnerabilities in the CLI of Cisco TelePresence Collaboratio ...)
+	TODO: check
 CVE-2019-15272 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
 	NOT-FOR-US: Cisco
 CVE-2019-15271
 	RESERVED
-CVE-2019-15270
-	RESERVED
-CVE-2019-15269
-	RESERVED
-CVE-2019-15268
-	RESERVED
+CVE-2019-15270 (A vulnerability in the web-based management interface of Cisco Firepow ...)
+	TODO: check
+CVE-2019-15269 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+	TODO: check
+CVE-2019-15268 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+	TODO: check
 CVE-2019-15267
 	RESERVED
-CVE-2019-15266
-	RESERVED
-CVE-2019-15265
-	RESERVED
-CVE-2019-15264
-	RESERVED
+CVE-2019-15266 (A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Soft ...)
+	TODO: check
+CVE-2019-15265 (A vulnerability in the bridge protocol data unit (BPDU) forwarding fun ...)
+	TODO: check
+CVE-2019-15264 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
+	TODO: check
 CVE-2019-15263
 	RESERVED
-CVE-2019-15262
-	RESERVED
-CVE-2019-15261
-	RESERVED
-CVE-2019-15260
-	RESERVED
+CVE-2019-15262 (A vulnerability in the Secure Shell (SSH) session management for Cisco ...)
+	TODO: check
+CVE-2019-15261 (A vulnerability in the Point-to-Point Tunneling Protocol (PPTP) VPN pa ...)
+	TODO: check
+CVE-2019-15260 (A vulnerability in Cisco Aironet Access Points (APs) Software could al ...)
+	TODO: check
 CVE-2019-15259 (A vulnerability in Cisco Unified Contact Center Express (UCCX) Softwar ...)
 	NOT-FOR-US: Cisco
-CVE-2019-15258
-	RESERVED
-CVE-2019-15257
-	RESERVED
+CVE-2019-15258 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
+	TODO: check
+CVE-2019-15257 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
+	TODO: check
 CVE-2019-15256 (A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature ...)
 	NOT-FOR-US: Cisco
 CVE-2019-15255
@@ -6289,32 +6376,32 @@ CVE-2019-15254
 	RESERVED
 CVE-2019-15253
 	RESERVED
-CVE-2019-15252
-	RESERVED
-CVE-2019-15251
-	RESERVED
-CVE-2019-15250
-	RESERVED
-CVE-2019-15249
-	RESERVED
-CVE-2019-15248
-	RESERVED
-CVE-2019-15247
-	RESERVED
-CVE-2019-15246
-	RESERVED
-CVE-2019-15245
-	RESERVED
-CVE-2019-15244
-	RESERVED
-CVE-2019-15243
-	RESERVED
-CVE-2019-15242
-	RESERVED
-CVE-2019-15241
-	RESERVED
-CVE-2019-15240
-	RESERVED
+CVE-2019-15252 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15251 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15250 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15249 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15248 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15247 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15246 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15245 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15244 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15243 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15242 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15241 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
+CVE-2019-15240 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
+	TODO: check
 CVE-2019-15292 (An issue was discovered in the Linux kernel before 5.0.9. There is a u ...)
 	{DLA-1930-1 DLA-1919-1}
 	- linux 4.19.37-1
@@ -13867,8 +13954,8 @@ CVE-2019-13117 (In numbers.c in libxslt 1.1.33, an xsl:number with certain forma
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471
 	NOTE: https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1
 	NOTE: https://oss-fuzz.com/testcase-detail/5631739747106816
-CVE-2019-13116
-	RESERVED
+CVE-2019-13116 (The MuleSoft Mule runtime engine before 3.8 allows remote attackers to ...)
+	TODO: check
 CVE-2019-13115 (In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha2 ...)
 	{DLA-1730-3}
 	- libssh2 <unfixed> (bug #932329)
@@ -15011,8 +15098,8 @@ CVE-2019-12720
 	RESERVED
 CVE-2019-12719
 	RESERVED
-CVE-2019-12718
-	RESERVED
+CVE-2019-12718 (A vulnerability in the web-based interface of Cisco Small Business Sma ...)
+	TODO: check
 CVE-2019-12717 (A vulnerability in a CLI command related to the virtualization manager ...)
