diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2019-08-14 20:10:27 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2019-08-14 20:10:27 +0000 |
| commit | 9fb92ed3a694ad8a47f1e6b0191aeeda52f89930 (patch) | |
| tree | 2cd661a8009369b705dd2ebcc4bb62f4931c9640 /data | |
| parent | 1270946d47fc18f025c7d45580ee28ae9c495f49 (diff) | |
automatic update
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 270 |
1 files changed, 157 insertions, 113 deletions
diff --git a/data/CVE/list b/data/CVE/list index 9b5f1f1145..2662612d34 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,82 +1,126 @@ -CVE-2019-15033 - RESERVED -CVE-2019-15032 - RESERVED -CVE-2019-15031 - RESERVED -CVE-2019-15030 - RESERVED -CVE-2019-15029 - RESERVED -CVE-2019-15028 (In Joomla! before 3.9.11, inadequate checks in com_contact could allow ...) - NOT-FOR-US: Joomla! -CVE-2019-15027 - RESERVED -CVE-2019-15026 - RESERVED -CVE-2019-15025 - RESERVED -CVE-2018-20968 +CVE-2019-15055 RESERVED -CVE-2018-20967 +CVE-2019-15054 RESERVED -CVE-2017-18515 - RESERVED -CVE-2017-18514 - RESERVED -CVE-2017-18513 - RESERVED -CVE-2017-18512 - RESERVED -CVE-2017-18511 - RESERVED -CVE-2017-18510 - RESERVED -CVE-2016-10889 +CVE-2019-15053 (The "HTML Include and replace macro" plugin before 1.5.0 for Confluenc ...) + TODO: check +CVE-2019-15052 RESERVED -CVE-2016-10888 +CVE-2019-15051 RESERVED -CVE-2016-10887 +CVE-2019-15050 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...) + TODO: check +CVE-2019-15049 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...) + TODO: check +CVE-2019-15048 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...) + TODO: check +CVE-2019-15047 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...) + TODO: check +CVE-2019-15046 (Zoho ManageEngine ServiceDesk Plus 10 before 10509 allows unauthentica ...) + TODO: check +CVE-2019-15045 RESERVED -CVE-2016-10886 +CVE-2019-15044 RESERVED -CVE-2016-10885 +CVE-2019-15043 RESERVED -CVE-2016-10884 +CVE-2019-15042 RESERVED -CVE-2016-10883 +CVE-2019-15041 RESERVED -CVE-2016-10882 +CVE-2019-15040 RESERVED -CVE-2016-10881 +CVE-2019-15039 RESERVED -CVE-2016-10880 +CVE-2019-15038 RESERVED -CVE-2015-9316 +CVE-2019-15037 RESERVED -CVE-2015-9315 +CVE-2019-15036 RESERVED -CVE-2015-9314 +CVE-2019-15035 RESERVED -CVE-2015-9313 +CVE-2019-15034 RESERVED -CVE-2015-9312 +CVE-2019-15033 RESERVED -CVE-2015-9311 +CVE-2019-15032 RESERVED -CVE-2015-9310 +CVE-2019-15031 RESERVED -CVE-2015-9309 +CVE-2019-15030 RESERVED -CVE-2015-9308 +CVE-2019-15029 RESERVED -CVE-2015-9307 +CVE-2019-15028 (In Joomla! before 3.9.11, inadequate checks in com_contact could allow ...) + NOT-FOR-US: Joomla! +CVE-2019-15027 (The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on ...) + TODO: check +CVE-2019-15026 RESERVED +CVE-2019-15025 (The ninja-forms plugin before 3.3.21.2 for WordPress has SQL injection ...) + TODO: check +CVE-2018-20968 (The wp-ultimate-exporter plugin before 1.4.2 for WordPress has CSRF. ...) + TODO: check +CVE-2018-20967 (The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSR ...) + TODO: check +CVE-2017-18515 (The wp-statistics plugin before 12.0.8 for WordPress has SQL injection ...) + TODO: check +CVE-2017-18514 (The simple-login-log plugin before 1.1.2 for WordPress has SQL injecti ...) + TODO: check +CVE-2017-18513 (The responsive-menu plugin before 3.1.4 for WordPress has no CSRF prot ...) + TODO: check +CVE-2017-18512 (The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF ...) + TODO: check +CVE-2017-18511 (The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF. ...) + TODO: check +CVE-2017-18510 (The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related ...) + TODO: check +CVE-2016-10889 (The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injecti ...) + TODO: check +CVE-2016-10888 (The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPr ...) + TODO: check +CVE-2016-10887 (The all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPr ...) + TODO: check +CVE-2016-10886 (The wp-editor plugin before 1.2.6 for WordPress has incorrect permissi ...) + TODO: check +CVE-2016-10885 (The wp-editor plugin before 1.2.6 for WordPress has CSRF. ...) + TODO: check +CVE-2016-10884 (The simple-membership plugin before 3.3.3 for WordPress has multiple C ...) + TODO: check +CVE-2016-10883 (The simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF ...) + TODO: check +CVE-2016-10882 (The google-document-embedder plugin before 2.6.2 for WordPress has CSR ...) + TODO: check +CVE-2016-10881 (The google-document-embedder plugin before 2.6.2 for WordPress has XSS ...) + TODO: check +CVE-2016-10880 (The google-document-embedder plugin before 2.6.1 for WordPress has XSS ...) + TODO: check +CVE-2015-9316 (The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injec ...) + TODO: check +CVE-2015-9315 (The newstatpress plugin before 1.0.1 for WordPress has SQL injection. ...) + TODO: check +CVE-2015-9314 (The newstatpress plugin before 1.0.4 for WordPress has XSS related to ...) + TODO: check +CVE-2015-9313 (The newstatpress plugin before 1.0.5 for WordPress has SQL injection r ...) + TODO: check +CVE-2015-9312 (The newstatpress plugin before 1.0.5 for WordPress has XSS related to ...) + TODO: check +CVE-2015-9311 (The newstatpress plugin before 1.0.6 for WordPress has reflected XSS. ...) + TODO: check +CVE-2015-9310 (The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPr ...) + TODO: check +CVE-2015-9309 (The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF i ...) + TODO: check +CVE-2015-9308 (The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF i ...) + TODO: check +CVE-2015-9307 (The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF i ...) + TODO: check CVE-2014-10375 (handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a nega ...) - libexosip2 <unfixed> (bug #934766) NOTE: http://git.savannah.nongnu.org/cgit/exosip.git/commit/?id=2549e421c14aff886629b8482c14af800f411070 -CVE-2013-7476 - RESERVED +CVE-2013-7476 (The simple-fields plugin before 1.2 for WordPress has CSRF in the admi ...) + TODO: check CVE-2019-15024 RESERVED CVE-2019-15023 @@ -180,10 +224,10 @@ CVE-2019-14977 RESERVED CVE-2019-14976 (iCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords parameter ...) NOT-FOR-US: idreamsoft iCMS -CVE-2019-14975 - RESERVED -CVE-2019-14974 - RESERVED +CVE-2019-14975 (Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_ch ...) + TODO: check +CVE-2019-14974 (SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.h ...) + TODO: check CVE-2019-14973 (_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through ...) - tiff 4.0.10+git190814-1 (bug #934780) - tiff3 <removed> @@ -10204,8 +10248,8 @@ CVE-2019-11654 RESERVED CVE-2019-11653 (Remote Access Control Bypass in Micro Focus Content Manager. versions ...) NOT-FOR-US: Micro Focus -CVE-2019-11652 - RESERVED +CVE-2019-11652 (A potential authorization bypass issue was found in Micro Focus Self S ...) + TODO: check CVE-2019-11651 RESERVED CVE-2019-11650 (A potential Man in the Middle attack (MITM) was found in NetIQ Advance ...) @@ -13948,13 +13992,13 @@ CVE-2019-10203 [PowerDNS Security Advisory 2019-06: Denial of service via crafte NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-06.html CVE-2019-10202 RESERVED -CVE-2019-10201 - RESERVED +CVE-2019-10201 (It was found that Keycloak's SAML broker, versions up to 6.0.1, did no ...) + TODO: check CVE-2019-10200 RESERVED NOT-FOR-US: OpenShift -CVE-2019-10199 - RESERVED +CVE-2019-10199 (It was found that Keycloak's account console, up to 6.0.1, did not per ...) + TODO: check CVE-2019-10198 (An authentication bypass vulnerability was discovered in foreman-tasks ...) - foreman <itp> (bug #663101) CVE-2019-10197 @@ -16835,8 +16879,8 @@ CVE-2019-9508 RESERVED CVE-2019-9507 RESERVED -CVE-2019-9506 - RESERVED +CVE-2019-9506 (The Bluetooth BR/EDR specification up to and including version 5.1 per ...) + TODO: check CVE-2019-9505 (The PrinterLogic Print Management software, versions up to and includi ...) NOT-FOR-US: PrinterLogic Print Management CVE-2019-9504 @@ -20409,8 +20453,8 @@ CVE-2019-8064 RESERVED CVE-2019-8063 RESERVED -CVE-2019-8062 - RESERVED +CVE-2019-8062 (Adobe After Effects versions 16 and earlier have an insecure library l ...) + TODO: check CVE-2019-8061 RESERVED CVE-2019-8060 @@ -20611,8 +20655,8 @@ CVE-2019-7963 (Adobe Bridge CC version 9.0.2 and earlier versions have an out of NOT-FOR-US: Adobe Bridge CC CVE-2019-7962 RESERVED -CVE-2019-7961 - RESERVED +CVE-2019-7961 (Adobe Prelude CC versions 8.1 and earlier have an insecure library loa ...) + TODO: check CVE-2019-7960 RESERVED CVE-2019-7959 @@ -20671,8 +20715,8 @@ CVE-2019-7933 RESERVED CVE-2019-7932 (A remote code execution vulnerability exists in Magento Open Source pr ...) NOT-FOR-US: Magento -CVE-2019-7931 - RESERVED +CVE-2019-7931 (Adobe Premiere Pro CC versions 13.1.2 and earlier have an insecure lib ...) + TODO: check CVE-2019-7930 (A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18 ...) NOT-FOR-US: Magento CVE-2019-7929 (An information leakage vulnerability exists in Magento 2.1 prior to 2. ...) @@ -20793,8 +20837,8 @@ CVE-2019-7872 (An insecure direct object reference (IDOR) vulnerability exists i NOT-FOR-US: Magento CVE-2019-7871 (A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 p ...) NOT-FOR-US: Magento -CVE-2019-7870 - RESERVED +CVE-2019-7870 (Adobe Character Animator versions 2.1 and earlier have an insecure lib ...) + TODO: check CVE-2019-7869 (A stored cross-site scripting vulnerability exists in the admin panel ...) NOT-FOR-US: Magento CVE-2019-7868 (A stored cross-site scripting vulnerability exists in the admin panel ...) @@ -30226,7 +30270,7 @@ CVE-2019-3950 (Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hard NOT-FOR-US: Arlo Basestation firmware CVE-2019-3949 (Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a ...) NOT-FOR-US: Arlo Basestation firmware -CVE-2019-3948 (The Amcrest IP2M-841B IP camera firmware version V2.520.AC00.18.R does ...) +CVE-2019-3948 (The Amcrest IP2M-841B V2.520.AC00.18.R, Dahua IPC-XXBXX V2.622.0000000 ...) NOT-FOR-US: Amcrest IP2M-841B IP camera firmware CVE-2019-3947 (Fuji Electric V-Server before 6.0.33.0 stores database credentials in ...) NOT-FOR-US: Fuji Electric V-Server @@ -31124,16 +31168,16 @@ CVE-2019-3641 RESERVED CVE-2019-3640 RESERVED -CVE-2019-3639 - RESERVED +CVE-2019-3639 (Clickjack vulnerability in Adminstrator web console in McAfee Web Gate ...) + TODO: check CVE-2019-3638 RESERVED -CVE-2019-3637 - RESERVED +CVE-2019-3637 (Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.20 ...) + TODO: check CVE-2019-3636 RESERVED -CVE-2019-3635 - RESERVED +CVE-2019-3635 (Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8. ...) + TODO: check CVE-2019-3634 RESERVED CVE-2019-3633 @@ -41318,48 +41362,48 @@ CVE-2019-0353 RESERVED CVE-2019-0352 RESERVED -CVE-2019-0351 - RESERVED +CVE-2019-0351 (A remote code execution vulnerability exists in the SAP NetWeaver UDDI ...) + TODO: check CVE-2019-0350 RESERVED -CVE-2019-0349 - RESERVED -CVE-2019-0348 - RESERVED +CVE-2019-0349 (SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7. ...) + TODO: check +CVE-2019-0348 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence), ...) + TODO: check CVE-2019-0347 RESERVED -CVE-2019-0346 - RESERVED -CVE-2019-0345 - RESERVED -CVE-2019-0344 - RESERVED -CVE-2019-0343 - RESERVED +CVE-2019-0346 (Unencrypted communication error in SAP Business Objects Business Intel ...) + TODO: check +CVE-2019-0345 (A remote unauthenticated attacker can abuse a web service in SAP NetWe ...) + TODO: check +CVE-2019-0344 (Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc ...) + TODO: check +CVE-2019-0343 (SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6 ...) + TODO: check CVE-2019-0342 RESERVED -CVE-2019-0341 - RESERVED -CVE-2019-0340 - RESERVED +CVE-2019-0341 (The session cookie used by SAP Enable Now, version 1902, does not have ...) + TODO: check +CVE-2019-0340 (The XML parser, which is being used by SAP Enable Now, before version ...) + TODO: check CVE-2019-0339 RESERVED -CVE-2019-0338 - RESERVED -CVE-2019-0337 - RESERVED +CVE-2019-0338 (During an OData V2/V4 request in SAP Gateway, versions 750, 751, 752, ...) + TODO: check +CVE-2019-0337 (Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10 ...) + TODO: check CVE-2019-0336 RESERVED -CVE-2019-0335 - RESERVED -CVE-2019-0334 - RESERVED -CVE-2019-0333 - RESERVED -CVE-2019-0332 - RESERVED -CVE-2019-0331 - RESERVED +CVE-2019-0335 (Under certain conditions SAP BusinessObjects Business Intelligence Pla ...) + TODO: check +CVE-2019-0334 (When creating a module in SAP BusinessObjects Business Intelligence Pl ...) + TODO: check +CVE-2019-0333 (In some situations, when a client cancels a query in SAP BusinessObjec ...) + TODO: check +CVE-2019-0332 (SAP BusinessObjects Business Intelligence Platform (Info View), versio ...) + TODO: check +CVE-2019-0331 (Under certain conditions, SAP BusinessObjects Business Intelligence Pl ...) + TODO: check CVE-2019-0330 (The OS Command Plugin in the transaction GPA_ADMIN and the OSCommand C ...) NOT-FOR-US: SAP CVE-2019-0329 (SAP Information Steward, version 4.2, does not sufficiently encode use ...) |