[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Sep 12 09:10:25 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d83e6b81 by security tracker role at 2019-09-12T08:10:15Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2019-16255
+ RESERVED
+CVE-2019-16254
+ RESERVED
+CVE-2019-16253
+ RESERVED
+CVE-2019-16252
+ RESERVED
+CVE-2019-16251
+ RESERVED
+CVE-2019-16250 (includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for ...)
+ TODO: check
+CVE-2019-16249 (OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core ...)
+ TODO: check
+CVE-2019-16248 (The "delete for" feature in Telegram before 5.11 on Android does not d ...)
+ TODO: check
+CVE-2019-16247 (Delta DCISoft 1.21 has a User Mode Write AV starting at CommLib!CCommL ...)
+ TODO: check
+CVE-2019-16246
+ RESERVED
+CVE-2019-16245
+ RESERVED
+CVE-2019-16244
+ RESERVED
+CVE-2019-16243
+ RESERVED
+CVE-2019-16242
+ RESERVED
+CVE-2019-16241
+ RESERVED
+CVE-2019-16240
+ RESERVED
+CVE-2019-16239
+ RESERVED
CVE-2019-XXXX [signature bypass with multiple From addresses]
- opendmarc <unfixed> (bug #940081)
NOTE: https://github.com/trusteddomainproject/OpenDMARC/pull/48
@@ -2490,8 +2524,8 @@ CVE-2019-15304 (Lierda Grill Temperature Monitor V1.00_50006 has a default passw
NOT-FOR-US: Lierda Grill Temperature Monitor
CVE-2019-15303
RESERVED
-CVE-2019-15302
- RESERVED
+CVE-2019-15302 (The pad management logic in XWiki labs CryptPad before 3.0.0 allows a ...)
+ TODO: check
CVE-2019-15301
RESERVED
CVE-2019-15300
@@ -8790,24 +8824,24 @@ CVE-2019-13546
RESERVED
CVE-2019-13545
RESERVED
-CVE-2019-13544
- RESERVED
+CVE-2019-13544 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple out-of-b ...)
+ TODO: check
CVE-2019-13543
RESERVED
CVE-2019-13542
RESERVED
CVE-2019-13541
RESERVED
-CVE-2019-13540
- RESERVED
+CVE-2019-13540 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-ba ...)
+ TODO: check
CVE-2019-13539
RESERVED
CVE-2019-13538
RESERVED
CVE-2019-13537
RESERVED
-CVE-2019-13536
- RESERVED
+CVE-2019-13536 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-bas ...)
+ TODO: check
CVE-2019-13535
RESERVED
CVE-2019-13534
@@ -13396,8 +13430,8 @@ CVE-2019-11771 (AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs
NOT-FOR-US: Eclipse OpenJ9
CVE-2019-11770 (In Eclipse Buildship versions prior to 3.1.1, the build files indicate ...)
NOT-FOR-US: Eclipse Buildship
-CVE-2019-11769
- RESERVED
+CVE-2019-11769 (An issue was discovered in TeamViewer 14.2.2558. Updating the product ...)
+ TODO: check
CVE-2019-11768 (An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability ...)
- phpmyadmin <unfixed> (bug #930048)
[jessie] - phpmyadmin <not-affected> (vulnerable code is not present)
@@ -18167,11 +18201,9 @@ CVE-2019-10076 (A carefully crafted malicious attachment could trigger an XSS vu
- jspwiki <removed>
CVE-2019-10075
RESERVED
-CVE-2019-10074
- RESERVED
+CVE-2019-10074 (An RCE is possible by entering Freemarker markup in an Apache OFBiz Fo ...)
NOT-FOR-US: Apache OFBiz
-CVE-2019-10073
- RESERVED
+CVE-2019-10073 (The "Blog", "Forum", "Contact Us" screens of the template "ecommerce" ...)
NOT-FOR-US: Apache OFBiz
CVE-2019-10072 (The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 co ...)
- tomcat9 9.0.22-1 (bug #931131)
@@ -32019,10 +32051,10 @@ CVE-2019-5057 (An exploitable code execution vulnerability exists in the PCX ima
NOTE: https://hg.libsdl.org/SDL_image/rev/7453e79c8cdb
CVE-2019-5056
RESERVED
-CVE-2019-5055
- RESERVED
-CVE-2019-5054
- RESERVED
+CVE-2019-5055 (An exploitable denial-of-service vulnerability exists in the Host Acce ...)
+ TODO: check
+CVE-2019-5054 (An exploitable denial-of-service vulnerability exists in the session h ...)
+ TODO: check
CVE-2019-5053
RESERVED
CVE-2019-5052 (An exploitable integer overflow vulnerability exists when loading a PC ...)
@@ -34944,16 +34976,16 @@ CVE-2019-3765
RESERVED
CVE-2019-3764
RESERVED
-CVE-2019-3763
- RESERVED
+CVE-2019-3763 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...)
+ TODO: check
CVE-2019-3762
RESERVED
-CVE-2019-3761
- RESERVED
-CVE-2019-3760
- RESERVED
-CVE-2019-3759
- RESERVED
+CVE-2019-3761 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...)
+ TODO: check
+CVE-2019-3760 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...)
+ TODO: check
+CVE-2019-3759 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...)
+ TODO: check
CVE-2019-3758
RESERVED
CVE-2019-3757
@@ -43393,158 +43425,158 @@ CVE-2019-1308
RESERVED
CVE-2019-1307
RESERVED
-CVE-2019-1306
- RESERVED
-CVE-2019-1305
- RESERVED
+CVE-2019-1306 (A remote code execution vulnerability exists when Azure DevOps Server ...)
+ TODO: check
+CVE-2019-1305 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
+ TODO: check
CVE-2019-1304
RESERVED
-CVE-2019-1303
- RESERVED
-CVE-2019-1302
- RESERVED
-CVE-2019-1301
- RESERVED
-CVE-2019-1300
- RESERVED
-CVE-2019-1299
- RESERVED
-CVE-2019-1298
- RESERVED
-CVE-2019-1297
- RESERVED
-CVE-2019-1296
- RESERVED
-CVE-2019-1295
- RESERVED
-CVE-2019-1294
- RESERVED
-CVE-2019-1293
- RESERVED
-CVE-2019-1292
- RESERVED
-CVE-2019-1291
- RESERVED
-CVE-2019-1290
- RESERVED
-CVE-2019-1289
- RESERVED
+CVE-2019-1303 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
+ TODO: check
+CVE-2019-1302 (An elevation of privilege vulnerability exists when a ASP.NET Core web ...)
+ TODO: check
+CVE-2019-1301 (A denial of service vulnerability exists when .NET Core improperly han ...)
+ TODO: check
+CVE-2019-1300 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-1299 (An information disclosure vulnerability exists when Microsoft Edge bas ...)
+ TODO: check
+CVE-2019-1298 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-1297 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
+ TODO: check
+CVE-2019-1296 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+ TODO: check
+CVE-2019-1295 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+ TODO: check
+CVE-2019-1294 (A security feature bypass exists when Windows Secure Boot improperly r ...)
+ TODO: check
+CVE-2019-1293 (An information disclosure vulnerability exists in Windows when the Win ...)
+ TODO: check
+CVE-2019-1292 (A denial of service vulnerability exists when Windows improperly handl ...)
+ TODO: check
+CVE-2019-1291 (A remote code execution vulnerability exists in the Windows Remote Des ...)
+ TODO: check
+CVE-2019-1290 (A remote code execution vulnerability exists in the Windows Remote Des ...)
+ TODO: check
+CVE-2019-1289 (An elevation of privilege vulnerability exists when the Windows Update ...)
+ TODO: check
CVE-2019-1288
RESERVED
-CVE-2019-1287
- RESERVED
-CVE-2019-1286
- RESERVED
-CVE-2019-1285
- RESERVED
-CVE-2019-1284
- RESERVED
-CVE-2019-1283
- RESERVED
-CVE-2019-1282
- RESERVED
+CVE-2019-1287 (An elevation of privilege vulnerability exists in the way that the Win ...)
+ TODO: check
+CVE-2019-1286 (An information disclosure vulnerability exists when the Windows GDI co ...)
