[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Sep 19 09:10:32 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
455eb5c2 by security tracker role at 2019-09-19T08:10:18Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2019-16418
+ RESERVED
+CVE-2019-16417
+ RESERVED
+CVE-2019-16416
+ RESERVED
+CVE-2019-16415
+ RESERVED
+CVE-2019-16414
+ RESERVED
+CVE-2019-16413 (An issue was discovered in the Linux kernel before 5.0.4. The 9p files ...)
+ TODO: check
+CVE-2019-16412
+ RESERVED
+CVE-2019-16411
+ RESERVED
+CVE-2019-16410
+ RESERVED
+CVE-2019-16409
+ RESERVED
+CVE-2019-16408
+ RESERVED
+CVE-2019-16407
+ RESERVED
+CVE-2019-16406
+ RESERVED
+CVE-2019-16405
+ RESERVED
CVE-2019-16404
RESERVED
CVE-2019-16403 (In Webkul Bagisto before 0.1.5, the functionalities for customers to c ...)
@@ -3053,8 +3081,8 @@ CVE-2019-15303
RESERVED
CVE-2019-15302 (The pad management logic in XWiki labs CryptPad before 3.0.0 allows a ...)
NOT-FOR-US: CryptPad
-CVE-2019-15301
- RESERVED
+CVE-2019-15301 (A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.C ...)
+ TODO: check
CVE-2019-15300
RESERVED
CVE-2019-15299
@@ -4588,6 +4616,7 @@ CVE-2019-14823
RESERVED
CVE-2019-14822 [missing authorization flaw]
RESERVED
+ {DSA-4525-1}
- ibus 1.5.21-1 (bug #940267)
NOTE: https://www.openwall.com/lists/oss-security/2019/09/13/1
NOTE: Fixed by: https://github.com/ibus/ibus/commit/3d442dbf936d197aa11ca0a71663c2bc61696151
@@ -9363,24 +9392,24 @@ CVE-2019-13560 (D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote atta
NOT-FOR-US: D-Link
CVE-2019-13559
RESERVED
-CVE-2019-13558
- RESERVED
+CVE-2019-13558 (In WebAccess versions 8.4.1 and prior, an exploit executed over the ne ...)
+ TODO: check
CVE-2019-13557
RESERVED
-CVE-2019-13556
- RESERVED
+CVE-2019-13556 (In WebAccess versions 8.4.1 and prior, multiple stack-based buffer ove ...)
+ TODO: check
CVE-2019-13555
RESERVED
CVE-2019-13554
RESERVED
CVE-2019-13553
RESERVED
-CVE-2019-13552
- RESERVED
+CVE-2019-13552 (In WebAccess versions 8.4.1 and prior, multiple command injection vuln ...)
+ TODO: check
CVE-2019-13551
RESERVED
-CVE-2019-13550
- RESERVED
+CVE-2019-13550 (In WebAccess, versions 8.4.1 and prior, an improper authorization vuln ...)
+ TODO: check
CVE-2019-13549
RESERVED
CVE-2019-13548 (CODESYS V3 web server, all versions prior to 3.5.14.10, allows an atta ...)
@@ -13986,8 +14015,8 @@ CVE-2019-11779 [Excess hierarchy characters on subscribe causes crash]
RESERVED
- mosquitto 1.6.6-1 (bug #940654)
NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=551160
-CVE-2019-11778
- RESERVED
+CVE-2019-11778 (If an MQTT v5 client connects to Eclipse Mosquitto versions 1.6.0 to 1 ...)
+ TODO: check
CVE-2019-11777 (In the Eclipse Paho Java client library version 1.2.0, when connecting ...)
TODO: check
CVE-2019-11776 (In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflecte ...)
@@ -14523,14 +14552,14 @@ CVE-2019-11666 (Insecure deserialization of untrusted data in Micro Focus Servic
NOT-FOR-US: Micro Focus
CVE-2019-11665 (Data exposure in Micro Focus Service Manager product versions 9.30, 9. ...)
NOT-FOR-US: Micro Focus
-CVE-2019-11664
- RESERVED
-CVE-2019-11663
- RESERVED
-CVE-2019-11662
- RESERVED
-CVE-2019-11661
- RESERVED
+CVE-2019-11664 (Clear text password in browser in Micro Focus Service Manager product ...)
+ TODO: check
+CVE-2019-11663 (Clear text credentials are used to access managers app in Tomcat in Mi ...)
+ TODO: check
+CVE-2019-11662 (Class and method names in error message in Micro Focus Service Manager ...)
