diff options
author | security tracker role <sectracker@soriano.debian.org> | 2019-10-11 20:10:25 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2019-10-11 20:10:25 +0000 |
commit | d0a60994b4f1c33121e80d7534cda4b5a1404fef (patch) | |
tree | 1fc239555511727723725181a6752f89142446cf /data | |
parent | d5ade852b91d6afd71526c72c905617adbd3de7f (diff) |
automatic update
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/2010.list | 14 | ||||
-rw-r--r-- | data/CVE/2015.list | 24 | ||||
-rw-r--r-- | data/CVE/2018.list | 4 | ||||
-rw-r--r-- | data/CVE/2019.list | 86 |
4 files changed, 92 insertions, 36 deletions
diff --git a/data/CVE/2010.list b/data/CVE/2010.list index 93fab11d2f..96dbc2f9e1 100644 --- a/data/CVE/2010.list +++ b/data/CVE/2010.list @@ -1,3 +1,17 @@ +CVE-2010-5340 (IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webm ...) + TODO: check +CVE-2010-5339 (IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webm ...) + TODO: check +CVE-2010-5338 (IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webm ...) + TODO: check +CVE-2010-5337 (IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webm ...) + TODO: check +CVE-2010-5336 (IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admi ...) + TODO: check +CVE-2010-5335 (IceWarp Webclient before 10.2.1 has a directory traversal vulnerabilit ...) + TODO: check +CVE-2010-5334 (IceWarp Webclient before 10.2.1 has a directory traversal vulnerabilit ...) + TODO: check CVE-2010-5333 (The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x be ...) NOT-FOR-US: Integard CVE-2010-5332 (In the Linux kernel before 2.6.37, an out of bounds array access happe ...) diff --git a/data/CVE/2015.list b/data/CVE/2015.list index f8e6805b12..9a748730d4 100644 --- a/data/CVE/2015.list +++ b/data/CVE/2015.list @@ -1,3 +1,27 @@ +CVE-2015-9492 (The ThemeMakers SmartIT Premium Responsive theme through 2015-05-15 fo ...) + TODO: check +CVE-2015-9491 (The ThemeMakers Blessing Premium Responsive theme through 2015-05-15 f ...) + TODO: check +CVE-2015-9490 (The ThemeMakers GamesTheme Premium theme through 2015-05-15 for WordPr ...) + TODO: check +CVE-2015-9489 (The ThemeMakers Goodnex Premium Responsive theme through 2015-05-15 fo ...) + TODO: check +CVE-2015-9488 (The ThemeMakers Almera Responsive Portfolio Site Template component th ...) + TODO: check +CVE-2015-9487 (The ThemeMakers Almera Responsive Portfolio theme through 2015-05-15 f ...) + TODO: check +CVE-2015-9486 (The ThemeMakers Axioma Premium Responsive theme through 2015-05-15 for ...) + TODO: check +CVE-2015-9485 (The ThemeMakers Accio Responsive Parallax One Page Site Template compo ...) + TODO: check +CVE-2015-9484 (The ThemeMakers Accio One Page Parallax Responsive theme through 2015- ...) + TODO: check +CVE-2015-9483 (The ThemeMakers Invento Responsive Gallery/Architecture Template compo ...) + TODO: check +CVE-2015-9482 (The ThemeMakers Car Dealer / Auto Dealer Responsive theme through 2015 ...) + TODO: check +CVE-2015-9481 (The ThemeMakers Diplomat | Political theme through 2015-05-15 for Word ...) + TODO: check CVE-2015-9480 (The RobotCPA plugin 5 for WordPress has directory traversal via the f. ...) NOT-FOR-US: RobotCPA plugin for WordPress CVE-2015-9479 (The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has a ...) diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 9789979bf0..0ed9fa1147 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -1,3 +1,7 @@ +CVE-2018-21028 + RESERVED +CVE-2018-21027 + RESERVED CVE-2018-21026 RESERVED CVE-2018-21025 (In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 8fdb414b00..ac3ceede95 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -1,3 +1,17 @@ +CVE-2019-17504 (An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5. ...) + TODO: check +CVE-2019-17503 (An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5. ...) + TODO: check +CVE-2019-17502 + RESERVED +CVE-2019-17501 + RESERVED +CVE-2019-17500 + RESERVED +CVE-2019-17499 (The setter.xml component of the Common Gateway Interface on Compal CH7 ...) + TODO: check +CVE-2019-17498 + RESERVED CVE-2019-17497 (Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft ...) NOT-FOR-US: Tracker PDF-XChange Editor CVE-2019-17496 (Craft CMS before 3.3.8 has stored XSS via a name field. This field is ...) @@ -907,8 +921,8 @@ CVE-2019-17061 RESERVED CVE-2019-17060 RESERVED -CVE-2019-17059 - RESERVED +CVE-2019-17059 (A shell injection vulnerability on the Sophos Cyberoam firewall applia ...) + TODO: check CVE-2019-17058 RESERVED CVE-2019-17057 @@ -6746,10 +6760,10 @@ CVE-2019-14572 RESERVED CVE-2019-14571 RESERVED -CVE-2019-14570 - RESERVED -CVE-2019-14569 - RESERVED +CVE-2019-14570 (Memory corruption in system firmware for Intel(R) NUC may allow a priv ...) + TODO: check +CVE-2019-14569 (Pointer corruption in system firmware for Intel(R) NUC may allow a pri ...) + TODO: check CVE-2019-14568 RESERVED CVE-2019-14567 @@ -6917,8 +6931,8 @@ CVE-2019-14511 (Sphinx Technologies Sphinx 3.1.1 by default has no authenticatio NOTE: sphinxsearch should ideally update the defaults in sample configs to bind NOTE: listeners to localhost. NOTE: This is not treated as a vulnerability, subject to design choices for deployment -CVE-2019-14510 - RESERVED +CVE-2019-14510 (An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using ...) + TODO: check CVE-2019-14509 RESERVED CVE-2019-14508 @@ -15539,8 +15553,8 @@ CVE-2019-11169 RESERVED CVE-2019-11168 RESERVED -CVE-2019-11167 - RESERVED +CVE-2019-11167 (Improper file permission in software installer for Intel(R) Smart Conn ...) + TODO: check CVE-2019-11166 (Improper file permissions in the installer for Intel(R) Easy Streaming ...) NOT-FOR-US: Intel CVE-2019-11165 @@ -15633,8 +15647,8 @@ CVE-2019-11122 RESERVED CVE-2019-11121 RESERVED -CVE-2019-11120 - RESERVED +CVE-2019-11120 (Insufficient path checking in the installer for Intel(R) Active System ...) + TODO: check CVE-2019-11119 (Insufficient session validation in the service API for Intel(R) RWC3 v ...) NOT-FOR-US: Intel CVE-2019-11118 @@ -28755,12 +28769,12 @@ CVE-2019-6337 RESERVED CVE-2019-6336 RESERVED -CVE-2019-6335 - RESERVED +CVE-2019-6335 (A potential security vulnerability has been identified with Samsung La ...) + TODO: check CVE-2019-6334 RESERVED -CVE-2019-6333 - RESERVED +CVE-2019-6333 (A potential security vulnerability has been identified with certain ve ...) + TODO: check CVE-2019-6332 RESERVED CVE-2019-6331 @@ -31031,7 +31045,7 @@ CVE-2019-5419 (There is a possible denial of service vulnerability in Action Vie - rails 2:5.2.2.1+dfsg-1 (bug #924520) [stretch] - rails 2:4.2.7.1-1+deb9u1 NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/4 -CVE-2019-5418 (There is a File Content Disclosure vulnerability in Action View (Rails ...) +CVE-2019-5418 (There is a File Content Disclosure vulnerability in Action View <5. ...) {DLA-1739-1} - rails 2:5.2.2.1+dfsg-1 (bug #924520) [stretch] - rails 2:4.2.7.1-1+deb9u1 @@ -38015,8 +38029,8 @@ CVE-2019-2217 RESERVED CVE-2019-2216 RESERVED -CVE-2019-2215 - RESERVED +CVE-2019-2215 (A use-after-free in binder.c allows an elevation of privilege from an ...) + TODO: check CVE-2019-2214 RESERVED CVE-2019-2213 @@ -38071,16 +38085,16 @@ CVE-2019-2189 (In the Easel driver, there is possible memory corruption due to r NOT-FOR-US: Android CVE-2019-2188 (In the Easel driver, there is possible memory corruption due to race c ...) NOT-FOR-US: Android -CVE-2019-2187 - RESERVED -CVE-2019-2186 - RESERVED -CVE-2019-2185 - RESERVED -CVE-2019-2184 - RESERVED -CVE-2019-2183 - RESERVED +CVE-2019-2187 (In nfc_ncif_decode_rf_params of nfc_ncif.cc, there is a possible out o ...) + TODO: check +CVE-2019-2186 (In GetMBheader of combined_decode.cpp, there is a possible out of boun ...) + TODO: check +CVE-2019-2185 (In VlcDequantH263IntraBlock_SH of vlc_dequant.cpp, there is a possible ...) + TODO: check +CVE-2019-2184 (In PV_DecodePredictedIntraDC of dec_pred_intra_dc.cpp, there is a poss ...) + TODO: check +CVE-2019-2183 (In generateServicesMap of RegisteredServicesCache.java, there is a pos ...) + TODO: check CVE-2019-2182 (In the Android kernel in the kernel MMU code there is a possible execu ...) - linux 4.16.5-1 [jessie] - linux <not-affected> (Vulnerable code not present) @@ -38110,8 +38124,8 @@ CVE-2019-2175 (In checkAccess of SliceManagerService.java in Android 9, there is NOT-FOR-US: Android CVE-2019-2174 (In SensorManager::assertStateLocked of SensorManager.cpp in Android 7. ...) NOT-FOR-US: Android -CVE-2019-2173 - RESERVED +CVE-2019-2173 (In startActivityMayWait of ActivityStarter.java, there is a possible i ...) + TODO: check CVE-2019-2172 (In libxaac there is a possible information disclosure due to uninitial ...) NOT-FOR-US: Android CVE-2019-2171 (In libxaac there is a possible information disclosure due to uninitial ...) @@ -38228,16 +38242,16 @@ CVE-2019-2116 (In save_attr_seq of sdp_discovery.cc, there is a possible out-of- NOT-FOR-US: Android CVE-2019-2115 (In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2 ...) NOT-FOR-US: Android -CVE-2019-2114 - RESERVED +CVE-2019-2114 (In the default privileges of NFC, there is a possible local bypass of ...) + TODO: check CVE-2019-2113 (In setup wizard there is a bypass of some checks when wifi connection ...) NOT-FOR-US: Android CVE-2019-2112 (In several functions of alarm.cc, there is possible memory corruption ...) NOT-FOR-US: Android CVE-2019-2111 (In loop of DnsTlsSocket.cpp, there is a possible heap memory corruptio ...) NOT-FOR-US: Android -CVE-2019-2110 - RESERVED +CVE-2019-2110 (In ScreenRotationAnimation of ScreenRotationAnimation.java, there is a ...) + TODO: check CVE-2019-2109 (In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a pos ...) NOT-FOR-US: Android media framework CVE-2019-2108 (In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a poss ...) @@ -41788,7 +41802,7 @@ CVE-2019-0381 (A binary planting in SAP SQL Anywhere, before version 17.0, SAP I NOT-FOR-US: SAP CVE-2019-0380 (Under certain conditions, SAP Landscape Management enterprise edition, ...) NOT-FOR-US: SAP -CVE-2019-0379 (In SAP NetWeaver Process Integration (AS2 Adapter), before versions 1. ...) +CVE-2019-0379 (SAP Process Integration, business-to-business add-on, versions 1.0, 2. ...) NOT-FOR-US: SAP CVE-2019-0378 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence H ...) NOT-FOR-US: SAP |