+ TODO: check
+CVE-2019-1285 (An elevation of privilege vulnerability exists in Windows when the Win ...)
+ TODO: check
+CVE-2019-1284 (An elevation of privilege vulnerability exists when DirectX improperly ...)
+ TODO: check
+CVE-2019-1283 (An information disclosure vulnerability exists in the way that Microso ...)
+ TODO: check
+CVE-2019-1282 (An information disclosure exists in the Windows Common Log File System ...)
+ TODO: check
CVE-2019-1281
RESERVED
-CVE-2019-1280
- RESERVED
+CVE-2019-1280 (A remote code execution vulnerability exists in Microsoft Windows that ...)
+ TODO: check
CVE-2019-1279
RESERVED
-CVE-2019-1278
- RESERVED
-CVE-2019-1277
- RESERVED
+CVE-2019-1278 (An elevation of privilege vulnerability exists in the way that the uni ...)
+ TODO: check
+CVE-2019-1277 (An elevation of privilege vulnerability exists in Windows Audio Servic ...)
+ TODO: check
CVE-2019-1276
RESERVED
CVE-2019-1275
RESERVED
-CVE-2019-1274
- RESERVED
-CVE-2019-1273
- RESERVED
-CVE-2019-1272
- RESERVED
-CVE-2019-1271
- RESERVED
-CVE-2019-1270
- RESERVED
-CVE-2019-1269
- RESERVED
-CVE-2019-1268
- RESERVED
-CVE-2019-1267
- RESERVED
-CVE-2019-1266
- RESERVED
-CVE-2019-1265
- RESERVED
-CVE-2019-1264
- RESERVED
-CVE-2019-1263
- RESERVED
-CVE-2019-1262
- RESERVED
-CVE-2019-1261
- RESERVED
-CVE-2019-1260
- RESERVED
-CVE-2019-1259
- RESERVED
+CVE-2019-1274 (An information disclosure vulnerability exists when the Windows kernel ...)
+ TODO: check
+CVE-2019-1273 (A cross-site-scripting (XSS) vulnerability exists when Active Director ...)
+ TODO: check
+CVE-2019-1272 (An elevation of privilege vulnerability exists when Windows improperly ...)
+ TODO: check
+CVE-2019-1271 (An elevation of privilege exists in hdAudio.sys which may lead to an o ...)
+ TODO: check
+CVE-2019-1270 (An elevation of privilege vulnerability exists in Windows store instal ...)
+ TODO: check
+CVE-2019-1269 (An elevation of privilege vulnerability exists when Windows improperly ...)
+ TODO: check
+CVE-2019-1268 (An elevation of privilege exists when Winlogon does not properly handl ...)
+ TODO: check
+CVE-2019-1267 (An elevation of privilege vulnerability exists in Microsoft Compatibil ...)
+ TODO: check
+CVE-2019-1266 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
+ TODO: check
+CVE-2019-1265 (A security feature bypass vulnerability exists when Microsoft Yammer A ...)
+ TODO: check
+CVE-2019-1264 (A security feature bypass vulnerability exists when Microsoft Office i ...)
+ TODO: check
+CVE-2019-1263 (An information disclosure vulnerability exists when Microsoft Excel im ...)
+ TODO: check
+CVE-2019-1262 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
+ TODO: check
+CVE-2019-1261 (A spoofing vulnerability exists in Microsoft SharePoint when it improp ...)
+ TODO: check
+CVE-2019-1260 (An elevation of privilege vulnerability exists in Microsoft SharePoint ...)
+ TODO: check
+CVE-2019-1259 (A spoofing vulnerability exists in Microsoft SharePoint when it improp ...)
+ TODO: check
CVE-2019-1258 (An elevation of privilege vulnerability exists in Azure Active Directo ...)
TODO: check
-CVE-2019-1257
- RESERVED
-CVE-2019-1256
- RESERVED
+CVE-2019-1257 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
+ TODO: check
+CVE-2019-1256 (An elevation of privilege vulnerability exists in Windows when the Win ...)
+ TODO: check
CVE-2019-1255
RESERVED
-CVE-2019-1254
- RESERVED
-CVE-2019-1253
- RESERVED
-CVE-2019-1252
- RESERVED
-CVE-2019-1251
- RESERVED
-CVE-2019-1250
- RESERVED
-CVE-2019-1249
- RESERVED
-CVE-2019-1248
- RESERVED
-CVE-2019-1247
- RESERVED
-CVE-2019-1246
- RESERVED
-CVE-2019-1245
- RESERVED
-CVE-2019-1244
- RESERVED
-CVE-2019-1243
- RESERVED
-CVE-2019-1242
- RESERVED
-CVE-2019-1241
- RESERVED
-CVE-2019-1240
- RESERVED
+CVE-2019-1254 (An information disclosure vulnerability exists when Windows Hyper-V wr ...)
+ TODO: check
+CVE-2019-1253 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
+ TODO: check
+CVE-2019-1252 (An information disclosure vulnerability exists when the Windows GDI co ...)
+ TODO: check
+CVE-2019-1251 (An information disclosure vulnerability exists when DirectWrite improp ...)
+ TODO: check
+CVE-2019-1250 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-1249 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-1248 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-1247 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-1246 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-1245 (An information disclosure vulnerability exists when DirectWrite improp ...)
+ TODO: check
+CVE-2019-1244 (An information disclosure vulnerability exists when DirectWrite improp ...)
+ TODO: check
+CVE-2019-1243 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-1242 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-1241 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
+CVE-2019-1240 (A remote code execution vulnerability exists when the Windows Jet Data ...)
+ TODO: check
CVE-2019-1239
RESERVED
CVE-2019-1238
RESERVED
-CVE-2019-1237
- RESERVED
-CVE-2019-1236
- RESERVED
-CVE-2019-1235
- RESERVED
+CVE-2019-1237 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-1236 (A remote code execution vulnerability exists in the way that the VBScr ...)
+ TODO: check
+CVE-2019-1235 (An elevation of privilege vulnerability exists in Windows Text Service ...)
+ TODO: check
CVE-2019-1234
RESERVED
-CVE-2019-1233
- RESERVED
-CVE-2019-1232
- RESERVED
-CVE-2019-1231
- RESERVED
+CVE-2019-1233 (A denial of service vulnerability exists in Microsoft Exchange Server ...)
+ TODO: check
+CVE-2019-1232 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
+ TODO: check
+CVE-2019-1231 (An information disclosure vulnerability exists in the way Rome SDK han ...)
+ TODO: check
CVE-2019-1230
RESERVED
CVE-2019-1229 (An elevation of privilege vulnerability exists in Dynamics On-Premise ...)
@@ -43563,22 +43595,22 @@ CVE-2019-1223 (A denial of service vulnerability exists in Remote Desktop Protoc
NOT-FOR-US: Microsoft
CVE-2019-1222 (A remote code execution vulnerability exists in Remote Desktop Service ...)
NOT-FOR-US: Microsoft
-CVE-2019-1221
- RESERVED
-CVE-2019-1220
- RESERVED
-CVE-2019-1219
- RESERVED
+CVE-2019-1221 (A remote code execution vulnerability exists in the way that the scrip ...)
+ TODO: check
+CVE-2019-1220 (A security feature bypass vulnerability exists when Microsoft Browsers ...)
+ TODO: check
+CVE-2019-1219 (An information disclosure vulnerability exists when the Windows Transa ...)
+ TODO: check
CVE-2019-1218 (A spoofing vulnerability exists in the way Microsoft Outlook iOS softw ...)
NOT-FOR-US: Microsoft
-CVE-2019-1217
- RESERVED
-CVE-2019-1216
- RESERVED
-CVE-2019-1215
- RESERVED
-CVE-2019-1214
- RESERVED
+CVE-2019-1217 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
+CVE-2019-1216 (An information disclosure vulnerability exists when DirectX improperly ...)
+ TODO: check
+CVE-2019-1215 (An elevation of privilege vulnerability exists in the way that ws2ifsl ...)
+ TODO: check
+CVE-2019-1214 (An elevation of privilege vulnerability exists when the Windows Common ...)
