[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Wed, 14 Aug 2019 13:20:32 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0286f662 by Salvatore Bonaccorso at 2019-08-14T20:19:17Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -59,68 +59,68 @@ CVE-2019-15027 (The MediaTek Embedded Multimedia Card 
(eMMC) subsystem for Andro
 CVE-2019-15026
        RESERVED
 CVE-2019-15025 (The ninja-forms plugin before 3.3.21.2 for WordPress has SQL 
injection ...)
-       TODO: check
+       NOT-FOR-US: ninja-forms plugin for WordPress
 CVE-2018-20968 (The wp-ultimate-exporter plugin before 1.4.2 for WordPress has 
CSRF. ...)
-       TODO: check
+       NOT-FOR-US: wp-ultimate-exporter plugin for WordPress
 CVE-2018-20967 (The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress 
has CSR ...)
-       TODO: check
+       NOT-FOR-US: wp-ultimate-csv-importer plugin for WordPress
 CVE-2017-18515 (The wp-statistics plugin before 12.0.8 for WordPress has SQL 
injection ...)
-       TODO: check
+       NOT-FOR-US: wp-statistics plugin for WordPress
 CVE-2017-18514 (The simple-login-log plugin before 1.1.2 for WordPress has SQL 
injecti ...)
-       TODO: check
+       NOT-FOR-US: simple-login-log plugin for WordPress
 CVE-2017-18513 (The responsive-menu plugin before 3.1.4 for WordPress has no 
CSRF prot ...)
-       TODO: check
+       NOT-FOR-US: responsive-menu plugin for WordPress
 CVE-2017-18512 (The newsletter-by-supsystic plugin before 1.1.8 for WordPress 
has CSRF ...)
-       TODO: check
+       NOT-FOR-US: newsletter-by-supsystic plugin for WordPress
 CVE-2017-18511 (The custom-sidebars plugin before 3.0.8.1 for WordPress has 
CSRF. ...)
-       TODO: check
+       NOT-FOR-US: custom-sidebars plugin for WordPress
 CVE-2017-18510 (The custom-sidebars plugin before 3.1.0 for WordPress has CSRF 
related ...)
-       TODO: check
+       NOT-FOR-US: custom-sidebars plugin for WordPress
 CVE-2016-10889 (The nextgen-gallery plugin before 2.1.57 for WordPress has SQL 
injecti ...)
-       TODO: check
+       NOT-FOR-US: nextgen-gallery plugin for WordPress
 CVE-2016-10888 (The all-in-one-wp-security-and-firewall plugin before 4.0.7 
for WordPr ...)
-       TODO: check
+       NOT-FOR-US: all-in-one-wp-security-and-firewall plugin for WordPress
 CVE-2016-10887 (The all-in-one-wp-security-and-firewall plugin before 4.0.9 
for WordPr ...)
-       TODO: check
+       NOT-FOR-US: all-in-one-wp-security-and-firewall plugin for WordPress
 CVE-2016-10886 (The wp-editor plugin before 1.2.6 for WordPress has incorrect 
permissi ...)
-       TODO: check
+       NOT-FOR-US: wp-editor plugin for WordPress
 CVE-2016-10885 (The wp-editor plugin before 1.2.6 for WordPress has CSRF. ...)
-       TODO: check
+       NOT-FOR-US: wp-editor plugin for WordPress
 CVE-2016-10884 (The simple-membership plugin before 3.3.3 for WordPress has 
multiple C ...)
-       TODO: check
+       NOT-FOR-US: simple-membership plugin for WordPress
 CVE-2016-10883 (The simple-add-pages-or-posts plugin before 1.7 for WordPress 
has CSRF ...)
-       TODO: check
+       NOT-FOR-US: simple-add-pages-or-posts plugin for WordPress
 CVE-2016-10882 (The google-document-embedder plugin before 2.6.2 for WordPress 
has CSR ...)
-       TODO: check
+       NOT-FOR-US: google-document-embedder plugin for WordPress
 CVE-2016-10881 (The google-document-embedder plugin before 2.6.2 for WordPress 
has XSS ...)
-       TODO: check
+       NOT-FOR-US: google-document-embedder plugin for WordPress
 CVE-2016-10880 (The google-document-embedder plugin before 2.6.1 for WordPress 
has XSS ...)
-       TODO: check
+       NOT-FOR-US: google-document-embedder plugin for WordPress
 CVE-2015-9316 (The wp-fastest-cache plugin before 0.8.4.9 for WordPress has 
SQL injec ...)
-       TODO: check
+       NOT-FOR-US: wp-fastest-cache plugin for WordPress
 CVE-2015-9315 (The newstatpress plugin before 1.0.1 for WordPress has SQL 
injection. ...)
-       TODO: check
+       NOT-FOR-US: newstatpress plugin for WordPress
 CVE-2015-9314 (The newstatpress plugin before 1.0.4 for WordPress has XSS 
related to  ...)
-       TODO: check
+       NOT-FOR-US: newstatpress plugin for WordPress
 CVE-2015-9313 (The newstatpress plugin before 1.0.5 for WordPress has SQL 
injection r ...)
-       TODO: check
+       NOT-FOR-US: newstatpress plugin for WordPress
 CVE-2015-9312 (The newstatpress plugin before 1.0.5 for WordPress has XSS 
related to  ...)
-       TODO: check
+       NOT-FOR-US: newstatpress plugin for WordPress
 CVE-2015-9311 (The newstatpress plugin before 1.0.6 for WordPress has 
reflected XSS. ...)
-       TODO: check
+       NOT-FOR-US: newstatpress plugin for WordPress
 CVE-2015-9310 (The all-in-one-wp-security-and-firewall plugin before 3.9.1 for 
WordPr ...)
-       TODO: check
+       NOT-FOR-US: all-in-one-wp-security-and-firewall plugin for WordPress
 CVE-2015-9309 (The wp-google-map-plugin plugin before 2.3.10 for WordPress has 
CSRF i ...)
-       TODO: check
+       NOT-FOR-US: wp-google-map-plugin plugin for WordPress
 CVE-2015-9308 (The wp-google-map-plugin plugin before 2.3.10 for WordPress has 
CSRF i ...)
-       TODO: check
+       NOT-FOR-US: wp-google-map-plugin plugin for WordPress
 CVE-2015-9307 (The wp-google-map-plugin plugin before 2.3.10 for WordPress has 
CSRF i ...)
-       TODO: check
+       NOT-FOR-US: wp-google-map-plugin plugin for WordPress
 CVE-2014-10375 (handle_messages in eXtl_tls.c in eXosip before 5.0.0 
mishandles a nega ...)
        - libexosip2 <unfixed> (bug #934766)
        NOTE: 
http://git.savannah.nongnu.org/cgit/exosip.git/commit/?id=2549e421c14aff886629b8482c14af800f411070
 CVE-2013-7476 (The simple-fields plugin before 1.2 for WordPress has CSRF in 
the admi ...)
-       TODO: check
+       NOT-FOR-US: simple-fields plugin for WordPress
 CVE-2019-15024
        RESERVED
 CVE-2019-15023
@@ -10249,7 +10249,7 @@ CVE-2019-11654
 CVE-2019-11653 (Remote Access Control Bypass in Micro Focus Content Manager. 
versions  ...)
        NOT-FOR-US: Micro Focus
 CVE-2019-11652 (A potential authorization bypass issue was found in Micro 
Focus Self S ...)
-       TODO: check
+       NOT-FOR-US: Micro Focus
 CVE-2019-11651
        RESERVED
 CVE-2019-11650 (A potential Man in the Middle attack (MITM) was found in NetIQ 
Advance ...)
@@ -41363,47 +41363,47 @@ CVE-2019-0353
 CVE-2019-0352
        RESERVED
 CVE-2019-0351 (A remote code execution vulnerability exists in the SAP 
NetWeaver UDDI ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0350
        RESERVED
 CVE-2019-0349 (SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 
7.22, 7. ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0348 (SAP BusinessObjects Business Intelligence Platform (Web 
Intelligence), ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0347
        RESERVED
 CVE-2019-0346 (Unencrypted communication error in SAP Business Objects 
Business Intel ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0345 (A remote unauthenticated attacker can abuse a web service in 
SAP NetWe ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0344 (Due to unsafe deserialization used in SAP Commerce Cloud 
(virtualjdbc  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0343 (SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 
6.5, 6.6 ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0342
        RESERVED
 CVE-2019-0341 (The session cookie used by SAP Enable Now, version 1902, does 
not have ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0340 (The XML parser, which is being used by SAP Enable Now, before 
version  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0339
        RESERVED
 CVE-2019-0338 (During an OData V2/V4 request in SAP Gateway, versions 750, 
751, 752,  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0337 (Java Proxy Runtime of SAP NetWeaver Process Integration, 
versions 7.10 ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0336
        RESERVED
 CVE-2019-0335 (Under certain conditions SAP BusinessObjects Business 
Intelligence Pla ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0334 (When creating a module in SAP BusinessObjects Business 
Intelligence Pl ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0333 (In some situations, when a client cancels a query in SAP 
BusinessObjec ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0332 (SAP BusinessObjects Business Intelligence Platform (Info View), 
versio ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0331 (Under certain conditions, SAP BusinessObjects Business 
Intelligence Pl ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2019-0330 (The OS Command Plugin in the transaction GPA_ADMIN and the 
OSCommand C ...)
        NOT-FOR-US: SAP
 CVE-2019-0329 (SAP Information Steward, version 4.2, does not sufficiently 
encode use ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0286f6621bccbb1f7f8eae18a87cd9b72432ef86

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0286f6621bccbb1f7f8eae18a87cd9b72432ef86
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to