Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7aaddf9a by security tracker role at 2020-01-01T08:10:14Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,13 @@ +CVE-2019-20202 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...) + TODO: check +CVE-2019-20201 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_ ...) + TODO: check +CVE-2019-20200 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...) + TODO: check +CVE-2019-20199 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...) + TODO: check +CVE-2019-20198 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...) + TODO: check CVE-2020-5178 RESERVED CVE-2020-5177 @@ -13471,8 +13481,8 @@ CVE-2019-18570 RESERVED CVE-2019-18569 RESERVED -CVE-2019-18568 - RESERVED +CVE-2019-18568 (Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege esca ...) + TODO: check CVE-2019-18567 RESERVED CVE-2019-18566 @@ -212721,19 +212731,15 @@ CVE-2015-5597 RESERVED CVE-2015-5596 RESERVED -CVE-2015-5595 - RESERVED +CVE-2015-5595 (Cross-site request forgery (CSRF) vulnerability in admin.php in Zenpho ...) NOT-FOR-US: Zenphoto CVE-2015-5594 (The sanitize_string function in ZenPhoto before 1.4.9 utilized the htm ...) NOT-FOR-US: Zenphoto -CVE-2015-5593 - RESERVED +CVE-2015-5593 (The sanitize_string function in Zenphoto before 1.4.9 does not properl ...) NOT-FOR-US: Zenphoto -CVE-2015-5592 - RESERVED +CVE-2015-5592 (Incomplete blacklist in sanitize_string in Zenphoto before 1.4.9 allow ...) NOT-FOR-US: Zenphoto -CVE-2015-5591 - RESERVED +CVE-2015-5591 (SQL injection vulnerability in Zenphoto before 1.4.9 allow remote admi ...) NOT-FOR-US: Zenphoto CVE-2015-5588 (Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Win ...) NOT-FOR-US: Adobe Flash Player @@ -254285,11 +254291,9 @@ CVE-2013-7073 (The Content Editing Wizards component in TYPO3 4.5.0 through 4.5. NOTE: https://review.typo3.org/#/c/26180/ CVE-2013-7072 REJECTED -CVE-2013-7071 - RESERVED +CVE-2013-7071 (Cross-site scripting (XSS) vulnerability in the handle_request functio ...) NOT-FOR-US: Monitorix -CVE-2013-7070 - RESERVED +CVE-2013-7070 (The handle_request function in lib/HTTPServer.pm in Monitorix before 3 ...) NOT-FOR-US: Monitorix CVE-2013-7062 [XSS] RESERVED @@ -290777,8 +290781,7 @@ CVE-2011-5049 (MySQL 5.5.8, when running on Windows, allows remote attackers to NOT-FOR-US: MySQL on Windows CVE-2007-6751 (Cross-site scripting (XSS) vulnerability in the MailForm plugin before ...) NOT-FOR-US: MailForm plugin for Movable Type -CVE-2004-2776 - RESERVED +CVE-2004-2776 (go.cgi in GoScript 2.0 allows remote attackers to execute arbitrary co ...) NOT-FOR-US: Montitorix CVE-2004-2775 RESERVED @@ -295867,8 +295870,7 @@ CVE-2011-3587 (Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in P - zope2.12 2.12.20-2 CVE-2011-3586 REJECTED -CVE-2011-3585 - RESERVED +CVE-2011-3585 (Multiple race conditions in the (1) mount.cifs and (2) umount.cifs pro ...) - samba 2:3.4.7~dfsg-2 (low) - cifs-utils 2:4.5-1 (low) NOTE: cifs-utils was split off from the samba source package with 2:3.4.7~dfsg-2, so marking it as fixed View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7aaddf9a9fdd510c59f695306e66314a6104b043 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7aaddf9a9fdd510c59f695306e66314a6104b043 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits