[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Sat, 11 May 2019 04:41:29 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d74c93b0 by Salvatore Bonaccorso at 2019-05-11T11:40:07Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10939,7 +10939,7 @@ CVE-2019-7655
 CVE-2019-7654
        RESERVED
 CVE-2019-7652 (TheHive Project UnshortenLink analyzer before 1.1, included in 
Cortex- ...)
-       TODO: check
+       NOT-FOR-US: TheHive Project UnshortenLink analyzer
 CVE-2019-7651 (EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 
allows an at ...)
        NOT-FOR-US: Emsisoft Anti-Malware
 CVE-2019-7650
@@ -16124,11 +16124,11 @@ CVE-2019-5679
 CVE-2019-5678
        RESERVED
 CVE-2019-5677 (NVIDIA Windows GPU Display driver software for Windows (all 
versions)  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA Windows GPU Display driver software for Windows
 CVE-2019-5676 (NVIDIA Windows GPU Display driver software for Windows (all 
versions)  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA Windows GPU Display driver software for Windows
 CVE-2019-5675 (NVIDIA Windows GPU Display driver software for Windows (all 
versions)  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA Windows GPU Display driver software for Windows
 CVE-2019-5674 (NVIDIA GeForce Experience before 3.18 contains a vulnerability 
when Sh ...)
        NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2019-5673 (NVIDIA Jetson TX2 contains a vulnerability in the kernel driver 
(on al ...)
@@ -16490,11 +16490,11 @@ CVE-2019-5498
 CVE-2019-5497
        RESERVED
 CVE-2019-5496 (Oncommand Insight versions prior to 7.3.5 shipped without 
certain HTTP ...)
-       TODO: check
+       NOT-FOR-US: Oncommand Insight / Netapp
 CVE-2019-5495 (OnCommand Unified Manager for VMware vSphere, Linux and Windows 
prior  ...)
-       TODO: check
+       NOT-FOR-US: OnCommand Unified Manager for VMware vSphere, Linux and 
Windows / Netapp
 CVE-2019-5494 (OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped 
withou ...)
-       TODO: check
+       NOT-FOR-US: OnCommand Unified Manager 7-Mode / Netapp
 CVE-2019-5493
        RESERVED
 CVE-2019-5492 (Element Plug-in for vCenter Server versions prior to 4.2.3 may 
disclos ...)
@@ -20686,7 +20686,7 @@ CVE-2019-3568
 CVE-2019-3567
        RESERVED
 CVE-2019-3566 (A bug in WhatsApp for Android's messaging logic would 
potentially allo ...)
-       TODO: check
+       NOT-FOR-US: WhatsApp for Android
 CVE-2019-3565 (Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) 
would n ...)
        TODO: check
 CVE-2019-3564 (Go Facebook Thrift servers would not error upon receiving 
messages wit ...)
@@ -59680,7 +59680,7 @@ CVE-2018-8814 (Cross-site request forgery (CSRF) 
vulnerability in WolfCMS 0.8.3.
 CVE-2018-8813 (Open redirect vulnerability in the login[redirect] parameter 
login fun ...)
        NOT-FOR-US: WolfCMS
 CVE-2018-8812 (An issue was discovered in Avaya one-X Portal for IP Office 
9.1.2.0 an ...)
-       TODO: check
+       NOT-FOR-US: Avaya
 CVE-2018-8811 (Cross-site request forgery (CSRF) vulnerability in 
system/workplace/ad ...)
        NOT-FOR-US: OpenCMS
 CVE-2018-8810 (In radare2 2.4.0, there is a heap-based buffer over-read in the 
get_iv ...)
@@ -98289,9 +98289,9 @@ CVE-2017-12887
 CVE-2017-12886
        RESERVED
 CVE-2017-12885 (OX Software GmbH App Suite 7.8.4 and earlier is affected by: 
Cross Sit ...)
-       TODO: check
+       NOT-FOR-US: OX Software GmbH App Suite
 CVE-2017-12884 (OX Software GmbH App Suite 7.8.4 and earlier is affected by: 
Informati ...)
-       TODO: check
+       NOT-FOR-US: OX Software GmbH App Suite
 CVE-2017-12883 (Buffer overflow in the S_grok_bslash_N function in regcomp.c 
in Perl 5 ...)
        {DSA-3982-1}
        - perl 5.26.0-8 (bug #875597)
@@ -99080,7 +99080,7 @@ CVE-2017-12797 (Integer overflow in the 
INT123_parse_new_id3 function in the ID3
 CVE-2017-12796 (The Reporting Compatibility Add On before 2.0.4 for OpenMRS, 
as distri ...)
        NOT-FOR-US: OpenMRS addon
 CVE-2017-12795 (OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: 
(Improper I ...)
-       TODO: check
+       NOT-FOR-US: OpenMRS
 CVE-2017-12794 (In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML 
autoesca ...)
        - python-django 1:1.11.5-1 (low; bug #874415)
        [stretch] - python-django 1:1.10.7-2+deb9u2
@@ -99201,7 +99201,7 @@ CVE-2017-12762 (In /drivers/isdn/i4l/isdn_net.c: A 
user-controlled buffer is cop
        NOTE: Fixed by: 
https://git.kernel.org/linus/9f5af546e6acc30f075828cb58c7f09665033967 
(v4.13-rc4)
        NOTE: Driver is disabled since squeeze and unmaintained for a long time
 CVE-2017-12761 (http://codecanyon.net/user/Endober WebFile Explorer 1.0 is 
affected by ...)
-       TODO: check
+       NOT-FOR-US: Endober WebFile Explorer
 CVE-2017-12760 (Ynet Interactive - http://demo.ynetinteractive.com/mobiketa/ 
Mobiketa  ...)
        NOT-FOR-US: Ynet Interactive
 CVE-2017-12759 (Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA 
School Man ...)
@@ -162653,7 +162653,7 @@ CVE-2016-1602 (A code injection in the supportconfig 
data collection tool in sup
 CVE-2016-1601 (yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 
SP1, do ...)
        NOT-FOR-US: yast2-users / SuSE YAST
 CVE-2016-1600 (The ServiceNow driver in NetIQ Identity Manager versions prior 
to 4.6  ...)
-       TODO: check
+       NOT-FOR-US: NetIQ Identity Manager
 CVE-2016-1599 (Cross-site scripting (XSS) vulnerability in NetIQ Self Service 
Passwor ...)
        NOT-FOR-US: NetIQ Self Service Password Reset
 CVE-2016-1598 (XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows 
attacke ...)
@@ -190131,7 +190131,7 @@ CVE-2015-1008 (SQL injection vulnerability in Emerson 
AMS Device Manager before
 CVE-2015-1007 (A specially crafted configuration file could be used to cause a 
stack- ...)
        NOT-FOR-US: Opto 22 PAC
 CVE-2015-1006 (A vulnerable file in Opto 22 PAC Project Professional versions 
prior t ...)
-       TODO: check
+       NOT-FOR-US: Opto
 CVE-2015-1005 (IniNet embeddedWebServer (aka eWebServer) before 2.02 for 
Windows CE u ...)
        NOT-FOR-US: IniNet
 CVE-2015-1004



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d74c93b07bdf3e013d8bc14b1937bb4a248571ba

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d74c93b07bdf3e013d8bc14b1937bb4a248571ba
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to