Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: eb58783f by security tracker role at 2019-10-28T20:10:27Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,513 @@ +CVE-2020-0600 + RESERVED +CVE-2020-0599 + RESERVED +CVE-2020-0598 + RESERVED +CVE-2020-0597 + RESERVED +CVE-2020-0596 + RESERVED +CVE-2020-0595 + RESERVED +CVE-2020-0594 + RESERVED +CVE-2020-0593 + RESERVED +CVE-2020-0592 + RESERVED +CVE-2020-0591 + RESERVED +CVE-2020-0590 + RESERVED +CVE-2020-0589 + RESERVED +CVE-2020-0588 + RESERVED +CVE-2020-0587 + RESERVED +CVE-2020-0586 + RESERVED +CVE-2020-0585 + RESERVED +CVE-2020-0584 + RESERVED +CVE-2020-0583 + RESERVED +CVE-2020-0582 + RESERVED +CVE-2020-0581 + RESERVED +CVE-2020-0580 + RESERVED +CVE-2020-0579 + RESERVED +CVE-2020-0578 + RESERVED +CVE-2020-0577 + RESERVED +CVE-2020-0576 + RESERVED +CVE-2020-0575 + RESERVED +CVE-2020-0574 + RESERVED +CVE-2020-0573 + RESERVED +CVE-2020-0572 + RESERVED +CVE-2020-0571 + RESERVED +CVE-2020-0570 + RESERVED +CVE-2020-0569 + RESERVED +CVE-2020-0568 + RESERVED +CVE-2020-0567 + RESERVED +CVE-2020-0566 + RESERVED +CVE-2020-0565 + RESERVED +CVE-2020-0564 + RESERVED +CVE-2020-0563 + RESERVED +CVE-2020-0562 + RESERVED +CVE-2020-0561 + RESERVED +CVE-2020-0560 + RESERVED +CVE-2020-0559 + RESERVED +CVE-2020-0558 + RESERVED +CVE-2020-0557 + RESERVED +CVE-2020-0556 + RESERVED +CVE-2020-0555 + RESERVED +CVE-2020-0554 + RESERVED +CVE-2020-0553 + RESERVED +CVE-2020-0552 + RESERVED +CVE-2020-0551 + RESERVED +CVE-2020-0550 + RESERVED +CVE-2020-0549 + RESERVED +CVE-2020-0548 + RESERVED +CVE-2020-0547 + RESERVED +CVE-2020-0546 + RESERVED +CVE-2020-0545 + RESERVED +CVE-2020-0544 + RESERVED +CVE-2020-0543 + RESERVED +CVE-2020-0542 + RESERVED +CVE-2020-0541 + RESERVED +CVE-2020-0540 + RESERVED +CVE-2020-0539 + RESERVED +CVE-2020-0538 + RESERVED +CVE-2020-0537 + RESERVED +CVE-2020-0536 + RESERVED +CVE-2020-0535 + RESERVED +CVE-2020-0534 + RESERVED +CVE-2020-0533 + RESERVED +CVE-2020-0532 + RESERVED +CVE-2020-0531 + RESERVED +CVE-2020-0530 + RESERVED +CVE-2020-0529 + RESERVED +CVE-2020-0528 + RESERVED +CVE-2020-0527 + RESERVED +CVE-2020-0526 + RESERVED +CVE-2020-0525 + RESERVED +CVE-2020-0524 + RESERVED +CVE-2020-0523 + RESERVED +CVE-2020-0522 + RESERVED +CVE-2020-0521 + RESERVED +CVE-2020-0520 + RESERVED +CVE-2020-0519 + RESERVED +CVE-2020-0518 + RESERVED +CVE-2020-0517 + RESERVED +CVE-2020-0516 + RESERVED +CVE-2020-0515 + RESERVED +CVE-2020-0514 + RESERVED +CVE-2020-0513 + RESERVED +CVE-2020-0512 + RESERVED +CVE-2020-0511 + RESERVED +CVE-2020-0510 + RESERVED +CVE-2020-0509 + RESERVED +CVE-2020-0508 + RESERVED +CVE-2020-0507 + RESERVED +CVE-2020-0506 + RESERVED +CVE-2020-0505 + RESERVED +CVE-2020-0504 + RESERVED +CVE-2020-0503 + RESERVED +CVE-2020-0502 + RESERVED +CVE-2020-0501 + RESERVED +CVE-2019-18570 + RESERVED +CVE-2019-18569 + RESERVED +CVE-2019-18568 + RESERVED +CVE-2019-18567 + RESERVED +CVE-2019-18566 + REJECTED + TODO: check +CVE-2019-18565 + REJECTED + TODO: check +CVE-2019-18564 + REJECTED + TODO: check +CVE-2019-18563 + REJECTED + TODO: check +CVE-2019-18562 + REJECTED + TODO: check +CVE-2019-18561 + REJECTED + TODO: check +CVE-2019-18560 + REJECTED + TODO: check +CVE-2019-18559 + REJECTED + TODO: check +CVE-2019-18558 + REJECTED + TODO: check +CVE-2019-18557 + REJECTED + TODO: check +CVE-2019-18556 + REJECTED + TODO: check +CVE-2019-18555 + REJECTED + TODO: check +CVE-2019-18554 + REJECTED + TODO: check +CVE-2019-18553 + REJECTED + TODO: check +CVE-2019-18552 + REJECTED + TODO: check +CVE-2019-18551 + REJECTED + TODO: check +CVE-2019-18550 + REJECTED + TODO: check +CVE-2019-18549 + REJECTED + TODO: check +CVE-2019-18548 + REJECTED + TODO: check +CVE-2019-18547 + REJECTED + TODO: check +CVE-2019-18546 + REJECTED + TODO: check +CVE-2019-18545 + REJECTED + TODO: check +CVE-2019-18544 + REJECTED + TODO: check +CVE-2019-18543 + REJECTED + TODO: check +CVE-2019-18542 + REJECTED + TODO: check +CVE-2019-18541 + REJECTED + TODO: check +CVE-2019-18540 + REJECTED + TODO: check +CVE-2019-18539 + REJECTED + TODO: check +CVE-2019-18538 + REJECTED + TODO: check +CVE-2019-18537 + REJECTED + TODO: check +CVE-2019-18536 + REJECTED + TODO: check +CVE-2019-18535 + REJECTED + TODO: check +CVE-2019-18534 + REJECTED + TODO: check +CVE-2019-18533 + REJECTED + TODO: check +CVE-2019-18532 + REJECTED + TODO: check +CVE-2019-18531 + REJECTED + TODO: check +CVE-2019-18530 + REJECTED + TODO: check +CVE-2019-18529 + REJECTED + TODO: check +CVE-2019-18528 + REJECTED + TODO: check +CVE-2019-18527 + REJECTED + TODO: check +CVE-2019-18526 + REJECTED + TODO: check +CVE-2019-18525 + REJECTED + TODO: check +CVE-2019-18524 + REJECTED + TODO: check +CVE-2019-18523 + REJECTED + TODO: check +CVE-2019-18522 + REJECTED + TODO: check +CVE-2019-18521 + REJECTED + TODO: check +CVE-2019-18520 + REJECTED + TODO: check +CVE-2019-18519 + REJECTED + TODO: check +CVE-2019-18518 + REJECTED + TODO: check +CVE-2019-18517 + REJECTED + TODO: check +CVE-2019-18516 + REJECTED + TODO: check +CVE-2019-18515 + REJECTED + TODO: check +CVE-2019-18514 + REJECTED + TODO: check +CVE-2019-18513 + REJECTED + TODO: check +CVE-2019-18512 + REJECTED + TODO: check +CVE-2019-18511 + REJECTED + TODO: check +CVE-2019-18510 + REJECTED + TODO: check +CVE-2019-18509 + REJECTED + TODO: check +CVE-2019-18508 + REJECTED + TODO: check +CVE-2019-18507 + REJECTED + TODO: check +CVE-2019-18506 + REJECTED + TODO: check +CVE-2019-18505 + REJECTED + TODO: check +CVE-2019-18504 + REJECTED + TODO: check +CVE-2019-18503 + REJECTED + TODO: check +CVE-2019-18502 + REJECTED + TODO: check +CVE-2019-18501 + REJECTED + TODO: check +CVE-2019-18500 + REJECTED + TODO: check +CVE-2019-18499 + REJECTED + TODO: check +CVE-2019-18498 + REJECTED + TODO: check +CVE-2019-18497 + REJECTED + TODO: check +CVE-2019-18496 + REJECTED + TODO: check +CVE-2019-18495 + REJECTED + TODO: check +CVE-2019-18494 + REJECTED + TODO: check +CVE-2019-18493 + REJECTED + TODO: check +CVE-2019-18492 + REJECTED + TODO: check +CVE-2019-18491 + REJECTED + TODO: check +CVE-2019-18490 + REJECTED + TODO: check +CVE-2019-18489 + REJECTED + TODO: check +CVE-2019-18488 + REJECTED + TODO: check +CVE-2019-18487 + REJECTED + TODO: check +CVE-2019-18486 + REJECTED + TODO: check +CVE-2019-18485 + REJECTED + TODO: check +CVE-2019-18484 + REJECTED + TODO: check +CVE-2019-18483 + REJECTED + TODO: check +CVE-2019-18482 + REJECTED + TODO: check +CVE-2019-18481 + REJECTED + TODO: check +CVE-2019-18480 + REJECTED + TODO: check +CVE-2019-18479 + REJECTED + TODO: check +CVE-2019-18478 + REJECTED + TODO: check +CVE-2019-18477 + REJECTED + TODO: check +CVE-2019-18476 + REJECTED + TODO: check +CVE-2019-18475 + REJECTED + TODO: check +CVE-2019-18474 + REJECTED + TODO: check +CVE-2019-18473 + REJECTED + TODO: check +CVE-2019-18472 + REJECTED + TODO: check +CVE-2019-18471 + REJECTED + TODO: