[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Oct 24 09:10:39 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
70075ea0 by security tracker role at 2019-10-24T08:10:25Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,69 @@
+CVE-2019-18392
+	RESERVED
+CVE-2019-18391
+	RESERVED
+CVE-2019-18390
+	RESERVED
+CVE-2019-18389
+	RESERVED
+CVE-2019-18388
+	RESERVED
+CVE-2019-18387 (Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to  ...)
+	TODO: check
+CVE-2019-18386
+	RESERVED
+CVE-2019-18385 (An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unaut ...)
+	TODO: check
+CVE-2019-18384 (An issue was discovered on TerraMaster FS-210 4.0.19 devices. An authe ...)
+	TODO: check
+CVE-2019-18383 (An issue was discovered on TerraMaster FS-210 4.0.19 devices. One can  ...)
+	TODO: check
+CVE-2019-18382 (An issue was discovered on AVStar PE204 3.10.70 IP camera devices. A d ...)
+	TODO: check
+CVE-2019-18381
+	RESERVED
+CVE-2019-18380
+	RESERVED
+CVE-2019-18379
+	RESERVED
+CVE-2019-18378
+	RESERVED
+CVE-2019-18377
+	RESERVED
+CVE-2019-18376
+	RESERVED
+CVE-2019-18375
+	RESERVED
+CVE-2019-18374
+	RESERVED
+CVE-2019-18373
+	RESERVED
+CVE-2019-18372
+	RESERVED
+CVE-2019-18371 (An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-s ...)
+	TODO: check
+CVE-2019-18370 (An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-s ...)
+	TODO: check
+CVE-2019-18369
+	RESERVED
+CVE-2019-18368
+	RESERVED
+CVE-2019-18367
+	RESERVED
+CVE-2019-18366
+	RESERVED
+CVE-2019-18365
+	RESERVED
+CVE-2019-18364
+	RESERVED
+CVE-2019-18363
+	RESERVED
+CVE-2019-18362
+	RESERVED
+CVE-2019-18361
+	RESERVED
+CVE-2019-18360
+	RESERVED
 CVE-2019-18359 (A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3G ...)
 	- mp3gain <removed>
 CVE-2019-18358
@@ -289,6 +355,7 @@ CVE-2019-18220 (Sitemagic CMS 4.4.1 is affected by a Cross-Site-Request-Forgery
 CVE-2019-18219 (Sitemagic CMS 4.4.1 is affected by a Cross-Site-Scripting (XSS) vulner ...)
 	NOT-FOR-US: Sitemagic CMS
 CVE-2019-18218 (cdf_read_property_info in cdf.c in file through 5.37 does not restrict ...)
+	{DLA-1969-1}
 	- file 1:5.37-6 (bug #942830)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780
 	NOTE: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84 
@@ -302,10 +369,10 @@ CVE-2019-18215
 	RESERVED
 CVE-2019-18214 (The Video_Converter app 0.1.0 for Nextcloud allows denial of service ( ...)
 	NOT-FOR-US: Video_Converter app for Nextcloud
-CVE-2019-18213
-	RESERVED
-CVE-2019-18212
-	RESERVED
+CVE-2019-18213 (XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML ...)
+	TODO: check
+CVE-2019-18212 (XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0. ...)
+	TODO: check
 CVE-2019-18211
 	RESERVED
 CVE-2019-18210
@@ -18425,8 +18492,7 @@ CVE-2019-12417
 	RESERVED
 CVE-2019-12416
 	RESERVED
-CVE-2019-12415
-	RESERVED
+CVE-2019-12415 (In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to conv ...)
 	- libapache-poi-java <unfixed>
 	[jessie] - libapache-poi-java <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/10/23/1
@@ -30855,12 +30921,12 @@ CVE-2019-8240
 	RESERVED
 CVE-2019-8239
 	RESERVED
-CVE-2019-8238
-	RESERVED
-CVE-2019-8237
-	RESERVED
-CVE-2019-8236
-	RESERVED
+CVE-2019-8238 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier; 2019.010 ...)
+	TODO: check
+CVE-2019-8237 (Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012 ...)
+	TODO: check
+CVE-2019-8236 (Creative Cloud Desktop Application version 4.6.1 and earlier versions  ...)
+	TODO: check
 CVE-2019-8235
 	RESERVED
 CVE-2019-8234



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70075ea002cd108f12b3a8c697c05fb1be1a0e2d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70075ea002cd108f12b3a8c697c05fb1be1a0e2d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191024/5f0891ed/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list