 	NOT-FOR-US: Cisco
 CVE-2019-12716 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
@@ -15031,20 +15118,20 @@ CVE-2019-12710 (A vulnerability in the web-based interface of Cisco Unified Comm
 	NOT-FOR-US: Cisco
 CVE-2019-12709 (A vulnerability in a CLI command related to the virtualization manager ...)
 	NOT-FOR-US: Cisco
-CVE-2019-12708
-	RESERVED
+CVE-2019-12708 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
+	TODO: check
 CVE-2019-12707 (A vulnerability in the web-based interface of multiple Cisco Unified C ...)
 	NOT-FOR-US: Cisco
 CVE-2019-12706 (A vulnerability in the Sender Policy Framework (SPF) functionality of  ...)
 	NOT-FOR-US: Cisco
-CVE-2019-12705
-	RESERVED
-CVE-2019-12704
-	RESERVED
-CVE-2019-12703
-	RESERVED
-CVE-2019-12702
-	RESERVED
+CVE-2019-12705 (A vulnerability in the web-based management interface of Cisco Express ...)
+	TODO: check
+CVE-2019-12704 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
+	TODO: check
+CVE-2019-12703 (A vulnerability in the web-based management interface of Cisco SPA122  ...)
+	TODO: check
+CVE-2019-12702 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
+	TODO: check
 CVE-2019-12701 (A vulnerability in the file and malware inspection feature of Cisco Fi ...)
 	NOT-FOR-US: Cisco
 CVE-2019-12700 (A vulnerability in the configuration of the Pluggable Authentication M ...)
@@ -15171,12 +15258,12 @@ CVE-2019-12640
 	RESERVED
 CVE-2019-12639
 	RESERVED
-CVE-2019-12638
-	RESERVED
-CVE-2019-12637
-	RESERVED
-CVE-2019-12636
-	RESERVED
+CVE-2019-12638 (A vulnerability in the web-based management interface of Cisco Identit ...)
+	TODO: check
+CVE-2019-12637 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
+	TODO: check
+CVE-2019-12636 (A vulnerability in the web-based management interface of Cisco Small B ...)
+	TODO: check
 CVE-2019-12635 (A vulnerability in the authorization module of Cisco Content Security  ...)
 	NOT-FOR-US: Cisco
 CVE-2019-12634 (A vulnerability in the web-based management interface of Cisco Integra ...)
@@ -18895,8 +18982,8 @@ CVE-2019-11283
 	RESERVED
 CVE-2019-11282
 	RESERVED
-CVE-2019-11281
-	RESERVED
+CVE-2019-11281 (Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, ver ...)
+	TODO: check
 CVE-2019-11280 (Pivotal Apps Manager, included in Pivotal Application Service versions ...)
 	NOT-FOR-US: Pivotal
 CVE-2019-11279 (CF UAA versions prior to 74.1.0 can request scopes for a client that s ...)
@@ -21027,74 +21114,51 @@ CVE-2019-10460
 	RESERVED
 CVE-2019-10459
 	RESERVED
-CVE-2019-10458
-	RESERVED
+CVE-2019-10458 (Jenkins Puppet Enterprise Pipeline 1.3.1 and earlier specifies unsafe  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10457
-	RESERVED
+CVE-2019-10457 (A missing permission check in Jenkins Oracle Cloud Infrastructure Comp ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10456
-	RESERVED
+CVE-2019-10456 (A cross-site request forgery vulnerability in Jenkins Oracle Cloud Inf ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10455
-	RESERVED
+CVE-2019-10455 (A missing permission check in Jenkins Rundeck Plugin allows attackers  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10454
-	RESERVED
+CVE-2019-10454 (A cross-site request forgery vulnerability in Jenkins Rundeck Plugin a ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10453
-	RESERVED
+CVE-2019-10453 (Jenkins Delphix Plugin stores credentials unencrypted in its global co ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10452
-	RESERVED
+CVE-2019-10452 (Jenkins View26 Test-Reporting Plugin stores credentials unencrypted in ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10451
-	RESERVED
+CVE-2019-10451 (Jenkins SOASTA CloudTest Plugin stores credentials unencrypted in its  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10450
-	RESERVED
+CVE-2019-10450 (Jenkins ElasticBox CI Plugin stores credentials unencrypted in the glo ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10449
-	RESERVED
+CVE-2019-10449 (Jenkins Fortify on Demand Plugin stores credentials unencrypted in job ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10448
-	RESERVED
+CVE-2019-10448 (Jenkins Extensive Testing Plugin stores credentials unencrypted in job ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10447
-	RESERVED
+CVE-2019-10447 (Jenkins Sofy.AI Plugin stores credentials unencrypted in job config.xm ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10446
-	RESERVED
+CVE-2019-10446 (Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10445
-	RESERVED
+CVE-2019-10445 (A missing permission check in Jenkins Google Kubernetes Engine Plugin  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10444
-	RESERVED
+CVE-2019-10444 (Jenkins Bumblebee HP ALM Plugin 4.1.3 and earlier unconditionally disa ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10443
-	RESERVED
+CVE-2019-10443 (Jenkins iceScrum Plugin 1.1.4 and earlier stored credentials unencrypt ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10442
-	RESERVED
+CVE-2019-10442 (A missing permission check in Jenkins iceScrum Plugin 1.1.5 and earlie ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10441
-	RESERVED
+CVE-2019-10441 (A cross-site request forgery vulnerability in Jenkins iceScrum Plugin  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10440
-	RESERVED
+CVE-2019-10440 (Jenkins NeoLoad Plugin 2.2.5 and earlier stored credentials unencrypte ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10439
-	RESERVED
+CVE-2019-10439 (A missing permission check in Jenkins CRX Content Package Deployer Plu ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10438
-	RESERVED
+CVE-2019-10438 (A missing permission check in Jenkins CRX Content Package Deployer Plu ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10437
-	RESERVED
+CVE-2019-10437 (A cross-site request forgery vulnerability in Jenkins CRX Content Pack ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10436
-	RESERVED
+CVE-2019-10436 (An arbitrary file read vulnerability in Jenkins Google OAuth Credentia ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2019-10435 (Jenkins SourceGear Vault Plugin transmits configured credentials in pl ...)
 	NOT-FOR-US: Jenkins plugin
@@ -32466,18 +32530,15 @@ CVE-2019-6475 [DNSSEC validation bypass for mirror zones]
 	RESERVED
 	- bind9 <not-affected> (Vulnerable code not present)
 	NOTE: https://kb.isc.org/docs/cve-2019-6475
-CVE-2019-6474 [An oversight when validating incoming client requests can lead to a situation where the Kea server will exit when trying to restart]
-	RESERVED
+CVE-2019-6474 (A missing check on incoming client requests can be exploited to cause  ...)
 	- isc-kea <unfixed> (bug #936040)
 	[stretch] - isc-kea <no-dsa> (Minor issue)
 	NOTE: https://kb.isc.org/docs/cve-2019-6474
-CVE-2019-6473 [An invalid hostname option can cause the kea-dhcp4 server to terminate]
-	RESERVED
+CVE-2019-6473 (An invalid hostname option can trigger an assertion failure in the Kea ...)
 	- isc-kea <unfixed> (bug #936040)
 	[stretch] - isc-kea <no-dsa> (Minor issue)
 	NOTE: https://kb.isc.org/docs/cve-2019-6473
-CVE-2019-6472 [A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate]
-	RESERVED
+CVE-2019-6472 (A packet containing a malformed DUID can cause the Kea DHCPv6 server p ...)
 	- isc-kea <unfixed> (bug #936040)
 	[stretch] - isc-kea <no-dsa> (Minor issue)
 	NOTE: https://kb.isc.org/docs/cve-2019-6472
@@ -32864,8 +32925,8 @@ CVE-2019-6336
 	RESERVED
 CVE-2019-6335 (A potential security vulnerability has been identified with Samsung La ...)
 	NOT-FOR-US: Samsung Laser Printers
-CVE-2019-6334
-	RESERVED
+CVE-2019-6334 (HP LaserJet, PageWide, OfficeJet Enterprise, and LaserJet Managed Prin ...)
+	TODO: check
 CVE-2019-6333 (A potential security vulnerability has been identified with certain ve ...)
 	NOT-FOR-US: HP Touchpoint Analytics
 CVE-2019-6332
@@ -38231,8 +38292,8 @@ CVE-2019-4033 (IBM Content Navigator 2.0.3 and 3.0CD is vulnerable to cross-site
 	NOT-FOR-US: IBM
 CVE-2019-4032 (IBM Financial Transaction Manager for Digital Payments for Multi-Platf ...)
 	NOT-FOR-US: IBM
-CVE-2019-4031
-	RESERVED
+CVE-2019-4031 (IBM Workload Scheduler Distributed 9.2, 9.3, 9.4, and 9.5 contains a v ...)
+	TODO: check
 CVE-2019-4030 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-si ...)
 	NOT-FOR-US: IBM
 CVE-2019-4029 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to c ...)
@@ -42259,332 +42320,278 @@ CVE-2019-3033
 	RESERVED
 CVE-2019-3032
 	RESERVED
-CVE-2019-3031
-	RESERVED
+CVE-2019-3031 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <unfixed>
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 CVE-2019-3030
 	RESERVED
 CVE-2019-3029
 	RESERVED
-CVE-2019-3028
-	RESERVED
+CVE-2019-3028 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <unfixed>
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-3027
-	RESERVED
-CVE-2019-3026
-	RESERVED
+CVE-2019-3027 (Vulnerability in the Oracle Application Object Library product of Orac ...)
+	TODO: check
+CVE-2019-3026 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <unfixed>
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-3025
-	RESERVED
-CVE-2019-3024
-	RESERVED
-CVE-2019-3023
-	RESERVED
-CVE-2019-3022
-	RESERVED
-CVE-2019-3021
-	RESERVED
+CVE-2019-3025 (Vulnerability in the Oracle Hospitality RES 3700 component of Oracle F ...)
+	TODO: check
+CVE-2019-3024 (Vulnerability in the Oracle Installed Base product of Oracle E-Busines ...)
+	TODO: check
+CVE-2019-3023 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2019-3022 (Vulnerability in the Oracle Content Manager product of Oracle E-Busine ...)
+	TODO: check
+CVE-2019-3021 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <unfixed>
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-3020
-	RESERVED
-CVE-2019-3019
-	RESERVED
-CVE-2019-3018
-	RESERVED
+CVE-2019-3020 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
+	TODO: check
+CVE-2019-3019 (Vulnerability in the Oracle Banking Digital Experience product of Orac ...)
+	TODO: check
+CVE-2019-3018 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-3017
-	RESERVED
+CVE-2019-3017 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <unfixed>
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
 CVE-2019-3016
 	RESERVED
-CVE-2019-3015
-	RESERVED
-CVE-2019-3014
-	RESERVED
+CVE-2019-3015 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2019-3014 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
 CVE-2019-3013
 	RESERVED
-CVE-2019-3012
-	RESERVED
-CVE-2019-3011
-	RESERVED
+CVE-2019-3012 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+	TODO: check
+CVE-2019-3011 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-3010
-	RESERVED
-CVE-2019-3009
-	RESERVED
+CVE-2019-3010 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+	TODO: check
+CVE-2019-3009 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-3008
-	RESERVED
+CVE-2019-3008 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+	TODO: check
 CVE-2019-3007
 	RESERVED
 CVE-2019-3006
 	RESERVED
-CVE-2019-3005
-	RESERVED
+CVE-2019-3005 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <unfixed>
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-3004
-	RESERVED
+CVE-2019-3004 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-3003
-	RESERVED
+CVE-2019-3003 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-3002
-	RESERVED
+CVE-2019-3002 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <unfixed>
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-3001
-	RESERVED
-CVE-2019-3000
-	RESERVED
-CVE-2019-2999
-	RESERVED
+CVE-2019-3001 (Vulnerability in the PeopleSoft Enterprise SCM eProcurement product of ...)
+	TODO: check
+CVE-2019-3000 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+	TODO: check
+CVE-2019-2999 (Vulnerability in the Java SE product of Oracle Java SE (component: Jav ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2998
-	RESERVED
+CVE-2019-2998 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-2997
-	RESERVED
+CVE-2019-2997 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-2996
-	RESERVED
+CVE-2019-2996 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
-CVE-2019-2995
-	RESERVED
-CVE-2019-2994
-	RESERVED
-CVE-2019-2993
-	RESERVED
+CVE-2019-2995 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+	TODO: check
+CVE-2019-2994 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+	TODO: check
+CVE-2019-2993 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2992
-	RESERVED
+CVE-2019-2992 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2991
-	RESERVED
+CVE-2019-2991 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-2990
-	RESERVED
-CVE-2019-2989
-	RESERVED
+CVE-2019-2990 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
+	TODO: check
+CVE-2019-2989 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2988
-	RESERVED
+CVE-2019-2988 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2987
-	RESERVED
+CVE-2019-2987 (Vulnerability in the Java SE product of Oracle Java SE (component: 2D) ...)
