diff options
author | security tracker role <sectracker@soriano.debian.org> | 2019-07-18 08:10:13 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2019-07-18 08:10:13 +0000 |
commit | 7795d274dffb3f5e2a396d657a7c5dbcd82be0ce (patch) | |
tree | 5607bddf98eb28b778fa6f35d556f90e24bd9c2b /data | |
parent | 4d1d7486318d5fe4f6ce9be9d1c5a105a4aae20e (diff) |
automatic update
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 167 |
1 files changed, 97 insertions, 70 deletions
diff --git a/data/CVE/list b/data/CVE/list index 542cf7aab0..368c155e4b 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,31 @@ +CVE-2019-13647 (Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of ...) + TODO: check +CVE-2019-13646 (Firefly III before 4.7.17.3 is vulnerable to reflected XSS due to lack ...) + TODO: check +CVE-2019-13645 (Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of ...) + TODO: check +CVE-2019-13644 (Firefly III before 4.7.17.1 is vulnerable to stored XSS due to lack of ...) + TODO: check +CVE-2019-13643 (Stored XSS in EspoCRM before 5.6.4 allows remote attackers to execute ...) + TODO: check +CVE-2019-13642 + RESERVED +CVE-2019-13641 + RESERVED +CVE-2019-13640 (In qBittorrent before 4.1.7, the function Application::runExternalProg ...) + TODO: check +CVE-2019-13639 + RESERVED +CVE-2019-13638 + RESERVED +CVE-2019-13637 (In LogMeIn join.me before 3.16.0.5505, an attacker could execute arbit ...) + TODO: check +CVE-2019-13636 (In GNU patch through 2.7.6, the following of symlinks is mishandled in ...) + TODO: check +CVE-2019-13635 + RESERVED +CVE-2019-13634 + RESERVED CVE-2019-13633 RESERVED CVE-2019-13632 @@ -29,8 +57,7 @@ CVE-2019-13621 RESERVED CVE-2019-13620 RESERVED -CVE-2019-13619 [ASN.1 BER and related dissectors crash] - RESERVED +CVE-2019-13619 (In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ...) - wireshark 2.6.10-1 NOTE: https://www.wireshark.org/security/wnpa-sec-2019-20.html NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15870 @@ -1114,8 +1141,8 @@ CVE-2019-13579 RESERVED CVE-2019-13578 RESERVED -CVE-2019-13577 - RESERVED +CVE-2019-13577 (SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthe ...) + TODO: check CVE-2018-20852 (http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py ...) - python3.7 3.7.3~rc1-1 - python3.5 <removed> @@ -1300,8 +1327,8 @@ CVE-2019-13495 RESERVED CVE-2019-13494 (nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0. ...) NOT-FOR-US: Castle Rock SNMPc -CVE-2019-13493 - RESERVED +CVE-2019-13493 (In Sitecore 9.0 rev 171002, Persistent XSS exists in the Media Library ...) + TODO: check CVE-2019-13492 RESERVED CVE-2019-13491 @@ -1403,10 +1430,10 @@ CVE-2019-13450 (In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 NOT-FOR-US: Zoom Client and RingCentral on MacOS CVE-2019-13449 (In the Zoom Client before 4.4.2 on macOS, remote attackers can cause a ...) NOT-FOR-US: Zoom Client on macOS -CVE-2019-13448 - RESERVED -CVE-2019-13447 - RESERVED +CVE-2019-13448 (An issue was discovered in Sertek Xpare 3.67. The login form does not ...) + TODO: check +CVE-2019-13447 (An issue was discovered in Sertek Xpare 3.67. The login form does not ...) + TODO: check CVE-2019-13446 REJECTED CVE-2019-13445 @@ -2775,14 +2802,14 @@ CVE-2019-12916 RESERVED CVE-2019-12915 RESERVED -CVE-2019-12914 - RESERVED -CVE-2019-12913 - RESERVED -CVE-2019-12912 - RESERVED -CVE-2019-12911 - RESERVED +CVE-2019-12914 (Redbrick Shift through 3.4.3 allows an attacker to extract authenticat ...) + TODO: check +CVE-2019-12913 (Redbrick Shift through 3.4.3 allows an attacker to extract emails of s ...) + TODO: check +CVE-2019-12912 (Redbrick Shift through 3.4.3 allows an attacker to extract emails of s ...) + TODO: check +CVE-2019-12911 (Redbrick Shift through 3.4.3 allows an attacker to extract authenticat ...) + TODO: check CVE-2019-12910 RESERVED CVE-2019-12909 @@ -2866,8 +2893,8 @@ CVE-2019-12878 RESERVED CVE-2019-12877 RESERVED -CVE-2019-12876 - RESERVED +CVE-2019-12876 (Zoho ManageEngine ADManager Plus 6.6.5, ADSelfService Plus 5.7, and De ...) + TODO: check CVE-2019-12875 (Alpine Linux abuild through 3.4.0 allows an unprivileged member of the ...) NOT-FOR-US: Alpine Linux CVE-2019-12874 (An issue was discovered in zlib_decompress_extra in modules/demux/mkv/ ...) @@ -4881,7 +4908,7 @@ CVE-2019-12104 RESERVED CVE-2019-12103 RESERVED -CVE-2019-12102 (Kentico 11 through 12 lets attackers upload and explore files without ...) +CVE-2019-12102 (** DISPUTED ** Kentico 11 through 12 lets attackers upload and explore ...) NOT-FOR-US: Kentico CVE-2019-12101 (coap_decode_option in coap.c in LibNyoci 0.07.00rc1 mishandles certain ...) NOT-FOR-US: LibNyoci @@ -5586,10 +5613,10 @@ CVE-2019-11774 RESERVED CVE-2019-11773 RESERVED -CVE-2019-11772 - RESERVED -CVE-2019-11771 - RESERVED +CVE-2019-11772 (In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], ...) + TODO: check +CVE-2019-11771 (AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which ...) + TODO: check CVE-2019-11770 (In Eclipse Buildship versions prior to 3.1.1, the build files indicate ...) NOT-FOR-US: Eclipse Buildship CVE-2019-11769 @@ -6369,8 +6396,8 @@ CVE-2019-11537 (In osTicket before 1.12, XSS exists via /upload/file.php, /uploa NOT-FOR-US: osTicket CVE-2019-11536 (Kalki Kalkitech SYNC3000 Substation DCU GPC v2.22.6, 2.23.0, 2.24.0, 3 ...) NOT-FOR-US: Kalki Kalkitech -CVE-2019-11535 - RESERVED +CVE-2019-11535 (Unsanitized user input in the web interface for Linksys WiFi extender ...) + TODO: check CVE-2019-11534 RESERVED CVE-2019-11533 (Cross-site scripting (XSS) vulnerability in ProjectSend before r1070 a ...) @@ -10731,16 +10758,16 @@ CVE-2019-1010289 RESERVED CVE-2019-1010288 RESERVED -CVE-2019-1010287 - RESERVED +CVE-2019-1010287 (Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Script ...) + TODO: check CVE-2019-1010286 RESERVED CVE-2019-1010285 RESERVED CVE-2019-1010284 RESERVED -CVE-2019-1010283 - RESERVED +CVE-2019-1010283 (Univention Corporate Server univention-directory-notifier 12.0.1-3 and ...) + TODO: check CVE-2019-1010282 RESERVED CVE-2019-1010281 @@ -10755,8 +10782,8 @@ CVE-2019-1010277 RESERVED CVE-2019-1010276 RESERVED -CVE-2019-1010275 - RESERVED +CVE-2019-1010275 (helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Valida ...) + TODO: check CVE-2019-1010274 RESERVED CVE-2019-1010273 @@ -10773,14 +10800,14 @@ CVE-2019-1010268 RESERVED CVE-2019-1010267 RESERVED -CVE-2019-1010266 - RESERVED +CVE-2019-1010266 (lodash prior to 4.7.11 is affected by: CWE-400: Uncontrolled Resource ...) + TODO: check CVE-2019-1010265 RESERVED CVE-2019-1010264 RESERVED -CVE-2019-1010263 - RESERVED +CVE-2019-1010263 (Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Contro ...) + TODO: check CVE-2019-1010262 RESERVED CVE-2019-1010261 @@ -13266,7 +13293,7 @@ CVE-2019-9189 (On Prima Systems FlexAir devices through 2.4.9api3, an authentica NOT-FOR-US: Prima Systems FlexAir devices CVE-2019-9188 RESERVED -CVE-2019-9187 (ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190226 ...) +CVE-2019-9187 (ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 ...) {DSA-4399-1 DLA-1716-1} - ikiwiki 3.20190228-1 NOTE: https://ikiwiki.info/security/#cve-2019-9187 @@ -14092,10 +14119,10 @@ CVE-2019-8933 (In DedeCMS 5.7SP2, attackers can upload a .php file to the upload CVE-2019-8935 (Collabtive 3.1 allows XSS via the manageuser.php?action=profile id par ...) - collabtive <removed> [jessie] - collabtive <ignored> (Minor issue) -CVE-2019-8932 - RESERVED -CVE-2019-8931 - RESERVED +CVE-2019-8932 (Redbrick Shift through 3.4.3 allows an attacker to extract authenticat ...) + TODO: check +CVE-2019-8931 (Redbrick Shift through 3.4.3 allows an attacker to extract emails of s ...) + TODO: check CVE-2019-8930 RESERVED CVE-2019-8929 (An issue was discovered in Zoho ManageEngine Netflow Analyzer Professi ...) @@ -23160,8 +23187,8 @@ CVE-2019-5224 RESERVED CVE-2019-5223 RESERVED -CVE-2019-5222 - RESERVED +CVE-2019-5222 (There is an information disclosure vulnerability on Secure Input of ce ...) + TODO: check CVE-2019-5221 (There is a path traversal vulnerability on Huawei Share. The software ...) NOT-FOR-US: Huawei CVE-2019-5220 (There is a Factory Reset Protection (FRP) bypass vulnerability on seve ...) @@ -25706,16 +25733,16 @@ CVE-2019-3975 RESERVED CVE-2019-3974 RESERVED -CVE-2019-3973 - RESERVED -CVE-2019-3972 - RESERVED -CVE-2019-3971 - RESERVED -CVE-2019-3970 - RESERVED -CVE-2019-3969 - RESERVED +CVE-2019-3973 (Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Deni ...) + TODO: check +CVE-2019-3972 (Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Deni ...) + TODO: check +CVE-2019-3971 (Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local ...) + TODO: check +CVE-2019-3970 (Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrar ...) + TODO: check +CVE-2019-3969 (Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Pr ...) + TODO: check CVE-2019-3968 RESERVED CVE-2019-3967 @@ -32622,14 +32649,14 @@ CVE-2019-1945 RESERVED CVE-2019-1944 RESERVED -CVE-2019-1943 - RESERVED -CVE-2019-1942 - RESERVED -CVE-2019-1941 - RESERVED -CVE-2019-1940 - RESERVED +CVE-2019-1943 (A vulnerability in the web interface of Cisco Small Business 200, 300, ...) + TODO: check +CVE-2019-1942 (A vulnerability in the sponsor portal web interface for Cisco Identity ...) + TODO: check +CVE-2019-1941 (A vulnerability in the web-based management interface of Cisco Identit ...) + TODO: check +CVE-2019-1940 (A vulnerability in the Web Services Management Agent (WSMA) feature of ...) + TODO: check CVE-2019-1939 RESERVED CVE-2019-1938 @@ -32662,20 +32689,20 @@ CVE-2019-1925 RESERVED CVE-2019-1924 RESERVED -CVE-2019-1923 - RESERVED +CVE-2019-1923 (A vulnerability in Cisco Small Business SPA500 Series IP Phones could ...) + TODO: check CVE-2019-1922 (A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 ...) NOT-FOR-US: Cisco CVE-2019-1921 (A vulnerability in the attachment scanning of Cisco AsyncOS Software f ...) NOT-FOR-US: Cisco -CVE-2019-1920 - RESERVED -CVE-2019-1919 - RESERVED +CVE-2019-1920 (A vulnerability in the 802.11r Fast Transition (FT) implementation for ...) + TODO: check +CVE-2019-1919 (A vulnerability in the Cisco FindIT Network Management Software virtua ...) + TODO: check CVE-2019-1918 RESERVED -CVE-2019-1917 - RESERVED +CVE-2019-1917 (A vulnerability in the REST API interface of Cisco Vision Dynamic Sign ...) + TODO: check CVE-2019-1916 RESERVED CVE-2019-1915 |