Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
38741432 by Salvatore Bonaccorso at 2019-05-10T21:42:43Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2019-11880
CVE-2019-11879 (** DISPUTED ** The WEBrick gem 1.4.2 for Ruby allows directory
travers ...)
TODO: check
CVE-2019-11878 (An issue was discovered on XiongMai Besder IP20H1
V4.02.R12.00035520.1 ...)
- TODO: check
+ NOT-FOR-US: XiongMai Besder IP20H1 cameras
CVE-2019-11877
RESERVED
CVE-2019-11876
@@ -740,7 +740,7 @@ CVE-2019-11565 (Server Side Request Forgery (SSRF) exists
in the Print My Blog p
CVE-2019-11564 (A cross-site scripting (XSS) vulnerability in HumHub 1.3.12
allows rem ...)
NOT-FOR-US: HumHub
CVE-2019-11563 (Shenzhen Sricctv DeviceViewer for XP has a Buffer Overflow via
the use ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Sricctv DeviceViewer for XP
CVE-2019-11562
RESERVED
CVE-2019-11561 (The Chuango 433 MHz burglar-alarm product line is vulnerable
to a Deni ...)
@@ -1869,7 +1869,7 @@ CVE-2019-11084 (GAuth 0.9.9 beta has stored XSS that
shows a popup repeatedly an
CVE-2019-11083
RESERVED
CVE-2019-11082 (core/api/datasets/internal/actions/Explode.java in the Dataset
API in ...)
- TODO: check
+ NOT-FOR-US: DKPro Core
CVE-2019-11081 (A default username and password in Dentsply Sirona Sidexis 4.2
and pos ...)
NOT-FOR-US: Dentsply Sirona Sidexis
CVE-2019-11080
@@ -19120,7 +19120,7 @@ CVE-2019-4206
CVE-2019-4205
RESERVED
CVE-2019-4204 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2,
and 19. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4203 (IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal can be
exploited ...)
NOT-FOR-US: IBM
CVE-2019-4202 (IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal is
vulnerable to ...)
@@ -26505,7 +26505,7 @@ CVE-2019-1869
CVE-2019-1868
RESERVED
CVE-2019-1867 (A vulnerability in the REST API of Cisco Elastic Services
Controller ( ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1866
RESERVED
CVE-2019-1865
@@ -64581,9 +64581,9 @@ CVE-2018-7122
CVE-2018-7121
RESERVED
CVE-2018-7120 (A security vulnerability in the HPE Virtual Connect SE 16Gb
Fibre Chan ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7119 (A Local Disclosure of Sensitive Information vulnerability was
identifi ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7118 (A local access restriction bypass vulnerability was identified
in HPE ...)
NOT-FOR-US: HPE Service Pack for ProLiant (SPP) Bundled Software
CVE-2018-7117 (A remote Cross-Site Scripting in HPE iLO 5 Web User Interface
vulnerab ...)
@@ -64653,11 +64653,11 @@ CVE-2018-7086
CVE-2018-7085
RESERVED
CVE-2018-7084 (A command injection vulnerability is present that permits an
unauthent ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2018-7083 (If a process running within Aruba Instant crashes, it may leave
behind ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2018-7082 (A command injection vulnerability is present in Aruba Instant
that per ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2018-7081
RESERVED
CVE-2018-7080 (A vulnerability exists in the firmware of embedded BLE radios
that are ...)
@@ -64693,7 +64693,7 @@ CVE-2018-7066 (An unauthenticated remote command
execution exists in Aruba Clear
CVE-2018-7065 (An authenticated SQL injection vulnerability in Aruba ClearPass
Policy ...)
NOT-FOR-US: Aruba
CVE-2018-7064 (A reflected cross-site scripting (XSS) vulnerability is present
in an ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2018-7063 (In Aruba ClearPass, disabled API admins can still perform
read/write o ...)
NOT-FOR-US: Aruba
CVE-2018-7062
@@ -79517,7 +79517,7 @@ CVE-2018-1992 (The IBM Power 9 OP910, OP920, and FW910
boot firmware's bootloade
CVE-2018-1991
RESERVED
CVE-2018-1990 (IBM Cloud App Management V2018.2.0, V2018.4.0, and V2018.4.1
could all ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1989
RESERVED
CVE-2018-1988
@@ -79917,7 +79917,7 @@ CVE-2018-1792 (IBM WebSphere MQ 8.0.0.0 through
8.0.0.10, 9.0.0.0 through 9.0.0.
CVE-2018-1791 (IBM Connections 5.0, 5.5, and 6.0 is vulnerable to an External
Service ...)
NOT-FOR-US: IBM
CVE-2018-1790 (IBM Financial Transaction Manager for Digital Payments for
Multi-Platf ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1789 (IBM API Connect v2018.1.0 through v2018.3.4 could allow an
attacker to ...)
NOT-FOR-US: IBM
CVE-2018-1788 (IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly
sensitiv ...)
@@ -99087,7 +99087,7 @@ CVE-2017-12791 (Directory traversal vulnerability in
minion id validation in Sal
CVE-2017-12790 (Metinfo 5.3.18 is affected by: Cross Site Request Forgery
(CSRF). The ...)
NOT-FOR-US: Metinfo
CVE-2017-12789 (Metinfo 5.3.18 is affected by: Cross Site Request Forgery
(CSRF). The ...)
- TODO: check
+ NOT-FOR-US: Metinfo
CVE-2017-12788 (Multiple cross-site scripting (XSS) vulnerabilities in
admin/index.php ...)
NOT-FOR-US: Metinfo
CVE-2017-12787 (A network interface of the novi_process_manager_daemon
service, includ ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3874143247513c1ea8a6fdffed8f70cac08b8a3d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3874143247513c1ea8a6fdffed8f70cac08b8a3d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
