Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3980016f by Salvatore Bonaccorso at 2019-04-05T20:18:25Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,13 +9,13 @@ CVE-2019-10890
CVE-2019-10889
RESERVED
CVE-2019-10888 (A CSRF Issue that can add an admin user was discovered in
UKcms v1.1.1 ...)
- TODO: check
+ NOT-FOR-US: UKcms
CVE-2019-10887 (A reflected HTML injection vulnerability on Salicru
SLC-20-cube3(5) de ...)
- TODO: check
+ NOT-FOR-US: Salicru SLC-20-cube3(5) devices
CVE-2019-10886
RESERVED
CVE-2019-10885 (An issue was discovered in Ivanti Workspace Control before
10.3.90.0. ...)
- TODO: check
+ NOT-FOR-US: Ivanti Workspace Control
CVE-2019-10884 (Uniqkey Password Manager 1.14 contains a vulnerability because
it fail ...)
TODO: check
CVE-2019-10883
@@ -27,7 +27,7 @@ CVE-2019-10881
CVE-2019-10880
RESERVED
CVE-2018-20816 (An XSS combined with CSRF vulnerability discovered in
SalesAgility Sui ...)
- TODO: check
+ NOT-FOR-US: SalesAgility SuiteCRM
CVE-2019-10879 (In Teeworlds 0.7.2, there is an integer overflow in
CDataFileReader::O ...)
- teeworlds <unfixed>
[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
@@ -964,9 +964,9 @@ CVE-2019-10481
CVE-2019-10480
RESERVED
CVE-2019-10479 (An issue was discovered on Glory RBW-100 devices with firmware
ISP-K05 ...)
- TODO: check
+ NOT-FOR-US: Glory RBW-100 devices
CVE-2019-10478 (An issue was discovered on Glory RBW-100 devices with firmware
ISP-K05 ...)
- TODO: check
+ NOT-FOR-US: Glory RBW-100 devices
CVE-2019-10477 (The FusionInventory plugin before 1.4 for GLPI 9.3.x and
before 1.1 fo ...)
NOT-FOR-US: GLPI plugin
CVE-2019-10476
@@ -10061,7 +10061,7 @@ CVE-2019-7003
CVE-2019-7002
RESERVED
CVE-2019-7001 (A SQL injection vulnerability in the WebUI component of IP
Office Cont ...)
- TODO: check
+ NOT-FOR-US: IP Office Contact Center
CVE-2019-7000
RESERVED
CVE-2019-6999
@@ -11093,15 +11093,15 @@ CVE-2019-6556
CVE-2019-6555 (Cscape, 9.80 SP4 and prior. An improper input validation
vulnerability ...)
NOT-FOR-US: Cscape
CVE-2019-6554 (Advantech WebAccess/SCADA, Versions 8.3.5 and prior. An
improper acces ...)
- TODO: check
+ NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-6553 (A vulnerability was found in Rockwell Automation RSLinx Classic
versio ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2019-6552 (Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple
command ...)
- TODO: check
+ NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-6551 (Pangea Communications Internet FAX ATA all Versions 3.1.8 and
prior al ...)
NOT-FOR-US: Pangea Communications Internet FAX ATA
CVE-2019-6550 (Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple
stack-ba ...)
- TODO: check
+ NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-6549 (An attacker could retrieve plain-text credentials stored in a
XML file ...)
NOT-FOR-US: PR100088 Modbus
CVE-2019-6548
@@ -19716,7 +19716,7 @@ CVE-2018-20224
CVE-2018-20223
RESERVED
CVE-2018-20222 (XXE issue in Airsonic before 10.1.2 during parse. ...)
- TODO: check
+ NOT-FOR-US: Airsonic
CVE-2018-20221 (Secure/SAService.rem in Deltek Ajera Timesheets 9.10.16 and
prior are ...)
NOT-FOR-US: Deltek
CVE-2018-20220 (An issue was discovered on Teracue ENC-400 devices with
firmware 2.56 ...)
@@ -23799,9 +23799,9 @@ CVE-2019-1830
CVE-2019-1829
RESERVED
CVE-2019-1828 (A vulnerability in the web-based management interface of Cisco
Small B ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1827 (A vulnerability in the Online Help web service of Cisco Small
Business ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1826
RESERVED
CVE-2019-1825
@@ -28842,7 +28842,7 @@ CVE-2018-19284
CVE-2018-19283
RESERVED
CVE-2018-19282 (Rockwell Automation PowerFlex 525 AC Drives 5.001 and earlier
allow re ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2018-19281 (Centreon 3.4.x allows SNMP trap SQL Injection. ...)
NOT-FOR-US: Centreon
CVE-2018-19280 (Centreon 3.4.x has XSS via the resource name or macro
expression of a ...)
@@ -39782,7 +39782,7 @@ CVE-2018-15182 (PHP Scripts Mall Car Rental Script
2.0.8 has XSS via the FirstNa
CVE-2018-15181 (JioFi 4G Hotspot M2S devices allow attackers to cause a denial
of serv ...)
NOT-FOR-US: JioFi 4G Hotspot M2S devices
CVE-2018-15180 (qTest Portal in QASymphony qTest Manager 9.0.0 has an Open
Redirect vi ...)
- TODO: check
+ NOT-FOR-US: QASymphony qTest Manager
CVE-2018-15179
RESERVED
CVE-2018-15178 (Open redirect vulnerability in Gogs before 0.12 allows remote
attacker ...)
@@ -48595,7 +48595,7 @@ CVE-2018-11832 (In all android releases (Android for
MSM, Firefox OS for MSM, QR
CVE-2018-11831
RESERVED
CVE-2018-11830 (Improper input validation in QCPE create function may lead to
integer ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2018-11829
RESERVED
CVE-2018-11828 (When FW tries to get random mac address generated from new SW
RNG and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3980016f0fe72e6b08763e70e0a194dd196d20a7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3980016f0fe72e6b08763e70e0a194dd196d20a7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
