Skip to content
Commits on Source (2)
Show whitespace changes
Inline Side-by-side
data/CVE/list
View file @ c783d226
......@@ -1690,7 +1690,7 @@ CVE-2019-16409 (In the Versioned Files module through 2.0.3 for SilverStripe 3.x
CVE-2019-16408
RESERVED
CVE-2019-16407 (JetBrains ReSharper installers for versions before 2019.2 had a DLL Hi ...)
TODO: check
NOT-FOR-US: JetBrains ReSharper installer
CVE-2019-16406
RESERVED
CVE-2019-16405
......@@ -2480,7 +2480,7 @@ CVE-2019-16173 (LimeSurvey before v3.17.14 allows reflected XSS for escalating p
CVE-2019-16172 (LimeSurvey before v3.17.14 allows stored XSS for escalating privileges ...)
- limesurvey <itp> (bug #472802)
CVE-2019-16171 (In JetBrains YouTrack through 2019.2.56594, stored XSS was found on th ...)
TODO: check
NOT-FOR-US: JetBrains YouTrack
CVE-2019-16170 (An issue was discovered in GitLab Enterprise Edition 11.x and 12.x bef ...)
[experimental] - gitlab 12.0.9-1
- gitlab <unfixed> (bug #940007)
......@@ -2624,7 +2624,7 @@ CVE-2019-16118 (Cross site scripting (XSS) in the photo-gallery (10Web Photo Gal
CVE-2019-16117 (Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) ...)
NOT-FOR-US: photo-gallery (10Web Photo Gallery) plugin for WordPress
CVE-2019-16116 (EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable ...)
TODO: check
NOT-FOR-US: EnterpriseDT CompleteFTP Server
CVE-2019-16115 (In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in ...)
- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-16114 (In ATutor 2.2.4, an unauthenticated attacker can change the applicatio ...)
......@@ -4893,7 +4893,7 @@ CVE-2019-15274
CVE-2019-15273
RESERVED
CVE-2019-15272 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-15271
RESERVED
CVE-2019-15270
......@@ -4919,13 +4919,13 @@ CVE-2019-15261
CVE-2019-15260
RESERVED
CVE-2019-15259 (A vulnerability in Cisco Unified Contact Center Express (UCCX) Softwar ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-15258
RESERVED
CVE-2019-15257
RESERVED
CVE-2019-15256 (A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-15255
RESERVED
CVE-2019-15254
......@@ -5723,15 +5723,15 @@ CVE-2019-15042 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had n
CVE-2019-15041 (JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL ...)
NOT-FOR-US: JetBrains YouTrack
CVE-2019-15040 (JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on ...)
TODO: check
NOT-FOR-US: JetBrains YouTrack
CVE-2019-15039 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possi ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2019-15038 (An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity s ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2019-15037 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had several ...)
TODO: check
NOT-FOR-US: JetBrains TeamCity
CVE-2019-15036 (An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Pro ...)
TODO: check
NOT-FOR-US: JetBrains TeamCity
CVE-2019-15035 (An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Pro ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2019-15034
......@@ -5978,13 +5978,13 @@ CVE-2019-14961 (JetBrains Upsource before 2019.1.1412 was not properly escaping
CVE-2019-14960 (JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider. ...)
NOT-FOR-US: JetBrains Rider
CVE-2019-14959 (JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a ...)
TODO: check
NOT-FOR-US: JetBrains Toolbox
CVE-2019-14958 (JetBrains PyCharm before 2019.2 was allocating a buffer of unknown siz ...)
TODO: check
- pycharm <itp> (bug #742394)
CVE-2019-14957 (The JetBrains Vim plugin before version 0.52 was storing individual pr ...)
NOT-FOR-US: JetBrains Vim plugin
CVE-2019-14956 (JetBrains YouTrack before 2019.2.53938 was using incorrect settings, a ...)
TODO: check
NOT-FOR-US: JetBrains YouTrack
CVE-2019-14955 (In JetBrains Hub versions earlier than 2018.4.11436, there was no opti ...)
NOT-FOR-US: JetBrains Hub
CVE-2019-14954 (JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plant ...)
......@@ -7456,7 +7456,7 @@ CVE-2019-14456 (Opengear console server firmware releases prior to 4.5.0 have a
CVE-2019-14455
RESERVED
CVE-2019-14454 (SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to ...)
TODO: check
NOT-FOR-US: SuiteCRM
CVE-2013-7474 (Windu CMS 2.2 allows XSS via the name parameter to admin/content/edit ...)
NOT-FOR-US: Windu CMS
CVE-2013-7473 (Windu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to a ...)
......@@ -9962,7 +9962,7 @@ CVE-2019-13659
RESERVED
- chromium <unfixed>
CVE-2019-13658 (CA Network Flow Analysis 9.x and 10.0.x have a default credential vuln ...)
TODO: check
NOT-FOR-US: CA Network Flow Analysis
CVE-2019-13657
RESERVED
CVE-2019-13656 (An access vulnerability in CA Common Services DIA of CA Technologies C ...)
......@@ -11804,7 +11804,7 @@ CVE-2019-13337 (In WESEEK GROWI before 3.5.0, the site-wide basic authentication
CVE-2019-13336
RESERVED
CVE-2019-13335 (SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has ...)
TODO: check
NOT-FOR-US: SalesAgility SuiteCRM
CVE-2019-13334
RESERVED
CVE-2019-13333
......@@ -12697,7 +12697,7 @@ CVE-2019-13027 (Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071
CVE-2019-13026 (OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Inject ...)
NOT-FOR-US: OXID eShop
CVE-2019-13025 (Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorre ...)
TODO: check
NOT-FOR-US: Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices
CVE-2019-13024 (Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web be ...)
NOT-FOR-US: Centreon web UI (not packaged in Debian)
CVE-2019-13023
......@@ -13526,9 +13526,9 @@ CVE-2019-12739 (lib/Controller/ExtractionController.php in the Extract add-on be
CVE-2019-12738
RESERVED
CVE-2019-12737 (UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a ...)
TODO: check
NOT-FOR-US: JetBrains Ktor
CVE-2019-12736 (JetBrains Ktor framework before 1.2.0-rc does not sanitize the usernam ...)
TODO: check
NOT-FOR-US: JetBrains Ktor
CVE-2019-12734
RESERVED
CVE-2019-12733
......@@ -13575,27 +13575,27 @@ CVE-2019-12718
CVE-2019-12717 (A vulnerability in a CLI command related to the virtualization manager ...)
NOT-FOR-US: Cisco
CVE-2019-12716 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12715 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12714 (A vulnerability in the web-based management interface of Cisco IC3000 ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12713 (A vulnerability in the web-based management interface of Cisco Prime I ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12712 (A vulnerability in the web-based management interface of Cisco Prime I ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12711 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12710 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12709 (A vulnerability in a CLI command related to the virtualization manager ...)
NOT-FOR-US: Cisco
CVE-2019-12708
RESERVED
CVE-2019-12707 (A vulnerability in the web-based interface of multiple Cisco Unified C ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12706 (A vulnerability in the Sender Policy Framework (SPF) functionality of ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12705
RESERVED
CVE-2019-12704
......@@ -13605,63 +13605,63 @@ CVE-2019-12703
CVE-2019-12702
RESERVED
CVE-2019-12701 (A vulnerability in the file and malware inspection feature of Cisco Fi ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12700 (A vulnerability in the configuration of the Pluggable Authentication M ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12699 (Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco F ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12698 (A vulnerability in the WebVPN feature of Cisco Adaptive Security Appli ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12697 (Multiple vulnerabilities in the Cisco Firepower System Software Detect ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12696 (Multiple vulnerabilities in the Cisco Firepower System Software Detect ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12695 (A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Ada ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12694 (A vulnerability in the command line interface (CLI) of Cisco Firepower ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12693 (A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Sec ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12692
RESERVED
CVE-2019-12691 (A vulnerability in the web-based management interface of Cisco Firepow ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12690 (A vulnerability in the web UI of the Cisco Firepower Management Center ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12689 (A vulnerability in the web-based management interface of Cisco Firepow ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12688 (A vulnerability in the web UI of the Cisco Firepower Management Center ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12687 (A vulnerability in the web UI of the Cisco Firepower Management Center ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12686 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12685 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12684 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12683 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12682 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12681 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12680 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12679 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12678 (A vulnerability in the Session Initiation Protocol (SIP) inspection mo ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12677 (A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12676 (A vulnerability in the Open Shortest Path First (OSPF) implementation ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12675 (Multiple vulnerabilities in the multi-instance feature of Cisco Firepo ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12674 (Multiple vulnerabilities in the multi-instance feature of Cisco Firepo ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12673 (A vulnerability in the FTP inspection engine of Cisco Adaptive Securit ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12672 (A vulnerability in the filesystem of Cisco IOS XE Software could allow ...)
NOT-FOR-US: Cisco
CVE-2019-12671 (A vulnerability in the CLI of Cisco IOS XE Software could allow an aut ...)
......@@ -13745,9 +13745,9 @@ CVE-2019-12633 (A vulnerability in Cisco Unified Contact Center Express (Unified
CVE-2019-12632 (A vulnerability in Cisco Finesse could allow an unauthenticated, remot ...)
NOT-FOR-US: Cisco
CVE-2019-12631 (A vulnerability in the web-based guest portal of Cisco Identity Servic ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12630 (A vulnerability in the Java deserialization function used by Cisco Sec ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-12629
RESERVED
CVE-2019-12628
......@@ -15030,9 +15030,9 @@ CVE-2019-12159 (GoHTTP through 2017-07-25 has a stack-based buffer over-read in
CVE-2019-12158 (GoHTTP through 2017-07-25 has a GetExtension heap-based buffer overflo ...)
NOT-FOR-US: GoHTTP
CVE-2019-12157 (In JetBrains TeamCity versions before 2018.2.5 and UpSource versions b ...)
TODO: check
NOT-FOR-US: JetBrains TeamCity
CVE-2019-12156 (Server metadata could be exposed because one of the error messages ref ...)
TODO: check
NOT-FOR-US: JetBrains TeamCity
CVE-2019-12155 (interface_release_resource in hw/display/qxl.c in QEMU 4.0.0 has a NUL ...)
{DSA-4454-1 DLA-1927-1}
- qemu 1:3.1+dfsg-8 (bug #929353)
......@@ -26088,7 +26088,7 @@ CVE-2019-8464
CVE-2019-8463
RESERVED
CVE-2019-8462 (In a rare scenario, Check Point R80.30 Security Gateway before JHF Tak ...)
TODO: check
NOT-FOR-US: Check Point R80.30 Security Gateway
CVE-2019-8461 (Check Point Endpoint Security Initial Client for Windows before versio ...)
NOT-FOR-US: Check Point
CVE-2019-8460 (Reuven Plevinsky and Tal Vainshtein of Check Point Software Technologi ...)
......@@ -34664,7 +34664,7 @@ CVE-2019-5033 (An exploitable out-of-bounds read vulnerability exists in the Num
CVE-2019-5032 (An exploitable out-of-bounds read vulnerability exists in the LabelSst ...)
NOT-FOR-US: Aspose
CVE-2019-5031 (An exploitable memory corruption vulnerability exists in the JavaScrip ...)
TODO: check
NOT-FOR-US: Foxit PDF Reader
CVE-2019-5030
RESERVED
CVE-2019-5029
......@@ -43790,7 +43790,7 @@ CVE-2019-1917 (A vulnerability in the REST API interface of Cisco Vision Dynamic
CVE-2019-1916
RESERVED
CVE-2019-1915 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
TODO: check
NOT-FOR-US: Cisco
CVE-2019-1914 (A vulnerability in the web management interface of Cisco Small Busines ...)
NOT-FOR-US: Cisco
CVE-2019-1913 (Multiple vulnerabilities in the web management interface of Cisco Smal ...)