Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1e7fd312 by Moritz Muehlenhoff at 2019-04-10T16:46:29Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -79,7 +79,7 @@ CVE-2019-11030
CVE-2019-11029
RESERVED
CVE-2019-11028 (GAT-Ship Web Module before 1.40 suffers from a vulnerability
allowing ...)
- TODO: check
+ NOT-FOR-US: GAT-Ship Web Module
CVE-2015-9284
RESERVED
CVE-2019-11027
@@ -114,7 +114,7 @@ CVE-2019-11016 (Elgg before 1.12.18 and 2.3.x before 2.3.11
has an open redirect
CVE-2019-11015
RESERVED
CVE-2019-11014 (The VStarCam vstc.vscam.client library and vstc.vscam shared
object, a ...)
- TODO: check
+ NOT-FOR-US: VStarCam
CVE-2019-11013
RESERVED
CVE-2019-11012
@@ -147,11 +147,11 @@ CVE-2019-11005 (In GraphicsMagick 1.4 snapshot-20190322
Q8, there is a stack-bas
NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b6fb77d7d54d
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/600/
CVE-2019-11004 (In Materialize through 1.0.0, XSS is possible via the Toast
feature. ...)
- TODO: check
+ NOT-FOR-US: Materialize
CVE-2019-11003 (In Materialize through 1.0.0, XSS is possible via the
Autocomplete fea ...)
- TODO: check
+ NOT-FOR-US: Materialize
CVE-2019-11002 (In Materialize through 1.0.0, XSS is possible via the Tooltip
feature. ...)
- TODO: check
+ NOT-FOR-US: Materialize
CVE-2019-11001 (On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W
devices th ...)
NOT-FOR-US: Reolink devices
CVE-2019-11000
@@ -547,7 +547,7 @@ CVE-2019-10844 (nbla/logger.cpp in libnnabla.a in Sony
Neural Network Libraries
CVE-2019-10843
RESERVED
CVE-2019-10842 (Arbitrary code execution (via backdoor code) was discovered in
bootstr ...)
- TODO: check
+ NOT-FOR-US: backdoored version of bootstrap-sass
CVE-2019-10841
RESERVED
CVE-2019-10840
@@ -1907,11 +1907,11 @@ CVE-2019-10246
CVE-2019-10245
RESERVED
CVE-2019-10244 (In Eclipse Kura versions up to 4.0.0, the Web UI package and
component ...)
- TODO: check
+ NOT-FOR-US: Eclipse Kura
CVE-2019-10243 (In Eclipse Kura versions up to 4.0.0, Kura exposes the
underlying Ui W ...)
- TODO: check
+ NOT-FOR-US: Eclipse Kura
CVE-2019-10242 (In Eclipse Kura versions up to 4.0.0, the SkinServlet did not
checked ...)
- TODO: check
+ NOT-FOR-US: Eclipse Kura
CVE-2019-10241
RESERVED
CVE-2019-10240 (Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build
artifac ...)
@@ -3968,7 +3968,7 @@ CVE-2019-9698
CVE-2019-9697
RESERVED
CVE-2019-9696 (Symantec VIP Enterprise Gateway (all versions) may be
susceptible to a ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2019-9695 (Norton Core prior to v278 may be susceptible to an arbitrary
code exec ...)
NOT-FOR-US: Norton Core
CVE-2019-9694
@@ -5860,7 +5860,7 @@ CVE-2019-8992
CVE-2019-8991
RESERVED
CVE-2019-8990 (The HTTP Connector component of TIBCO Software Inc.'s TIBCO
ActiveMatr ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2019-8989 (The application server component of TIBCO Software Inc.'s TIBCO
Data S ...)
NOT-FOR-US: TIBCO
CVE-2019-8988 (The application server component of TIBCO Software Inc.'s TIBCO
Data S ...)
@@ -7014,7 +7014,7 @@ CVE-2019-8458
CVE-2019-8457
RESERVED
CVE-2019-8456 (Check Point IKEv2 IPsec VPN up to R80.30, in some less common
conditio ...)
- TODO: check
+ NOT-FOR-US: Check Point
CVE-2019-8455
RESERVED
CVE-2019-8454
@@ -24886,7 +24886,7 @@ CVE-2019-1575
CVE-2019-1574
RESERVED
CVE-2019-1573 (GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent
4.1.10 a ...)
- TODO: check
+ NOT-FOR-US: GlobalProtect
CVE-2019-1572 (PAN-OS 9.0.0 may allow an unauthenticated remote user to access
php fi ...)
NOT-FOR-US: PAN-OS
CVE-2019-1571 (The Expedition Migration tool 1.1.8 and earlier may allow an
authentic ...)
@@ -24898,7 +24898,7 @@ CVE-2019-1569 (The Expedition Migration tool 1.1.8 and
earlier may allow an auth
CVE-2019-1568
RESERVED
CVE-2019-1567 (The Expedition Migration tool 1.1.6 and earlier may allow an
authentic ...)
- TODO: check
+ NOT-FOR-US: Expedition Migration tool
CVE-2019-1566 (The PAN-OS management web interface in PAN-OS 7.1.21 and
earlier, PAN- ...)
NOT-FOR-US: PAN-OS
CVE-2019-1565 (The PAN-OS external dynamics lists in PAN-OS 7.1.21 and
earlier, PAN-O ...)
@@ -27128,33 +27128,33 @@ CVE-2019-0881
CVE-2019-0880
RESERVED
CVE-2019-0879 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0878
RESERVED
CVE-2019-0877 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0876 (An information disclosure vulnerability exists when affected
Open Encl ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0875 (An elevation of privilege vulnerability exists when Azure
DevOps Serve ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0874 (A Cross-site Scripting (XSS) vulnerability exists when Azure
DevOps Se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0873
RESERVED
CVE-2019-0872
RESERVED
CVE-2019-0871 (A Cross-site Scripting (XSS) vulnerability exists when Azure
DevOps Se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0870 (A Cross-site Scripting (XSS) vulnerability exists when Azure
DevOps Se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0869 (A spoofing vulnerability exists in Microsoft Azure DevOps
Server when ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0868 (A Cross-site Scripting (XSS) vulnerability exists when Azure
DevOps Se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0867 (A Cross-site Scripting (XSS) vulnerability exists when Azure
DevOps Se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0866 (A Cross-site Scripting (XSS) vulnerability exists when Azure
DevOps Se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0865
RESERVED
CVE-2019-0864
@@ -27168,11 +27168,11 @@ CVE-2019-0861 (A remote code execution vulnerability
exists in the way that the
CVE-2019-0860 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0859 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0858 (A spoofing vulnerability exists in Microsoft Exchange Server
when Outl ...)
NOT-FOR-US: Microsoft
CVE-2019-0857 (A spoofing vulnerability that could allow a security feature
bypass ex ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0856 (A remote code execution vulnerability exists when Windows
improperly h ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0855
@@ -27180,31 +27180,31 @@ CVE-2019-0855
CVE-2019-0854
RESERVED
CVE-2019-0853 (A remote code execution vulnerability exists in the way that
the Windo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0852
RESERVED
CVE-2019-0851 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0850
RESERVED
CVE-2019-0849 (An information disclosure vulnerability exists when the Windows
GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0848 (An information disclosure vulnerability exists when the win32k
compone ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0847 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0846 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0845 (A remote code execution vulnerability exists when the IOleCvt
interfac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0844 (An information disclosure vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0843
RESERVED
CVE-2019-0842 (A remote code execution vulnerability exists in the way that
the VBScr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0841 (An elevation of privilege vulnerability exists when Windows
AppX Deplo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0840 (An information disclosure vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0839 (An information disclosure vulnerability exists when the
Terminal Servi ...)
@@ -27212,15 +27212,15 @@ CVE-2019-0839 (An information disclosure
vulnerability exists when the Terminal
CVE-2019-0838 (An information disclosure vulnerability exists when Windows
Task Sched ...)
NOT-FOR-US: Microsoft
CVE-2019-0837 (An information disclosure vulnerability exists when DirectX
improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0836 (An elevation of privilege vulnerability exists when Windows
improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0835 (An information disclosure vulnerability exists when the
scripting engi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0834
RESERVED
CVE-2019-0833 (An information disclosure vulnerability exists when Microsoft
Edge imp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0832
RESERVED
CVE-2019-0831 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
@@ -27261,11 +27261,11 @@ CVE-2019-0816 (A security feature bypass exists in
Azure SSH Keypairs, due to a
NOTE:
https://code.launchpad.net/~jasonzio/cloud-init/+git/cloud-init/+merge/363445
NOTE:
https://support.microsoft.com/en-us/help/4491476/extraneous-ssh-public-keys-added-to-authorized-keys-file-on-linux-vm
CVE-2019-0815 (A denial of service vulnerability exists when ASP.NET Core
improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0814 (An information disclosure vulnerability exists when the win32k
compone ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0813 (An elevation of privilege vulnerability exists when Windows
Admin Cent ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0812 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0811
@@ -27281,14 +27281,14 @@ CVE-2019-0807
CVE-2019-0806 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0805 (An elevation of privilege vulnerability exists when Windows
improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0804 (An information disclosure vulnerability exists in the way Azure
WaLinu ...)
{DSA-4406-1 DLA-1709-1}
- waagent 2.2.34-3
CVE-2019-0803 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0802 (An information disclosure vulnerability exists when the Windows
GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0801 (A remote code execution vulnerability exists when Microsoft
Office fai ...)
NOT-FOR-US: Microsoft
CVE-2019-0800
@@ -27300,19 +27300,19 @@ CVE-2019-0798 (A spoofing vulnerability exists when a
Lync Server or Skype for B
CVE-2019-0797 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0796 (An elevation of privilege vulnerability exists when Windows
improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0795 (A remote code execution vulnerability exists when the Microsoft
XML Co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0794 (A remote code execution vulnerability exists when OLE
automation impro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0793 (A remote code execution vulnerability exists when the Microsoft
XML Co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0792 (A remote code execution vulnerability exists when the Microsoft
XML Co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0791 (A remote code execution vulnerability exists when the Microsoft
XML Co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0790 (A remote code execution vulnerability exists when the Microsoft
XML Co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0789
RESERVED
CVE-2019-0788
@@ -27320,7 +27320,7 @@ CVE-2019-0788
CVE-2019-0787
RESERVED
CVE-2019-0786 (An elevation of privilege vulnerability exists in the Microsoft
Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0785
RESERVED
CVE-2019-0784 (A remote code execution vulnerability exists in the way that
the Activ ...)
@@ -27338,7 +27338,7 @@ CVE-2019-0779 (A remote code execution vulnerability
exists when Microsoft Edge
CVE-2019-0778 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2019-0777 (A Cross-site Scripting (XSS) vulnerability exists when Team
Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0776 (An information disclosure vulnerability exists when the win32k
compone ...)
NOT-FOR-US: Microsoft
CVE-2019-0775 (An information disclosure vulnerability exists when the Windows
kernel ...)
@@ -27362,9 +27362,9 @@ CVE-2019-0767 (An information disclosure vulnerability
exists when the Windows k
CVE-2019-0766 (An elevation of privilege vulnerability exists in Windows AppX
Deploym ...)
NOT-FOR-US: Microsoft
CVE-2019-0765 (A remote code execution vulnerability exists in the way that
comctl32. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0764 (A tampering vulnerability exists when Microsoft browsers do not
proper ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0763 (A remote code execution vulnerability exists when Internet
Explorer im ...)
NOT-FOR-US: Microsoft
CVE-2019-0762 (A security feature bypass vulnerability exists when Microsoft
browsers ...)
@@ -27390,9 +27390,9 @@ CVE-2019-0755 (An information disclosure vulnerability
exists when the Windows k
CVE-2019-0754 (A denial of service vulnerability exists when Windows
improperly handl ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0753 (A remote code execution vulnerability exists in the way that
the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0752 (A remote code execution vulnerability exists in the way that
the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0751
RESERVED
CVE-2019-0750
@@ -27418,7 +27418,7 @@ CVE-2019-0741 (An information disclosure vulnerability
exists in the way Azure I
CVE-2019-0740
RESERVED
CVE-2019-0739 (A remote code execution vulnerability exists in the way that
the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0738
RESERVED
CVE-2019-0737
@@ -27426,17 +27426,17 @@ CVE-2019-0737
CVE-2019-0736
RESERVED
CVE-2019-0735 (An elevation of privilege vulnerability exists when the Windows
Client ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0734
RESERVED
CVE-2019-0733
RESERVED
CVE-2019-0732 (A security feature bypass vulnerability exists in Windows which
could ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0731 (An elevation of privilege vulnerability exists when Windows
improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0730 (An elevation of privilege vulnerability exists when Windows
improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0729 (An Elevation of Privilege vulnerability exists in the way Azure
IoT Ja ...)
NOT-FOR-US: Microsoft
CVE-2019-0728 (A remote code execution vulnerability exists in Visual Studio
Code whe ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1e7fd312475ca1f06855896a7758b23a862ec7c8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1e7fd312475ca1f06855896a7758b23a862ec7c8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
