Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9824502d by Moritz Muehlenhoff at 2019-02-22T13:36:49Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2019-9002 (An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs
through ...)
- TODO: check
+ NOT-FOR-US: Tiny Issue
CVE-2019-9001
RESERVED
CVE-2019-9000
@@ -11,7 +11,7 @@ CVE-2019-8998
CVE-2019-8997
RESERVED
CVE-2019-8996 (In Signiant Manager+Agents before 13.5, the implementation of
the set ...)
- TODO: check
+ NOT-FOR-US: Signiant
CVE-2019-8995
RESERVED
CVE-2019-8994
@@ -35,11 +35,11 @@ CVE-2019-8986
CVE-2019-8985 (On Netis WF2880 and WF2411 2.1.36123 devices, there is a
stack-based ...)
NOT-FOR-US: Netis devices
CVE-2019-8984 (MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue
2 of 2). ...)
- TODO: check
+ NOT-FOR-US: MDaemon Webmail
CVE-2019-8983 (MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue
1 of 2). ...)
- TODO: check
+ NOT-FOR-US: MDaemon Webmail
CVE-2019-8982 (com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6
...)
- TODO: check
+ NOT-FOR-US: WaveMaker Studio
CVE-2019-8981
RESERVED
CVE-2018-20783 (In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25,
and 7.2.x ...)
@@ -58,7 +58,7 @@ CVE-2019-8980 (A memory leak in the kernel_read_file function
in fs/exec.c in th
NOTE:
https://lore.kernel.org/lkml/[email protected]/
NOTE:
https://lore.kernel.org/lkml/[email protected]/
CVE-2019-8979 (Koseven through 3.3.9, and Kohana through 3.3.6, has SQL
Injection when ...)
- TODO: check
+ - libkohana2-php <removed>
CVE-2019-8978
RESERVED
CVE-2019-8977
@@ -134,15 +134,15 @@ CVE-2019-8952
CVE-2019-8951
RESERVED
CVE-2019-1003028 (A server-side request forgery vulnerability exists in
Jenkins JMS ...)
- TODO: check
+ NOT-FOR-US: Jenkins
CVE-2019-1003027 (A server-side request forgery vulnerability exists in
Jenkins ...)
- TODO: check
+ NOT-FOR-US: Jenkins
CVE-2019-1003026 (A server-side request forgery vulnerability exists in
Jenkins ...)
- TODO: check
+ NOT-FOR-US: Jenkins
CVE-2019-1003025 (A exposure of sensitive information vulnerability exists in
Jenkins ...)
- TODO: check
+ NOT-FOR-US: Jenkins
CVE-2019-1003024 (A sandbox bypass vulnerability exists in Jenkins Script
Security ...)
- TODO: check
+ NOT-FOR-US: Jenkins
CVE-2019-8950 (The backdoor account dnsekakf2$$ in /bin/login on DASAN H665
devices ...)
NOT-FOR-US: DASAN
CVE-2019-8949
@@ -7686,7 +7686,7 @@ CVE-2019-5729
CVE-2019-5728
RESERVED
CVE-2019-5727 (Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x
before 6.4.9, ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2019-5726
RESERVED
CVE-2019-5725 (qibosoft through V7 allows remote attackers to read arbitrary
files via ...)
@@ -11394,7 +11394,7 @@ CVE-2019-3926
CVE-2019-3925
RESERVED
CVE-2019-3924 (MikroTik RouterOS before 6.43.12 (stable) and 6.42.12
(long-term) is ...)
- TODO: check
+ NOT-FOR-US: MikroTik
CVE-2019-3923 (Nessus versions 8.2.1 and earlier were found to contain a
stored XSS ...)
NOT-FOR-US: Nessus
CVE-2019-3922
@@ -16270,7 +16270,7 @@ CVE-2019-2396 (Vulnerability in the Oracle CRM
Technical Foundation component of
CVE-2019-2395 (Vulnerability in the Oracle WebLogic Server component of Oracle
Fusion ...)
NOT-FOR-US: Oracle
CVE-2018-20146 (An issue was discovered in Liquidware ProfileUnity before
6.8.0 with ...)
- TODO: check
+ NOT-FOR-US: Liquidware ProfileUnity
CVE-2018-20153 (In WordPress before 4.9.9 and 5.x before 5.0.1, contributors
could ...)
{DLA-1673-1}
- wordpress 5.0.1+dfsg1-1 (bug #916403)
@@ -16379,7 +16379,7 @@ CVE-2018-20145 (Eclipse Mosquitto 1.5.x before 1.5.5
allows ACL bypass: if the o
NOTE:
https://github.com/eclipse/mosquitto/commit/9097577b49b7fdcf45d30975976dd93808ccc0c4
NOTE: https://github.com/eclipse/mosquitto/issues/1073
CVE-2018-20122 (The web interface on FASTGate Fastweb devices with firmware
through ...)
- TODO: check
+ NOT-FOR-US: FASTGate Fastweb
CVE-2018-20121
RESERVED
CVE-2018-20120
@@ -18293,11 +18293,11 @@ CVE-2019-1702
CVE-2019-1701
RESERVED
CVE-2019-1700 (A vulnerability in field-programmable gate array (FPGA) ingress
buffer ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1699
RESERVED
CVE-2019-1698 (A vulnerability in the web-based user interface of Cisco
Internet of ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1697
RESERVED
CVE-2019-1696
@@ -18311,7 +18311,7 @@ CVE-2019-1693
CVE-2019-1692
RESERVED
CVE-2019-1691 (A vulnerability in the detection engine of Cisco Firepower
Threat ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1690
RESERVED
CVE-2019-1689
@@ -18323,15 +18323,15 @@ CVE-2019-1687
CVE-2019-1686
RESERVED
CVE-2019-1685 (A vulnerability in the Security Assertion Markup Language
(SAML) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1684 (A vulnerability in the Cisco Discovery Protocol or Link Layer
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1683
RESERVED
CVE-2019-1682
RESERVED
CVE-2019-1681 (A vulnerability in the TFTP service of Cisco Network
Convergence ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1680 (A vulnerability in Cisco Webex Business Suite could allow an
...)
NOT-FOR-US: Cisco
CVE-2019-1679 (A vulnerability in the web interface of Cisco TelePresence
Conductor, ...)
@@ -18359,23 +18359,23 @@ CVE-2019-1669 (A vulnerability in the data
acquisition (DAQ) component of Cisco
CVE-2019-1668 (A vulnerability in the chat feed feature of Cisco SocialMiner
could ...)
NOT-FOR-US: Cisco
CVE-2019-1667 (A vulnerability in the Graphite interface of Cisco HyperFlex
software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1666 (A vulnerability in the Graphite service of Cisco HyperFlex
software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1665 (A vulnerability in the web-based management interface of Cisco
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1664 (A vulnerability in the hxterm service of Cisco HyperFlex
Software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1663
RESERVED
CVE-2019-1662 (A vulnerability in the Quality of Voice Reporting (QOVR)
service of ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1661 (A vulnerability in the web-based management interface of Cisco
...)
NOT-FOR-US: Cisco
CVE-2019-1660 (A vulnerability in the Simple Object Access Protocol (SOAP) of
Cisco ...)
NOT-FOR-US: Cisco
CVE-2019-1659 (A vulnerability in the Identity Services Engine (ISE)
integration ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1658 (A vulnerability in the web-based management interface of Cisco
Unified ...)
NOT-FOR-US: Cisco
CVE-2019-1657 (A vulnerability in Cisco AMP Threat Grid could allow an
authenticated, ...)
@@ -33400,7 +33400,7 @@ CVE-2018-15382 (A vulnerability in Cisco HyperFlex
Software could allow an ...)
CVE-2018-15381 (A Java deserialization vulnerability in Cisco Unity Express
(CUE) ...)
NOT-FOR-US: Cisco
CVE-2018-15380 (A vulnerability in the cluster service manager of Cisco
HyperFlex ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15379 (A vulnerability in which the HTTP web server for Cisco Prime
...)
NOT-FOR-US: Cisco
CVE-2018-15378 (A vulnerability in ClamAV versions prior to 0.100.2 could
allow an ...)
@@ -56835,7 +56835,7 @@ CVE-2018-6689 (Authentication Bypass vulnerability in
McAfee Data Loss Preventio
CVE-2018-6688
RESERVED
CVE-2018-6687 (Loop with Unreachable Exit Condition ('Infinite Loop') in
McAfee ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2018-6686 (Authentication Bypass vulnerability in TPM autoboot in McAfee
Drive ...)
NOT-FOR-US: McAfee
CVE-2018-6685
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9824502d9caac2a530b8951c92de23ecce153249
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9824502d9caac2a530b8951c92de23ecce153249
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
