Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e9a8c5c5 by Salvatore Bonaccorso at 2019-06-11T19:34:53Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32,7 +32,7 @@ CVE-2019-12782
CVE-2019-12781
RESERVED
CVE-2019-12780 (The Belkin Wemo Enabled Crock-Pot allows command injection in
the Wemo ...)
- TODO: check
+ NOT-FOR-US: Belkin Wemo Enabled Crock-Pot
CVE-2019-XXXX [security issues fixed in vlc 3.0.7]
- vlc 3.0.7-1 (bug #930276)
NOTE: http://www.jbkempf.com/blog/post/2019/VLC-3.0.7-and-security
@@ -581,7 +581,7 @@ CVE-2019-12520
CVE-2019-12519
RESERVED
CVE-2017-18376 (An improper authorization check in the User API in TheHive
before 2.13 ...)
- TODO: check
+ NOT-FOR-US: User API in TheHive Project
CVE-2019-12518
RESERVED
CVE-2019-12517
@@ -764,7 +764,7 @@ CVE-2019-12454 (An issue was discovered in
wcd9335_codec_enable_dec in sound/soc
CVE-2019-12453
RESERVED
CVE-2019-12452 (types/types.go in Containous Traefik 1.7.x through 1.7.11,
when the -- ...)
- TODO: check
+ NOT-FOR-US: Containous Traefik
CVE-2019-12451
RESERVED
CVE-2019-12450 (file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through
2.61.1 ...)
@@ -1220,7 +1220,7 @@ CVE-2019-12278
CVE-2019-12277 (Blogifier 2.3 before 2019-05-11 does not properly restrict
APIs, as de ...)
NOT-FOR-US: Blogifier
CVE-2019-12276 (A Path Traversal vulnerability in
Controllers/LetsEncryptController.cs ...)
- TODO: check
+ NOT-FOR-US: GrandNode
CVE-2019-12275
RESERVED
CVE-2016-10750 (In Hazelcast before 3.11, the cluster join procedure is
vulnerable to ...)
@@ -2141,7 +2141,7 @@ CVE-2019-11883
CVE-2019-11882
RESERVED
CVE-2019-11881 (A vulnerability exists in Rancher 2.1.4 in the login
component, where ...)
- TODO: check
+ NOT-FOR-US: Rancher
CVE-2019-11880 (CommSy through 8.6.5 has SQL Injection via the cid parameter.
This is ...)
NOT-FOR-US: CommSy
CVE-2019-11879 (** DISPUTED ** The WEBrick gem 1.4.2 for Ruby allows directory
travers ...)
@@ -3058,7 +3058,7 @@ CVE-2019-11519
(Libraries/Nop.Services/Localization/LocalizationService.cs in no
CVE-2019-11518 (An issue was discovered in SEMCMS 3.8. SEMCMS_Inquiry.php
allows AID[] ...)
NOT-FOR-US: SEMCMS
CVE-2019-11517 (WampServer before 3.1.9 has CSRF in add_vhost.php because the
synchron ...)
- TODO: check
+ NOT-FOR-US: WampServer
CVE-2019-11516
RESERVED
CVE-2018-20823 (The gyroscope on Xiaomi Mi 5s devices allows attackers to
cause a deni ...)
@@ -6292,7 +6292,7 @@ CVE-2019-10228
CVE-2019-10227
RESERVED
CVE-2019-10226 (HTML Injection has been discovered in the v0.19.0 version of
the Fat F ...)
- TODO: check
+ NOT-FOR-US: Fat Free CRM
CVE-2019-10225
RESERVED
CVE-2019-10224
@@ -9967,9 +9967,9 @@ CVE-2019-9108 (XSS exists in WUZHI CMS 4.1.0 via
index.php?m=core&f=map&
CVE-2019-9107 (XSS exists in WUZHI CMS 4.1.0 via
index.php?m=attachment&f=imagecu ...)
NOT-FOR-US: WUZHI CMS
CVE-2019-9106 (The WebApp v04.68 in the supervisor on SAET Impianti Speciali
TEBE Sma ...)
- TODO: check
+ NOT-FOR-US: SAET Impianti Speciali TEBE Small devices
CVE-2019-9105 (The WebApp v04.68 in the supervisor on SAET Impianti Speciali
TEBE Sma ...)
- TODO: check
+ NOT-FOR-US: SAET Impianti Speciali TEBE Small devices
CVE-2019-9104
RESERVED
CVE-2019-9103
@@ -15704,7 +15704,7 @@ CVE-2019-6802 (CRLF Injection in pypiserver 1.2.5 and
below allows attackers to
CVE-2019-6801
RESERVED
CVE-2019-6800 (In TitanHQ SpamTitan through 7.03, a vulnerability exists in
the spam ...)
- TODO: check
+ NOT-FOR-US: TitanHQ SpamTitan
CVE-2019-6799 (An issue was discovered in phpMyAdmin before 4.8.5. When the
AllowArbi ...)
{DLA-1692-1}
- phpmyadmin <unfixed> (bug #920823)
@@ -19592,7 +19592,7 @@ CVE-2019-5245
CVE-2019-5244 (Mate 9 Pro Huawei smartphones earlier than LON-L29C
8.0.0.361(C636) ve ...)
NOT-FOR-US: Huawei
CVE-2019-5243 (There is a Clickjacking vulnerability in Huawei HG255s product.
An att ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2019-5242 (There is a code execution vulnerability in Huawei PCManager
versions e ...)
NOT-FOR-US: Huawei
CVE-2019-5241 (There is a privilege escalation vulnerability in Huawei
PCManager vers ...)
@@ -98833,9 +98833,9 @@ CVE-2017-13720 (In the PatternMatch function in
fontfile/fontdir.c in libXfont t
CVE-2017-13719
RESERVED
CVE-2017-13718 (The HTTP API supported by Starry Station (aka Starry Router)
allows br ...)
- TODO: check
+ NOT-FOR-US: Starry Station
CVE-2017-13717 (Starry Station (aka Starry Router) sets the
Access-Control-Allow-Origi ...)
- TODO: check
+ NOT-FOR-US: Starry Station
CVE-2017-13716 (The C++ symbol demangler routine in cplus-dem.c in libiberty,
as distr ...)
- binutils <unfixed> (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22009
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e9a8c5c53fcecbfef0fd0a32758dbd584d68ace6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e9a8c5c53fcecbfef0fd0a32758dbd584d68ace6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
