Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1a96a8ff by Salvatore Bonaccorso at 2019-03-08T18:17:52Z
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13444,13 +13444,13 @@ CVE-2019-3786
CVE-2019-3785
RESERVED
CVE-2019-3784 (Cloud Foundry Stratos, versions prior to 2.3.0, contains an
insecure ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry Stratos
CVE-2019-3783 (Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a
public ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry Stratos
CVE-2019-3782 (Cloud Foundry CredHub CLI, versions prior to 2.2.1,
inadvertently ...)
NOT-FOR-US: Cloud Foundry
CVE-2019-3781 (Cloud Foundry CLI, versions prior to v6.43.0, improperly
exposes ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry CLI
CVE-2019-3780
RESERVED
CVE-2019-3779
@@ -13462,7 +13462,7 @@ CVE-2019-3777 (Pivotal Application Service (PAS),
versions 2.2.x prior to 2.2.12
CVE-2019-3776 (Pivotal Operations Manager, 2.1.x versions prior to 2.1.20,
2.2.x ...)
TODO: check
CVE-2019-3775 (Cloud Foundry UAA, versions prior to v70.0, allows a user to
update ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry UAA
CVE-2019-3774 (Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older
unsupported ...)
NOT-FOR-US: Spring Batch
CVE-2019-3773 (Spring Web Services, versions 2.4.3, 3.0.4, and older
unsupported ...)
@@ -22807,9 +22807,9 @@ CVE-2019-0745
CVE-2019-0744
RESERVED
CVE-2019-0743 (A Cross-site Scripting (XSS) vulnerability exists when Team
Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft Team Foundation Server
CVE-2019-0742 (A Cross-site Scripting (XSS) vulnerability exists when Team
Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft Team Foundation Server
CVE-2019-0741 (An information disclosure vulnerability exists in the way Azure
IoT ...)
TODO: check
CVE-2019-0740
@@ -22837,7 +22837,7 @@ CVE-2019-0730
CVE-2019-0729 (An Elevation of Privilege vulnerability exists in the way Azure
IoT ...)
TODO: check
CVE-2019-0728 (A remote code execution vulnerability exists in Visual Studio
Code ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0727
RESERVED
CVE-2019-0726
@@ -22845,7 +22845,7 @@ CVE-2019-0726
CVE-2019-0725
RESERVED
CVE-2019-0724 (An elevation of privilege vulnerability exists in Microsoft
Exchange ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0723
RESERVED
CVE-2019-0722
@@ -22921,7 +22921,7 @@ CVE-2019-0688
CVE-2019-0687
RESERVED
CVE-2019-0686 (An elevation of privilege vulnerability exists in Microsoft
Exchange ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0685
RESERVED
CVE-2019-0684
@@ -22941,23 +22941,23 @@ CVE-2019-0678
CVE-2019-0677
RESERVED
CVE-2019-0676 (An information disclosure vulnerability exists when Internet
Explorer ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0675 (A remote code execution vulnerability exists when the Microsoft
Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0674 (A remote code execution vulnerability exists when the Microsoft
Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0673 (A remote code execution vulnerability exists when the Microsoft
Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0672 (A remote code execution vulnerability exists when the Microsoft
Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0671 (A remote code execution vulnerability exists when the Microsoft
Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0670 (A spoofing vulnerability exists in Microsoft SharePoint when
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0669 (An information disclosure vulnerability exists when Microsoft
Excel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0668 (An elevation of privilege vulnerability exists when Microsoft
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0667
RESERVED
CVE-2019-0666
@@ -22965,105 +22965,105 @@ CVE-2019-0666
CVE-2019-0665
RESERVED
CVE-2019-0664 (An information disclosure vulnerability exists when the Windows
GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0663 (An information disclosure vulnerability exists when the Windows
kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0662 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0661 (An information disclosure vulnerability exists when the Windows
kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0660 (An information disclosure vulnerability exists when the Windows
GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0659 (An elevation of privilege vulnerability exists when the Storage
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0658 (An information disclosure vulnerability exists when the
scripting ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0657 (A vulnerability exists in certain .Net Framework API's and
Visual ...)
NOT-FOR-US: .NET core
CVE-2019-0656 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0655 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0654 (A spoofing vulnerability exists when Microsoft browsers
improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0653
RESERVED
CVE-2019-0652 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0651 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0650 (A remote code execution vulnerability exists when Microsoft
Edge ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0649 (A vulnerability exists in Microsoft Chakra JIT server, aka
'Scripting ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0648 (An information disclosure vulnerability exists when Chakra
improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0647 (An information disclosure vulnerability exists when Team
Foundation ...)
NOT-FOR-US: Microsoft
CVE-2019-0646 (A Cross-site Scripting (XSS) vulnerability exists when Team
Foundation ...)
NOT-FOR-US: Microsoft
CVE-2019-0645 (A remote code execution vulnerability exists when Microsoft
Edge ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0644 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0643 (An information disclosure vulnerability exists in the way that
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0642 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0641 (A security feature bypass vulnerability exists in Microsoft
Edge ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0640 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0639
RESERVED
CVE-2019-0638
RESERVED
CVE-2019-0637 (A security feature bypass vulnerability exists when Windows
Defender ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0636 (An information vulnerability exists when Windows improperly
discloses ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0635 (An information disclosure vulnerability exists when Windows
Hyper-V on ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0634 (A remote code execution vulnerability exists when Microsoft
Edge ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0633 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0632 (A security feature bypass vulnerability exists in Windows which
could ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0631 (A security feature bypass vulnerability exists in Windows which
could ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0630 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0629
RESERVED
CVE-2019-0628 (An information disclosure vulnerability exists when the win32k
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0627 (A security feature bypass vulnerability exists in Windows which
could ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0626 (A memory corruption vulnerability exists in the Windows Server
DHCP ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0625 (A remote code execution vulnerability exists when the Windows
Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0624 (A spoofing vulnerability exists when a Skype for Business 2015
server ...)
NOT-FOR-US: Microsoft
CVE-2019-0623 (An elevation of privilege vulnerability exists in Windows when
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0622 (An elevation of privilege vulnerability exists when Skype for
Andriod ...)
NOT-FOR-US: Skype for Android
CVE-2019-0621 (An information disclosure vulnerability exists when the Windows
kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0620
RESERVED
CVE-2019-0619 (An information disclosure vulnerability exists when the Windows
GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0618 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0617
RESERVED
CVE-2019-0616 (An information disclosure vulnerability exists when the Windows
GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0615 (An information disclosure vulnerability exists when the Windows
GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0614
RESERVED
CVE-2019-0613 (A remote code execution vulnerability exists in .NET Framework
and ...)
@@ -23073,47 +23073,47 @@ CVE-2019-0612
CVE-2019-0611
RESERVED
CVE-2019-0610 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0609
RESERVED
CVE-2019-0608
RESERVED
CVE-2019-0607 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0606 (A remote code execution vulnerability exists when Internet
Explorer ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0605 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0604 (A remote code execution vulnerability exists in Microsoft
SharePoint ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0603
RESERVED
CVE-2019-0602 (An information disclosure vulnerability exists when the Windows
GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0601 (An information disclosure vulnerability exists when the Human
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0600 (An information disclosure vulnerability exists when the Human
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0599 (A remote code execution vulnerability exists when the Windows
Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0598 (A remote code execution vulnerability exists when the Windows
Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0597 (A remote code execution vulnerability exists when the Windows
Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0596 (A remote code execution vulnerability exists when the Windows
Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0595 (A remote code execution vulnerability exists when the Windows
Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0594 (A remote code execution vulnerability exists in Microsoft
SharePoint ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0593 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0592
RESERVED
CVE-2019-0591 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0590 (A remote code execution vulnerability exists in the way that
the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0589
RESERVED
CVE-2019-0588 (An information disclosure vulnerability exists when the
Microsoft ...)
@@ -23214,7 +23214,7 @@ CVE-2019-0542 (A remote code execution vulnerability
exists in Xterm.js when the
CVE-2019-0541 (A remote code execution vulnerability exists in the way that
the ...)
NOT-FOR-US: Microsoft
CVE-2019-0540 (A security feature bypass vulnerability exists when Microsoft
Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0539 (A remote code execution vulnerability exists in the way that
the ...)
NOT-FOR-US: Microsoft
CVE-2019-0538 (A remote code execution vulnerability exists when the Windows
Jet ...)
@@ -27153,7 +27153,7 @@ CVE-2018-18451
CVE-2018-18450 (apps\admin\controller\content\SingleController.php in PbootCMS
before ...)
NOT-FOR-US: PbooCMS
CVE-2018-18449 (EmpireCMS 7.5 allows CSRF for adding a user account via an ...)
- TODO: check
+ NOT-FOR-US: EmpireCMS
CVE-2018-18448
RESERVED
CVE-2018-18447
@@ -28479,7 +28479,7 @@ CVE-2018-17990
CVE-2018-17989
RESERVED
CVE-2018-17988 (LayerBB 1.1.1 has SQL Injection via the search.php
search_query ...)
- TODO: check
+ NOT-FOR-US: LayerBB
CVE-2018-17987 (The determineWinner function of a smart contract
implementation for ...)
NOT-FOR-US: Some Ethereum application
CVE-2018-17986 (rars/user/data in razorCMS 3.4.8 allows CSRF for changing the
password ...)
@@ -29845,21 +29845,21 @@ CVE-2018-17431 (Web Console in Comodo UTM Firewall
before 2.7.0 allows remote ..
CVE-2018-17430
RESERVED
CVE-2018-17429 (/console/account/manage.php?type=action&action=add in JTBC
v3.0(C) has ...)
- TODO: check
+ NOT-FOR-US: JTBC
CVE-2018-17428 (An issue was discovered in OPAC EasyWeb Five 5.7. There is SQL
...)
NOT-FOR-US: OPAC EasyWeb Five
CVE-2018-17427 (SIMDComp before 0.1.0 allows remote attackers to cause a
denial of ...)
NOT-FOR-US: SIMDComp
CVE-2018-17426 (WUZHI CMS 4.1.0 has stored XSS via the "Extension
module" "SMS in ...)
- TODO: check
+ NOT-FOR-US: WUZHI CMS
CVE-2018-17425 (WUZHI CMS 4.1.0 has stored XSS via the "Membership
Center" "I want to ...)
- TODO: check
+ NOT-FOR-US: WUZHI CMS
CVE-2018-17424
RESERVED
CVE-2018-17423
RESERVED
CVE-2018-17422 (dotCMS before 5.0.2 has open redirects via the ...)
- TODO: check
+ NOT-FOR-US: dotCMS
CVE-2018-17421 (An issue was discovered in ZrLog 2.0.3. There is stored XSS in
the file ...)
TODO: check
CVE-2018-17420 (An issue was discovered in ZrLog 2.0.3. There is a SQL
injection ...)
@@ -29867,7 +29867,7 @@ CVE-2018-17420 (An issue was discovered in ZrLog 2.0.3.
There is a SQL injection
CVE-2018-17419 (An issue was discovered in setTA in scan_rr.go in the Miek
Gieben DNS ...)
TODO: check
CVE-2018-17418 (Monstra CMS 3.0.4 allows remote attackers to execute arbitrary
PHP code ...)
- TODO: check
+ NOT-FOR-US: Monstra CMS
CVE-2018-17417
RESERVED
CVE-2018-17416 (A SQL injection vulnerability exists in zzcms v8.3 via the ...)
@@ -31526,7 +31526,7 @@ CVE-2018-16806 (A Pektron Passive Keyless Entry and
Start (PKES) system, as used
CVE-2018-16805 (In b3log Solo 2.9.3, XSS in the Input page under the Publish
Articles ...)
NOT-FOR-US: b3log
CVE-2018-16804 (An issue was discovered in UCMS 1.4.6. There is XSS in the
title bar, ...)
- TODO: check
+ NOT-FOR-US: UCMS
CVE-2018-16803 (In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser
allows ...)
NOT-FOR-US: CIMTechniques CIMScan
CVE-2018-16801
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1a96a8ff850e0d4d0b63d211419a3a5b1f3cfdf8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1a96a8ff850e0d4d0b63d211419a3a5b1f3cfdf8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
