[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso Thu, 14 Mar 2019 12:41:59 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
13efa14c by Salvatore Bonaccorso at 2019-03-14T19:41:04Z
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,25 +21,25 @@ CVE-2019-9771 (An issue was discovered in GNU LibreDWG 0.7 
and 0.7.1645. There i
 CVE-2019-9770 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There 
is a ...)
        - libredwg <itp> (bug #595191)
 CVE-2019-9769 (PilusCart 1.4.1 is vulnerable to 
index.php?module=users&amp;action=newUser ...)
-       TODO: check
+       NOT-FOR-US: PilusCart
 CVE-2019-9768 (Thinkst Canarytokens through 2019-03-01 relies on limited 
variation in ...)
-       TODO: check
+       NOT-FOR-US: Thinkst Canarytokens
 CVE-2019-9767 (Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when 
converting ...)
-       TODO: check
+       NOT-FOR-US: Free MP3 CD Ripper
 CVE-2019-9766 (Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when 
converting ...)
-       TODO: check
+       NOT-FOR-US: Free MP3 CD Ripper
 CVE-2019-9765 (In Blog_mini 1.0, XSS exists via the author name of a comment 
reply in ...)
-       TODO: check
+       NOT-FOR-US: Blog_mini
 CVE-2019-9764
        RESERVED
 CVE-2019-9763
        RESERVED
 CVE-2019-9762 (A SQL Injection was discovered in PHPSHE 1.7 in ...)
-       TODO: check
+       NOT-FOR-US: PHPSHE
 CVE-2019-9761 (An XXE issue was discovered in PHPSHE 1.7, which can be used to 
read any ...)
-       TODO: check
+       NOT-FOR-US: PHPSHE
 CVE-2019-9760 (FTPGetter Standard v.5.97.0.177 allows remote code execution 
when a ...)
-       TODO: check
+       NOT-FOR-US: FTPGetter
 CVE-2019-9759
        RESERVED
 CVE-2019-9758
@@ -105,7 +105,7 @@ CVE-2019-9738 (jimmykuu Gopher 2.0 has DOM-based XSS via 
vectors involving the '
 CVE-2019-9737 (Editor.md 1.5.0 has DOM-based XSS via vectors involving the 
'&lt;EMBED ...)
        NOT-FOR-US: pandao Editor.md
 CVE-2019-9736 (DOM-based XSS exists in 1024Tools Markdown 1.0 via vectors 
involving ...)
-       TODO: check
+       NOT-FOR-US: 1024Tools Markdown
 CVE-2019-9735 (An issue was discovered in the iptables firewall module in 
OpenStack ...)
        - neutron 2:13.0.2-13 (bug #924508)
        NOTE: https://launchpad.net/bugs/1818385
@@ -582,7 +582,7 @@ CVE-2019-9559
 CVE-2019-9558 (Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site 
...)
        NOT-FOR-US: Mailtraq WebMail
 CVE-2019-9557 (Ability Mail Server 4.2.6 has Persistent Cross Site Scripting 
(XSS) ...)
-       TODO: check
+       NOT-FOR-US: Ability Mail Server
 CVE-2019-9556
        RESERVED
 CVE-2019-9555 (Sagemcom F@st 5260 routers using firmware version 0.4.39, in 
WPA mode, ...)
@@ -7531,17 +7531,17 @@ CVE-2019-6603
 CVE-2019-6602
        RESERVED
 CVE-2019-6601 (In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 
11.5.1-11.5.8, ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2019-6600 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 
...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2019-6599 (In BIG-IP 11.6.1-11.6.3.2 or 11.5.1-11.5.8, or Enterprise 
Manager ...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2019-6598 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 
...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2019-6597 (In BIG-IP 13.0.0-13.1.1.1, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 
...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2019-6596 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6, 
...)
-       TODO: check
+       NOT-FOR-US: F5 BIG-IP
 CVE-2019-6595 (Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access 
Policy ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2019-6594 (On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 
HF1-13.1.1.1, and ...)
@@ -9256,7 +9256,7 @@ CVE-2019-5926
 CVE-2019-5925 (Cross-site scripting vulnerability in Dradis Community Edition 
Dradis ...)
        NOT-FOR-US: Dradis
 CVE-2019-5924 (Cross-site request forgery (CSRF) vulnerability in Smart Forms 
2.6.15 ...)
-       TODO: check
+       NOT-FOR-US: Smart Forms
 CVE-2019-5923 (Directory traversal vulnerability in iChain Insurance Wallet 
App for ...)
        NOT-FOR-US: iChain Insurance Wallet App for iOS
 CVE-2019-5922 (Untrusted search path vulnerability in The installer of 
Microsoft ...)
@@ -14051,9 +14051,9 @@ CVE-2019-3718
 CVE-2019-3717
        RESERVED
 CVE-2019-3716 (RSA Archer versions, prior to 6.5 SP2, contain an information 
exposure ...)
-       TODO: check
+       NOT-FOR-US: RSA
 CVE-2019-3715 (RSA Archer versions, prior to 6.5 SP1, contain an information 
exposure ...)
-       TODO: check
+       NOT-FOR-US: RSA
 CVE-2019-3714
        RESERVED
 CVE-2019-3713
@@ -14061,7 +14061,7 @@ CVE-2019-3713
 CVE-2019-3712 (Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell 
Wyse ...)
        NOT-FOR-US: Dell
 CVE-2019-3711 (RSA Authentication Manager versions prior to 8.4 P1 contain an 
...)
-       TODO: check
+       NOT-FOR-US: RSA
 CVE-2019-3710
        RESERVED
 CVE-2019-3709
@@ -14255,7 +14255,7 @@ CVE-2019-3617
 CVE-2019-3616
        RESERVED
 CVE-2019-3615 (Data Leakage Attacks vulnerability in the web interface in 
McAfee ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2019-3614
        RESERVED
 CVE-2019-3613
@@ -20427,7 +20427,7 @@ CVE-2019-1725
 CVE-2019-1724
        RESERVED
 CVE-2019-1723 (A vulnerability in the Cisco Common Services Platform Collector 
(CSPC) ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2019-1722
        RESERVED
 CVE-2019-1721
@@ -29116,7 +29116,7 @@ CVE-2018-17946 (The Tribulant Slideshow Gallery plugin 
before 1.6.6.1 for WordPr
 CVE-2018-17945
        RESERVED
 CVE-2018-17944 (On certain Lexmark devices that communicate with an LDAP or 
SMTP ...)
-       TODO: check
+       NOT-FOR-US: Lexmark
 CVE-2018-17943
        RESERVED
 CVE-2018-17942 (The convert_to_decimal function in vasnprintf.c in Gnulib 
before ...)
@@ -78548,7 +78548,7 @@ CVE-2018-0391 (A vulnerability in the password change 
function of Cisco Prime ..
 CVE-2018-0390 (A vulnerability in the web framework of Cisco Webex could allow 
an ...)
        NOT-FOR-US: Cisco
 CVE-2018-0389 (A vulnerability in the implementation of Session Initiation 
Protocol ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0388 (A vulnerability in the web-based interface of Cisco Wireless 
LAN ...)
        NOT-FOR-US: Cisco
 CVE-2018-0387 (A vulnerability in Cisco Webex Teams (for Windows and macOS) 
could ...)
@@ -179347,7 +179347,7 @@ CVE-2015-2256
 CVE-2015-2255 (Huawei AR1220 routers with software before V200R005SPH006 allow 
remote ...)
        NOT-FOR-US: Huawei
 CVE-2015-2254 (Huawei OceanStor UDS devices with software before 
V100R002C01SPC102 ...)
-       TODO: check
+       NOT-FOR-US: Huawei OceanStor UDS devices
 CVE-2015-2253 (The XML interface in Huawei OceanStor UDS devices with software 
...)
        NOT-FOR-US: Huawei
 CVE-2015-2252 (Huawei OceanStor UDS devices with software before 
V100R002C01SPC102 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/13efa14c019c3daee8c6d38d28d13b434532e82b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/13efa14c019c3daee8c6d38d28d13b434532e82b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process several NFUs

Reply via email to