[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Wed, 19 Jun 2019 01:40:32 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
66ce8c52 by Salvatore Bonaccorso at 2019-06-19T08:39:41Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1860,7 +1860,7 @@ CVE-2019-12135 (An unspecified vulnerability in the 
application server in PaperC
 CVE-2019-12134 (CSV Injection (aka Excel Macro Injection or Formula Injection) 
exists  ...)
        NOT-FOR-US: Workday
 CVE-2019-12133 (Multiple Zoho ManageEngine products suffer from local 
privilege escala ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2019-12132
        RESERVED
 CVE-2019-12131
@@ -6981,7 +6981,7 @@ CVE-2019-10087
 CVE-2019-10086
        RESERVED
 CVE-2019-10085 (In Apache Allura prior to 1.11.0, a vulnerability exists for 
stored XS ...)
-       TODO: check
+       NOT-FOR-US: Apache Allura
 CVE-2019-10084
        RESERVED
 CVE-2019-10083
@@ -20360,9 +20360,9 @@ CVE-2019-5018 (An exploitable use after free 
vulnerability exists in the window
        [jessie] - sqlite3 <not-affected> (windowfuncs introduced in 3.25.0)
        NOTE: 
https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0777
 CVE-2019-5017 (An exploitable information disclosure vulnerability exists in 
the KCod ...)
-       TODO: check
+       NOT-FOR-US: NETGEAR
 CVE-2019-5016 (An exploitable arbitrary memory read vulnerability exists in 
the KCode ...)
-       TODO: check
+       NOT-FOR-US: NETGEAR
 CVE-2019-5015 (A local privilege escalation vulnerability exists in the Mac OS 
X vers ...)
        NOT-FOR-US: Apple
 CVE-2019-5014 (An exploitable improper access control vulnerability exists in 
the blu ...)
@@ -22519,9 +22519,9 @@ CVE-2019-3956 (Dameware Remote Mini Control version 
12.1.0.34 and prior contains
 CVE-2019-3955 (Dameware Remote Mini Control version 12.1.0.34 and prior 
contains a un ...)
        NOT-FOR-US: Dameware Remote Mini Control
 CVE-2019-3954 (Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Advantech WebAccess/SCADA
 CVE-2019-3953 (Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Advantech WebAccess/SCADA
 CVE-2019-3952
        RESERVED
 CVE-2019-3951
@@ -34122,19 +34122,19 @@ CVE-2018-19452 (A use after free in the TextBox field 
Mouse Enter action in IRea
 CVE-2018-19451 (A command injection can occur for specially crafted PDF files 
in Foxit ...)
        NOT-FOR-US: Foxit Reader
 CVE-2018-19450 (A command injection can occur for specially crafted PDF files 
in Foxit ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader SDK
 CVE-2018-19449 (A File Write can occur for specially crafted PDF files in 
Foxit Reader ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader SDK
 CVE-2018-19448 (In Foxit Reader SDK (ActiveX) Professional 5.4.0.1031, an 
uninitialize ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader SDK
 CVE-2018-19447 (A stack-based buffer overflow can occur for specially crafted 
PDF file ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader SDK
 CVE-2018-19446 (A File Write can occur for specially crafted PDF files in 
Foxit Reader ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader SDK
 CVE-2018-19445 (A command injection can occur for specially crafted PDF files 
in Foxit ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader SDK
 CVE-2018-19444 (A use after free in the TextBox field Validate action in 
IReader_Conte ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader SDK
 CVE-2018-19442 (A Buffer Overflow in 
Network::AuthenticationClient::VerifySignature in ...)
        NOT-FOR-US: Neato Botvac Connected
 CVE-2018-19441
@@ -35946,17 +35946,17 @@ CVE-2018-18882 (A stored cross-site scripting (XSS) 
issue was discovered in Cont
 CVE-2018-18881 (A Denial of Service (DOS) issue was discovered in ControlByWeb 
X-320M- ...)
        NOT-FOR-US: ControlByWeb
 CVE-2018-18880 (In firmware version MS_2.6.9900 of Columbia Weather 
MicroServer, a net ...)
-       TODO: check
+       NOT-FOR-US: Columbia Weather MicroServer
 CVE-2018-18879 (In firmware version MS_2.6.9900 of Columbia Weather 
MicroServer, an au ...)
-       TODO: check
+       NOT-FOR-US: Columbia Weather MicroServer
 CVE-2018-18878 (In firmware version MS_2.6.9900 of Columbia Weather 
MicroServer, the B ...)
-       TODO: check
+       NOT-FOR-US: Columbia Weather MicroServer
 CVE-2018-18877 (In firmware version MS_2.6.9900 of Columbia Weather 
MicroServer, an au ...)
-       TODO: check
+       NOT-FOR-US: Columbia Weather MicroServer
 CVE-2018-18876 (In firmware version MS_2.6.9900 of Columbia Weather 
MicroServer, a rea ...)
-       TODO: check
+       NOT-FOR-US: Columbia Weather MicroServer
 CVE-2018-18875 (In firmware version MS_2.6.9900 of Columbia Weather 
MicroServer, a sto ...)
-       TODO: check
+       NOT-FOR-US: Columbia Weather MicroServer
 CVE-2018-18874 (nc-cms through 2017-03-10 allows remote attackers to execute 
arbitrary ...)
        NOT-FOR-US: nc-cms
 CVE-2018-18873 (An issue was discovered in JasPer 2.0.14. There is a NULL 
pointer dere ...)
@@ -112011,27 +112011,27 @@ CVE-2017-9394 (A stored cross-site scripting 
vulnerability in CA Identity Govern
 CVE-2017-9393 (CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows 
remote a ...)
        NOT-FOR-US: CA Identity Manager
 CVE-2017-9392 (An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 
1.7.481 d ...)
-       TODO: check
+       NOT-FOR-US: Vera
 CVE-2017-9391 (An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 
1.7.481 d ...)
-       TODO: check
+       NOT-FOR-US: Vera
 CVE-2017-9390 (An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 
1.7.481 d ...)
        NOT-FOR-US: Vera devices
 CVE-2017-9389 (An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 
1.7.481 d ...)
-       TODO: check
+       NOT-FOR-US: Vera
 CVE-2017-9388 (An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 
1.7.481 d ...)
        NOT-FOR-US: Vera devices
 CVE-2017-9387 (An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 
1.7.481 d ...)
-       TODO: check
+       NOT-FOR-US: Vera
 CVE-2017-9386 (An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 
1.7.481 d ...)
-       TODO: check
+       NOT-FOR-US: Vera
 CVE-2017-9385 (An issue was discovered on Vera Veralite 1.7.481 devices. The 
device h ...)
-       TODO: check
+       NOT-FOR-US: Vera
 CVE-2017-9384 (An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 
1.7.481 d ...)
        NOT-FOR-US: Vera devices
 CVE-2017-9383 (An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 
1.7.481 d ...)
-       TODO: check
+       NOT-FOR-US: Vera
 CVE-2017-9382 (An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 
1.7.481 d ...)
-       TODO: check
+       NOT-FOR-US: Vera
 CVE-2017-9381 (An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 
1.7.481 d ...)
        NOT-FOR-US: Vera devices
 CVE-2017-9380 (OpenEMR 5.0.0 and prior allows low-privilege users to upload 
files of  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/66ce8c5236a522f48243fe7034ba514770cf5c21

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/66ce8c5236a522f48243fe7034ba514770cf5c21
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to