Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f803d02c by security tracker role at 2019-03-25T08:10:15Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,31 @@ +CVE-2019-10027 (PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox (aka E-mail) field ...) + TODO: check +CVE-2019-10026 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...) + TODO: check +CVE-2019-10025 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...) + TODO: check +CVE-2019-10024 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...) + TODO: check +CVE-2019-10023 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...) + TODO: check +CVE-2019-10022 (An issue was discovered in Xpdf 4.01.01. There is a NULL pointer deref ...) + TODO: check +CVE-2019-10021 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...) + TODO: check +CVE-2019-10020 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...) + TODO: check +CVE-2019-10019 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...) + TODO: check +CVE-2019-10018 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...) + TODO: check +CVE-2019-10017 (CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, ...) + TODO: check +CVE-2019-10016 (GForge Advanced Server 6.4.4 allows XSS via the commonsearch.php words ...) + TODO: check +CVE-2019-10015 (baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitra ...) + TODO: check +CVE-2019-10014 (In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticate ...) + TODO: check CVE-2019-9999 RESERVED CVE-2019-9998 @@ -63823,7 +63851,7 @@ CVE-2018-5766 (In Libav through 12.2, there is an invalid memcpy in the av_packe CVE-2018-5765 RESERVED CVE-2018-5764 (The parse_arguments function in options.c in rsyncd in rsync before 3. ...) - {DLA-1247-1} + {DLA-1725-1 DLA-1247-1} - rsync 3.1.2-2.2 (bug #887588) [stretch] - rsync <no-dsa> (Minor issue) NOTE: https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=7706303828fcde524222babb2833864a4bd09e07 @@ -124263,6 +124291,7 @@ CVE-2016-9845 (QEMU (aka Quick Emulator) built with the Virtio GPU Device emulat - qemu-kvm <not-affected> (Vulnerable code not present) NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2016-11/msg00019.html CVE-2016-9843 (The crc32_big function in crc32.c in zlib 1.2.8 might allow context-de ...) + {DLA-1725-1} - zlib 1:1.2.8.dfsg-3 (bug #847275) [jessie] - zlib <no-dsa> (Minor issue) [wheezy] - zlib <no-dsa> (Minor issue) @@ -124271,6 +124300,7 @@ CVE-2016-9843 (The crc32_big function in crc32.c in zlib 1.2.8 might allow conte NOTE: https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811 NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf CVE-2016-9842 (The inflateMark function in inflate.c in zlib 1.2.8 might allow contex ...) + {DLA-1725-1} - zlib 1:1.2.8.dfsg-3 (bug #847274) [jessie] - zlib <no-dsa> (Minor issue) [wheezy] - zlib <no-dsa> (Minor issue) @@ -124279,6 +124309,7 @@ CVE-2016-9842 (The inflateMark function in inflate.c in zlib 1.2.8 might allow c NOTE: https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958 NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf CVE-2016-9841 (inffast.c in zlib 1.2.8 might allow context-dependent attackers to hav ...) + {DLA-1725-1} - zlib 1:1.2.8.dfsg-4 (bug #847270) [jessie] - zlib <no-dsa> (Minor issue) [wheezy] - zlib <no-dsa> (Minor issue) @@ -124287,6 +124318,7 @@ CVE-2016-9841 (inffast.c in zlib 1.2.8 might allow context-dependent attackers t NOTE: https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb NOTE: Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf CVE-2016-9840 (inftrees.c in zlib 1.2.8 might allow context-dependent attackers to ha ...) + {DLA-1725-1} - zlib 1:1.2.8.dfsg-3 (bug #847270) [jessie] - zlib <no-dsa> (Minor issue) [wheezy] - zlib <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f803d02cdf64199e80c153aa2120b456286fcb47 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f803d02cdf64199e80c153aa2120b456286fcb47 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits