[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Tue, 07 May 2019 13:54:22 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
49805b7d by Salvatore Bonaccorso at 2019-05-07T20:53:12Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10492,9 +10492,9 @@ CVE-2019-7748 (_includes\online.php in DbNinja 3.2.7 
allows XSS via the data.php
 CVE-2019-7747 (DbNinja 3.2.7 allows session fixation via the data.php sessid 
paramete ...)
        NOT-FOR-US: DbNinja
 CVE-2019-7746 (JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote 
attackers to ...)
-       TODO: check
+       NOT-FOR-US: JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices
 CVE-2019-7745 (JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote 
attackers to ...)
-       TODO: check
+       NOT-FOR-US: JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices
 CVE-2019-7744 (An issue was discovered in Joomla! before 3.9.3. Inadequate 
filtering  ...)
        NOT-FOR-US: Joomla!
 CVE-2019-7743 (An issue was discovered in Joomla! before 3.9.3. The phar:// 
stream wr ...)
@@ -10641,7 +10641,7 @@ CVE-2019-7689
 CVE-2019-7688
        RESERVED
 CVE-2019-7687 (cgi-bin/qcmap_web_cgi on JioFi 4 jmr1140 Amtel_JMR1140_R12.07 
devices  ...)
-       TODO: check
+       NOT-FOR-US: JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices
 CVE-2018-20771 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 
58XXi,  ...)
        NOT-FOR-US: Xerox devices
 CVE-2018-20770 (An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 
58XXi,  ...)
@@ -11019,7 +11019,7 @@ CVE-2019-7566 (CSZ CMS 1.1.8 has CSRF via 
admin/users/new/add. ...)
 CVE-2019-7565
        RESERVED
 CVE-2019-7564 (An issue was discovered on Shenzhen Coship WM3300 WiFi Router 
5.0.0.55 ...)
-       TODO: check
+       NOT-FOR-US: Shenzhen Coship WM3300 WiFi Router devices
 CVE-2019-7563
        RESERVED
 CVE-2019-7562
@@ -11392,9 +11392,9 @@ CVE-2019-7429 (PHP Scripts Mall Property Rental 
Software 2.1.4 has directory tra
 CVE-2019-7428
        RESERVED
 CVE-2019-7427 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional 
v7.0.0.2 ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
 CVE-2019-7426 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional 
v7.0.0.2 ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
 CVE-2019-7425 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional 
v7.0.0.2 ...)
        NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
 CVE-2019-7424 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional 
v7.0.0.2 ...)
@@ -21299,7 +21299,7 @@ CVE-2018-20505 (SQLite 3.25.2, when queries are run on 
a table with a malformed
 CVE-2018-20504
        RESERVED
 CVE-2018-20503 (Allied Telesis 8100L/8 devices allow XSS via the 
edit-ipv4_interface.p ...)
-       TODO: check
+       NOT-FOR-US: Allied Telesis 8100L/8 devices
 CVE-2018-20502 (An issue was discovered in Bento4 1.5.1-627. There is an 
attempt at ex ...)
        NOT-FOR-US: Bento4
 CVE-2018-20501 [Missing authorization control merge requests]
@@ -30914,7 +30914,7 @@ CVE-2018-19458 (In PHP Proxy 3.0.3, any user can read 
files from the server with
 CVE-2018-19457 (Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, 
which le ...)
        NOT-FOR-US: Logicspice FAQ Script
 CVE-2018-19456 (The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 
for WordPr ...)
-       TODO: check
+       NOT-FOR-US: WP Backup+ (aka WPbackupplus) plugin for WordPress
 CVE-2018-19455
        RESERVED
 CVE-2018-19486 (Git before 2.19.2 on Linux and UNIX executes commands from the 
current ...)
@@ -44364,7 +44364,7 @@ CVE-2018-14487
 CVE-2018-14486 (DNN (formerly DotNetNuke) 9.1.1 allows cross-site scripting 
(XSS) via  ...)
        NOT-FOR-US: DNN
 CVE-2018-14485 (BlogEngine.NET 3.3 allows XXE attacks via the POST body to 
metaweblog. ...)
-       TODO: check
+       NOT-FOR-US: BlogEngine.NET
 CVE-2018-14484
        RESERVED
 CVE-2018-14483



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/49805b7d152ddb7ffa5cb370cf0785b3736ed957

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/49805b7d152ddb7ffa5cb370cf0785b3736ed957
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to