[Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs

Salvatore Bonaccorso Tue, 19 Mar 2019 01:35:59 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
595d1733 by Salvatore Bonaccorso at 2019-03-19T08:35:02Z
Process NFUs

- - - - -
78d2bcc8 by Salvatore Bonaccorso at 2019-03-19T08:35:29Z
Add CVE-2019-6970/moodle

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1882,9 +1882,9 @@ CVE-2019-9096
 CVE-2019-9095
        RESERVED
 CVE-2019-9094 (A Reflected Cross Site Scripting (XSS) Vulnerability was 
discovered in ...)
-       TODO: check
+       NOT-FOR-US: Humhub
 CVE-2019-9093 (A Reflected Cross Site Scripting (XSS) Vulnerability was 
discovered in ...)
-       TODO: check
+       NOT-FOR-US: Humhub
 CVE-2019-9092
        RESERVED
 CVE-2019-9091
@@ -1908,7 +1908,7 @@ CVE-2019-9084
        RESERVED
        - hoteldruid 2.3.2-1
 CVE-2019-9083 (SQLiteManager 1.20 and 1.24 allows SQL injection via the 
/sqlitemanage ...)
-       TODO: check
+       NOT-FOR-US: SQLiteManager
 CVE-2018-20795 (tecrail Responsive FileManager 9.13.4 allows remote attackers 
to read  ...)
        NOT-FOR-US: tecrail Responsive FileManager
 CVE-2018-20794 (tecrail Responsive FileManager 9.13.4 allows remote attackers 
to write ...)
@@ -2402,7 +2402,7 @@ CVE-2019-8940
 CVE-2019-8939 (data/interfaces/default/history.html in Tautulli 2.1.26 has XSS 
via a  ...)
        NOT-FOR-US: Tautulli
 CVE-2019-8938 (VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext 
parameter ...)
-       TODO: check
+       NOT-FOR-US: VertrigoServ
 CVE-2019-8937
        RESERVED
 CVE-2019-8936 [Crafted null dereference attack in authenticated mode 6 packet]
@@ -5749,23 +5749,23 @@ CVE-2019-7427
 CVE-2019-7426
        RESERVED
 CVE-2019-7425 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional 
v7.0.0.2 ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
 CVE-2019-7424 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional 
v7.0.0.2 ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
 CVE-2019-7423 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional 
v7.0.0.2 ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
 CVE-2019-7422 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional 
v7.0.0.2 ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
 CVE-2019-7421 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 
V11.01.05. ...)
-       TODO: check
+       NOT-FOR-US: SAMSUNG X7400GX SyncThru Web Service
 CVE-2019-7420 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 
V11.01.05. ...)
-       TODO: check
+       NOT-FOR-US: SAMSUNG X7400GX SyncThru Web Service
 CVE-2019-7419 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 
V11.01.05. ...)
-       TODO: check
+       NOT-FOR-US: SAMSUNG X7400GX SyncThru Web Service
 CVE-2019-7418 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 
V11.01.05. ...)
-       TODO: check
+       NOT-FOR-US: SAMSUNG X7400GX SyncThru Web Service
 CVE-2019-7417 (XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in 
multiple ...)
-       TODO: check
+       NOT-FOR-US: Ericsson Active Library Explorer (ALEX)
 CVE-2019-7416 (XSS and/or a Client Side URL Redirect exists in OpenText 
Documentum We ...)
        TODO: check
 CVE-2019-7415
@@ -5829,7 +5829,7 @@ CVE-2019-7393
 CVE-2019-7392 (An improper authentication vulnerability in CA Privileged 
Access Manag ...)
        NOT-FOR-US: CA Privileged Access Manager
 CVE-2019-7391 (ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 devices allow 
login/login-page.cg ...)
-       TODO: check
+       NOT-FOR-US: ZyXEL
 CVE-2019-7390 (An issue was discovered in /bin/goahead on D-Link DIR-823G 
devices wit ...)
        NOT-FOR-US: D-Link
 CVE-2019-7389 (An issue was discovered in /bin/goahead on D-Link DIR-823G 
devices wit ...)
@@ -5839,7 +5839,7 @@ CVE-2019-7388 (An issue was discovered in /bin/goahead on 
D-Link DIR-823G device
 CVE-2019-7387 (A local file inclusion vulnerability exists in the web 
interface of Sy ...)
        NOT-FOR-US: Systrome
 CVE-2019-7386 (A Denial of Service issue has been discovered in the Gecko 
component o ...)
-       TODO: check
+       NOT-FOR-US: KaiOS on Nokia devices
 CVE-2019-7385 (An authenticated shell command injection issue has been 
discovered in  ...)
        TODO: check
 CVE-2019-7384 (An authenticated shell command injection issue has been 
discovered in  ...)
@@ -6461,7 +6461,7 @@ CVE-2019-7163
 CVE-2019-7162
        RESERVED
 CVE-2019-7161 (An issue was discovered in Zoho ManageEngine ADSelfService Plus 
5.x th ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
 CVE-2019-7160 (idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ 
Directory Trav ...)
        NOT-FOR-US: idreamsoft iCMS
 CVE-2019-7159
@@ -6939,13 +6939,13 @@ CVE-2019-6972
 CVE-2019-6971
        RESERVED
 CVE-2019-6970 (Moodle 3.5.x before 3.5.4 allows SSRF. ...)
-       TODO: check
+       - moodle <removed>
 CVE-2019-6969
        RESERVED
 CVE-2019-6968
        RESERVED
 CVE-2019-6967 (AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF. ...)
-       TODO: check
+       NOT-FOR-US: AirTies devices
 CVE-2019-6966 (An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom 
class in ...)
        NOT-FOR-US: Bento4
 CVE-2019-6965
@@ -7495,7 +7495,7 @@ CVE-2019-6726
 CVE-2019-6725
        RESERVED
 CVE-2019-6724 (The barracudavpn component of the Barracuda VPN Client prior to 
versio ...)
-       TODO: check
+       NOT-FOR-US: Barracuda VPN Client
 CVE-2019-6723
        RESERVED
 CVE-2019-6722
@@ -7548,7 +7548,7 @@ CVE-2019-6704
 CVE-2019-6703 (Incorrect access control in migla_ajax_functions.php in the 
Calmar Web ...)
        NOT-FOR-US: Calmar Webmedia Total Donations plugin for WordPress
 CVE-2019-6702 (The MasterCard Qkr! app before 5.0.8 for iOS has Missing SSL 
Certifica ...)
-       TODO: check
+       NOT-FOR-US: MasterCard Qkr! app
 CVE-2019-6701
        RESERVED
 CVE-2019-6700
@@ -8005,7 +8005,7 @@ CVE-2019-6494
 CVE-2019-6493
        RESERVED
 CVE-2019-6492 (SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees 
an exe ...)
-       TODO: check
+       NOT-FOR-US: IObit Smart Defrag
 CVE-2019-6491
        RESERVED
 CVE-2019-6490



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/f394c15069119844e4e2c8260295ffe5724eb5b5...78d2bcc86ae238e832613703158bbd94efa20b93

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/f394c15069119844e4e2c8260295ffe5724eb5b5...78d2bcc86ae238e832613703158bbd94efa20b93
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs

Reply via email to