[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Thu, 25 Apr 2019 00:09:01 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f4cea0d5 by Salvatore Bonaccorso at 2019-04-25T07:07:57Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -955,7 +955,7 @@ CVE-2019-11083
 CVE-2019-11082
        RESERVED
 CVE-2019-11081 (A default username and password in Dentsply Sirona Sidexis 4.2 
and pos ...)
-       TODO: check
+       NOT-FOR-US: Dentsply Sirona Sidexis
 CVE-2019-11080
        RESERVED
 CVE-2019-11079
@@ -1093,7 +1093,7 @@ CVE-2019-11034 (When processing certain files, PHP EXIF 
extension in versions 7.
 CVE-2019-11033
        RESERVED
 CVE-2019-11032 (In EasyToRecruit (E2R) before 2.11, the upload feature and the 
Candida ...)
-       TODO: check
+       NOT-FOR-US: EasyToRecruit
 CVE-2019-11031
        RESERVED
 CVE-2019-11030
@@ -2986,7 +2986,7 @@ CVE-2019-10240 (Eclipse hawkBit versions prior to 0.3.0M2 
resolved Maven build a
 CVE-2017-18365 (The Management Console in GitHub Enterprise 2.8.x before 2.8.7 
has a d ...)
        NOT-FOR-US: GitHub Enterprise
 CVE-2019-10239 (Robotronic RunAsSpc 3.7.0.0 protects stored credentials 
insufficiently ...)
-       TODO: check
+       NOT-FOR-US: Robotronic RunAsSpc
 CVE-2019-10238 (Sitemagic CMS v4.4 has XSS in SMFiles/FrmUpload.class.php via 
the file ...)
        NOT-FOR-US: Sitemagic CMS
 CVE-2019-10237 (S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin 
user via th ...)
@@ -3557,7 +3557,7 @@ CVE-2019-10010 (Cross-site scripting (XSS) vulnerability 
in the PHP League Commo
 CVE-2019-10009
        RESERVED
 CVE-2019-10008 (Zoho ManageEngine ServiceDesk 9.3 allows session hijacking and 
privile ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine ServiceDesk
 CVE-2019-10007
        RESERVED
 CVE-2019-10006
@@ -3620,9 +3620,9 @@ CVE-2019-9953
 CVE-2019-9952
        RESERVED
 CVE-2019-9951 (Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 
Ultra, My ...)
-       TODO: check
+       NOT-FOR-US: Western Digital
 CVE-2019-9950 (Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 
Ultra, My ...)
-       TODO: check
+       NOT-FOR-US: Western Digital
 CVE-2019-9949
        RESERVED
 CVE-2019-9948 (urllib in Python 2.x through 2.7.16 supports the local_file: 
scheme, w ...)
@@ -4955,7 +4955,7 @@ CVE-2019-9735 (An issue was discovered in the iptables 
firewall module in OpenSt
        [jessie] - neutron <not-affected> (Vulnerable code not present, all 
supported protocols are handled correctly)
        NOTE: https://launchpad.net/bugs/1818385
 CVE-2019-9734 (aquaverde Aquarius CMS through 4.3.5 writes POST and GET 
parameters (i ...)
-       TODO: check
+       NOT-FOR-US: aquaverde Aquarius CMS
 CVE-2019-9733 (An issue was discovered in JFrog Artifactory 6.7.3. By default, 
the ac ...)
        NOT-FOR-US: JFrog Artifactory
 CVE-2019-9732
@@ -4975,7 +4975,7 @@ CVE-2019-9726
 CVE-2019-9725 (The Web manager (aka Commander) on Korenix JetPort 5601 and 
5601f devi ...)
        NOT-FOR-US: Korenix JetPort devices
 CVE-2019-9724 (aquaverde Aquarius CMS through 4.3.5 allows Information 
Exposure throu ...)
-       TODO: check
+       NOT-FOR-US: aquaverde Aquarius CMS
 CVE-2019-9723
        RESERVED
 CVE-2019-9722
@@ -11195,13 +11195,13 @@ CVE-2019-7216 (An issue was discovered in FileChucker 
4.99e-free-e02. filechucke
 CVE-2019-7215
        RESERVED
 CVE-2019-7214 (SmarterTools SmarterMail 16.x before build 6985 allows 
deserialization ...)
-       TODO: check
+       NOT-FOR-US: SmarterTools SmarterMail
 CVE-2019-7213 (SmarterTools SmarterMail 16.x before build 6985 allows 
directory trave ...)
-       TODO: check
+       NOT-FOR-US: SmarterTools SmarterMail
 CVE-2019-7212 (SmarterTools SmarterMail 16.x before build 6985 has hardcoded 
secret k ...)
-       TODO: check
+       NOT-FOR-US: SmarterTools SmarterMail
 CVE-2019-7211 (SmarterTools SmarterMail 16.x before build 6995 has stored XSS. 
JavaSc ...)
-       TODO: check
+       NOT-FOR-US: SmarterTools SmarterMail
 CVE-2019-7210
        RESERVED
 CVE-2019-7209



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4cea0d5531b15578e6ce4702354dfe9cc4dc080

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4cea0d5531b15578e6ce4702354dfe9cc4dc080
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to