 	- openjdk-11 11.0.5+10-1
-CVE-2019-2986
-	RESERVED
-CVE-2019-2985
-	RESERVED
-CVE-2019-2984
-	RESERVED
+CVE-2019-2986 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+	TODO: check
+CVE-2019-2985 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2019-2984 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <unfixed>
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2983
-	RESERVED
+CVE-2019-2983 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2982
-	RESERVED
+CVE-2019-2982 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-2981
-	RESERVED
+CVE-2019-2981 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2980
-	RESERVED
-CVE-2019-2979
-	RESERVED
-CVE-2019-2978
-	RESERVED
+CVE-2019-2980 (Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle  ...)
+	TODO: check
+CVE-2019-2979 (Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle  ...)
+	TODO: check
+CVE-2019-2978 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2977
-	RESERVED
+CVE-2019-2977 (Vulnerability in the Java SE product of Oracle Java SE (component: Hot ...)
 	- openjdk-11 11.0.5+10-1
-CVE-2019-2976
-	RESERVED
-CVE-2019-2975
-	RESERVED
+CVE-2019-2976 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
+	TODO: check
+CVE-2019-2975 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
-CVE-2019-2974
-	RESERVED
+CVE-2019-2974 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2973
-	RESERVED
+CVE-2019-2973 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2972
-	RESERVED
-CVE-2019-2971
-	RESERVED
-CVE-2019-2970
-	RESERVED
-CVE-2019-2969
-	RESERVED
+CVE-2019-2972 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+	TODO: check
+CVE-2019-2971 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+	TODO: check
+CVE-2019-2970 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+	TODO: check
+CVE-2019-2969 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2968
-	RESERVED
+CVE-2019-2968 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-2967
-	RESERVED
+CVE-2019-2967 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-2966
-	RESERVED
+CVE-2019-2966 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-2965
-	RESERVED
-CVE-2019-2964
-	RESERVED
+CVE-2019-2965 (Vulnerability in the Siebel Core - DB Deployment and Configuration pro ...)
+	TODO: check
+CVE-2019-2964 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2963
-	RESERVED
+CVE-2019-2963 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-2962
-	RESERVED
+CVE-2019-2962 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2961
-	RESERVED
-CVE-2019-2960
-	RESERVED
+CVE-2019-2961 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+	TODO: check
+CVE-2019-2960 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2959
-	RESERVED
-CVE-2019-2958
-	RESERVED
+CVE-2019-2959 (Vulnerability in the Hyperion Financial Reporting product of Oracle Hy ...)
+	TODO: check
+CVE-2019-2958 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2957
-	RESERVED
+CVE-2019-2957 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-2956
-	RESERVED
-CVE-2019-2955
-	RESERVED
-CVE-2019-2954
-	RESERVED
-CVE-2019-2953
-	RESERVED
-CVE-2019-2952
-	RESERVED
-CVE-2019-2951
-	RESERVED
-CVE-2019-2950
-	RESERVED
+CVE-2019-2956 (Vulnerability in the Core RDBMS (jackson-databind) component of Oracle ...)
+	TODO: check
+CVE-2019-2955 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+	TODO: check
+CVE-2019-2954 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+	TODO: check
+CVE-2019-2953 (Vulnerability in the Oracle Hospitality Cruise Dining Room Management  ...)
+	TODO: check
+CVE-2019-2952 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
+	TODO: check
+CVE-2019-2951 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources product ...)
+	TODO: check
+CVE-2019-2950 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2019-2949
-	RESERVED
+CVE-2019-2949 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2948
-	RESERVED
+CVE-2019-2948 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2947
-	RESERVED
-CVE-2019-2946
-	RESERVED
+CVE-2019-2947 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
+	TODO: check
+CVE-2019-2946 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2945
-	RESERVED
+CVE-2019-2945 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2944
-	RESERVED
+CVE-2019-2944 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <unfixed>
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2943
-	RESERVED
-CVE-2019-2942
-	RESERVED
-CVE-2019-2941
-	RESERVED
-CVE-2019-2940
-	RESERVED
-CVE-2019-2939
-	RESERVED
-CVE-2019-2938
-	RESERVED
+CVE-2019-2943 (Vulnerability in the Oracle Data Integrator product of Oracle Fusion M ...)
