[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Tue Oct 22 21:10:40 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ff6b0bf5 by security tracker role at 2019-10-22T20:10:25Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,103 @@
+CVE-2019-18275
+	RESERVED
+CVE-2019-18274
+	RESERVED
+CVE-2019-18273
+	RESERVED
+CVE-2019-18272
+	RESERVED
+CVE-2019-18271
+	RESERVED
+CVE-2019-18270
+	RESERVED
+CVE-2019-18269
+	RESERVED
+CVE-2019-18268
+	RESERVED
+CVE-2019-18267
+	RESERVED
+CVE-2019-18266
+	RESERVED
+CVE-2019-18265
+	RESERVED
+CVE-2019-18264
+	RESERVED
+CVE-2019-18263
+	RESERVED
+CVE-2019-18262
+	RESERVED
+CVE-2019-18261
+	RESERVED
+CVE-2019-18260
+	RESERVED
+CVE-2019-18259
+	RESERVED
+CVE-2019-18258
+	RESERVED
+CVE-2019-18257
+	RESERVED
+CVE-2019-18256
+	RESERVED
+CVE-2019-18255
+	RESERVED
+CVE-2019-18254
+	RESERVED
+CVE-2019-18253
+	RESERVED
+CVE-2019-18252
+	RESERVED
+CVE-2019-18251
+	RESERVED
+CVE-2019-18250
+	RESERVED
+CVE-2019-18249
+	RESERVED
+CVE-2019-18248
+	RESERVED
+CVE-2019-18247
+	RESERVED
+CVE-2019-18246
+	RESERVED
+CVE-2019-18245
+	RESERVED
+CVE-2019-18244
+	RESERVED
+CVE-2019-18243
+	RESERVED
+CVE-2019-18242
+	RESERVED
+CVE-2019-18241
+	RESERVED
+CVE-2019-18240
+	RESERVED
+CVE-2019-18239
+	RESERVED
+CVE-2019-18238
+	RESERVED
+CVE-2019-18237
+	RESERVED
+CVE-2019-18236
+	RESERVED
+CVE-2019-18235
+	RESERVED
+CVE-2019-18234
+	RESERVED
+CVE-2019-18233
+	RESERVED
+CVE-2019-18232
+	RESERVED
+CVE-2019-18231
+	RESERVED
+CVE-2019-18230
+	RESERVED
+CVE-2019-18229
+	RESERVED
+CVE-2019-18228
+	RESERVED
+CVE-2019-18227
+	RESERVED
+CVE-2019-18226
+	RESERVED
 CVE-2019-18225 (An issue was discovered in Citrix Application Delivery Controller (ADC ...)
 	NOT-FOR-US: Citrix
 CVE-2019-18224 (idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a hea ...)
@@ -2914,8 +3014,8 @@ CVE-2019-17426 (Automattic Mongoose through 5.7.4 allows attackers to bypass acc
 	NOT-FOR-US: Automattic Mongoose (different from Cesenta Mongoose)
 CVE-2019-17425
 	RESERVED
-CVE-2019-17424
-	RESERVED
+CVE-2019-17424 (A stack-based buffer overflow in the processPrivilage() function in IO ...)
+	TODO: check
 CVE-2019-17423
 	RESERVED
 CVE-2019-17422
@@ -3401,8 +3501,8 @@ CVE-2019-17191 (The Signal Private Messenger application before 4.47.7 for Andro
 	NOT-FOR-US: Signal
 CVE-2019-17190
 	RESERVED
-CVE-2019-17189
-	RESERVED
+CVE-2019-17189 (totemodata 3.0.0_b936 has XSS via a folder name. ...)
+	TODO: check
 CVE-2019-17188 (An unrestricted file upload vulnerability was discovered in catalog/pr ...)
 	NOT-FOR-US: Fecshop FecMall
 CVE-2019-17187 (/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_ ...)
@@ -16653,8 +16753,8 @@ CVE-2019-12969
 	RESERVED
 CVE-2019-12968 (A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin (EP_ ...)
