[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Oct 22 21:10:40 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ff6b0bf5 by security tracker role at 2019-10-22T20:10:25Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,103 @@
+CVE-2019-18275
+ RESERVED
+CVE-2019-18274
+ RESERVED
+CVE-2019-18273
+ RESERVED
+CVE-2019-18272
+ RESERVED
+CVE-2019-18271
+ RESERVED
+CVE-2019-18270
+ RESERVED
+CVE-2019-18269
+ RESERVED
+CVE-2019-18268
+ RESERVED
+CVE-2019-18267
+ RESERVED
+CVE-2019-18266
+ RESERVED
+CVE-2019-18265
+ RESERVED
+CVE-2019-18264
+ RESERVED
+CVE-2019-18263
+ RESERVED
+CVE-2019-18262
+ RESERVED
+CVE-2019-18261
+ RESERVED
+CVE-2019-18260
+ RESERVED
+CVE-2019-18259
+ RESERVED
+CVE-2019-18258
+ RESERVED
+CVE-2019-18257
+ RESERVED
+CVE-2019-18256
+ RESERVED
+CVE-2019-18255
+ RESERVED
+CVE-2019-18254
+ RESERVED
+CVE-2019-18253
+ RESERVED
+CVE-2019-18252
+ RESERVED
+CVE-2019-18251
+ RESERVED
+CVE-2019-18250
+ RESERVED
+CVE-2019-18249
+ RESERVED
+CVE-2019-18248
+ RESERVED
+CVE-2019-18247
+ RESERVED
+CVE-2019-18246
+ RESERVED
+CVE-2019-18245
+ RESERVED
+CVE-2019-18244
+ RESERVED
+CVE-2019-18243
+ RESERVED
+CVE-2019-18242
+ RESERVED
+CVE-2019-18241
+ RESERVED
+CVE-2019-18240
+ RESERVED
+CVE-2019-18239
+ RESERVED
+CVE-2019-18238
+ RESERVED
+CVE-2019-18237
+ RESERVED
+CVE-2019-18236
+ RESERVED
+CVE-2019-18235
+ RESERVED
+CVE-2019-18234
+ RESERVED
+CVE-2019-18233
+ RESERVED
+CVE-2019-18232
+ RESERVED
+CVE-2019-18231
+ RESERVED
+CVE-2019-18230
+ RESERVED
+CVE-2019-18229
+ RESERVED
+CVE-2019-18228
+ RESERVED
+CVE-2019-18227
+ RESERVED
+CVE-2019-18226
+ RESERVED
CVE-2019-18225 (An issue was discovered in Citrix Application Delivery Controller (ADC ...)
NOT-FOR-US: Citrix
CVE-2019-18224 (idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a hea ...)
@@ -2914,8 +3014,8 @@ CVE-2019-17426 (Automattic Mongoose through 5.7.4 allows attackers to bypass acc
NOT-FOR-US: Automattic Mongoose (different from Cesenta Mongoose)
CVE-2019-17425
RESERVED
-CVE-2019-17424
- RESERVED
+CVE-2019-17424 (A stack-based buffer overflow in the processPrivilage() function in IO ...)
+ TODO: check
CVE-2019-17423
RESERVED
CVE-2019-17422
@@ -3401,8 +3501,8 @@ CVE-2019-17191 (The Signal Private Messenger application before 4.47.7 for Andro
NOT-FOR-US: Signal
CVE-2019-17190
RESERVED
-CVE-2019-17189
- RESERVED
+CVE-2019-17189 (totemodata 3.0.0_b936 has XSS via a folder name. ...)
+ TODO: check
CVE-2019-17188 (An unrestricted file upload vulnerability was discovered in catalog/pr ...)
NOT-FOR-US: Fecshop FecMall
CVE-2019-17187 (/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_ ...)
@@ -16653,8 +16753,8 @@ CVE-2019-12969
RESERVED
CVE-2019-12968 (A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin (EP_ ...)
NOT-FOR-US: Sonic Robo Blast 2
-CVE-2019-12967
- RESERVED
+CVE-2019-12967 (Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier ver ...)
+ TODO: check
CVE-2019-12966 (FeHelper through 2019-06-19 allows arbitrary code execution during a J ...)
NOT-FOR-US: FeHelper
CVE-2018-20847 (An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the functi ...)
@@ -18457,8 +18557,8 @@ CVE-2019-12292 (Citrix AppDNA before 7 1906.1.0.472 has Incorrect Access Control
NOT-FOR-US: Citrix AppDNA
CVE-2019-12291 (HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Key ...)
NOT-FOR-US: HashiCorp Consul
-CVE-2019-12290
- RESERVED
+CVE-2019-12290 (GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...)
+ TODO: check
CVE-2019-12289 (An issue was discovered in upgrade_firmware.cgi on VStarcam 100T (C782 ...)
NOT-FOR-US: VStarcam
CVE-2019-12288 (An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WI ...)
@@ -18862,10 +18962,10 @@ CVE-2018-20839 (systemd 242 changes the VT1 mode upon a logout, which allows att
NOTE: https://gitlab.freedesktop.org/xorg/xserver/issues/857#note_220255
CVE-2019-12149 (SQL injection vulnerability in silverstripe/restfulserver module 1.0.x ...)
NOT-FOR-US: SilverStripe
-CVE-2019-12148
- RESERVED
-CVE-2019-12147
- RESERVED
+CVE-2019-12148 (The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interfac ...)
+ TODO: check
+CVE-2019-12147 (The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interfac ...)
+ TODO: check
CVE-2019-12146 (A Directory Traversal issue was discovered in SSHServerAPI.dll in Prog ...)
NOT-FOR-US: Progress ipswitch WS_FTP Server
CVE-2019-12145 (A Directory Traversal issue was discovered in SSHServerAPI.dll in Prog ...)
@@ -20232,8 +20332,8 @@ CVE-2017-18369 (The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnl
NOT-FOR-US: Billion 5200W-T router
CVE-2017-18368 (The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 rou ...)
NOT-FOR-US: ZyXEL
-CVE-2019-11674
- RESERVED
+CVE-2019-11674 (Man-in-the-middle vulnerability in Micro Focus Self Service Password R ...)
+ TODO: check
CVE-2019-11673
RESERVED
CVE-2019-11672
@@ -24545,8 +24645,8 @@ CVE-2019-10081 (HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example co
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10081
CVE-2019-10080
RESERVED
-CVE-2019-10079
- RESERVED
+CVE-2019-10079 (Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. E ...)
+ TODO: check
CVE-2019-10078 (A carefully crafted plugin link invocation could trigger an XSS vulner ...)
- jspwiki <removed>
CVE-2019-10077 (A carefully crafted InterWiki link could trigger an XSS vulnerability ...)
@@ -39613,8 +39713,8 @@ CVE-2019-4525
RESERVED
CVE-2019-4524
RESERVED
-CVE-2019-4523
- RESERVED
+CVE-2019-4523 (IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable ...)
+ TODO: check
CVE-2019-4522
RESERVED
CVE-2019-4521
@@ -134445,8 +134545,8 @@ CVE-2017-8089
RESERVED
CVE-2017-8088
RESERVED
-CVE-2017-8087
- RESERVED
+CVE-2017-8087 (Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with ...)
+ TODO: check
CVE-2017-8086 (Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in Q ...)
{DLA-1497-1 DLA-1035-1 DLA-965-1}
- qemu 1:2.8+dfsg-5 (bug #861348)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ff6b0bf5b452d5628b31e03de9b207b75e97a6ef
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ff6b0bf5b452d5628b31e03de9b207b75e97a6ef
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191022/649b7b60/attachment.html>
More information about the debian-security-tracker-commits
mailing list