+	TODO: check
+CVE-2019-2942 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
+	TODO: check
+CVE-2019-2941 (Vulnerability in the Hyperion Enterprise Performance Management Archit ...)
+	TODO: check
+CVE-2019-2940 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+	TODO: check
+CVE-2019-2939 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+	TODO: check
+CVE-2019-2938 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2937
-	RESERVED
-CVE-2019-2936
-	RESERVED
-CVE-2019-2935
-	RESERVED
-CVE-2019-2934
-	RESERVED
-CVE-2019-2933
-	RESERVED
+CVE-2019-2937 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
+	TODO: check
+CVE-2019-2936 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
+	TODO: check
+CVE-2019-2935 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM  ...)
+	TODO: check
+CVE-2019-2934 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
+	TODO: check
+CVE-2019-2933 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
-CVE-2019-2932
-	RESERVED
-CVE-2019-2931
-	RESERVED
-CVE-2019-2930
-	RESERVED
-CVE-2019-2929
-	RESERVED
+CVE-2019-2932 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2019-2931 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2019-2930 (Vulnerability in the Oracle Field Service product of Oracle E-Business ...)
+	TODO: check
+CVE-2019-2929 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
 CVE-2019-2928
 	RESERVED
-CVE-2019-2927
-	RESERVED
-CVE-2019-2926
-	RESERVED
+CVE-2019-2927 (Vulnerability in the Hyperion Data Relationship Management product of  ...)
+	TODO: check
+CVE-2019-2926 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <unfixed>
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2925
-	RESERVED
-CVE-2019-2924
-	RESERVED
+CVE-2019-2925 (Vulnerability in the Oracle Workflow product of Oracle E-Business Suit ...)
+	TODO: check
+CVE-2019-2924 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2923
-	RESERVED
+CVE-2019-2923 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2922
-	RESERVED
+CVE-2019-2922 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
 CVE-2019-2921
 	RESERVED
-CVE-2019-2920
-	RESERVED
+CVE-2019-2920 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
 CVE-2019-2919
@@ -42595,56 +42602,52 @@ CVE-2019-2917
 	RESERVED
 CVE-2019-2916
 	RESERVED
-CVE-2019-2915
-	RESERVED
-CVE-2019-2914
-	RESERVED
+CVE-2019-2915 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2019-2914 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2913
-	RESERVED
+CVE-2019-2913 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+	TODO: check
 CVE-2019-2912
 	RESERVED
-CVE-2019-2911
-	RESERVED
+CVE-2019-2911 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2910
-	RESERVED
+CVE-2019-2910 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #942443)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
-CVE-2019-2909
-	RESERVED
+CVE-2019-2909 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
+	TODO: check
 CVE-2019-2908
 	RESERVED
-CVE-2019-2907
-	RESERVED
-CVE-2019-2906
-	RESERVED
-CVE-2019-2905
-	RESERVED
-CVE-2019-2904
-	RESERVED
-CVE-2019-2903
-	RESERVED
-CVE-2019-2902
-	RESERVED
-CVE-2019-2901
-	RESERVED
-CVE-2019-2900
-	RESERVED
-CVE-2019-2899
-	RESERVED
-CVE-2019-2898
-	RESERVED
-CVE-2019-2897
-	RESERVED
-CVE-2019-2896
-	RESERVED
-CVE-2019-2895
-	RESERVED
-CVE-2019-2894
-	RESERVED
+CVE-2019-2907 (Vulnerability in the Oracle Web Services product of Oracle Fusion Midd ...)
+	TODO: check
+CVE-2019-2906 (Vulnerability in the BI Publisher (formerly XML Publisher) product of  ...)
+	TODO: check
+CVE-2019-2905 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+	TODO: check
+CVE-2019-2904 (Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusio ...)
+	TODO: check
+CVE-2019-2903 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+	TODO: check
+CVE-2019-2902 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+	TODO: check
+CVE-2019-2901 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
+	TODO: check
+CVE-2019-2900 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+	TODO: check
+CVE-2019-2899 (Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusio ...)
+	TODO: check
+CVE-2019-2898 (Vulnerability in the BI Publisher (formerly XML Publisher) product of  ...)
+	TODO: check
+CVE-2019-2897 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+	TODO: check
+CVE-2019-2896 (Vulnerability in the MICROS Relate CRM Software product of Oracle Reta ...)
