[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Sep 19 09:10:32 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
455eb5c2 by security tracker role at 2019-09-19T08:10:18Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2019-16418
+	RESERVED
+CVE-2019-16417
+	RESERVED
+CVE-2019-16416
+	RESERVED
+CVE-2019-16415
+	RESERVED
+CVE-2019-16414
+	RESERVED
+CVE-2019-16413 (An issue was discovered in the Linux kernel before 5.0.4. The 9p files ...)
+	TODO: check
+CVE-2019-16412
+	RESERVED
+CVE-2019-16411
+	RESERVED
+CVE-2019-16410
+	RESERVED
+CVE-2019-16409
+	RESERVED
+CVE-2019-16408
+	RESERVED
+CVE-2019-16407
+	RESERVED
+CVE-2019-16406
+	RESERVED
+CVE-2019-16405
+	RESERVED
 CVE-2019-16404
 	RESERVED
 CVE-2019-16403 (In Webkul Bagisto before 0.1.5, the functionalities for customers to c ...)
@@ -3053,8 +3081,8 @@ CVE-2019-15303
 	RESERVED
 CVE-2019-15302 (The pad management logic in XWiki labs CryptPad before 3.0.0 allows a  ...)
 	NOT-FOR-US: CryptPad
-CVE-2019-15301
-	RESERVED
+CVE-2019-15301 (A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.C ...)
+	TODO: check
 CVE-2019-15300
 	RESERVED
 CVE-2019-15299
@@ -4588,6 +4616,7 @@ CVE-2019-14823
 	RESERVED
 CVE-2019-14822 [missing authorization flaw]
 	RESERVED
+	{DSA-4525-1}
 	- ibus 1.5.21-1 (bug #940267)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/09/13/1
 	NOTE: Fixed by: https://github.com/ibus/ibus/commit/3d442dbf936d197aa11ca0a71663c2bc61696151
@@ -9363,24 +9392,24 @@ CVE-2019-13560 (D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote atta
 	NOT-FOR-US: D-Link
 CVE-2019-13559
 	RESERVED
-CVE-2019-13558
-	RESERVED
+CVE-2019-13558 (In WebAccess versions 8.4.1 and prior, an exploit executed over the ne ...)
+	TODO: check
 CVE-2019-13557
 	RESERVED
-CVE-2019-13556
-	RESERVED
+CVE-2019-13556 (In WebAccess versions 8.4.1 and prior, multiple stack-based buffer ove ...)
+	TODO: check
 CVE-2019-13555
 	RESERVED
 CVE-2019-13554
 	RESERVED
 CVE-2019-13553
 	RESERVED
-CVE-2019-13552
-	RESERVED
+CVE-2019-13552 (In WebAccess versions 8.4.1 and prior, multiple command injection vuln ...)
+	TODO: check
 CVE-2019-13551
 	RESERVED
-CVE-2019-13550
-	RESERVED
+CVE-2019-13550 (In WebAccess, versions 8.4.1 and prior, an improper authorization vuln ...)
+	TODO: check
 CVE-2019-13549
 	RESERVED
 CVE-2019-13548 (CODESYS V3 web server, all versions prior to 3.5.14.10, allows an atta ...)
@@ -13986,8 +14015,8 @@ CVE-2019-11779 [Excess hierarchy characters on subscribe causes crash]
 	RESERVED
 	- mosquitto 1.6.6-1 (bug #940654)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=551160
-CVE-2019-11778
-	RESERVED
+CVE-2019-11778 (If an MQTT v5 client connects to Eclipse Mosquitto versions 1.6.0 to 1 ...)
+	TODO: check
 CVE-2019-11777 (In the Eclipse Paho Java client library version 1.2.0, when connecting ...)
 	TODO: check
 CVE-2019-11776 (In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflecte ...)
@@ -14523,14 +14552,14 @@ CVE-2019-11666 (Insecure deserialization of untrusted data in Micro Focus Servic
 	NOT-FOR-US: Micro Focus
 CVE-2019-11665 (Data exposure in Micro Focus Service Manager product versions 9.30, 9. ...)
 	NOT-FOR-US: Micro Focus
-CVE-2019-11664
-	RESERVED
-CVE-2019-11663
-	RESERVED
-CVE-2019-11662
-	RESERVED
-CVE-2019-11661
-	RESERVED
+CVE-2019-11664 (Clear text password in browser in Micro Focus Service Manager product  ...)
+	TODO: check
+CVE-2019-11663 (Clear text credentials are used to access managers app in Tomcat in Mi ...)
+	TODO: check
+CVE-2019-11662 (Class and method names in error message in Micro Focus Service Manager ...)
+	TODO: check
+CVE-2019-11661 (Allow changes to some table by non-SysAdmin in Micro Focus Service Man ...)
+	TODO: check
 CVE-2019-11660 (Privileges manipulation in Micro Focus Data Protector, versions 10.00, ...)
 	NOT-FOR-US: Micro Focus
 CVE-2019-11659
@@ -15740,10 +15769,10 @@ CVE-2019-11213 (In Pulse Secure Pulse Desktop Client and Network Connect, an att
 	NOT-FOR-US: Pulse Secure Pulse Desktop Client and Network Connect
 CVE-2019-11212
 	RESERVED
-CVE-2019-11211
-	RESERVED
-CVE-2019-11210
-	RESERVED
+CVE-2019-11211 (The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime ...)
+	TODO: check
+CVE-2019-11210 (The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime ...)
+	TODO: check
 CVE-2019-11209 (The realm configuration component of TIBCO Software Inc.'s TIBCO FTL C ...)
 	TODO: check
 CVE-2019-11208 (The authorization component of TIBCO Software Inc.'s TIBCO API Exchang ...)
@@ -31577,14 +31606,14 @@ CVE-2019-5536
 	RESERVED
 CVE-2019-5535
 	RESERVED
-CVE-2019-5534
-	RESERVED
+CVE-2019-5534 (VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and  ...)
+	TODO: check
 CVE-2019-5533
 	RESERVED
-CVE-2019-5532
-	RESERVED
-CVE-2019-5531
-	RESERVED
+CVE-2019-5532 (VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and  ...)
+	TODO: check
+CVE-2019-5531 (VMware vSphere ESXi (6.7 prior to ESXi670-201904101-SG, 6.5 prior to E ...)
+	TODO: check
 CVE-2019-5530 (Windows binaries generated with InstallBuilder versions earlier than 1 ...)
 	NOT-FOR-US: InstallBuilder
 CVE-2019-5529
@@ -32597,10 +32626,10 @@ CVE-2019-5069 (A code execution vulnerability exists in Epignosis eFront LMS v5.
 	NOT-FOR-US: Epignosis eFront LMS
 CVE-2019-5068
 	RESERVED
-CVE-2019-5067
-	RESERVED
-CVE-2019-5066
-	RESERVED
+CVE-2019-5067 (An uninitialized memory access vulnerability exists in the way Aspose. ...)
+	TODO: check
+CVE-2019-5066 (An exploitable use-after-free vulnerability exists in the way LZW-comp ...)
+	TODO: check
 CVE-2019-5065 (An exploitable information disclosure vulnerability exists in the pack ...)
 	TODO: check
 CVE-2019-5064
@@ -32700,8 +32729,8 @@ CVE-2019-5044
 	REJECTED
 CVE-2019-5043
 	RESERVED
-CVE-2019-5042
-	RESERVED
+CVE-2019-5042 (An exploitable Use-After-Free vulnerability exists in the way Function ...)
+	TODO: check
 CVE-2019-5041 (An exploitable Stack Based Buffer Overflow vulnerability exists in the ...)
 	NOT-FOR-US: Aspose
 CVE-2019-5040 (An exploitable information disclosure vulnerability exists in the Weav ...)
@@ -35593,12 +35622,12 @@ CVE-2019-3760 (The RSA Identity Governance and Lifecycle software and RSA Via Li
 	TODO: check
 CVE-2019-3759 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...)
 	TODO: check
-CVE-2019-3758
-	RESERVED
+CVE-2019-3758 (RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper au ...)
+	TODO: check
 CVE-2019-3757
 	RESERVED
-CVE-2019-3756
-	RESERVED
+CVE-2019-3756 (RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information ...)
+	TODO: check
 CVE-2019-3755
 	RESERVED
 CVE-2019-3754 (Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116,  ...)
@@ -35629,12 +35658,12 @@ CVE-2019-3742 (Dell/Alienware Digital Delivery versions prior to 3.5.2013 contai
 	NOT-FOR-US: Dell/Alienware Digital Delivery
 CVE-2019-3741 (Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a  ...)
 	NOT-FOR-US: EMC
-CVE-2019-3740
-	RESERVED
-CVE-2019-3739
-	RESERVED
-CVE-2019-3738
-	RESERVED
+CVE-2019-3740 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Inform ...)
+	TODO: check
+CVE-2019-3739 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Informati ...)
+	TODO: check
+CVE-2019-3738 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improp ...)
+	TODO: check
 CVE-2019-3737 (Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by a ...)
 	NOT-FOR-US: Dell EMC Avamar ADMe Web Interface
 CVE-2019-3736



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/455eb5c21dd04b166694cf2dd71cf37842b3e6f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/455eb5c21dd04b166694cf2dd71cf37842b3e6f9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190919/4cbbda07/attachment.html>


More information about the debian-security-tracker-commits mailing list