 	NOT-FOR-US: Sonic Robo Blast 2
-CVE-2019-12967
-	RESERVED
+CVE-2019-12967 (Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier ver ...)
+	TODO: check
 CVE-2019-12966 (FeHelper through 2019-06-19 allows arbitrary code execution during a J ...)
 	NOT-FOR-US: FeHelper
 CVE-2018-20847 (An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the functi ...)
@@ -18457,8 +18557,8 @@ CVE-2019-12292 (Citrix AppDNA before 7 1906.1.0.472 has Incorrect Access Control
 	NOT-FOR-US: Citrix AppDNA
 CVE-2019-12291 (HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Key ...)
 	NOT-FOR-US: HashiCorp Consul
-CVE-2019-12290
-	RESERVED
+CVE-2019-12290 (GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...)
+	TODO: check
 CVE-2019-12289 (An issue was discovered in upgrade_firmware.cgi on VStarcam 100T (C782 ...)
 	NOT-FOR-US: VStarcam
 CVE-2019-12288 (An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WI ...)
@@ -18862,10 +18962,10 @@ CVE-2018-20839 (systemd 242 changes the VT1 mode upon a logout, which allows att
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/issues/857#note_220255
 CVE-2019-12149 (SQL injection vulnerability in silverstripe/restfulserver module 1.0.x ...)
 	NOT-FOR-US: SilverStripe
-CVE-2019-12148
-	RESERVED
-CVE-2019-12147
-	RESERVED
+CVE-2019-12148 (The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interfac ...)
+	TODO: check
+CVE-2019-12147 (The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interfac ...)
+	TODO: check
 CVE-2019-12146 (A Directory Traversal issue was discovered in SSHServerAPI.dll in Prog ...)
 	NOT-FOR-US: Progress ipswitch WS_FTP Server
 CVE-2019-12145 (A Directory Traversal issue was discovered in SSHServerAPI.dll in Prog ...)
@@ -20232,8 +20332,8 @@ CVE-2017-18369 (The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnl
 	NOT-FOR-US: Billion 5200W-T router
 CVE-2017-18368 (The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 rou ...)
 	NOT-FOR-US: ZyXEL
-CVE-2019-11674
-	RESERVED
+CVE-2019-11674 (Man-in-the-middle vulnerability in Micro Focus Self Service Password R ...)
+	TODO: check
 CVE-2019-11673
 	RESERVED
 CVE-2019-11672
@@ -24545,8 +24645,8 @@ CVE-2019-10081 (HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example co
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10081
 CVE-2019-10080
 	RESERVED
-CVE-2019-10079
-	RESERVED
+CVE-2019-10079 (Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. E ...)
+	TODO: check
 CVE-2019-10078 (A carefully crafted plugin link invocation could trigger an XSS vulner ...)
 	- jspwiki <removed>
 CVE-2019-10077 (A carefully crafted InterWiki link could trigger an XSS vulnerability  ...)
@@ -39613,8 +39713,8 @@ CVE-2019-4525
 	RESERVED
 CVE-2019-4524
 	RESERVED
-CVE-2019-4523
-	RESERVED
+CVE-2019-4523 (IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable ...)
+	TODO: check
 CVE-2019-4522
 	RESERVED
 CVE-2019-4521
@@ -134445,8 +134545,8 @@ CVE-2017-8089
 	RESERVED
 CVE-2017-8088
 	RESERVED
-CVE-2017-8087
-	RESERVED
+CVE-2017-8087 (Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with ...)
+	TODO: check
 CVE-2017-8086 (Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in Q ...)
 	{DLA-1497-1 DLA-1035-1 DLA-965-1}
 	- qemu 1:2.8+dfsg-5 (bug #861348)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ff6b0bf5b452d5628b31e03de9b207b75e97a6ef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ff6b0bf5b452d5628b31e03de9b207b75e97a6ef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191022/649b7b60/attachment.html>


More information about the debian-security-tracker-commits mailing list