Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
60928036 by Salvatore Bonaccorso at 2019-06-12T20:20:49Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16,7 +16,7 @@ CVE-2016-10760 (On Seowon Intech routers, there is a Command
Injection vulnerabi
CVE-2013-7471 (An issue was discovered in soap.cgi?service=WANIPConn1 on
D-Link DIR-8 ...)
NOT-FOR-US: D-Link
CVE-2010-5330 (On certain Ubiquiti devices, Command Injection exists via a GET
reques ...)
- TODO: check
+ NOT-FOR-US: Ubiquiti
CVE-2009-5157 (On Linksys WAG54G2 1.00.10 devices, there is authenticated
command inj ...)
NOT-FOR-US: Linksys
CVE-2009-5156 (An issue was discovered on ASMAX AR-804gu 66.34.1 devices.
There is Co ...)
@@ -1616,13 +1616,13 @@ CVE-2019-12148
CVE-2019-12147
RESERVED
CVE-2019-12146 (A Directory Traversal issue was discovered in SSHServerAPI.dll
in Prog ...)
- TODO: check
+ NOT-FOR-US: Progress ipswitch WS_FTP Server
CVE-2019-12145 (A Directory Traversal issue was discovered in SSHServerAPI.dll
in Prog ...)
- TODO: check
+ NOT-FOR-US: Progress ipswitch WS_FTP Server
CVE-2019-12144 (An issue was discovered in SSHServerAPI.dll in Progress
ipswitch WS_FT ...)
- TODO: check
+ NOT-FOR-US: Progress ipswitch WS_FTP Server
CVE-2019-12143 (A Directory Traversal issue was discovered in SSHServerAPI.dll
in Prog ...)
- TODO: check
+ NOT-FOR-US: Progress ipswitch WS_FTP Server
CVE-2019-12142
RESERVED
CVE-2019-12141
@@ -3619,7 +3619,7 @@ CVE-2019-11336 (Sony Bravia Smart TV devices allow remote
attackers to retrieve
CVE-2019-11335
RESERVED
CVE-2019-11334 (An authentication bypass in website post requests in the Tzumi
Electro ...)
- TODO: check
+ NOT-FOR-US: Tzumi Electronics Klic Lock application for mobile devices
CVE-2019-11333
RESERVED
CVE-2019-11332 (MKCMS 5.0 allows remote attackers to take over arbitrary user
accounts ...)
@@ -4523,7 +4523,7 @@ CVE-2019-10973
CVE-2019-10972
RESERVED
CVE-2019-10971 (The application (Network Configurator for DeviceNet Safety
3.41 and pr ...)
- TODO: check
+ NOT-FOR-US: Omron
CVE-2019-10970
RESERVED
CVE-2019-10969
@@ -4613,9 +4613,9 @@ CVE-2019-10928
CVE-2019-10927
RESERVED
CVE-2019-10926 (A vulnerability has been identified in SIMATIC Ident MV420
family (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-10925 (A vulnerability has been identified in SIMATIC Ident MV420
family (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-10924 (A vulnerability has been identified in LOGO! Soft Comfort (All
version ...)
NOT-FOR-US: Siemens
CVE-2019-10923
@@ -6484,7 +6484,7 @@ CVE-2019-10158
RESERVED
NOT-FOR-US: infinispan
CVE-2019-10157 (It was found that Keycloak's Node.js adapter before version
4.8.3 did ...)
- TODO: check
+ NOT-FOR-US: Keycloak
CVE-2019-10156 [templating causing an unexpected key file to be set on remote
node]
RESERVED
- ansible <unfixed> (bug #930065)
@@ -8549,7 +8549,7 @@ CVE-2019-9678
CVE-2019-9677
RESERVED
CVE-2019-9676 (Buffer overflow vulnerability found in some Dahua IP Camera
devices IP ...)
- TODO: check
+ NOT-FOR-US: Dahua IP Camera devices
CVE-2019-9675 (** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27
and 7. ...)
{DSA-4403-1}
- php7.3 7.3.3-1 (unimportant)
@@ -16247,7 +16247,7 @@ CVE-2019-6586
CVE-2019-6585
RESERVED
CVE-2019-6584 (A vulnerability has been identified in SIEMENS LOGO!8
(6ED1052-xyyxx-0 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-6583
RESERVED
CVE-2019-6582 (A vulnerability has been identified in Siveillance VMS 2017 R2
(All ve ...)
@@ -16273,7 +16273,7 @@ CVE-2019-6573
CVE-2019-6572 (A vulnerability has been identified in SIMATIC HMI Comfort
Panels 4" - ...)
NOT-FOR-US: Siemens
CVE-2019-6571 (A vulnerability has been identified in SIEMENS LOGO!8
(6ED1052-xyyxx-0 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-6570 (A vulnerability has been identified in SINEMA Remote Connect
Server (A ...)
NOT-FOR-US: Siemens
CVE-2019-6569 (A vulnerability has been identified in Scalance X-200 (All
versions &l ...)
@@ -22260,9 +22260,9 @@ CVE-2019-3949
CVE-2019-3948
RESERVED
CVE-2019-3947 (Fuji Electric V-Server before 6.0.33.0 stores database
credentials in ...)
- TODO: check
+ NOT-FOR-US: Fuji Electric V-Server
CVE-2019-3946 (Fuji Electric V-Server before 6.0.33.0 is vulnerable to denial
of serv ...)
- TODO: check
+ NOT-FOR-US: Fuji Electric V-Server
CVE-2019-3945
RESERVED
CVE-2019-3944
@@ -22487,9 +22487,9 @@ CVE-2019-3874 (The SCTP socket buffer used by a
userspace application is not acc
[jessie] - linux <ignored> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1686373
CVE-2019-3873 (It was found that Picketlink as shipped with Jboss Enterprise
Applicat ...)
- TODO: check
+ NOT-FOR-US: Picketlink
CVE-2019-3872 (It was found that a SAMLRequest containing a script could be
processed ...)
- TODO: check
+ NOT-FOR-US: Picketlink
CVE-2019-3871 (A vulnerability was found in PowerDNS Authoritative Server
before 4.0. ...)
{DSA-4424-1 DLA-1737-1}
- pdns 4.1.6-2 (bug #924966)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6092803611199bc51c32ede667667a0918a90536
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6092803611199bc51c32ede667667a0918a90536
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
