Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: cd733bc0 by security tracker role at 2019-01-09T08:10:17Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,13 +1,55 @@ -CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a ...) - - frontaccounting <removed> -CVE-2019-5719 +CVE-2019-5736 + RESERVED +CVE-2019-5735 + RESERVED +CVE-2019-5734 + RESERVED +CVE-2019-5733 + RESERVED +CVE-2019-5732 + RESERVED +CVE-2019-5731 + RESERVED +CVE-2019-5730 + RESERVED +CVE-2019-5729 + RESERVED +CVE-2019-5728 + RESERVED +CVE-2019-5727 + RESERVED +CVE-2019-5726 RESERVED -CVE-2019-5718 +CVE-2019-5725 (qibosoft through V7 allows remote attackers to read arbitrary files via ...) + TODO: check +CVE-2019-5724 RESERVED -CVE-2019-5717 +CVE-2019-5723 RESERVED -CVE-2019-5716 +CVE-2019-5722 RESERVED +CVE-2019-5721 (In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was ...) + TODO: check +CVE-2018-20677 (In Bootstrap before 3.4.0, XSS is possible in the affix configuration ...) + TODO: check +CVE-2018-20676 (In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport ...) + TODO: check +CVE-2018-20675 (D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before ...) + TODO: check +CVE-2018-20674 (D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before ...) + TODO: check +CVE-2016-10735 (In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is ...) + TODO: check +CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a ...) + - frontaccounting <removed> +CVE-2019-5719 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector ...) + TODO: check +CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and ...) + TODO: check +CVE-2019-5717 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector ...) + TODO: check +CVE-2019-5716 (In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This ...) + TODO: check CVE-2019-5715 RESERVED CVE-2019-5714 @@ -4514,7 +4556,7 @@ CVE-2019-3499 RESERVED CVE-2019-3498 [Content spoofing possibility in the default 404 page] RESERVED - {DLA-1629-1} + {DSA-4363-1 DLA-1629-1} - python-django 1:1.11.18-1 (bug #918230) NOTE: https://www.djangoproject.com/weblog/2019/jan/04/security-releases/ NOTE: https://github.com/django/django/commit/1cd00fcf52d089ef0fe03beabd05d59df8ea052a (1.11.x) @@ -13261,8 +13303,8 @@ CVE-2019-0624 RESERVED CVE-2019-0623 RESERVED -CVE-2019-0622 - RESERVED +CVE-2019-0622 (An elevation of privilege vulnerability exists when Skype for Andriod ...) + TODO: check CVE-2019-0621 RESERVED CVE-2019-0620 @@ -13329,112 +13371,112 @@ CVE-2019-0590 RESERVED CVE-2019-0589 RESERVED -CVE-2019-0588 - RESERVED +CVE-2019-0588 (An information disclosure vulnerability exists when the Microsoft ...) + TODO: check CVE-2019-0587 RESERVED -CVE-2019-0586 - RESERVED -CVE-2019-0585 - RESERVED -CVE-2019-0584 - RESERVED -CVE-2019-0583 - RESERVED -CVE-2019-0582 - RESERVED -CVE-2019-0581 - RESERVED -CVE-2019-0580 - RESERVED -CVE-2019-0579 - RESERVED -CVE-2019-0578 - RESERVED -CVE-2019-0577 - RESERVED -CVE-2019-0576 - RESERVED -CVE-2019-0575 - RESERVED -CVE-2019-0574 - RESERVED -CVE-2019-0573 - RESERVED -CVE-2019-0572 - RESERVED -CVE-2019-0571 - RESERVED -CVE-2019-0570 - RESERVED -CVE-2019-0569 - RESERVED -CVE-2019-0568 - RESERVED -CVE-2019-0567 - RESERVED -CVE-2019-0566 - RESERVED -CVE-2019-0565 - RESERVED -CVE-2019-0564 - RESERVED +CVE-2019-0586 (A remote code execution vulnerability exists in Microsoft Exchange ...) + TODO: check +CVE-2019-0585 (A remote code execution vulnerability exists in Microsoft Word ...) + TODO: check +CVE-2019-0584 (A remote code execution vulnerability exists when the Windows Jet ...) + TODO: check +CVE-2019-0583 (A remote code execution vulnerability exists when the Windows Jet ...) + TODO: check +CVE-2019-0582 (A remote code execution vulnerability exists when the Windows Jet ...) + TODO: check +CVE-2019-0581 (A remote code execution vulnerability exists when the Windows Jet ...) + TODO: check +CVE-2019-0580 (A remote code execution vulnerability exists when the Windows Jet ...) + TODO: check +CVE-2019-0579 (A remote code execution vulnerability exists when the Windows Jet ...) + TODO: check +CVE-2019-0578 (A remote code execution vulnerability exists when the Windows Jet ...) + TODO: check +CVE-2019-0577 (A remote code execution vulnerability exists when the Windows Jet ...) + TODO: check +CVE-2019-0576 (A remote code execution vulnerability exists when the Windows Jet ...) + TODO: check +CVE-2019-0575 (A remote code execution vulnerability exists when the Windows Jet ...) + TODO: check +CVE-2019-0574 (An elevation of privilege vulnerability exists when the Windows Data ...) + TODO: check +CVE-2019-0573 (An elevation of privilege vulnerability exists when the Windows Data ...) + TODO: check +CVE-2019-0572 (An elevation of privilege vulnerability exists when the Windows Data ...) + TODO: check +CVE-2019-0571 (An elevation of privilege vulnerability exists when the Windows Data ...) + TODO: check +CVE-2019-0570 (An elevation of privilege vulnerability exists when the Windows ...) + TODO: check +CVE-2019-0569 (An information disclosure vulnerability exists when the Windows kernel ...) + TODO: check +CVE-2019-0568 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2019-0567 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2019-0566 (An elevation of privilege vulnerability exists in Microsoft Edge ...) + TODO: check +CVE-2019-0565 (A remote code execution vulnerability exists when Microsoft Edge ...) + TODO: check +CVE-2019-0564 (A denial of service vulnerability exists when ASP.NET Core improperly ...) + TODO: check CVE-2019-0563 RESERVED -CVE-2019-0562 - RESERVED -CVE-2019-0561 - RESERVED -CVE-2019-0560 - RESERVED -CVE-2019-0559 - RESERVED -CVE-2019-0558 - RESERVED -CVE-2019-0557 - RESERVED -CVE-2019-0556 - RESERVED -CVE-2019-0555 - RESERVED -CVE-2019-0554 - RESERVED -CVE-2019-0553 - RESERVED -CVE-2019-0552 - RESERVED -CVE-2019-0551 - RESERVED -CVE-2019-0550 - RESERVED -CVE-2019-0549 - RESERVED -CVE-2019-0548 - RESERVED -CVE-2019-0547 - RESERVED -CVE-2019-0546 - RESERVED -CVE-2019-0545 - RESERVED +CVE-2019-0562 (An elevation of privilege vulnerability exists when Microsoft ...) + TODO: check +CVE-2019-0561 (An information disclosure vulnerability exists when Microsoft Word ...) + TODO: check +CVE-2019-0560 (An information disclosure vulnerability exists when Microsoft Office ...) + TODO: check +CVE-2019-0559 (An information disclosure vulnerability exists when Microsoft Outlook ...) + TODO: check +CVE-2019-0558 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...) + TODO: check +CVE-2019-0557 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...) + TODO: check +CVE-2019-0556 (A cross-site-scripting (XSS) vulnerability exists when Microsoft ...) + TODO: check +CVE-2019-0555 (An elevation of privilege vulnerability exists in the Microsoft ...) + TODO: check +CVE-2019-0554 (An information disclosure vulnerability exists when the Windows kernel ...) + TODO: check +CVE-2019-0553 (An information disclosure vulnerability exists when Windows Subsystem ...) + TODO: check +CVE-2019-0552 (An elevation of privilege exists in Windows COM Desktop Broker, aka ...) + TODO: check +CVE-2019-0551 (A remote code execution vulnerability exists when Windows Hyper-V on a ...) + TODO: check +CVE-2019-0550 (A remote code execution vulnerability exists when Windows Hyper-V on a ...) + TODO: check +CVE-2019-0549 (An information disclosure vulnerability exists when the Windows kernel ...) + TODO: check +CVE-2019-0548 (A denial of service vulnerability exists when ASP.NET Core improperly ...) + TODO: check +CVE-2019-0547 (A memory corruption vulnerability exists in the Windows DHCP client ...) + TODO: check +CVE-2019-0546 (A remote code execution vulnerability exists in Visual Studio when the ...) + TODO: check +CVE-2019-0545 (An information disclosure vulnerability exists in .NET Framework and ...) + TODO: check CVE-2019-0544 RESERVED -CVE-2019-0543 - RESERVED +CVE-2019-0543 (An elevation of privilege vulnerability exists when Windows improperly ...) + TODO: check CVE-2019-0542 RESERVED -CVE-2019-0541 - RESERVED +CVE-2019-0541 (A remote code execution vulnerability exists in the way that the ...) + TODO: check CVE-2019-0540 RESERVED -CVE-2019-0539 - RESERVED -CVE-2019-0538 - RESERVED -CVE-2019-0537 - RESERVED -CVE-2019-0536 - RESERVED +CVE-2019-0539 (A remote code execution vulnerability exists in the way that the ...) + TODO: check +CVE-2019-0538 (A remote code execution vulnerability exists when the Windows Jet ...) + TODO: check +CVE-2019-0537 (An information disclosure vulnerability exists when Visual Studio ...) + TODO: check +CVE-2019-0536 (An information disclosure vulnerability exists when the Windows kernel ...) + TODO: check CVE-2018-19607 (Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote ...) [experimental] - exiv2 <unfixed> (bug #915134) - exiv2 <not-affected> (Vulnerable code introduced later) @@ -14145,30 +14187,30 @@ CVE-2019-0251 RESERVED CVE-2019-0250 RESERVED -CVE-2019-0249 - RESERVED -CVE-2019-0248 - RESERVED -CVE-2019-0247 - RESERVED -CVE-2019-0246 - RESERVED -CVE-2019-0245 - RESERVED -CVE-2019-0244 - RESERVED -CVE-2019-0243 - RESERVED +CVE-2019-0249 (Under certain conditions SAP Landscape Management (VCM 3.0) allows an ...) + TODO: check +CVE-2019-0248 (Under certain conditions SAP Gateway of ABAP Application Server (fixed ...) + TODO: check +CVE-2019-0247 (SAP Cloud Connector, before version 2.11.3, allows an attacker to ...) + TODO: check +CVE-2019-0246 (SAP Cloud Connector, before version 2.11.3, does not perform any ...) + TODO: check +CVE-2019-0245 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF ...) + TODO: check +CVE-2019-0244 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF ...) + TODO: check +CVE-2019-0243 (Under some circumstances, masterdata maintenance in SAP BW/4HANA ...) + TODO: check CVE-2019-0242 RESERVED -CVE-2019-0241 - RESERVED -CVE-2019-0240 - RESERVED +CVE-2019-0241 (SAP Work and Inventory Manager (Agentry_SDK , before 7.0, 7.1) allows ...) + TODO: check +CVE-2019-0240 (SAP Business Objects Mobile for Android (before 6.3.5) application ...) + TODO: check CVE-2019-0239 RESERVED -CVE-2019-0238 - RESERVED +CVE-2019-0238 (SAP Commerce (previously known as SAP Hybris Commerce), before version ...) + TODO: check CVE-2019-0237 RESERVED CVE-2019-0236 @@ -15250,45 +15292,45 @@ CVE-2019-0087 CVE-2019-0086 RESERVED CVE-2018-19269 - RESERVED + REJECTED CVE-2018-19268 - RESERVED + REJECTED CVE-2018-19267 - RESERVED + REJECTED CVE-2018-19266 - RESERVED + REJECTED CVE-2018-19265 - RESERVED + REJECTED CVE-2018-19264 - RESERVED + REJECTED CVE-2018-19263 - RESERVED + REJECTED CVE-2018-19262 - RESERVED + REJECTED CVE-2018-19261 - RESERVED + REJECTED CVE-2018-19260 - RESERVED + REJECTED CVE-2018-19259 - RESERVED + REJECTED CVE-2018-19258 - RESERVED + REJECTED CVE-2018-19257 - RESERVED + REJECTED CVE-2018-19256 - RESERVED + REJECTED CVE-2018-19255 - RESERVED + REJECTED CVE-2018-19254 - RESERVED + REJECTED CVE-2018-19253 - RESERVED + REJECTED CVE-2018-19252 - RESERVED + REJECTED CVE-2018-19251 - RESERVED + REJECTED CVE-2018-19250 - RESERVED + REJECTED CVE-2018-19249 (The Stripe API v1 allows remote attackers to bypass intended access ...) TODO: check CVE-2018-19248 (The web service on Epson WorkForce WF-2861 10.48 ...) @@ -22366,6 +22408,7 @@ CVE-2018-16470 (There is a possible DoS vulnerability in the multipart parser in CVE-2018-16469 (The merge.recursive function in the merge package v <1.2 can be ...) NOT-FOR-US: merge package v CVE-2018-16468 (In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may ...) + {DSA-4364-1} - ruby-loofah 2.2.3-1 (bug #912398) NOTE: https://github.com/flavorjones/loofah/issues/154 NOTE: https://github.com/flavorjones/loofah/commit/71e4b5434fbcb2ad87643f0c9fecfc3a847943c4 (v2.2.3) @@ -61279,8 +61322,8 @@ CVE-2018-2501 RESERVED CVE-2018-2500 (Under certain conditions SAP Mobile Secure Android client (before ...) NOT-FOR-US: SAP -CVE-2018-2499 - RESERVED +CVE-2018-2499 (A security weakness in SAP Financial Consolidation Cube Designer ...) + TODO: check CVE-2018-2498 RESERVED CVE-2018-2497 (The security audit log of SAP HANA, versions 1.0 and 2.0, does not log ...) @@ -61309,8 +61352,8 @@ CVE-2018-2486 (SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14)) NOT-FOR-US: SAP CVE-2018-2485 (It is possible for a malicious application or malware to execute ...) NOT-FOR-US: SAP -CVE-2018-2484 - RESERVED +CVE-2018-2484 (SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; ...) + TODO: check CVE-2018-2483 (HTTP Verb Tampering is possible in SAP BusinessObjects Business ...) NOT-FOR-US: SAP CVE-2018-2482 (SAP Mobile Secure Android Application, Mobile-secure.apk Android ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd733bc0f4a60b1f85bc5de8eeb99f5e8a005bb0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cd733bc0f4a60b1f85bc5de8eeb99f5e8a005bb0 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits