Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e8e4c7f3 by security tracker role at 2019-08-23T08:10:13Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,17 +1,381 @@ -CVE-2019-15331 (The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for W ...) - NOT-FOR-US: wp-support-plus-responsive-ticket-system plugin for WordPress -CVE-2019-15330 (The webp-express plugin before 0.14.11 for WordPress has insufficient ...) - NOT-FOR-US: webp-express plugin for WordPress -CVE-2019-15329 +CVE-2019-15513 (An issue was discovered in OpenWrt libuci (aka Library for the Unified ...) + TODO: check +CVE-2019-15512 + RESERVED +CVE-2019-15511 + RESERVED +CVE-2019-15510 + RESERVED +CVE-2019-15509 + RESERVED +CVE-2019-15508 (In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy ...) + TODO: check +CVE-2019-15507 (In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request pr ...) + TODO: check +CVE-2019-15506 + RESERVED +CVE-2019-15505 (drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through ...) + TODO: check +CVE-2019-15504 (drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2 ...) + TODO: check +CVE-2019-15503 + RESERVED +CVE-2019-15502 + RESERVED +CVE-2019-15501 + RESERVED +CVE-2019-15500 + RESERVED +CVE-2019-15499 (CodiMD 1.3.1, when Safari is used, allows XSS via an IFRAME element wi ...) + TODO: check +CVE-2019-15498 (cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows rem ...) + TODO: check +CVE-2019-15497 + RESERVED +CVE-2019-15496 + RESERVED +CVE-2019-15495 + RESERVED +CVE-2019-15494 + RESERVED +CVE-2019-15493 + RESERVED +CVE-2019-15492 + RESERVED +CVE-2019-15491 + RESERVED +CVE-2019-15490 + RESERVED +CVE-2019-15489 + RESERVED +CVE-2019-15488 + RESERVED +CVE-2019-15487 + RESERVED +CVE-2019-15486 + RESERVED +CVE-2019-15485 + RESERVED +CVE-2019-15484 + RESERVED +CVE-2019-15483 + RESERVED +CVE-2019-15482 + RESERVED +CVE-2019-15481 + RESERVED +CVE-2019-15480 + RESERVED +CVE-2019-15479 + RESERVED +CVE-2019-15478 + RESERVED +CVE-2019-15477 + RESERVED +CVE-2019-15476 + RESERVED +CVE-2019-15475 + RESERVED +CVE-2019-15474 + RESERVED +CVE-2019-15473 + RESERVED +CVE-2019-15472 + RESERVED +CVE-2019-15471 + RESERVED +CVE-2019-15470 + RESERVED +CVE-2019-15469 + RESERVED +CVE-2019-15468 + RESERVED +CVE-2019-15467 + RESERVED +CVE-2019-15466 + RESERVED +CVE-2019-15465 + RESERVED +CVE-2019-15464 + RESERVED +CVE-2019-15463 + RESERVED +CVE-2019-15462 + RESERVED +CVE-2019-15461 + RESERVED +CVE-2019-15460 + RESERVED +CVE-2019-15459 + RESERVED +CVE-2019-15458 + RESERVED +CVE-2019-15457 + RESERVED +CVE-2019-15456 + RESERVED +CVE-2019-15455 + RESERVED +CVE-2019-15454 + RESERVED +CVE-2019-15453 + RESERVED +CVE-2019-15452 + RESERVED +CVE-2019-15451 + RESERVED +CVE-2019-15450 + RESERVED +CVE-2019-15449 + RESERVED +CVE-2019-15448 + RESERVED +CVE-2019-15447 + RESERVED +CVE-2019-15446 + RESERVED +CVE-2019-15445 + RESERVED +CVE-2019-15444 + RESERVED +CVE-2019-15443 + RESERVED +CVE-2019-15442 + RESERVED +CVE-2019-15441 + RESERVED +CVE-2019-15440 + RESERVED +CVE-2019-15439 + RESERVED +CVE-2019-15438 + RESERVED +CVE-2019-15437 + RESERVED +CVE-2019-15436 + RESERVED +CVE-2019-15435 + RESERVED +CVE-2019-15434 + RESERVED +CVE-2019-15433 + RESERVED +CVE-2019-15432 + RESERVED +CVE-2019-15431 + RESERVED +CVE-2019-15430 + RESERVED +CVE-2019-15429 + RESERVED +CVE-2019-15428 + RESERVED +CVE-2019-15427 + RESERVED +CVE-2019-15426 + RESERVED +CVE-2019-15425 + RESERVED +CVE-2019-15424 + RESERVED +CVE-2019-15423 + RESERVED +CVE-2019-15422 + RESERVED +CVE-2019-15421 + RESERVED +CVE-2019-15420 + RESERVED +CVE-2019-15419 + RESERVED +CVE-2019-15418 + RESERVED +CVE-2019-15417 + RESERVED +CVE-2019-15416 + RESERVED +CVE-2019-15415 + RESERVED +CVE-2019-15414 + RESERVED +CVE-2019-15413 + RESERVED +CVE-2019-15412 + RESERVED +CVE-2019-15411 RESERVED -CVE-2019-15328 +CVE-2019-15410 RESERVED -CVE-2019-15327 +CVE-2019-15409 RESERVED -CVE-2019-15326 +CVE-2019-15408 RESERVED -CVE-2019-15325 +CVE-2019-15407 RESERVED +CVE-2019-15406 + RESERVED +CVE-2019-15405 + RESERVED +CVE-2019-15404 + RESERVED +CVE-2019-15403 + RESERVED +CVE-2019-15402 + RESERVED +CVE-2019-15401 + RESERVED +CVE-2019-15400 + RESERVED +CVE-2019-15399 + RESERVED +CVE-2019-15398 + RESERVED +CVE-2019-15397 + RESERVED +CVE-2019-15396 + RESERVED +CVE-2019-15395 + RESERVED +CVE-2019-15394 + RESERVED +CVE-2019-15393 + RESERVED +CVE-2019-15392 + RESERVED +CVE-2019-15391 + RESERVED +CVE-2019-15390 + RESERVED +CVE-2019-15389 + RESERVED +CVE-2019-15388 + RESERVED +CVE-2019-15387 + RESERVED +CVE-2019-15386 + RESERVED +CVE-2019-15385 + RESERVED +CVE-2019-15384 + RESERVED +CVE-2019-15383 + RESERVED +CVE-2019-15382 + RESERVED +CVE-2019-15381 + RESERVED +CVE-2019-15380 + RESERVED +CVE-2019-15379 + RESERVED +CVE-2019-15378 + RESERVED +CVE-2019-15377 + RESERVED +CVE-2019-15376 + RESERVED +CVE-2019-15375 + RESERVED +CVE-2019-15374 + RESERVED +CVE-2019-15373 + RESERVED +CVE-2019-15372 + RESERVED +CVE-2019-15371 + RESERVED +CVE-2019-15370 + RESERVED +CVE-2019-15369 + RESERVED +CVE-2019-15368 + RESERVED +CVE-2019-15367 + RESERVED +CVE-2019-15366 + RESERVED +CVE-2019-15365 + RESERVED +CVE-2019-15364 + RESERVED +CVE-2019-15363 + RESERVED +CVE-2019-15362 + RESERVED +CVE-2019-15361 + RESERVED +CVE-2019-15360 + RESERVED +CVE-2019-15359 + RESERVED +CVE-2019-15358 + RESERVED +CVE-2019-15357 + RESERVED +CVE-2019-15356 + RESERVED +CVE-2019-15355 + RESERVED +CVE-2019-15354 + RESERVED +CVE-2019-15353 + RESERVED +CVE-2019-15352 + RESERVED +CVE-2019-15351 + RESERVED +CVE-2019-15350 + RESERVED +CVE-2019-15349 + RESERVED +CVE-2019-15348 + RESERVED +CVE-2019-15347 + RESERVED +CVE-2019-15346 + RESERVED +CVE-2019-15345 + RESERVED +CVE-2019-15344 + RESERVED +CVE-2019-15343 + RESERVED +CVE-2019-15342 + RESERVED +CVE-2019-15341 + RESERVED +CVE-2019-15340 + RESERVED +CVE-2019-15339 + RESERVED +CVE-2019-15338 + RESERVED +CVE-2019-15337 + RESERVED +CVE-2019-15336 + RESERVED +CVE-2019-15335 + RESERVED +CVE-2019-15334 + RESERVED +CVE-2019-15333 + RESERVED +CVE-2019-15332 + RESERVED +CVE-2019-15331 (The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for W ...) + NOT-FOR-US: wp-support-plus-responsive-ticket-system plugin for WordPress +CVE-2019-15330 (The webp-express plugin before 0.14.11 for WordPress has insufficient ...) + NOT-FOR-US: webp-express plugin for WordPress +CVE-2019-15329 (The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPre ...) + TODO: check +CVE-2019-15328 (The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPre ...) + TODO: check +CVE-2019-15327 (The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPre ...) + TODO: check +CVE-2019-15326 (The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPre ...) + TODO: check +CVE-2019-15325 (In GalliumOS 3.0, CONFIG_SECURITY_YAMA is disabled but /etc/sysctl.d/1 ...) + TODO: check CVE-2018-20988 (The wpgform plugin before 0.94 for WordPress has eval injection in the ...) NOT-FOR-US: wpgform plugin for WordPress CVE-2018-20987 (The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP objec ...) @@ -30,8 +394,8 @@ CVE-2015-9338 (The wp-file-upload plugin before 2.5.0 for WordPress has insuffic NOT-FOR-US: wp-file-upload plugin for WordPress CVE-2014-10394 (The rich-counter plugin before 1.2.0 for WordPress has JavaScript inje ...) NOT-FOR-US: rich-counter plugin for WordPress -CVE-2014-10393 - RESERVED +CVE-2014-10393 (The cforms2 plugin before 10.5 for WordPress has XSS. ...) + TODO: check CVE-2014-10392 (The cforms2 plugin before 10.2 for WordPress has XSS. ...) NOT-FOR-US: cforms2 plugin for WordPress CVE-2014-10391 (The wp-support-plus-responsive-ticket-system plugin before 4.1 for Wor ...) @@ -66,8 +430,8 @@ CVE-2019-15316 (Valve Steam Client for Windows through 2019-08-20 has weak folde NOT-FOR-US: Valve Steam Client for Windows CVE-2019-15315 (Valve Steam Client for Windows through 2019-08-16 allows privilege esc ...) NOT-FOR-US: Valve Steam Client for Windows -CVE-2018-20986 - RESERVED +CVE-2018-20986 (The advanced-custom-fields plugin before 5.7.8 for WordPress has XSS b ...) + TODO: check CVE-2018-20985 (The wp-payeezy-pay plugin before 2.98 for WordPress has local file inc ...) NOT-FOR-US: wp-payeezy-pay plugin for WordPress CVE-2018-20984 (The patreon-connect plugin before 1.2.2 for WordPress has Object Injec ...) @@ -82,8 +446,8 @@ CVE-2018-20980 (The ninja-forms plugin before 3.2.15 for WordPress has parameter NOT-FOR-US: ninja-forms plugin for WordPress CVE-2018-20979 (The contact-form-7 plugin before 5.0.4 for WordPress has privilege esc ...) NOT-FOR-US: contact-form-7 plugin for WordPress -CVE-2017-18585 - RESERVED +CVE-2017-18585 (The posts-in-page plugin before 1.3.0 for WordPress has ic_add_posts t ...) + TODO: check CVE-2017-18584 (The post-pay-counter plugin before 2.731 for WordPress has no permissi ...) NOT-FOR-US: post-pay-counter plugin for WordPress CVE-2017-18583 (The post-pay-counter plugin before 2.731 for WordPress has PHP Object ...) @@ -94,10 +458,10 @@ CVE-2017-18581 (The time-sheets plugin before 1.5.0 for WordPress has XSS via th NOT-FOR-US: time-sheets plugin for WordPress CVE-2017-18580 (The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote c ...) NOT-FOR-US: shortcodes-ultimate plugin for WordPress -CVE-2017-18579 - RESERVED -CVE-2017-18578 - RESERVED +CVE-2017-18579 (The corner-ad plugin before 1.0.8 for WordPress has XSS. ...) + TODO: check +CVE-2017-18578 (The crafty-social-buttons plugin before 1.5.8 for WordPress has XSS. ...) + TODO: check CVE-2017-18577 (The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via the ...) NOT-FOR-US: mailchimp-for-wp plugin for WordPress CVE-2017-18576 (The event-notifier plugin before 1.2.1 for WordPress has XSS via the l ...) @@ -114,10 +478,10 @@ CVE-2017-18571 (The search-everything plugin before 8.1.7 for WordPress has SQL NOT-FOR-US: search-everything plugin for WordPress CVE-2017-18570 (The