Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
73292fb8 by Moritz Muehlenhoff at 2019-02-20T22:52:56Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2019-8955
RESERVED
CVE-2019-8954 (In Indexhibit 2.1.5, remote attackers can execute arbitrary
code via ...)
- TODO: check
+ NOT-FOR-US: Indexhibit
CVE-2019-8953 (The HAProxy package before 0.59_16 for pfSense has XSS via the
desc ...)
- TODO: check
+ NOT-FOR-US: HAProxy package for pfSense
CVE-2019-8952
RESERVED
CVE-2019-8951
@@ -19,11 +19,11 @@ CVE-2019-1003025
CVE-2019-1003024
RESERVED
CVE-2019-8950 (The backdoor account dnsekakf2$$ in /bin/login on DASAN H665
devices ...)
- TODO: check
+ NOT-FOR-US: DASAN
CVE-2019-8949
RESERVED
CVE-2019-8948 (PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow
script ...)
- TODO: check
+ NOT-FOR-US: PaperCut MF
CVE-2019-8947
RESERVED
CVE-2019-8946
@@ -31,7 +31,7 @@ CVE-2019-8946
CVE-2019-8945
RESERVED
CVE-2019-8944 (An Information Exposure issue in the Terraform deployment step
in ...)
- TODO: check
+ NOT-FOR-US: Terraform
CVE-2019-8943 (WordPress through 5.0.3 allows Path Traversal in
wp_crop_image(). An ...)
- wordpress <unfixed>
NOTE:
https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
@@ -44,7 +44,7 @@ CVE-2019-8941
CVE-2019-8940
RESERVED
CVE-2019-8939 (data/interfaces/default/history.html in Tautulli 2.1.26 has XSS
via a ...)
- TODO: check
+ NOT-FOR-US: Tautulli
CVE-2019-8938
RESERVED
CVE-2019-8937
@@ -13808,9 +13808,9 @@ CVE-2018-20243
CVE-2018-20242 (A carefully crafted URL could trigger an XSS vulnerability on
Apache ...)
- jspwiki <removed>
CVE-2018-20241 (The Edit upload resource for a review in Atlassian Fisheye and
...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2018-20240 (The administrative linker functionality in Atlassian Fisheye
and ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2018-20239
RESERVED
CVE-2018-20238 (Various rest resources in Atlassian Crowd before version 3.2.7
and ...)
@@ -23618,7 +23618,7 @@ CVE-2018-19107 (In Exiv2 0.26,
Exiv2::IptcParser::decode in iptc.cpp (called fro
NOTE: https://github.com/Exiv2/exiv2/issues/427
NOTE: https://github.com/Exiv2/exiv2/pull/518
CVE-2018-19106 (Avi Vantage before 17.2.13 uses an invalid URL encoding during
a ...)
- TODO: check
+ NOT-FOR-US: Avi Vantage
CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of
service ...)
- librecad <undetermined>
NOTE: https://code610.blogspot.com/2018/11/crashing-librecad-213.html
@@ -47975,7 +47975,7 @@ CVE-2018-9869
CVE-2018-9868
RESERVED
CVE-2018-9867 (In SonicWall SonicOS, administrators without full permissions
can ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2018-9866 (A vulnerability in lack of validation of user-supplied
parameters pass ...)
NOT-FOR-US: SonicWall
CVE-2018-9865
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/73292fb83963fbe83a3fff9a0123a82d1ecc1b12
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/73292fb83963fbe83a3fff9a0123a82d1ecc1b12
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