+	TODO: check
+CVE-2019-2895 (Vulnerability in the Enterprise Manager for Exadata product of Oracle  ...)
+	TODO: check
+CVE-2019-2894 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 <unfixed>
 	- openjdk-7 <removed>
@@ -42652,24 +42655,24 @@ CVE-2019-2893
 	RESERVED
 CVE-2019-2892
 	RESERVED
-CVE-2019-2891
-	RESERVED
-CVE-2019-2890
-	RESERVED
-CVE-2019-2889
-	RESERVED
-CVE-2019-2888
-	RESERVED
-CVE-2019-2887
-	RESERVED
-CVE-2019-2886
-	RESERVED
+CVE-2019-2891 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2019-2890 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2019-2889 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2019-2888 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2019-2887 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2019-2886 (Vulnerability in the Oracle Forms product of Oracle Fusion Middleware  ...)
+	TODO: check
 CVE-2019-2885
 	RESERVED
-CVE-2019-2884
-	RESERVED
-CVE-2019-2883
-	RESERVED
+CVE-2019-2884 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
+	TODO: check
+CVE-2019-2883 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
+	TODO: check
 CVE-2019-2882
 	RESERVED
 CVE-2019-2881
@@ -42695,8 +42698,8 @@ CVE-2019-2874 (Vulnerability in the Oracle VM VirtualBox component of Oracle Vir
 CVE-2019-2873 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
 	- virtualbox 6.0.10-dfsg-1
 	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
-CVE-2019-2872
-	RESERVED
+CVE-2019-2872 (Vulnerability in the Oracle Retail Xstore Point of Service product of  ...)
+	TODO: check
 CVE-2019-2871 (Vulnerability in the Data Store component of Oracle Berkeley DB. Suppo ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2870 (Vulnerability in the Data Store component of Oracle Berkeley DB. Suppo ...)
@@ -42947,8 +42950,8 @@ CVE-2019-2766 (Vulnerability in the Java SE, Java SE Embedded component of Oracl
 	- openjdk-11 <not-affected> (Windows-specific)
 	- openjdk-8 <not-affected> (Windows-specific)
 	- openjdk-7 <not-affected> (Windows-specific)
-CVE-2019-2765
-	RESERVED
+CVE-2019-2765 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+	TODO: check
 CVE-2019-2764 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2763 (Vulnerability in the Oracle Hospitality Gift and Loyalty component of  ...)
@@ -43041,8 +43044,8 @@ CVE-2019-2736 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component
 	NOT-FOR-US: Oracle
 CVE-2019-2735 (Vulnerability in the Oracle Hyperion Workspace component of Oracle Hyp ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2734
-	RESERVED
+CVE-2019-2734 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+	TODO: check
 CVE-2019-2733 (Vulnerability in the Oracle Demantra Demand Management component of Or ...)
 	NOT-FOR-US: Oracle
 CVE-2019-2732 (Vulnerability in the Oracle Demantra Demand Management component of Or ...)
@@ -95472,8 +95475,8 @@ CVE-2018-3302 (Vulnerability in the Oracle Outside In Technology component of Or
 	NOT-FOR-US: Oracle
 CVE-2018-3301 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2018-3300
-	RESERVED
+CVE-2018-3300 (Vulnerability in the Oracle Retail Xstore Office product of Oracle Ret ...)
+	TODO: check
 CVE-2018-3299 (Vulnerability in the Oracle Text component of Oracle Database Server.  ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3298 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
@@ -96496,8 +96499,8 @@ CVE-2018-2877 (Vulnerability in the MySQL Cluster component of Oracle MySQL (sub
 	- mysql-cluster <itp> (bug #833356)
 CVE-2018-2876 (Vulnerability in the Oracle Retail Integration Bus component of Oracle ...)
 	NOT-FOR-US: Oracle
-CVE-2018-2875
-	RESERVED
+CVE-2018-2875 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
+	TODO: check
 CVE-2018-2874 (Vulnerability in the Oracle Application Object Library component of Or ...)
 	NOT-FOR-US: Oracle
 CVE-2018-2873 (Vulnerability in the Oracle General Ledger component of Oracle E-Busin ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/67a2bcc0fce1e981e0dfd147f4c9ed4049df59ef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/67a2bcc0fce1e981e0dfd147f4c9ed4049df59ef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191016/b9806178/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list