Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6fc741ad by Salvatore Bonaccorso at 2019-07-16T21:24:53Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1017,11 +1017,11 @@ CVE-2019-13607
CVE-2019-13606
RESERVED
CVE-2019-13605 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to
0.9.8.8 ...)
- TODO: check
+ NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13604 (There is a short key vulnerability in HID Global
DigitalPersona (forme ...)
NOT-FOR-US: HID Global DigitalPersona U.are.U 4500 Fingerprint Reader
CVE-2019-13603 (An issue was discovered in the HID Global DigitalPersona
(formerly Cro ...)
- TODO: check
+ NOT-FOR-US: HID Global DigitalPersona U.are.U 4500 Fingerprint Reader
Windows Biometric Framework driver
CVE-2019-13602 (An Integer Underflow in MP4_EIA608_Convert() in
modules/demux/mp4/mp4. ...)
- vlc 3.0.7.1-2 (bug #932131)
NOTE:
https://git.videolan.org/?p=vlc.git;a=commit;h=8e8e0d72447f8378244f5b4a3dcde036dbeb1491
@@ -1501,7 +1501,7 @@ CVE-2019-13385
CVE-2019-13384
RESERVED
CVE-2019-13383 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846,
the Login ...)
- TODO: check
+ NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13382
RESERVED
CVE-2019-13381
@@ -1547,9 +1547,9 @@ CVE-2019-13362 (Codedoc v3.2 has a stack-based buffer
overflow in add_variable i
CVE-2019-13361
RESERVED
CVE-2019-13360 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836,
remote at ...)
- TODO: check
+ NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13359 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a
cwpsrv- ...)
- TODO: check
+ NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13358 (lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that
allows ...)
NOT-FOR-US: OpenCats
CVE-2019-13357
@@ -2507,21 +2507,21 @@ CVE-2019-12994
CVE-2019-12993
RESERVED
CVE-2019-12992 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x
before ...)
- TODO: check
+ NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12991 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x
before ...)
- TODO: check
+ NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12990 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x
before ...)
- TODO: check
+ NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12989 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x
before ...)
- TODO: check
+ NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12988 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x
before ...)
- TODO: check
+ NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12987 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x
before ...)
- TODO: check
+ NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12986 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x
before ...)
- TODO: check
+ NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12985 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x
before ...)
- TODO: check
+ NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12984 (A NULL pointer dereference vulnerability in the function
nfc_genl_deac ...)
- linux <unfixed>
NOTE: Fixed by:
https://git.kernel.org/linus/385097a3675749cbc9e97c085c0e5dfe4269ca51
@@ -2927,7 +2927,7 @@ CVE-2019-12836 (The Bobronix JEditor editor before 3.0.6
for Jira allows an atta
CVE-2019-12835 (formats/xml.cpp in Leanify 0.4.3 allows for a controlled
out-of-bounds ...)
NOT-FOR-US: Leanify
CVE-2019-12834 (In HT2 Labs Learning Locker 3.15.1, it's possible to inject
malicious ...)
- TODO: check
+ NOT-FOR-US: HT2 Labs Learning Locker
CVE-2019-12833
RESERVED
CVE-2019-12832
@@ -11134,7 +11134,7 @@ CVE-2019-1010064
CVE-2019-1010063
RESERVED
CVE-2019-1010062 (PluckCMS 4.7.4 and earlier is affected by: CWE-434
Unrestricted Upload ...)
- TODO: check
+ NOT-FOR-US: PluckCMS
CVE-2019-1010061
REJECTED
CVE-2019-1010060 (NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow.
The impact ...)
@@ -11945,7 +11945,7 @@ CVE-2019-9702 (Symantec Endpoint Encryption, prior to
SEE 11.3.0, may be suscept
CVE-2019-9701 (DLP 15.5 MP1 and all prior versions may be susceptible to a
cross-site ...)
NOT-FOR-US: DLP (Symantec)
CVE-2019-9700 (Norton Password Manager, prior to 6.3.0.2082, may be
susceptible to an ...)
- TODO: check
+ NOT-FOR-US: Norton Password Manager
CVE-2019-9699
RESERVED
CVE-2019-9698 (Symantec AV Engine, prior to 13.0.9r17, may be susceptible to
an arbit ...)
@@ -20864,7 +20864,7 @@ CVE-2019-6162
CVE-2019-6161
RESERVED
CVE-2019-6160 (A vulnerability in various versions of Iomega and LenovoEMC NAS
produc ...)
- TODO: check
+ NOT-FOR-US: Iomega and LenovoEMC NAS products
CVE-2019-6159
RESERVED
CVE-2019-6158 (An internal product security audit of Lenovo XClarity
Administrator (L ...)
@@ -33277,9 +33277,9 @@ CVE-2019-1578 (Cross-site scripting vulnerability in
Palo Alto Networks MineMeld
CVE-2019-1577 (Code injection vulnerability in Palo Alto Networks Traps 5.0.5
and ear ...)
NOT-FOR-US: Palo Alto Networks Traps
CVE-2019-1576 (Command injection in PAN-0S 9.0.2 and earlier may allow an
authenticat ...)
- TODO: check
+ NOT-FOR-US: PAN-0S
CVE-2019-1575 (Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS
8.0.18 and ...)
- TODO: check
+ NOT-FOR-US: PAN-0S
CVE-2019-1574 (Cross-site scripting (XSS) vulnerability in Palo Alto Networks
Expedit ...)
NOT-FOR-US: Palo Alto Networks Expedition Migration tool
CVE-2019-1573 (GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent
4.1.10 a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6fc741ada39056d85e618b3bdae54200c303a1ab
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6fc741ada39056d85e618b3bdae54200c303a1ab
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
