Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
18a375ea by security tracker role at 2019-10-15T20:10:29Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2019-17600 (Intelbras IWR 1000N 1.6.4 devices allows disclosure of the
administrat ...)
+ TODO: check
+CVE-2019-17599
+ RESERVED
+CVE-2019-17598
+ RESERVED
+CVE-2019-17597
+ RESERVED
+CVE-2017-1002201 (In haml versions prior to version 5.0.0.beta.2, when using
user input ...)
+ TODO: check
CVE-2019-17596
RESERVED
CVE-2019-17595 (There is a heap-based buffer over-read in the fmt_entry
function in ti ...)
@@ -632,8 +642,8 @@ CVE-2019-17399 (The Shack Forms Pro extension before 4.0.32
for Joomla! allows p
NOT-FOR-US: Shack Forms Pro extension for Joomla!
CVE-2019-17398
RESERVED
-CVE-2019-17397
- RESERVED
+CVE-2019-17397 (In the DoorDash application through 11.5.2 for Android, the
username a ...)
+ TODO: check
CVE-2019-17396
RESERVED
CVE-2019-17395
@@ -984,8 +994,8 @@ CVE-2019-17225 (Subrion 4.2.1 allows XSS via the
panel/members/ Username, Full N
NOT-FOR-US: Subrion CMS
CVE-2019-17224
RESERVED
-CVE-2019-17223
- RESERVED
+CVE-2019-17223 (There is HTML Injection in the Note field in Dolibarr ERP/CRM
10.0.2 v ...)
+ TODO: check
CVE-2019-17222
RESERVED
CVE-2019-17221
@@ -1042,8 +1052,8 @@ CVE-2019-17197 (OpenEMR through 5.0.2 has SQL Injection
in the Lifestyle demogra
NOT-FOR-US: OpenEMR
CVE-2019-17196
RESERVED
-CVE-2019-17195
- RESERVED
+CVE-2019-17195 (Connect2id Nimbus JOSE+JWT before v7.9 can throw various
uncaught exce ...)
+ TODO: check
CVE-2019-17194
RESERVED
CVE-2019-17193
@@ -7731,8 +7741,7 @@ CVE-2019-14834
RESERVED
CVE-2019-14833
RESERVED
-CVE-2019-14832
- RESERVED
+CVE-2019-14832 (A flaw was found in the Keycloak REST API before version 8.0.0
where i ...)
NOT-FOR-US: Keycloak
CVE-2019-14831
RESERVED
@@ -14317,8 +14326,8 @@ CVE-2019-12946 (Elcom CMS before 10.7 has SQL Injection
via EventSearchByState.a
NOT-FOR-US: Elcom CMS
CVE-2019-12945
REJECTED
-CVE-2019-12944
- RESERVED
+CVE-2019-12944 (Glue Smart Lock 2.7.8 devices do not properly block guest
access in ce ...)
+ TODO: check
CVE-2019-12943 (TTLock devices do not properly restrict password-reset
attempts, leadi ...)
NOT-FOR-US: TTLock devices
CVE-2019-12942 (TTLock devices do not properly block guest access in certain
situation ...)
@@ -20181,10 +20190,10 @@ CVE-2019-10762
RESERVED
CVE-2019-10761
RESERVED
-CVE-2019-10760
- RESERVED
-CVE-2019-10759
- RESERVED
+CVE-2019-10760 (safer-eval before 1.3.2 are vulnerable to Arbitrary Code
Execution. A ...)
+ TODO: check
+CVE-2019-10759 (safer-eval before 1.3.4 are vulnerable to Arbitrary Code
Execution. A ...)
+ TODO: check
CVE-2019-10758
RESERVED
CVE-2019-10757 (knex.js versions before 0.19.5 are vulnerable to SQL Injection
attack. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/18a375eaf8b43f40305a2fe3803f5df17a629c2d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/18a375eaf8b43f40305a2fe3803f5df17a629c2d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
