Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7aaddf9a by security tracker role at 2020-01-01T08:10:14Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2019-20202 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The
function ezx ...)
+ TODO: check
+CVE-2019-20201 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The
ezxml_parse_ ...)
+ TODO: check
+CVE-2019-20200 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The
function ezx ...)
+ TODO: check
+CVE-2019-20199 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The
function ezx ...)
+ TODO: check
+CVE-2019-20198 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The
function ezx ...)
+ TODO: check
CVE-2020-5178
RESERVED
CVE-2020-5177
@@ -13471,8 +13481,8 @@ CVE-2019-18570
RESERVED
CVE-2019-18569
RESERVED
-CVE-2019-18568
- RESERVED
+CVE-2019-18568 (Avira Free Antivirus 15.0.1907.1514 is prone to a local
privilege esca ...)
+ TODO: check
CVE-2019-18567
RESERVED
CVE-2019-18566
@@ -212721,19 +212731,15 @@ CVE-2015-5597
RESERVED
CVE-2015-5596
RESERVED
-CVE-2015-5595
- RESERVED
+CVE-2015-5595 (Cross-site request forgery (CSRF) vulnerability in admin.php in
Zenpho ...)
NOT-FOR-US: Zenphoto
CVE-2015-5594 (The sanitize_string function in ZenPhoto before 1.4.9 utilized
the htm ...)
NOT-FOR-US: Zenphoto
-CVE-2015-5593
- RESERVED
+CVE-2015-5593 (The sanitize_string function in Zenphoto before 1.4.9 does not
properl ...)
NOT-FOR-US: Zenphoto
-CVE-2015-5592
- RESERVED
+CVE-2015-5592 (Incomplete blacklist in sanitize_string in Zenphoto before
1.4.9 allow ...)
NOT-FOR-US: Zenphoto
-CVE-2015-5591
- RESERVED
+CVE-2015-5591 (SQL injection vulnerability in Zenphoto before 1.4.9 allow
remote admi ...)
NOT-FOR-US: Zenphoto
CVE-2015-5588 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185
on Win ...)
NOT-FOR-US: Adobe Flash Player
@@ -254285,11 +254291,9 @@ CVE-2013-7073 (The Content Editing Wizards component
in TYPO3 4.5.0 through 4.5.
NOTE: https://review.typo3.org/#/c/26180/
CVE-2013-7072
REJECTED
-CVE-2013-7071
- RESERVED
+CVE-2013-7071 (Cross-site scripting (XSS) vulnerability in the handle_request
functio ...)
NOT-FOR-US: Monitorix
-CVE-2013-7070
- RESERVED
+CVE-2013-7070 (The handle_request function in lib/HTTPServer.pm in Monitorix
before 3 ...)
NOT-FOR-US: Monitorix
CVE-2013-7062 [XSS]
RESERVED
@@ -290777,8 +290781,7 @@ CVE-2011-5049 (MySQL 5.5.8, when running on Windows,
allows remote attackers to
NOT-FOR-US: MySQL on Windows
CVE-2007-6751 (Cross-site scripting (XSS) vulnerability in the MailForm plugin
before ...)
NOT-FOR-US: MailForm plugin for Movable Type
-CVE-2004-2776
- RESERVED
+CVE-2004-2776 (go.cgi in GoScript 2.0 allows remote attackers to execute
arbitrary co ...)
NOT-FOR-US: Montitorix
CVE-2004-2775
RESERVED
@@ -295867,8 +295870,7 @@ CVE-2011-3587 (Unspecified vulnerability in Zope
2.12.x and 2.13.x, as used in P
- zope2.12 2.12.20-2
CVE-2011-3586
REJECTED
-CVE-2011-3585
- RESERVED
+CVE-2011-3585 (Multiple race conditions in the (1) mount.cifs and (2)
umount.cifs pro ...)
- samba 2:3.4.7~dfsg-2 (low)
- cifs-utils 2:4.5-1 (low)
NOTE: cifs-utils was split off from the samba source package with
2:3.4.7~dfsg-2, so marking it as fixed
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7aaddf9a9fdd510c59f695306e66314a6104b043
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7aaddf9a9fdd510c59f695306e66314a6104b043
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
