Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c98a3831 by Salvatore Bonaccorso at 2019-05-24T15:30:53Z
Process some NFUs
- - - - -
c1f0cd0c by Salvatore Bonaccorso at 2019-05-24T15:34:24Z
Add CVE-2016-7151/capstone
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25,7 +25,7 @@ CVE-2019-12300 (Buildbot before 1.8.2 and 2.x before 2.3.1
accepts a user-submit
CVE-2019-12299
RESERVED
CVE-2019-12298 (Leanify 0.4.3 allows remote attackers to trigger an
out-of-bounds writ ...)
- TODO: check
+ NOT-FOR-US: Leanify
CVE-2019-12297 (An issue was discovered in scopd on Motorola routers CX2 1.01
and M2 1 ...)
NOT-FOR-US: Motorola
CVE-2019-12296
@@ -619,7 +619,7 @@ CVE-2019-12044 (A Buffer Overflow exists in Citrix
NetScaler Gateway 10.5.x befo
CVE-2019-12043 (In remarkable 1.7.1, lib/parser_inline.js mishandles URL
filtering, wh ...)
NOT-FOR-US: remarkable
CVE-2019-12042 (Insecure permissions of the section object
Global\PandaDevicesAgentSha ...)
- TODO: check
+ NOT-FOR-US: Panda products
CVE-2019-12041 (lib/common/html_re.js in remarkable 1.7.1 allows Regular
Expression De ...)
NOT-FOR-US: remarkable
CVE-2019-12040
@@ -3590,7 +3590,7 @@ CVE-2019-10848
CVE-2019-10847
RESERVED
CVE-2019-10846 (Computrols CBAS 18.0.0 allows Unauthenticated Reflected
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: Computrols CBAS
CVE-2019-10845 (An issue was discovered in Uniqkey Password Manager 1.14. When
enterin ...)
NOT-FOR-US: Uniqkey Password Manager
CVE-2019-10844 (nbla/logger.cpp in libnnabla.a in Sony Neural Network
Libraries (aka n ...)
@@ -29338,7 +29338,7 @@ CVE-2018-19616 (An issue was discovered in Rockwell
Automation Allen-Bradley Pow
CVE-2018-19615 (Rockwell Automation Allen-Bradley PowerMonitor 1000 all
versions. A re ...)
NOT-FOR-US: Rockwell Automation Allen-Bradley PowerMonitor 1000
CVE-2018-19614 (XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo
DR-250 Pre ...)
- TODO: check
+ NOT-FOR-US: Westermo routers
CVE-2018-19613
RESERVED
CVE-2018-19612
@@ -121734,7 +121734,7 @@ CVE-2017-5873 (Unquoted Windows search path
vulnerability in the guest service i
CVE-2017-5872 (The TCP/IP networking module in Unisys ClearPath MCP systems
with TCP- ...)
NOT-FOR-US: Unisys ClearPath
CVE-2017-5871 (Odoo Version <= 8.0-20160726 and Version 9 is affected by:
CWE-601: ...)
- TODO: check
+ NOT-FOR-US: Odoo
CVE-2017-5870 (Multiple cross-site scripting (XSS) vulnerabilities in
ViMbAdmin 3.0.1 ...)
NOT-FOR-US: ViMbAdmin
CVE-2017-5869 (Directory traversal vulnerability in the file import feature in
Nuxeo ...)
@@ -145137,7 +145137,9 @@ CVE-2016-7153 (The HTTP/2 protocol does not consider
the role of the TCP congest
CVE-2016-7152 (The HTTPS protocol does not consider the role of the TCP
congestion wi ...)
NOTE: CVE assigned for the HTTP/2 protocol issue
CVE-2016-7151 (Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused
by a re ...)
- TODO: check
+ - capstone <unfixed>
+ NOTE:
https://github.com/aquynh/capstone/commit/87a25bb543c8e4c09b48d4b4a6c7db31ce58df06
(4.0-alpha4)
+ NOTE: https://github.com/aquynh/capstone/pull/725
CVE-2016-7150 (Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5
and earl ...)
NOT-FOR-US: b2evolution
CVE-2016-7149 (Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5
and earl ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/f334f8e4e8bf0f32cbfc07c8bb2189456581dab1...c1f0cd0ccc54ba6ab14de55ad06a1473b5145ea1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/f334f8e4e8bf0f32cbfc07c8bb2189456581dab1...c1f0cd0ccc54ba6ab14de55ad06a1473b5145ea1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
