Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
848d51b0 by Salvatore Bonaccorso at 2019-08-06T20:37:56Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25,7 +25,7 @@ CVE-2019-14699
CVE-2019-14698
RESERVED
CVE-2019-14696 (Open-School 3.0, and Community Edition 2.3, allows XSS via the
osv/ind ...)
- TODO: check
+ NOT-FOR-US: Open-School
CVE-2019-14695 (A SQL injection vulnerability exists in the Sygnoos Popup
Builder plug ...)
NOT-FOR-US: Sygnoos Popup Builder plugin for WordPress
CVE-2019-14694
@@ -552,7 +552,7 @@ CVE-2019-14475 (eQ-3 Homematic CCU2 2.47.15 and prior and
CCU3 3.47.15 and prior
CVE-2019-14474
RESERVED
CVE-2019-14473 (eQ-3 Homematic CCU2 and CCU3 use session IDs for
authentication but la ...)
- TODO: check
+ NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14472 (Zurmo 3.2.7-2 has XSS via the app/index.php/zurmo/default
PATH_INFO. ...)
NOT-FOR-US: Zumo
CVE-2019-14471 (TestLink 1.9.19 has XSS via the error.php message parameter.
...)
@@ -1455,9 +1455,9 @@ CVE-2019-14349 (EspoCRM version 5.6.4 is vulnerable to
stored XSS due to lack of
CVE-2019-14348 (The BearDev JoomSport plugin 3.3 for WordPress allows SQL
injection to ...)
NOT-FOR-US: BearDev JoomSport plugin for WordPress
CVE-2019-14347 (Internal/Views/addUsers.php in Schben Adive 2.0.7 allows
remote unpriv ...)
- TODO: check
+ NOT-FOR-US: Schben Adive
CVE-2019-14346 (Internal/Views/config.php in Schben Adive 2.0.7 allows
admin/config CS ...)
- TODO: check
+ NOT-FOR-US: Schben Adive
CVE-2019-14345
RESERVED
CVE-2019-14344
@@ -5299,7 +5299,7 @@ CVE-2019-13145
CVE-2019-13144
REJECTED
CVE-2019-13143 (An HTTP parameter pollution issue was discovered on Shenzhen
Dragon Br ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Dragon Brothers Fingerprint Bluetooth Round
Padlock FB50
CVE-2019-13142 (The RzSurroundVADStreamingService
(RzSurroundVADStreamingService.exe) ...)
NOT-FOR-US: Razer Surround
CVE-2019-13141
@@ -5880,7 +5880,7 @@ CVE-2019-12951 (An issue was discovered in Mongoose
before 6.15. The parse_mqtt(
NOT-FOR-US: Cesanta Mongoose
NOTE: smplayer embeds a copy, which is unused in any released version
and disabled since 18.5.0~ds1-1
CVE-2019-12950 (An issue was discovered in TeamPass 2.1.27.35. From the
sources/items. ...)
- TODO: check
+ NOT-FOR-US: TeamPass
CVE-2019-12949 (In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick
an authen ...)
NOT-FOR-US: pfSense
CVE-2019-12948 (A vulnerability in the web-based management interface of VVX,
Trio, So ...)
@@ -24588,21 +24588,21 @@ CVE-2019-6003
CVE-2019-6002 (Cross-site scripting vulnerability in Central Dogma 0.17.0 to
0.40.1 a ...)
NOT-FOR-US: Central Dogma
CVE-2019-6001 (Buffer overflow in PTP (Picture Transfer Protocol) of EOS
series digit ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2019-6000 (Buffer overflow in PTP (Picture Transfer Protocol) of EOS
series digit ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2019-5999 (Buffer overflow in PTP (Picture Transfer Protocol) of EOS
series digit ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2019-5998 (Buffer overflow in PTP (Picture Transfer Protocol) of EOS
series digit ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2019-5997
RESERVED
CVE-2019-5996
RESERVED
CVE-2019-5995 (Missing authorization vulnerability exists in EOS series
digital camer ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2019-5994 (Buffer overflow in PTP (Picture Transfer Protocol) of EOS
series digit ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2019-5993
RESERVED
CVE-2019-5992
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/848d51b09de77c0f3f9145b904c99c09d8811489
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/848d51b09de77c0f3f9145b904c99c09d8811489
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