check +CVE-2019-18470 + REJECTED + TODO: check +CVE-2019-18469 + REJECTED + TODO: check +CVE-2019-18468 + REJECTED + TODO: check +CVE-2019-18467 + REJECTED + TODO: check +CVE-2019-18466 (An issue was discovered in Podman in libpod before 1.6.0. It resolves ...) + TODO: check CVE-2019-XXXX [database server crash from unserialized data access] - openafs 1.8.5-1 (bug #943587) NOTE: http://openafs.org/pages/security/OPENAFS-SA-2019-003.txt @@ -584,8 +1094,8 @@ CVE-2019-18198 (In the Linux kernel before 5.3.4, a reference count usage error - linux <not-affected> (Vulnerable code introduced later) NOTE: https://git.kernel.org/linus/ca7a03c4175366a92cee0ccc4fec0038c3266e26 NOTE: https://launchpad.net/bugs/1847478 -CVE-2019-18195 - RESERVED +CVE-2019-18195 (An issue was discovered on TerraMaster FS-210 4.0.19 devices. Normal u ...) + TODO: check CVE-2019-18194 RESERVED CVE-2019-18193 @@ -3860,8 +4370,8 @@ CVE-2019-17226 (CMS Made Simple (CMSMS) 2.2.11 allows XSS via the Site Admin > NOT-FOR-US: CMS Made Simple CVE-2019-17225 (Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, o ...) NOT-FOR-US: Subrion CMS -CVE-2019-17224 - RESERVED +CVE-2019-17224 (The web interface of the Compal Broadband CH7465LG modem (version CH74 ...) + TODO: check CVE-2019-17223 (There is HTML Injection in the Note field in Dolibarr ERP/CRM 10.0.2 v ...) - dolibarr <removed> CVE-2019-17222 @@ -3948,8 +4458,8 @@ CVE-2019-17183 (Foxit Reader before 9.7 allows an Access Violation and crash if NOT-FOR-US: Foxit Reader CVE-2019-17182 RESERVED -CVE-2019-17181 - RESERVED +CVE-2019-17181 (A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007 ...) + TODO: check CVE-2019-17180 (Valve Steam Client before 2019-09-12 allows placing or appending parti ...) NOT-FOR-US: Steam on Windows CVE-2019-17179 (4.1.0, 4.1.1, 4.1.2, 4.1.2.3, 4.1.2.6, 4.1.2.7, 4.2.0, 4.2.1, 4.2.2, 5 ...) @@ -4624,8 +5134,8 @@ CVE-2019-16899 (In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulti NOT-FOR-US: Advantech CVE-2019-16898 RESERVED -CVE-2019-16897 - RESERVED +CVE-2019-16897 (In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security ...) + TODO: check CVE-2019-16896 RESERVED CVE-2019-16895 @@ -5249,10 +5759,10 @@ CVE-2019-16665 (An issue was discovered in ThinkSAAS 2.91. There is XSS via the NOT-FOR-US: ThinkSAAS CVE-2019-16664 (An issue was discovered in ThinkSAAS 2.91. There is XSS via the index. ...) NOT-FOR-US: ThinkSAAS -CVE-2019-16663 - RESERVED -CVE-2019-16662 - RESERVED +CVE-2019-16663 (An issue was discovered in rConfig 3.9.2. An attacker can directly exe ...) + TODO: check +CVE-2019-16662 (An issue was discovered in rConfig 3.9.2. An attacker can directly exe ...) + TODO: check CVE-2019-16661 (Ogma CMS 0.5 has XSS via creation of a new blog. ...) NOT-FOR-US: Ogma CMS CVE-2019-16660 (joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&tab=vodplay CS ...) @@ -6306,7 +6816,7 @@ CVE-2019-16267 RESERVED CVE-2019-16266 RESERVED -CVE-2019-16265 (3S-Smart CODESYS V2.3 ENI server V3.2.2.23 has a Buffer Overflow. ...) +CVE-2019-16265 (CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow. ...) NOT-FOR-US: 3S-Smart CODESYS CVE-2019-16264 (In Escuela de Gestion Publica Plurinacional (EGPP) Sistema Integrado d ...) NOT-FOR-US: Escuela de Gestion Publica Plurinacional (EGPP) Sistema Integrado de Gestion Academica (GESAC) @@ -10416,20 +10926,20 @@ CVE-2013-7475 (The contact-form-plugin plugin before 3.52 for WordPress has XSS. NOT-FOR-US: contact-form-plugin plugin for WordPress CVE-2012-6713 (The job-manager plugin before 0.7.19 for WordPress has multiple XSS is ...) NOT-FOR-US: job-manager plugin for WordPress -CVE-2019-14931 - RESERVED -CVE-2019-14930 - RESERVED -CVE-2019-14929 - RESERVED -CVE-2019-14928 - RESERVED -CVE-2019-14927 - RESERVED -CVE-2019-14926 - RESERVED -CVE-2019-14925 - RESERVED +CVE-2019-14931 (An issue was discovered on Mitsubishi Electric ME-RTU devices through ...) + TODO: check +CVE-2019-14930 (An issue was discovered on Mitsubishi Electric ME-RTU devices through ...) + TODO: check +CVE-2019-14929 (An issue was discovered on Mitsubishi Electric ME-RTU devices through ...) + TODO: check +CVE-2019-14928 (An issue was discovered on Mitsubishi Electric ME-RTU devices through ...) + TODO: check +CVE-2019-14927 (An issue was discovered on Mitsubishi Electric ME-RTU devices through ...) + TODO: check +CVE-2019-14926 (An issue was discovered on Mitsubishi Electric ME-RTU devices through ...) + TODO: check +CVE-2019-14925 (An issue was discovered on Mitsubishi Electric ME-RTU devices through ...) + TODO: check CVE-2019-14924 (An issue was discovered in GCDWebServer before 3.5.3. The method moveI ...) NOT-FOR-US: GCDWebServer CVE-2019-14923 (EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharac ...) @@ -12338,8 +12848,8 @@ CVE-2019-14452 (Sigil before 0.9.16 is vulnerable to a directory traversal, allo NOTE: https://github.com/Sigil-Ebook/Sigil/commit/369eebe936e4a8c83cc54662a3412ce8bef189e4 CVE-2019-14451 (RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not proper ...) NOT-FOR-US: Repetier-Server -CVE-2019-14450 - RESERVED +CVE-2019-14450 (A directory traversal vulnerability was discovered in RepetierServer.e ...) + TODO: check CVE-2019-14449 RESERVED CVE-2019-14448 @@ -22476,8 +22986,7 @@ CVE-2019-11045 RESERVED CVE-2019-11044 RESERVED -CVE-2019-11043 - RESERVED +CVE-2019-11043 (In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below ...) {DLA-1970-1} - php7.3 <unfixed> - php7.0 <removed> @@ -25157,6 +25666,7 @@ CVE-2019-10081 (HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example co CVE-2019-10080 RESERVED CVE-2019-10079 (Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. E ...) + {DSA-4520-1} - trafficserver 8.0.5+ds-1 NOTE: https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E CVE-2019-10078 (A carefully crafted plugin link invocation could trigger an XSS vulner ...) @@ -38007,12 +38517,12 @@ CVE-2019-5540 RESERVED CVE-2019-5539 RESERVED -CVE-2019-5538 - RESERVED -CVE-2019-5537 - RESERVED -CVE-2019-5536 - RESERVED +CVE-2019-5538 (Sensitive information disclosure vulnerability resulting from a lack o ...) + TODO: check +CVE-2019-5537 (Sensitive information disclosure vulnerability resulting from a lack o ...) + TODO: check +CVE-2019-5536 (VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before ESXi650-20 ...) + TODO: check CVE-2019-5535 (VMware Workstation and Fusion contain a network denial-of-service vuln ...) NOT-FOR-US: VMware CVE-2019-5534 (VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and ...) @@ -42300,8 +42810,8 @@ CVE-2019-3638 (Reflected Cross Site Scripting vulnerability in Administrators we NOT-FOR-US: McAfee CVE-2019-3637 (Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.20 ...) NOT-FOR-US: McAfee -CVE-2019-3636 - RESERVED +CVE-2019-3636 (A File Masquerade vulnerability in McAfee Total Protection (MTP) versi ...) + TODO: check CVE-2019-3635 (Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8. ...) NOT-FOR-US: McAfee CVE-2019-3634 (Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x ...) @@ -96903,7 +97413,7 @@ CVE-2018-3632 (Memory corruption in Intel Active Management Technology in Intel CVE-2018-3631 RESERVED CVE-2018-3630 [Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c] - RESERVED + REJECTED - edk2 <unfixed> (unimportant) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683653 NOTE: Non issue, no security impact @@ -112068,8 +112578,8 @@ CVE-2017-15727 (In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting ( NOT-FOR-US: phpMyFAQ CVE-2017-15726 RESERVED -CVE-2017-15725 - RESERVED +CVE-2017-15725 (An XML External Entity Injection vulnerability exists in Dzone AnswerH ...) + TODO: check CVE-2017-15724 RESERVED CVE-2017-15723 (In Irssi before 1.0.5, overlong nicks or targets may result in a NULL ...) @@ -142883,27 +143393,27 @@ CVE-2017-5737 CVE-2017-5736 (An elevation of privilege in Intel Software Guard Extensions Platform ...) NOT-FOR-US: Intel CVE-2017-5735 - RESERVED + REJECTED NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686 NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150 NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html CVE-2017-5734 - RESERVED + REJECTED NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686 NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150 NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html CVE-2017-5733 - RESERVED + REJECTED NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686 NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150 NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html CVE-2017-5732 - RESERVED + REJECTED NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686 NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150 NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html CVE-2017-5731 - RESERVED + REJECTED NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686 NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150 NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html @@ -143181,7 +143691,7 @@ CVE-2017-5851 (The free_options function in options_manager.c in mp3splt 2.6.2 a CVE-2017-5679 RESERVED CVE-2017-5678 - RESERVED + REJECTED CVE-2017-5677 (PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerab ...) NOT-FOR-US: PEAR HTML_AJAX NOTE: http://karmainsecurity.com/KIS-2017-01 @@ -262579,8 +263089,7 @@ CVE-2012-5578 [Python keyring insecure permissions on new databases] - python-keyring 0.9.2-1.1 (bug #696736) [wheezy] - python-keyring 0.7.1-1+deb7u1 [squeeze] - python-keyring <no-dsa> (Minor issue) -CVE-2012-5577 [Python keyring insecure permissions on migrated files] - RESERVED +CVE-2012-5577 (Python keyring lib before 0.10 created keyring files with world-readab ...) - python-keyring 0.9.2-1.1 (bug #696736) [wheezy] - python-keyring 0.7.1-1+deb7u1 [squeeze] - python-keyring <no-dsa> (Minor issue) @@ -276452,8 +276961,7 @@ CVE-2003-1599 (PHP remote file inclusion vulnerability in wp-links/links.all.php NOT-FOR-US: WordPress plugin wp-links CVE-2003-1598 (SQL injection vulnerability in log.header.php in WordPress 0.7 and ear ...) - wordpress 1.0.1-1 -CVE-2002-2444 [snoopy: Security hole in exec cURL] - RESERVED +CVE-2002-2444 (Snoopy 2.0.0-1 has a security hole in exec cURL ...) - libphp-snoopy <not-affected> (affected version never was in the repo) NOTE: http://www.openwall.com/lists/oss-security/2014/07/18/2 NOTE: http://sourceforge.net/p/snoopy/bugs/13/ @@ -293359,8 +293867,7 @@ CVE-2010-4247 (The do_block_io_op function in (1) drivers/xen/blkback/blkback.c - linux-2.6 <not-affected> (changes included since introduction of dom0 support) CVE-2010-4246 (Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pf ...) NOT-FOR-US: pfSense -CVE-2010-4245 - RESERVED +CVE-2010-4245 (pootle 2.0.5-0.2 has XSS via 'match_names' parameter ...) - pootle 2.0.5-0.3 (low; bug #604060) [lenny] - pootle <not-affected> (Vulnerable code not present) CVE-2010-4244 @@ -293371,14 +293878,11 @@ CVE-2010-4243 (fs/exec.c in the Linux kernel before 2.6.37 does not enable the O CVE-2010-4242 (The hci_uart_tty_open function in the HCI UART driver (drivers/bluetoo ...) {DSA-2153-1} - linux-2.6 2.6.32-28 -CVE-2010-4241 - RESERVED +CVE-2010-4241 (Tiki Wiki CMS Groupware 5.2 has CSRF ...) - tikiwiki <removed> -CVE-2010-4240 - RESERVED +CVE-2010-4240 (Tiki Wiki CMS Groupware 5.2 has XSS ...) - tikiwiki <removed> -CVE-2010-4239 - RESERVED +CVE-2010-4239 (Tiki Wiki CMS Groupware 5.2 has Local File Inclusion ...) - tikiwiki <removed> CVE-2010-4238 (The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on ...) - linux-2.6 <not-affected> (RedHat-specific issue, does not affect Xen-upstream/Debian) @@ -295974,8 +296478,7 @@ CVE-2010-3294 (Cross-site scripting (XSS) vulnerability in apc.php in the Altern - php-apc <unfixed> (unimportant) NOTE: vulnerable script is, mainly, for debugging purposes NOTE: and is distributed gzip-compressed -CVE-2010-3293 [mailscanner virus updates DoS] - RESERVED +CVE-2010-3293 (mailscanner can allow local users to prevent virus signatures from bei ...) - mailscanner <removed> (bug #596397; unimportant) NOTE: or even unimportant, the script is not used by default CVE-2010-3292 [mailscanner may use spoofed data] @@ -298741,12 +299244,10 @@ CVE-2010-2295 (page/EventHandler.cpp in WebCore in WebKit in Google Chrome befor [lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps) - chromium-browser 5.0.375.55~r47796-1 NOTE: http://trac.webkit.org/changeset/58829 -CVE-2009-4900 [pixelpost XSS] - RESERVED +CVE-2009-4900 (pixelpost 1.7.1-5 has XSS ...) - pixelpost <removed> (bug #597224) NOTE: http://www.pixelpost.org/blog/2009/09/02/pixelpost-173-security-update/ -CVE-2009-4899 [pixelpost SQL injection] - RESERVED +CVE-2009-4899 (pixelpost 1.7.1-5 has SQL injection ...) - pixelpost <removed> (bug #597224) NOTE: http://www.pixelpost.org/blog/2009/09/02/pixelpost-173-security-update/ CVE-2009-4898 (Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.2 ...) @@ -378662,8 +379163,7 @@ CVE-2005-1841 (The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, CVE-2005-1858 (FUSE 2.x before 2.3.0 does not properly clear previously used memory f ...) {DSA-744-1} - fuse 2.3.0-1 -CVE-2005-2349 [Directory traversal in zoo] - RESERVED +CVE-2005-2349 (Zoo 2.10-27 has Directory traversal ...) - zoo 2.10-4 (low; bug #309594) CVE-2005-2350 [Cross Site Scripting in websieve] RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eb58783f55fbad627a6824ac9d9aaf280fd26c22 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eb58783f55fbad627a6824ac9d9aaf280fd26c22 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits