Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1f6f0499 by Salvatore Bonaccorso at 2019-03-08T09:49:52Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2019-9633 (gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a
parent ...)
TODO: check
CVE-2019-9632 (ESAFENET CDG V3 and V5 has an arbitrary file download
vulnerability via ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG
CVE-2019-9631 (Poppler 0.74.0 has a heap-based buffer over-read in the ...)
TODO: check
CVE-2019-9630
@@ -73,7 +73,7 @@ CVE-2019-9600 (The Olive Tree FTP Server (aka
com.theolivetree.ftpserver) applic
CVE-2019-9599 (The AirDroid application through 4.2.1.6 for Android allows
remote ...)
NOT-FOR-US: AirDroid application for Android
CVE-2019-9598 (An issue was discovered in Cscms 4.1.0. There is an
admin.php/pay CSRF ...)
- TODO: check
+ NOT-FOR-US: Cscms
CVE-2019-9597
RESERVED
CVE-2019-9596
@@ -993,7 +993,7 @@ CVE-2019-9187 [Server-side request forgery via aggregate
plugin]
CVE-2019-9186
RESERVED
CVE-2019-9185 (Controller/Async/FilesystemManager.php in the filemanager in
Bolt ...)
- TODO: check
+ NOT-FOR-US: Bolt CMS
CVE-2019-9184 (SQL injection vulnerability in the J2Store plugin 3.x before
3.3.7 for ...)
NOT-FOR-US: J2Store plugin for Joomla!
CVE-2019-9183
@@ -1178,15 +1178,15 @@ CVE-2019-9123 (An issue was discovered on D-Link
DIR-825 Rev.B 2.10 devices. The
CVE-2019-9122 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices.
They ...)
NOT-FOR-US: D-Link
CVE-2019-9121 (An issue was discovered on Motorola C1 and M2 devices with
firmware ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2019-9120 (An issue was discovered on Motorola C1 and M2 devices with
firmware ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2019-9119 (An issue was discovered on Motorola C1 and M2 devices with
firmware ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2019-9118 (An issue was discovered on Motorola C1 and M2 devices with
firmware ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2019-9117 (An issue was discovered on Motorola C1 and M2 devices with
firmware ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2019-9116 (** DISPUTED ** DLL hijacking is possible in Sublime Text 3
version ...)
NOT-FOR-US: Sublime Text Windows build
CVE-2019-9115 (In irisnet-crypto before 1.1.7 for IRISnet, the util/utils.js
file ...)
@@ -2744,13 +2744,13 @@ CVE-2019-8442
CVE-2019-8441
RESERVED
CVE-2019-8440 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS
...)
- TODO: check
+ NOT-FOR-US: DiliCMS
CVE-2019-8439 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS
...)
- TODO: check
+ NOT-FOR-US: DiliCMS
CVE-2019-8438 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS
...)
- TODO: check
+ NOT-FOR-US: DiliCMS
CVE-2019-8437 (njiandan-cms through 2013-05-23 has index.php/admin/user_new
CSRF to ...)
- TODO: check
+ NOT-FOR-US: njiandan-cms
CVE-2019-8436 (imcat 4.5 has Stored XSS via the root/run/adm.php
fm[instop][note] ...)
NOT-FOR-US: imcat
CVE-2019-8435 (admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host
header. ...)
@@ -4407,9 +4407,9 @@ CVE-2019-7662 (An assertion failure was discovered in ...)
- binaryen 66-1
NOTE: https://github.com/WebAssembly/binaryen/issues/1872
CVE-2019-7661 (An issue was discovered in PHPMyWind 5.5. The method parameter
of the ...)
- TODO: check
+ NOT-FOR-US: PHPMyWind
CVE-2019-7660 (An issue was discovered in PHPMyWind 5.5. The username
parameter of the ...)
- TODO: check
+ NOT-FOR-US: PHPMyWind
CVE-2019-7659 (Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to
cause a ...)
{DLA-1681-1}
- gsoap 2.8.75-1
@@ -6808,7 +6808,7 @@ CVE-2019-6712
CVE-2019-6711
RESERVED
CVE-2019-6710 (Zyxel NBG-418N v2 v1.00(AAXM.4)C0 devices allow login.cgi CSRF.
...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2018-20742 (An issue was discovered in UC Berkeley RISE Opaque before
2018-12-01. ...)
NOT-FOR-US: UC Berkeley RISE Opaque
CVE-2019-6709
@@ -10788,7 +10788,7 @@ CVE-2019-5021
CVE-2019-5020
RESERVED
CVE-2019-5019 (A heap overflow vulnerability exists in the PowerPoint document
...)
- TODO: check
+ NOT-FOR-US: Rainbow PDF Office Server Document Converter
CVE-2019-5018
RESERVED
CVE-2019-5017
@@ -13530,7 +13530,7 @@ CVE-2019-3714
CVE-2019-3713
RESERVED
CVE-2019-3712 (Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell
Wyse ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2019-3711
RESERVED
CVE-2019-3710
@@ -20141,11 +20141,11 @@ CVE-2019-1602
CVE-2019-1601
RESERVED
CVE-2019-1600 (A vulnerability in the file system permissions of Cisco FXOS
Software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1599 (A vulnerability in the network stack of Cisco NX-OS Software
could ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1598 (Multiple vulnerabilities in the implementation of the
Lightweight ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1597 (Multiple vulnerabilities in the implementation of the
Lightweight ...)
NOT-FOR-US: Cisco
CVE-2019-1596 (A vulnerability in the Bash shell implementation for Cisco
NX-OS ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1f6f049949037f6422fb8e86045b7b5151646dd6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1f6f049949037f6422fb8e86045b7b5151646dd6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
