Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 18a375ea by security tracker role at 2019-10-15T20:10:29Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,13 @@ +CVE-2019-17600 (Intelbras IWR 1000N 1.6.4 devices allows disclosure of the administrat ...) + TODO: check +CVE-2019-17599 + RESERVED +CVE-2019-17598 + RESERVED +CVE-2019-17597 + RESERVED +CVE-2017-1002201 (In haml versions prior to version 5.0.0.beta.2, when using user input ...) + TODO: check CVE-2019-17596 RESERVED CVE-2019-17595 (There is a heap-based buffer over-read in the fmt_entry function in ti ...) @@ -632,8 +642,8 @@ CVE-2019-17399 (The Shack Forms Pro extension before 4.0.32 for Joomla! allows p NOT-FOR-US: Shack Forms Pro extension for Joomla! CVE-2019-17398 RESERVED -CVE-2019-17397 - RESERVED +CVE-2019-17397 (In the DoorDash application through 11.5.2 for Android, the username a ...) + TODO: check CVE-2019-17396 RESERVED CVE-2019-17395 @@ -984,8 +994,8 @@ CVE-2019-17225 (Subrion 4.2.1 allows XSS via the panel/members/ Username, Full N NOT-FOR-US: Subrion CMS CVE-2019-17224 RESERVED -CVE-2019-17223 - RESERVED +CVE-2019-17223 (There is HTML Injection in the Note field in Dolibarr ERP/CRM 10.0.2 v ...) + TODO: check CVE-2019-17222 RESERVED CVE-2019-17221 @@ -1042,8 +1052,8 @@ CVE-2019-17197 (OpenEMR through 5.0.2 has SQL Injection in the Lifestyle demogra NOT-FOR-US: OpenEMR CVE-2019-17196 RESERVED -CVE-2019-17195 - RESERVED +CVE-2019-17195 (Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exce ...) + TODO: check CVE-2019-17194 RESERVED CVE-2019-17193 @@ -7731,8 +7741,7 @@ CVE-2019-14834 RESERVED CVE-2019-14833 RESERVED -CVE-2019-14832 - RESERVED +CVE-2019-14832 (A flaw was found in the Keycloak REST API before version 8.0.0 where i ...) NOT-FOR-US: Keycloak CVE-2019-14831 RESERVED @@ -14317,8 +14326,8 @@ CVE-2019-12946 (Elcom CMS before 10.7 has SQL Injection via EventSearchByState.a NOT-FOR-US: Elcom CMS CVE-2019-12945 REJECTED -CVE-2019-12944 - RESERVED +CVE-2019-12944 (Glue Smart Lock 2.7.8 devices do not properly block guest access in ce ...) + TODO: check CVE-2019-12943 (TTLock devices do not properly restrict password-reset attempts, leadi ...) NOT-FOR-US: TTLock devices CVE-2019-12942 (TTLock devices do not properly block guest access in certain situation ...) @@ -20181,10 +20190,10 @@ CVE-2019-10762 RESERVED CVE-2019-10761 RESERVED -CVE-2019-10760 - RESERVED -CVE-2019-10759 - RESERVED +CVE-2019-10760 (safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A ...) + TODO: check +CVE-2019-10759 (safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A ...) + TODO: check CVE-2019-10758 RESERVED CVE-2019-10757 (knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18a375eaf8b43f40305a2fe3803f5df17a629c2d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18a375eaf8b43f40305a2fe3803f5df17a629c2d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits