Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: c216b74a by Moritz Muehlenhoff at 2019-02-17T20:55:33Z NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,17 +1,17 @@ CVE-2019-8413 (On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer ...) - TODO: check + NOT-FOR-US: Xiaomi CVE-2019-8412 (FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or ...) - TODO: check + NOT-FOR-US: FeiFeiCms CVE-2019-8411 (admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to ...) - TODO: check + NOT-FOR-US: zzcms CVE-2019-8410 RESERVED CVE-2019-8409 RESERVED CVE-2019-8408 (OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by ...) - TODO: check + NOT-FOR-US: OneFileCMS CVE-2019-8407 (HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ ...) - TODO: check + NOT-FOR-US: HongCMS CVE-2019-8406 RESERVED CVE-2019-8405 @@ -23,13 +23,13 @@ CVE-2019-8403 CVE-2019-8402 RESERVED CVE-2018-20782 (The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages. ...) - TODO: check + NOT-FOR-US: WooCommerce plugin CVE-2016-10742 (Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before ...) TODO: check CVE-2019-8401 RESERVED CVE-2019-8400 (ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the ...) - TODO: check + NOT-FOR-US: ORY Hydra CVE-2019-8399 RESERVED CVE-2019-8398 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...) @@ -49,7 +49,7 @@ CVE-2019-8395 (An Insecure Direct Object Reference (IDOR) vulnerability exists i CVE-2019-8394 (Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows ...) NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus CVE-2019-8393 (Hotels_Server through 2018-11-05 has SQL Injection via the API because ...) - TODO: check + NOT-FOR-US: Hotels_Server CVE-2019-8392 (An issue was discovered on D-Link DIR-823G devices with firmware ...) NOT-FOR-US: D-Link CVE-2019-8391 @@ -57,7 +57,7 @@ CVE-2019-8391 CVE-2019-8390 RESERVED CVE-2019-8389 (A file-read vulnerability was identified in the Wi-Fi transfer feature ...) - TODO: check + NOT-FOR-US: Musicloud CVE-2019-8388 RESERVED CVE-2019-8387 @@ -69,7 +69,7 @@ CVE-2019-8385 CVE-2019-8384 RESERVED CVE-2019-8383 (An issue was discovered in AdvanceCOMP before 2.1. An invalid memory ...) - TODO: check + NOT-FOR-US: AdvanceCOMP CVE-2019-8382 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference ...) NOT-FOR-US: Bento4 CVE-2019-8381 (An issue was discovered in Tcpreplay 4.3.1. An invalid memory access ...) @@ -77,7 +77,7 @@ CVE-2019-8381 (An issue was discovered in Tcpreplay 4.3.1. An invalid memory acc CVE-2019-8380 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference ...) NOT-FOR-US: Bento4 CVE-2019-8379 (An issue was discovered in AdvanceCOMP before 2.1. A NULL pointer ...) - TODO: check + NOT-FOR-US: AdvanceCOMP CVE-2019-8378 (An issue was discovered in Bento4 1.5.1-628. A heap-based buffer ...) NOT-FOR-US: Bento4 CVE-2019-8377 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ...) @@ -109,17 +109,17 @@ CVE-2019-8365 CVE-2019-8364 RESERVED CVE-2019-8363 (Verydows 2.0 has XSS via the index.php?c=main a parameter, as ...) - TODO: check + NOT-FOR-US: Verydows CVE-2019-8362 (DedeCMS through V5.7SP2 allows arbitrary file upload in ...) NOT-FOR-US: DedeCMS CVE-2019-8361 (PHP Scripts Mall Responsive Video News Script has XSS via the Search ...) NOT-FOR-US: PHP Scripts Mall Responsive Video News Script CVE-2019-8360 (Themerig Find a Place CMS Directory 1.5 has SQL Injection via the ...) - TODO: check + NOT-FOR-US: Themerig Find a Place CMS Directory CVE-2019-8359 RESERVED CVE-2019-8358 (In Hiawatha before 10.8.4, a remote attacker is able to do directory ...) - TODO: check + NOT-FOR-US: Hiawatha CVE-2019-8357 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c ...) - sox <unfixed> NOTE: https://sourceforge.net/p/sox/bugs/318 @@ -149,7 +149,7 @@ CVE-2019-8347 (BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP account CVE-2019-8346 RESERVED CVE-2019-8345 (The Help feature in the ES File Explorer File Manager application ...) - TODO: check + NOT-FOR-US: ES File Explorer File Manager CVE-2019-8344 RESERVED CVE-2019-8343 (In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in ...) @@ -20880,7 +20880,7 @@ CVE-2019-0267 (SAP Manufacturing Integration and Intelligence, versions 15.0, 15 CVE-2019-0266 (Under certain conditions SAP HANA Extended Application Services, ...) NOT-FOR-US: SAP CVE-2019-0265 (SLD Registration of ABAP Platform allows an attacker to prevent ...) - TODO: check + NOT-FOR-US: ABAP Platform CVE-2019-0264 RESERVED CVE-2019-0263 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c216b74a73e9298cca3363e59b3bbfe6c09018dc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c216b74a73e9298cca3363e59b3bbfe6c09018dc You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits