Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ec18a486 by Salvatore Bonaccorso at 2019-08-06T20:18:01Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -27,7 +27,7 @@ CVE-2019-14698 CVE-2019-14696 (Open-School 3.0, and Community Edition 2.3, allows XSS via the osv/ind ...) TODO: check CVE-2019-14695 (A SQL injection vulnerability exists in the Sygnoos Popup Builder plug ...) - TODO: check + NOT-FOR-US: Sygnoos Popup Builder plugin for WordPress CVE-2019-14694 RESERVED CVE-2019-14693 @@ -1107,49 +1107,49 @@ CVE-2016-10799 CVE-2016-10798 RESERVED CVE-2016-10797 (cPanel before 58.0.4 allows WHM "Purchase and Install an SSL Certifica ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10796 (cPanel before 58.0.4 initially uses weak permissions for Apache HTTP S ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10795 (cPanel before 59.9999.145 allows stored XSS in the WHM tail_upcp2.cgi ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10794 (cPanel before 59.9999.145 allows arbitrary file-read operations becaus ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10793 (cPanel before 59.9999.145 allows arbitrary code execution due to an in ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10792 (cPanel before 59.9999.145 allows code execution in the context of othe ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10791 (cPanel before 60.0.15 does not ensure that system accounts lack a vali ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10790 (cPanel before 60.0.25 does not use TLS for HTTP POSTs to listinput.cpa ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10789 (cPanel before 60.0.25 allows code execution via the cpsrvd 403 error r ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10788 (cPanel before 60.0.25 allows arbitrary code execution via Maketext in ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10787 (The Host Access Control feature in cPanel before 60.0.25 mishandles ac ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10786 (cPanel before 60.0.25 allows members of the nobody group to read Apach ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10785 (cPanel before 60.0.25 allows attackers to discover file contents durin ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10784 (cPanel before 60.0.25 allows self XSS in the alias upload interface (S ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10783 (cPanel before 60.0.25 allows self stored XSS in SSL_listkeys (SEC-182) ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10782 (cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10781 (cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180). ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10780 (cPanel before 60.0.25 allows stored XSS in the ftp_sessions API (SEC-1 ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10779 (cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SE ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10778 (cPanel before 60.0.25 allows self stored XSS in the listftpstable API ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10777 (cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodi ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10776 (cPanel before 60.0.25 allows stored XSS during the homedir removal pha ...) - TODO: check + NOT-FOR-US: cPanel CVE-2016-10775 (cPanel before 60.0.25 allows arbitrary file-chown operations via reass ...) NOT-FOR-US: cPanel CVE-2016-10774 (cPanel before 60.0.25 allows self XSS in the tail_ea4_migration.cgi in ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec18a486122114d91596684966ec47c872c7f3ac -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec18a486122114d91596684966ec47c872c7f3ac You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits