Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
21bfb3a9 by Salvatore Bonaccorso at 2019-07-02T20:27:43Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33,21 +33,21 @@ CVE-2019-13157
CVE-2019-13156
RESERVED
CVE-2019-13155 (An issue was discovered in TRENDnet TEW-827DRU firmware before
2.05B11 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13154 (An issue was discovered in TRENDnet TEW-827DRU firmware before
2.05B11 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13153 (An issue was discovered in TRENDnet TEW-827DRU firmware before
2.05B11 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13152 (An issue was discovered in TRENDnet TEW-827DRU firmware before
2.05B11 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13151 (An issue was discovered in TRENDnet TEW-827DRU firmware before
2.05B11 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13150 (An issue was discovered in TRENDnet TEW-827DRU firmware before
2.05B11 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13149 (An issue was discovered in TRENDnet TEW-827DRU firmware before
2.05B11 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13148 (An issue was discovered in TRENDnet TEW-827DRU firmware before
2.05B11 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13147 (In Audio File Library (aka audiofile) 0.3.6, there exists one
NULL poi ...)
- audiofile <unfixed> (low; bug #931343)
[buster] - audiofile <no-dsa> (Minor issue)
@@ -15802,43 +15802,43 @@ CVE-2019-7272 (Optergy Proton/Enterprise devices
allow Username Disclosure. ...)
CVE-2019-7271 (Nortek Linear eMerge 50P/5000P devices have Default
Credentials. ...)
NOT-FOR-US: Nortek Linear
CVE-2019-7270 (Linear eMerge 50P/5000P devices allow Cross-Site Request
Forgery (CSRF ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge 50P/5000P devices
CVE-2019-7269 (Linear eMerge 50P/5000P devices allow Authenticated Command
Injection ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge 50P/5000P devices
CVE-2019-7268 (Linear eMerge 50P/5000P devices allow Unauthenticated File
Upload. ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge 50P/5000P devices
CVE-2019-7267 (Linear eMerge 50P/5000P devices allow Cookie Path Traversal.
...)
- TODO: check
+ NOT-FOR-US: Linear eMerge 50P/5000P devices
CVE-2019-7266 (Linear eMerge 50P/5000P devices allow Authentication Bypass.
...)
- TODO: check
+ NOT-FOR-US: Linear eMerge 50P/5000P devices
CVE-2019-7265 (Linear eMerge E3-Series devices allow Remote Code Execution
(root acce ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7264 (Linear eMerge E3-Series devices allow a Stack-based Buffer
Overflow on ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7263 (Linear eMerge E3-Series devices have a Version Control Failure.
...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7262 (Linear eMerge E3-Series devices allow Cross-Site Request
Forgery (CSRF ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7261 (Linear eMerge E3-Series devices have Hard-coded Credentials.
...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7260 (Linear eMerge E3-Series devices have Cleartext Credentials in a
Databa ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7259 (Linear eMerge E3-Series devices allow Authorization Bypass with
Inform ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7258 (Linear eMerge E3-Series devices allow Privilege Escalation. ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7257 (Linear eMerge E3-Series devices allow Unrestricted File Upload.
...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7256 (Linear eMerge E3-Series devices allow Command Injections. ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7255 (Linear eMerge E3-Series devices allow XSS. ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7254 (Linear eMerge E3-Series devices allow File Inclusion. ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7253 (Linear eMerge E3-Series devices allow Directory Traversal. ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7252 (Linear eMerge E3-Series devices have Default Credentials. ...)
- TODO: check
+ NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7251 (An Integer Signedness issue (for a return code) in the
res_pjsip_sdp_r ...)
- asterisk 1:16.2.1~dfsg-1 (bug #923690)
[stretch] - asterisk <not-affected> (Vulnerable code not present)
@@ -22678,7 +22678,7 @@ CVE-2019-4294
CVE-2019-4293 (IBM Storwize V7000 Unified (2073) 1.6 configuration may allow
an attac ...)
NOT-FOR-US: IBM
CVE-2019-4292 (IBM Security Guardium 10.5 could allow a remote attacker to
upload arb ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4291
RESERVED
CVE-2019-4290
@@ -22742,7 +22742,7 @@ CVE-2019-4262
CVE-2019-4261
RESERVED
CVE-2019-4260 (IBM Daeja ViewONE Professional, Standard & Virtual 5.0
through 5.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4259 (A security vulnerability has been identified in IBM Spectrum
Scale 4.1 ...)
NOT-FOR-US: IBM
CVE-2019-4258 (IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 Standard
Edition is vu ...)
@@ -22982,7 +22982,7 @@ CVE-2019-4142 (IBM Cloud Private 2.1.0, 3.1.0, 3.1.1,
and 3.1.2 is vulnerable to
CVE-2019-4141
RESERVED
CVE-2019-4140 (IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and
8.1) c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4139 (IBM Cognos Analytics 11.0, 11.1.0, and 11.1.1 is vulnerable to
cross-s ...)
NOT-FOR-US: IBM
CVE-2019-4138 (IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1
could al ...)
@@ -22994,7 +22994,7 @@ CVE-2019-4136 (IBM Cognos Controller 10.2.0, 10.2.1,
10.3.0, 10.3.1, and 10.4.0
CVE-2019-4135 (IBM Security Access Manager 9.0.1 through 9.0.6 is affected by
a secur ...)
NOT-FOR-US: IBM
CVE-2019-4134 (IBM Planning Analytics 2.0 is vulnerable to cross-site
scripting. This ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4133
RESERVED
CVE-2019-4132
@@ -23004,7 +23004,7 @@ CVE-2019-4131
CVE-2019-4130
RESERVED
CVE-2019-4129 (IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow
a remot ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4128
RESERVED
CVE-2019-4127
@@ -23086,9 +23086,9 @@ CVE-2019-4090
CVE-2019-4089
RESERVED
CVE-2019-4088 (IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents
could allo ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4087 (IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are
vulner ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4086
RESERVED
CVE-2019-4085
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/21bfb3a9e53feb522e7573679438dd443add6b1f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/21bfb3a9e53feb522e7573679438dd443add6b1f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
