Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3fc25561 by security tracker role at 2019-08-06T08:10:22Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,10 +1,58 @@
+CVE-2019-14689
+ RESERVED
+CVE-2019-14688
+ RESERVED
+CVE-2019-14687
+ RESERVED
+CVE-2019-14686
+ RESERVED
+CVE-2019-14685
+ RESERVED
+CVE-2019-14684
+ RESERVED
+CVE-2019-14683
+ RESERVED
+CVE-2019-14682
+ RESERVED
+CVE-2019-14681
+ RESERVED
+CVE-2019-14680
+ RESERVED
+CVE-2019-14679
+ RESERVED
+CVE-2019-14678
+ RESERVED
+CVE-2019-14677
+ RESERVED
+CVE-2019-14676
+ RESERVED
+CVE-2019-14675
+ RESERVED
+CVE-2019-14674
+ RESERVED
+CVE-2019-14673
+ RESERVED
+CVE-2019-14672 (Firefly III 4.7.17.5 is vulnerable to stored XSS due to the
lack of fi ...)
+ TODO: check
+CVE-2019-14671 (Firefly III 4.7.17.3 is vulnerable to local file enumeration.
An attac ...)
+ TODO: check
+CVE-2019-14670 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the
lack of fi ...)
+ TODO: check
+CVE-2019-14669 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the
lack of fi ...)
+ TODO: check
+CVE-2019-14668 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the
lack of fi ...)
+ TODO: check
+CVE-2019-14667 (Firefly III 4.7.17.4 is vulnerable to multiple stored XSS
issues due t ...)
+ TODO: check
+CVE-2015-9292
+ RESERVED
CVE-2019-14666
RESERVED
CVE-2019-14665 (Brandy 1.20.1 has a heap-based buffer overflow in define_array
in vari ...)
- brandy <unfixed> (bug #933996)
NOTE: https://sourceforge.net/p/brandy/bugs/8/
-CVE-2019-14664
- RESERVED
+CVE-2019-14664 (In Enigmail below 2.1, an attacker in possession of PGP
encrypted emai ...)
+ TODO: check
CVE-2019-14663 (Brandy 1.20.1 has a stack-based buffer overflow in
fileio_openin in fi ...)
- brandy <unfixed> (bug #933996)
NOTE: https://sourceforge.net/p/brandy/bugs/6/
@@ -447,8 +495,8 @@ CVE-2019-14477
RESERVED
CVE-2019-14476
RESERVED
-CVE-2019-14475
- RESERVED
+CVE-2019-14475 (eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and
prior use s ...)
+ TODO: check
CVE-2019-14474
RESERVED
CVE-2019-14473
@@ -5804,7 +5852,8 @@ CVE-2019-12934 (An issue was discovered in the
wp-code-highlightjs plugin throug
NOT-FOR-US: wp-code-highlightjs plugin for WordPress
CVE-2019-12935 (Shopware before 5.5.8 has XSS via the Query String to the
backend/Logi ...)
NOT-FOR-US: Shopware
-CVE-2019-12933 (An XSS issue on the PIX-Link Repeater/Router LV-WR09 with
firmware v28 ...)
+CVE-2019-12933
+ REJECTED
NOT-FOR-US: PIX-Link Repeater/Router LV-WR09
CVE-2019-12932 (A stored XSS vulnerability was found in SeedDMS 5.1.11 due to
poorly e ...)
NOT-FOR-US: SeedDMS
@@ -7027,7 +7076,7 @@ CVE-2019-12452 (types/types.go in Containous Traefik
1.7.x through 1.7.11, when
CVE-2019-12451
RESERVED
CVE-2019-13012 (The keyfile settings backend in GNOME GLib (aka glib2.0)
before 2.60.0 ...)
- {DLA-1866-1}
+ {DLA-1866-2 DLA-1866-1}
[experimental] - glib2.0 2.60.0-1
- glib2.0 2.60.5-1 (bug #931234)
[buster] - glib2.0 <no-dsa> (Minor issue)
@@ -14436,7 +14485,7 @@ CVE-2019-1010027
RESERVED
CVE-2019-1010026
RESERVED
-CVE-2019-1010025 (GNU Libc current is affected by: Mitigation bypass. The
impact is: Att ...)
+CVE-2019-1010025 (** DISPUTED ** GNU Libc current is affected by: Mitigation
bypass. The ...)
- glibc <unfixed> (unimportant)
NOTE: Not treated as a security issue by upstream
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22853
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fc25561532264c8f0b02fd8b4efae1a24fa8620
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fc25561532264c8f0b02fd8b4efae1a24fa8620
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
