[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Thu, 09 May 2019 13:27:43 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
46734a47 by Moritz Muehlenhoff at 2019-05-09T20:26:56Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,13 +11,13 @@ CVE-2019-11841
 CVE-2019-11840 (An issue was discovered in supplementary Go cryptography 
libraries, ak ...)
        TODO: check
 CVE-2019-11839 (njs through 0.3.1, used in NGINX, has a heap-based buffer 
overflow in  ...)
-       TODO: check
+       NOT-FOR-US: njs
 CVE-2019-11838 (njs through 0.3.1, used in NGINX, has a heap-based buffer 
overflow in  ...)
-       TODO: check
+       NOT-FOR-US: njs
 CVE-2019-11837 (njs through 0.3.1, used in NGINX, has a segmentation fault in 
String.p ...)
-       TODO: check
+       NOT-FOR-US: njs
 CVE-2019-11836 (The Rediffmail (aka com.rediff.mail.and) application 2.2.6 for 
Android ...)
-       TODO: check
+       NOT-FOR-US: Rediffmail
 CVE-2019-11842 (An issue was discovered in Matrix Sydent before 1.0.3 and 
Synapse befo ...)
        - matrix-synapse 0.99.2-5
        NOTE: 
https://matrix.org/blog/2019/05/03/security-updates-sydent-1-0-3-synapse-0-99-3-1-and-riot-android-0-9-0-0-8-99-0-8-28-a/
@@ -660,13 +660,13 @@ CVE-2019-11566
 CVE-2019-11565 (Server Side Request Forgery (SSRF) exists in the Print My Blog 
plugin  ...)
        NOT-FOR-US: Print My Blog plugin for WordPress
 CVE-2019-11564 (A cross-site scripting (XSS) vulnerability in HumHub 1.3.12 
allows rem ...)
-       TODO: check
+       NOT-FOR-US: HumHub
 CVE-2019-11563
        RESERVED
 CVE-2019-11562
        RESERVED
 CVE-2019-11561 (The Chuango 433 MHz burglar-alarm product line is vulnerable 
to a Deni ...)
-       TODO: check
+       NOT-FOR-US: Chuango
 CVE-2019-11560 (A buffer overflow vulnerability in the streaming server 
provided by hi ...)
        NOT-FOR-US: hisilicon
 CVE-2019-11559
@@ -686,7 +686,7 @@ CVE-2019-11552
 CVE-2019-11551
        RESERVED
 CVE-2019-11550 (Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x 
before  ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2019-11549 [Improper Sanitation of Credentials in Gitaly]
        RESERVED
        - gitlab 11.8.9+dfsg-1 (bug #928221)
@@ -1198,7 +1198,7 @@ CVE-2019-11355
 CVE-2019-11354 (The client in Electronic Arts (EA) Origin 10.5.36 on Windows 
allows te ...)
        NOT-FOR-US: client in Electronic Arts (EA) Origin on Windows
 CVE-2019-11353 (The EnGenius EWS660AP router with firmware 2.0.284 allows an 
attacker  ...)
-       TODO: check
+       NOT-FOR-US: EnGenius EWS660AP
 CVE-2019-11352
        RESERVED
 CVE-2019-11351 (TeamSpeak 3 Client before 3.2.5 allows remote code execution 
in the Qt ...)
@@ -6480,7 +6480,7 @@ CVE-2019-9507
 CVE-2019-9506
        RESERVED
 CVE-2019-9505 (The PrinterLogic Print Management software, versions up to and 
includi ...)
-       TODO: check
+       NOT-FOR-US: PrinterLogic Print Management
 CVE-2019-9504
        RESERVED
 CVE-2019-9503 [brcmfmac: add subtype check for event handling in data path]
@@ -9313,7 +9313,7 @@ CVE-2019-8351 (Heimdal Thor Agent 2.5.17x before 2.5.173 
does not verify X.509 c
 CVE-2019-8350
        RESERVED
 CVE-2019-8349 (Multiple cross-site scripting (XSS) vulnerabilities in HTMLy 
2.7.4 all ...)
-       TODO: check
+       NOT-FOR-US: HTMLy
 CVE-2019-8348
        RESERVED
 CVE-2019-8347 (BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP 
accounts via ...)
@@ -12182,7 +12182,7 @@ CVE-2019-7183
 CVE-2019-7182
        RESERVED
 CVE-2019-7181 (Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 
and ea ...)
-       TODO: check
+       NOT-FOR-US: myQNAPcloud Connect
 CVE-2019-7180
        RESERVED
 CVE-2019-7179
@@ -13606,11 +13606,11 @@ CVE-2019-6568 (A vulnerability has been identified in 
CP1604 (All versions), CP1
 CVE-2019-6567
        RESERVED
 CVE-2019-6566 (GE Communicator, all versions prior to 4.0.517, allows a 
non-administr ...)
-       TODO: check
+       NOT-FOR-US: GE Communicator
 CVE-2019-6565 (Moxa IKS and EDS fails to properly validate user input, giving 
unauthe ...)
        NOT-FOR-US: Moxa
 CVE-2019-6564 (GE Communicator, all versions prior to 4.0.517, allows a 
non-administr ...)
-       TODO: check
+       NOT-FOR-US: GE Communicator
 CVE-2019-6563 (Moxa IKS and EDS generate a predictable cookie calculated with 
an MD5  ...)
        NOT-FOR-US: Moxa
 CVE-2019-6562 (In Philips Tasy EMR, Tasy EMR Versions 3.02.1744 and prior, the 
softwa ...)
@@ -13642,15 +13642,15 @@ CVE-2019-6550 (Advantech WebAccess/SCADA, Versions 
8.3.5 and prior. Multiple sta
 CVE-2019-6549 (An attacker could retrieve plain-text credentials stored in a 
XML file ...)
        NOT-FOR-US: PR100088 Modbus
 CVE-2019-6548 (GE Communicator, all versions prior to 4.0.517, contains two 
backdoor  ...)
-       TODO: check
+       NOT-FOR-US: GE Communicator
 CVE-2019-6547 (Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor 
Version 1.00 ...)
        NOT-FOR-US: Delta Industrial Automation CNCSoft
 CVE-2019-6546 (GE Communicator, all versions prior to 4.0.517, allows an 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: GE Communicator
 CVE-2019-6545 (AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 
SP3 and I ...)
        NOT-FOR-US: AVEVA
 CVE-2019-6544 (GE Communicator, all versions prior to 4.0.517, has a service 
running  ...)
-       TODO: check
+       NOT-FOR-US: GE Communicator
 CVE-2019-6543 (AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 
SP3 and I ...)
        NOT-FOR-US: AVEVA
 CVE-2019-6542 (ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions 
prior t ...)
@@ -19297,9 +19297,9 @@ CVE-2019-4074 (IBM Sterling B2B Integrator Standard 
Edition 6.0.0.0 and 6.0.0.1
 CVE-2019-4073 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 
6.0.0.1 is vu ...)
        NOT-FOR-US: IBM
 CVE-2019-4072 (IBM Tivoli Storage Productivity Center (IBM Spectrum Control 
Standard  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2019-4071 (IBM Tivoli Storage Productivity Center (IBM Spectrum Control 
Standard  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2019-4070
        RESERVED
 CVE-2019-4069



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/46734a47369dd6bdca034d23dfca47d4a14cf7e6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/46734a47369dd6bdca034d23dfca47d4a14cf7e6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to