Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fb261482 by Salvatore Bonaccorso at 2019-09-12T17:41:23Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,13 +9,13 @@ CVE-2019-16252
 CVE-2019-16251
        RESERVED
 CVE-2019-16250 (includes/wizard/wizard.php in the Ocean Extra plugin through 
1.5.8 for ...)
-       TODO: check
+       NOT-FOR-US: Ocean Extra plugin for WordPress
 CVE-2019-16249 (OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load 
in core ...)
        TODO: check
 CVE-2019-16248 (The "delete for" feature in Telegram before 5.11 on Android 
does not d ...)
        TODO: check
 CVE-2019-16247 (Delta DCISoft 1.21 has a User Mode Write AV starting at 
CommLib!CCommL ...)
-       TODO: check
+       NOT-FOR-US: Delta DCISoft
 CVE-2019-16246
        RESERVED
 CVE-2019-16245
@@ -141,7 +141,7 @@ CVE-2019-16195
 CVE-2019-16194
        RESERVED
 CVE-2019-16193 (In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be 
used to t ...)
-       TODO: check
+       NOT-FOR-US: ArcGIS Enterprise
 CVE-2019-16192 (upload_model() in /admini/controllers/system/managemodel.php 
in DocCms ...)
        NOT-FOR-US: DocCMS
 CVE-2019-16191
@@ -399,7 +399,7 @@ CVE-2019-16100 (Silver Peak EdgeConnect SD-WAN before 
8.1.7.x allows remote atta
 CVE-2019-16099 (Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via 
JSON dat ...)
        NOT-FOR-US: Silver Peak EdgeConnect SD-WAN
 CVE-2019-16098 (The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka 
RTCore64.sys ...)
-       TODO: check
+       NOT-FOR-US: Micro-Star MSI Afterburner
 CVE-2019-16097 (core/api/user.go in Harbor 1.7.0 through 1.8.2 allows 
non-admin users  ...)
        NOT-FOR-US: Harbor
 CVE-2016-10937 (IMAPFilter through 2.6.12 does not validate the hostname in an 
SSL cer ...)
@@ -3541,13 +3541,13 @@ CVE-2019-15000
 CVE-2019-14999 (The Uninstall REST endpoint in Atlassian Universal Plugin 
Manager befo ...)
        NOT-FOR-US: Atlassian
 CVE-2019-14998 (The Webwork action Cross-Site Request Forgery (CSRF) 
protection implem ...)
-       TODO: check
+       NOT-FOR-US: Atlassian Jira
 CVE-2019-14997 (The AccessLogFilter class in Jira before version 8.4.0 allows 
remote a ...)
-       TODO: check
+       NOT-FOR-US: Atlassian Jira
 CVE-2019-14996 (The FilterPickerPopup.jspa resource in Jira before version 
7.13.7, and ...)
-       TODO: check
+       NOT-FOR-US: Atlassian Jira
 CVE-2019-14995 (The /rest/api/1.0/render resource in Jira before version 8.4.0 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Atlassian Jira
 CVE-2019-14994
        RESERVED
 CVE-2019-14993 (Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular 
expressi ...)
@@ -3693,7 +3693,7 @@ CVE-2019-14938
 CVE-2019-14937 (REDCap before 9.3.0 allows time-based SQL injection in the 
edit calend ...)
        NOT-FOR-US: REDCap
 CVE-2019-14936 (Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive 
Informat ...)
-       TODO: check
+       NOT-FOR-US: Easy!Appointments plugin for WordPress
 CVE-2019-14935 (3CX Phone 15 on Windows has insecure permissions on the 
"%PROGRAMDATA% ...)
        NOT-FOR-US: 3CX Phone 15 on Windows
 CVE-2019-14934 (An issue was discovered in PDFResurrect before 0.18. 
pdf_load_pages_ki ...)
@@ -4332,9 +4332,9 @@ CVE-2019-14727 (In CentOS-WebPanel.com (aka CWP) CentOS 
Web Panel 0.9.8.851, an
 CVE-2019-14726 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, 
an insecu ...)
        NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
 CVE-2019-14725 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, 
an insecu ...)
-       TODO: check
+       NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
 CVE-2019-14724 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, 
an insecu ...)
-       TODO: check
+       NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
 CVE-2019-14723 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, 
an insecu ...)
        NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
 CVE-2019-14722 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, 
an insecu ...)
@@ -20870,7 +20870,7 @@ CVE-2019-9490 (A vulnerability in Trend Micro InterScan 
Web Security Virtual App
 CVE-2019-9489 (A directory traversal vulnerability in Trend Micro Apex One, 
OfficeSca ...)
        NOT-FOR-US: Trend Micro
 CVE-2019-9488 (Trend Micro Deep Security Manager (10.x, 11.x) and 
Vulnerability Prote ...)
-       TODO: check
+       NOT-FOR-US: Trend Micro
 CVE-2018-20799 (In pfSense 2.4.4_1, blocking of source IP addresses on the 
basis of fa ...)
        NOT-FOR-US: pfSense
 CVE-2018-20798 (The expiretable configuration in pfSense 2.4.4_1 establishes 
block dur ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb261482d3cab5009b6f9a1708df38e64436ddc0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb261482d3cab5009b6f9a1708df38e64436ddc0
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to