+ TODO: check
CVE-2019-1213 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
NOT-FOR-US: Microsoft
CVE-2019-1212 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
@@ -43587,10 +43619,10 @@ CVE-2019-1211 (An elevation of privilege vulnerability exists in Git for Visual
TODO: check
CVE-2019-1210
RESERVED
-CVE-2019-1209
- RESERVED
-CVE-2019-1208
- RESERVED
+CVE-2019-1209 (An information disclosure vulnerability exists in Lync 2013, aka 'Lync ...)
+ TODO: check
+CVE-2019-1208 (A remote code execution vulnerability exists in the way that the VBScr ...)
+ TODO: check
CVE-2019-1207
RESERVED
CVE-2019-1206 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
@@ -43721,16 +43753,16 @@ CVE-2019-1144 (A remote code execution vulnerability exists when the Windows fon
NOT-FOR-US: Microsoft
CVE-2019-1143 (An information disclosure vulnerability exists when the Windows GDI co ...)
NOT-FOR-US: Microsoft
-CVE-2019-1142
- RESERVED
+CVE-2019-1142 (An elevation of privilege vulnerability exists when the .NET Framework ...)
+ TODO: check
CVE-2019-1141 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-1140 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-1139 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
-CVE-2019-1138
- RESERVED
+CVE-2019-1138 (A remote code execution vulnerability exists in the way that the Chakr ...)
+ TODO: check
CVE-2019-1137 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Excha ...)
NOT-FOR-US: Microsoft
CVE-2019-1136 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
@@ -44154,8 +44186,8 @@ CVE-2019-0930 (An information disclosure vulnerability exists when Internet Expl
NOT-FOR-US: Microsoft
CVE-2019-0929 (A remote code execution vulnerability exists when Internet Explorer im ...)
NOT-FOR-US: Microsoft
-CVE-2019-0928
- RESERVED
+CVE-2019-0928 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
+ TODO: check
CVE-2019-0927 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0926 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
@@ -44439,10 +44471,10 @@ CVE-2019-0790 (A remote code execution vulnerability exists when the Microsoft X
NOT-FOR-US: Microsoft
CVE-2019-0789
RESERVED
-CVE-2019-0788
- RESERVED
-CVE-2019-0787
- RESERVED
+CVE-2019-0788 (A remote code execution vulnerability exists in the Windows Remote Des ...)
+ TODO: check
+CVE-2019-0787 (A remote code execution vulnerability exists in the Windows Remote Des ...)
+ TODO: check
CVE-2019-0786 (An elevation of privilege vulnerability exists in the Microsoft Server ...)
NOT-FOR-US: Microsoft
CVE-2019-0785 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
@@ -46629,8 +46661,7 @@ CVE-2019-0190 (A bug exists in the way mod_ssl handled client renegotiations. A
[stretch] - apache2 <not-affected> (Only affects 2.4.37)
[jessie] - apache2 <not-affected> (Only affects 2.4.37)
NOTE: https://www.openwall.com/lists/oss-security/2019/01/22/4
-CVE-2019-0189
- RESERVED
+CVE-2019-0189 (The java.io.ObjectInputStream is known to cause Java serialisation iss ...)
NOT-FOR-US: Apache OFBiz
CVE-2019-0188 (Apache Camel prior to 2.24.0 contains an XML external entity injection ...)
NOT-FOR-US: Apache Camel
@@ -52256,8 +52287,7 @@ CVE-2018-17202 (Certain input files could make the code to enter into an infinit
NOTE: Apache Commons Imaging
CVE-2018-17201 (Certain input files could make the code hang when Apache Sanselan 0.97 ...)
NOTE: Apache Commons Imaging
-CVE-2018-17200
- RESERVED
+CVE-2018-17200 (The Apache OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngi ...)
NOT-FOR-US: Apache OFBiz
CVE-2018-17199 (In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks ...)
{DSA-4422-1 DLA-1647-1}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d83e6b819c4ee8928f545fafa1750f53bec9ef18
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d83e6b819c4ee8928f545fafa1750f53bec9ef18
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190912/57d2b581/attachment.html>
More information about the debian-security-tracker-commits
mailing list