cforms2 plugin before 14.13 for WordPress has SQL injection in the ...) NOT-FOR-US: cforms2 plugin for WordPress -CVE-2016-10929 - RESERVED -CVE-2016-10928 - RESERVED +CVE-2016-10929 (The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no ...) + TODO: check +CVE-2016-10928 (The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcode ...) + TODO: check CVE-2016-10927 (The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in aj ...) NOT-FOR-US: nelio-ab-testing plugin for WordPress CVE-2016-10926 (The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in aja ...) @@ -148,8 +512,8 @@ CVE-2015-9336 (The clean-login plugin before 1.5.1 for WordPress has reflected X NOT-FOR-US: clean-login plugin for WordPress CVE-2015-9335 (The limit-attempts plugin before 1.1.1 for WordPress has SQL injection ...) NOT-FOR-US: limit-attempts plugin for WordPress -CVE-2015-9334 - RESERVED +CVE-2015-9334 (The email-newsletter plugin through 20.15 for WordPress has SQL inject ...) + TODO: check CVE-2015-9333 (The cforms2 plugin before 14.6.10 for WordPress has SQL injection. ...) NOT-FOR-US: cforms2 plugin for WordPress CVE-2014-10385 (The memphis-documents-library plugin before 3.0 for WordPress has XSS ...) @@ -158,10 +522,10 @@ CVE-2014-10384 (The memphis-documents-library plugin before 3.0 for WordPress ha NOT-FOR-US: memphis-documents-library plugin for WordPress CVE-2014-10383 (The memphis-documents-library plugin before 3.0 for WordPress has Remo ...) NOT-FOR-US: memphis-documents-library plugin for WordPress -CVE-2014-10382 - RESERVED -CVE-2013-7483 - RESERVED +CVE-2014-10382 (The feature-comments plugin before 1.2.5 for WordPress has CSRF for fe ...) + TODO: check +CVE-2013-7483 (The slidedeck2 plugin before 2.3.5 for WordPress has file inclusion. ...) + TODO: check CVE-2013-7482 (The reflex-gallery plugin before 1.4.3 for WordPress has XSS. ...) NOT-FOR-US: reflex-gallery plugin for WordPress CVE-2013-7481 (The contact-form-plugin plugin before 3.3.5 for WordPress has XSS. ...) @@ -7430,8 +7794,7 @@ CVE-2019-13141 RESERVED CVE-2019-13140 RESERVED -CVE-2019-13139 [command injection due to a missing validation of the git ref command] - RESERVED +CVE-2019-13139 (In Docker before 18.09.4, an attacker who is capable of supplying or m ...) [experimental] - docker.io 18.09.5+dfsg1-1 - docker.io 18.09.1+dfsg1-8 (bug #933002) [buster] - docker.io <no-dsa> (Minor issue) @@ -20184,6 +20547,7 @@ CVE-2019-8697 RESERVED CVE-2019-8696 [stack-buffer-overflow in libcups's asn1_get_packed function] RESERVED + {DLA-1893-1} - cups 2.2.12-1 (bug #934957) [buster] - cups <no-dsa> (Minor issue, can be fixed via point release) [stretch] - cups <no-dsa> (Minor issue, can be fixed via point release) @@ -20230,6 +20594,7 @@ CVE-2019-8676 RESERVED CVE-2019-8675 [stack-buffer-overflow in libcups's asn1_get_type function] RESERVED + {DLA-1893-1} - cups 2.2.12-1 (bug #934957) [buster] - cups <no-dsa> (Minor issue, can be fixed via point release) [stretch] - cups <no-dsa> (Minor issue, can be fixed via point release) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e8e4c7f3b207eadb5204aa3324ee019b036c16c0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e8e4c7f3b207eadb5204aa3324ee019b036c16c0 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits