[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Thu, 18 Jul 2019 13:27:11 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4e668124 by Salvatore Bonaccorso at 2019-07-18T20:24:30Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2019-13960 (** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of 
memory can be ...)
        TODO: check
 CVE-2019-13959 (In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not 
handle reall ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2019-13958
        RESERVED
 CVE-2019-13957
        RESERVED
 CVE-2019-13956 (Discuz!ML 3.2 through 3.4 allows remote attackers to execute 
arbitrary ...)
-       TODO: check
+       NOT-FOR-US: Discuz!ML
 CVE-2019-13955
        RESERVED
 CVE-2019-13954
@@ -19,11 +19,11 @@ CVE-2019-13952 (The set_ipv6() function in zscan_rfc1035.rl 
in gdnsd 3.2.0 has a
 CVE-2019-13951 (The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.2.0 has 
a stack ...)
        TODO: check
 CVE-2019-13950 (index.php?c=admin&amp;a=index in SyGuestBook A5 Version 1.2 
has stored ...)
-       TODO: check
+       NOT-FOR-US: SyGuestBook A5
 CVE-2019-13949 (SyGuestBook A5 Version 1.2 has no CSRF protection mechanism, 
as demons ...)
-       TODO: check
+       NOT-FOR-US: SyGuestBook A5
 CVE-2019-13948 (SyGuestBook A5 Version 1.2 allows stored XSS because the 
isValidData f ...)
-       TODO: check
+       NOT-FOR-US: SyGuestBook A5
 CVE-2019-13947
        RESERVED
 CVE-2019-13946
@@ -627,9 +627,9 @@ CVE-2019-13648
 CVE-2018-20853
        RESERVED
 CVE-2016-10763 (The CampTix Event Ticketing plugin before 1.5 for WordPress 
allows XSS ...)
-       TODO: check
+       NOT-FOR-US: CampTix Event Ticketing plugin for WordPress
 CVE-2016-10762 (The CampTix Event Ticketing plugin before 1.5 for WordPress 
allows CSV ...)
-       TODO: check
+       NOT-FOR-US: CampTix Event Ticketing plugin for WordPress
 CVE-2019-13647 (Firefly III before 4.7.17.3 is vulnerable to stored XSS due to 
lack of ...)
        NOT-FOR-US: Firefly
 CVE-2019-13646 (Firefly III before 4.7.17.3 is vulnerable to reflected XSS due 
to lack ...)
@@ -1710,7 +1710,7 @@ CVE-2014-1001
 CVE-2014-1000
        RESERVED
 CVE-2019-13607 (The Opera Mini application through 16.0.14 for iOS has a UXSS 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: Opera Mini application for iOS
 CVE-2019-13606
        RESERVED
 CVE-2019-13605 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 
0.9.8.8 ...)
@@ -1791,7 +1791,7 @@ CVE-2018-20852 
(http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookie
 CVE-2019-13576
        RESERVED
 CVE-2019-13575 (A SQL injection vulnerability exists in WPEverest Everest 
Forms plugin ...)
-       TODO: check
+       NOT-FOR-US: WPEverest Everest Forms plugin for WordPress
 CVE-2019-13574 (In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a 
fetched remo ...)
        {DSA-4481-1}
        - ruby-mini-magick <unfixed> (bug #931932)
@@ -7031,7 +7031,7 @@ CVE-2019-11537 (In osTicket before 1.12, XSS exists via 
/upload/file.php, /uploa
 CVE-2019-11536 (Kalki Kalkitech SYNC3000 Substation DCU GPC v2.22.6, 2.23.0, 
2.24.0, 3 ...)
        NOT-FOR-US: Kalki Kalkitech
 CVE-2019-11535 (Unsanitized user input in the web interface for Linksys WiFi 
extender  ...)
-       TODO: check
+       NOT-FOR-US: Linksys
 CVE-2019-11534
        RESERVED
 CVE-2019-11533 (Cross-site scripting (XSS) vulnerability in ProjectSend before 
r1070 a ...)
@@ -7844,7 +7844,7 @@ CVE-2019-11232 (EXCELLENT INFOTEK BiYan v1.57 ~ v2.8 
allows an attacker to leak
 CVE-2019-11231 (An issue was discovered in GetSimple CMS through 3.3.15. 
insufficient  ...)
