[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Wed Oct 23 09:10:38 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a7844408 by security tracker role at 2019-10-23T08:10:22Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2594,24 +2594,24 @@ CVE-2015-9503
RESERVED
CVE-2015-9502
RESERVED
-CVE-2015-9501
- RESERVED
-CVE-2015-9500
- RESERVED
-CVE-2015-9499
- RESERVED
-CVE-2015-9498
- RESERVED
-CVE-2015-9497
- RESERVED
-CVE-2015-9496
- RESERVED
-CVE-2015-9495
- RESERVED
-CVE-2015-9494
- RESERVED
-CVE-2015-9493
- RESERVED
+CVE-2015-9501 (The Artificial Intelligence theme before 1.2.4 for WordPress has XSS b ...)
+ TODO: check
+CVE-2015-9500 (The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via ...)
+ TODO: check
+CVE-2015-9499 (The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execut ...)
+ TODO: check
+CVE-2015-9498 (The wps-hide-login plugin before 1.1 for WordPress has CSRF that affec ...)
+ TODO: check
+CVE-2015-9497 (The ad-inserter plugin before 1.5.3 for WordPress has CSRF with result ...)
+ TODO: check
+CVE-2015-9496 (The freshmail-newsletter plugin before 1.6 for WordPress has shortcode ...)
+ TODO: check
+CVE-2015-9495 (The syndication-links plugin before 1.0.3 for WordPress has XSS via th ...)
+ TODO: check
+CVE-2015-9494 (The indieweb-post-kinds plugin before 1.3.1.1 for WordPress has XSS vi ...)
+ TODO: check
+CVE-2015-9493 (The my-wish-list plugin before 1.4.2 for WordPress has multiple XSS is ...)
+ TODO: check
CVE-2019-17547 (In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a ...)
- imagemagick <not-affected> (Vulnerable code not present)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537
@@ -3995,12 +3995,12 @@ CVE-2019-16975
RESERVED
CVE-2019-16974 (In FusionPBX up to 4.5.7, the file app\contacts\contact_times.php uses ...)
NOT-FOR-US: FusionPBX
-CVE-2019-16973
- RESERVED
-CVE-2019-16972
- RESERVED
-CVE-2019-16971
- RESERVED
+CVE-2019-16973 (In FusionPBX up to 4.5.7, the file app\contacts\contact_edit.php uses ...)
+ TODO: check
+CVE-2019-16972 (In FusionPBX up to 4.5.7, the file app\contacts\contact_addresses.php ...)
+ TODO: check
+CVE-2019-16971 (In FusionPBX up to 4.5.7, the file app\messages\messages_thread.php us ...)
+ TODO: check
CVE-2019-16970 (In FusionPBX up to 4.5.7, the file app\sip_status\sip_status.php uses ...)
NOT-FOR-US: FusionPBX
CVE-2019-16969 (In FusionPBX up to 4.5.7, the file app\fifo_list\fifo_interactive.php ...)
@@ -7821,8 +7821,7 @@ CVE-2019-15589
RESERVED
CVE-2019-15588
RESERVED
-CVE-2019-15587
- RESERVED
+CVE-2019-15587 (In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may o ...)
- ruby-loofah <unfixed> (bug #942894)
CVE-2019-15586
RESERVED
@@ -30953,8 +30952,8 @@ CVE-2019-8091
RESERVED
CVE-2019-8090
RESERVED
-CVE-2019-8089
- RESERVED
+CVE-2019-8089 (Adobe Experience Manager Forms versions 6.3-6.5 have a reflected cross ...)
+ TODO: check
CVE-2019-8088
RESERVED
CVE-2019-8087
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a7844408e3ee585c3aaa3290b1888fb8533ddf33
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a7844408e3ee585c3aaa3290b1888fb8533ddf33
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191023/0952c626/attachment.html>
More information about the debian-security-tracker-commits
mailing list