Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
becb0834 by Salvatore Bonaccorso at 2019-04-19T20:29:16Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2019-11346
CVE-2019-11345
RESERVED
CVE-2019-11344 (data/inc/files.php in Pluck 4.7.8 allows remote attackers to
execute a ...)
- TODO: check
+ NOT-FOR-US: Pluck CMS
CVE-2019-11343
RESERVED
CVE-2019-11342
@@ -11,7 +11,7 @@ CVE-2019-11342
CVE-2019-11341
RESERVED
CVE-2019-11340 (util/emailutils.py in Matrix Sydent before 1.0.2 mishandles
registrati ...)
- TODO: check
+ NOT-FOR-US: Matrix Sydent
CVE-2019-11339 (The studio profile decoder in libavcodec/mpeg4videodec.c in
FFmpeg 4.0 ...)
- ffmpeg <unfixed>
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/1f686d023b95219db933394a7704ad9aa5f01cbb
@@ -1090,7 +1090,7 @@ CVE-2019-10888 (A CSRF Issue that can add an admin user
was discovered in UKcms
CVE-2019-10887 (A reflected HTML injection vulnerability on Salicru
SLC-20-cube3(5) de ...)
NOT-FOR-US: Salicru SLC-20-cube3(5) devices
CVE-2019-10886 (An incorrect access control exists in the Sony Photo Sharing
Plus appl ...)
- TODO: check
+ NOT-FOR-US: Sony Photo Sharing Plus application
CVE-2019-10885 (An issue was discovered in Ivanti Workspace Control before
10.3.90.0. ...)
NOT-FOR-US: Ivanti Workspace Control
CVE-2019-10884 (Uniqkey Password Manager 1.14 contains a vulnerability because
it fail ...)
@@ -2567,7 +2567,7 @@ CVE-2019-10247
CVE-2019-10246
RESERVED
CVE-2019-10245 (In Eclipse OpenJ9 prior to the 0.14.0 release, the Java
bytecode verif ...)
- TODO: check
+ NOT-FOR-US: Eclipse OpenJ9
CVE-2019-10244 (In Eclipse Kura versions up to 4.0.0, the Web UI package and
component ...)
NOT-FOR-US: Eclipse Kura
CVE-2019-10243 (In Eclipse Kura versions up to 4.0.0, Kura exposes the
underlying Ui W ...)
@@ -4146,7 +4146,7 @@ CVE-2019-9843 (In DiffPlug Spotless before 1.20.0
(library and Maven plugin) and
CVE-2019-9842
RESERVED
CVE-2019-9841 (Vesta Control Panel 0.9.8-23 allows XSS via a crafted URL. ...)
- TODO: check
+ NOT-FOR-US: Vesta Control Panel
CVE-2019-9840
RESERVED
CVE-2018-20814 (An XSS issue was found with Psaldownload.cgi in Pulse Secure
Pulse Con ...)
@@ -17957,7 +17957,7 @@ CVE-2019-4057
CVE-2019-4056
RESERVED
CVE-2019-4055 (IBM MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, and
9.1.0.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4054
RESERVED
CVE-2019-4053
@@ -78562,7 +78562,7 @@ CVE-2018-1731 (IBM DOORS Next Generation (DNG/RRC) 5.0
through 5.0.3 and 6.0 thr
CVE-2018-1730 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to a XML External
Entity Inj ...)
NOT-FOR-US: IBM
CVE-2018-1729 (IBM QRadar SIEM 7.3 discloses sensitive information to
unauthorized us ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1728 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site
scripting. Thi ...)
NOT-FOR-US: IBM
CVE-2018-1727 (IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is
vulnera ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/becb0834f0520a85e17f1a98eab7bbc4459c4334
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/becb0834f0520a85e17f1a98eab7bbc4459c4334
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