        NOT-FOR-US: GetSimple CMS
 CVE-2019-11230 (In Avast Antivirus before 19.4, a local administrator can 
trick the pr ...)
-       TODO: check
+       NOT-FOR-US: Avast Antivirus
 CVE-2019-11229 (models/repo_mirror.go in Gitea before 1.7.6 and 1.8.x before 
1.8-RC3 m ...)
        - gitea <removed>
 CVE-2019-11228 (repo/setting.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 
does no ...)
@@ -11465,15 +11465,15 @@ CVE-2019-1010254
 CVE-2019-1010253
        RESERVED
 CVE-2019-1010252 (The Linux Foundation ONOS 2.0.0 and earlier is affected by: 
Poor Input ...)
-       TODO: check
+       NOT-FOR-US: ONOS
 CVE-2019-1010251 (Open Information Security Foundation Suricata prior to 
version 4.1.2 i ...)
        TODO: check
 CVE-2019-1010250 (The Linux Foundation ONOS 2.0.0 and earlier is affected by: 
Poor Input ...)
-       TODO: check
+       NOT-FOR-US: ONOS
 CVE-2019-1010249 (The Linux Foundation ONOS 2.0.0 and earlier is affected by: 
Integer Ov ...)
-       TODO: check
+       NOT-FOR-US: ONOS
 CVE-2019-1010248 (Synetics GmbH I-doit 1.12 and earlier is affected by: SQL 
Injection. T ...)
-       TODO: check
+       NOT-FOR-US: ONOS
 CVE-2019-1010247
        RESERVED
 CVE-2019-1010246 (MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 
is affecte ...)
@@ -11745,7 +11745,7 @@ CVE-2019-1010114
 CVE-2019-1010113
        RESERVED
 CVE-2019-1010112 (OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site 
Request Fo ...)
-       TODO: check
+       NOT-FOR-US: OECMS
 CVE-2019-1010111
        RESERVED
 CVE-2019-1010110
@@ -13783,9 +13783,9 @@ CVE-2019-9233
 CVE-2019-9232
        RESERVED
 CVE-2019-9231 (An issue was discovered on AudioCodes Mediant 500L-MSBR, 
500-MBSR, M80 ...)
-       TODO: check
+       NOT-FOR-US: AudioCodes Mediant devices
 CVE-2019-9230 (An issue was discovered on AudioCodes Mediant 500L-MSBR, 
500-MBSR, M80 ...)
-       TODO: check
+       NOT-FOR-US: AudioCodes Mediant devices
 CVE-2019-9229
        RESERVED
 CVE-2019-9228
@@ -16324,7 +16324,7 @@ CVE-2019-8288
 CVE-2019-8287
        RESERVED
 CVE-2019-8286 (Information Disclosure in Kaspersky Anti-Virus, Kaspersky 
Internet Sec ...)
-       TODO: check
+       NOT-FOR-US: Kaspersky
 CVE-2019-8285 (Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a 
heap-b ...)
        NOT-FOR-US: Kaspersky Lab Antivirus Engine
 CVE-2019-8284
@@ -27110,7 +27110,7 @@ CVE-2019-3743
 CVE-2019-3742
        RESERVED
 CVE-2019-3741 (Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 
contain a  ...)
-       TODO: check
+       NOT-FOR-US: EMC
 CVE-2019-3740
        RESERVED
 CVE-2019-3739
@@ -27124,7 +27124,7 @@ CVE-2019-3736
 CVE-2019-3735 (Dell SupportAssist for Business PCs version 2.0 and Dell 
SupportAssist ...)
        NOT-FOR-US: Dell SupportAssist
 CVE-2019-3734 (Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 
contain an ...)
-       TODO: check
+       NOT-FOR-US: EMC
 CVE-2019-3733
        RESERVED
 CVE-2019-3732
@@ -27412,7 +27412,7 @@ CVE-2019-3594
 CVE-2019-3593 (Exploitation of Privilege/Trust vulnerability in Microsoft 
Windows cli ...)
        NOT-FOR-US: McAfee
 CVE-2019-3592 (Privilege escalation vulnerability in McAfee Agent (MA) before 
5.6.1 H ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2019-3591
        RESERVED
 CVE-2019-3590



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4e66812454c1da2d13716103e273293c3fd90e12

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/4e66812454c1da2d13716103e273293c3fd90e12
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to