+ TODO: check
+CVE-2019-11661 (Allow changes to some table by non-SysAdmin in Micro Focus Service Man ...)
+ TODO: check
CVE-2019-11660 (Privileges manipulation in Micro Focus Data Protector, versions 10.00, ...)
NOT-FOR-US: Micro Focus
CVE-2019-11659
@@ -15740,10 +15769,10 @@ CVE-2019-11213 (In Pulse Secure Pulse Desktop Client and Network Connect, an att
NOT-FOR-US: Pulse Secure Pulse Desktop Client and Network Connect
CVE-2019-11212
RESERVED
-CVE-2019-11211
- RESERVED
-CVE-2019-11210
- RESERVED
+CVE-2019-11211 (The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime ...)
+ TODO: check
+CVE-2019-11210 (The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime ...)
+ TODO: check
CVE-2019-11209 (The realm configuration component of TIBCO Software Inc.'s TIBCO FTL C ...)
TODO: check
CVE-2019-11208 (The authorization component of TIBCO Software Inc.'s TIBCO API Exchang ...)
@@ -31577,14 +31606,14 @@ CVE-2019-5536
RESERVED
CVE-2019-5535
RESERVED
-CVE-2019-5534
- RESERVED
+CVE-2019-5534 (VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and ...)
+ TODO: check
CVE-2019-5533
RESERVED
-CVE-2019-5532
- RESERVED
-CVE-2019-5531
- RESERVED
+CVE-2019-5532 (VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and ...)
+ TODO: check
+CVE-2019-5531 (VMware vSphere ESXi (6.7 prior to ESXi670-201904101-SG, 6.5 prior to E ...)
+ TODO: check
CVE-2019-5530 (Windows binaries generated with InstallBuilder versions earlier than 1 ...)
NOT-FOR-US: InstallBuilder
CVE-2019-5529
@@ -32597,10 +32626,10 @@ CVE-2019-5069 (A code execution vulnerability exists in Epignosis eFront LMS v5.
NOT-FOR-US: Epignosis eFront LMS
CVE-2019-5068
RESERVED
-CVE-2019-5067
- RESERVED
-CVE-2019-5066
- RESERVED
+CVE-2019-5067 (An uninitialized memory access vulnerability exists in the way Aspose. ...)
+ TODO: check
+CVE-2019-5066 (An exploitable use-after-free vulnerability exists in the way LZW-comp ...)
+ TODO: check
CVE-2019-5065 (An exploitable information disclosure vulnerability exists in the pack ...)
TODO: check
CVE-2019-5064
@@ -32700,8 +32729,8 @@ CVE-2019-5044
REJECTED
CVE-2019-5043
RESERVED
-CVE-2019-5042
- RESERVED
+CVE-2019-5042 (An exploitable Use-After-Free vulnerability exists in the way Function ...)
+ TODO: check
CVE-2019-5041 (An exploitable Stack Based Buffer Overflow vulnerability exists in the ...)
NOT-FOR-US: Aspose
CVE-2019-5040 (An exploitable information disclosure vulnerability exists in the Weav ...)
@@ -35593,12 +35622,12 @@ CVE-2019-3760 (The RSA Identity Governance and Lifecycle software and RSA Via Li
TODO: check
CVE-2019-3759 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...)
TODO: check
-CVE-2019-3758
- RESERVED
+CVE-2019-3758 (RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper au ...)
+ TODO: check
CVE-2019-3757
RESERVED
-CVE-2019-3756
- RESERVED
+CVE-2019-3756 (RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information ...)
+ TODO: check
CVE-2019-3755
RESERVED
CVE-2019-3754 (Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116, ...)
@@ -35629,12 +35658,12 @@ CVE-2019-3742 (Dell/Alienware Digital Delivery versions prior to 3.5.2013 contai
NOT-FOR-US: Dell/Alienware Digital Delivery
CVE-2019-3741 (Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a ...)
NOT-FOR-US: EMC
-CVE-2019-3740
- RESERVED
-CVE-2019-3739
- RESERVED
-CVE-2019-3738
- RESERVED
+CVE-2019-3740 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Inform ...)
+ TODO: check
+CVE-2019-3739 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Informati ...)
+ TODO: check
+CVE-2019-3738 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improp ...)
+ TODO: check
CVE-2019-3737 (Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by a ...)
NOT-FOR-US: Dell EMC Avamar ADMe Web Interface
CVE-2019-3736
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/455eb5c21dd04b166694cf2dd71cf37842b3e6f9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/455eb5c21dd04b166694cf2dd71cf37842b3e6f9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190919/4cbbda07/attachment.html>
More information about the debian-security-tracker-commits
mailing list