[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Mon, 16 Sep 2019 13:13:58 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
deea5fcb by Salvatore Bonaccorso at 2019-09-16T20:12:43Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -204,43 +204,43 @@ CVE-2019-16278
 CVE-2019-16277 (PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in 
cstdlib/ ...)
        TODO: check
 CVE-2017-18634 (The newspaper theme before 6.7.2 for WordPress has script 
injection vi ...)
-       TODO: check
+       NOT-FOR-US: newspaper theme for WordPress
 CVE-2016-10973 (The Brafton plugin before 3.4.8 for WordPress has XSS via the 
wp-admin ...)
-       TODO: check
+       NOT-FOR-US: Brafton plugin for WordPress
 CVE-2016-10972 (The newspaper theme before 6.7.2 for WordPress has a lack of 
options a ...)
-       TODO: check
+       NOT-FOR-US: newspaper theme for WordPress
 CVE-2016-10971 (The MemberSonic Lite plugin before 1.302 for WordPress has 
incorrect l ...)
-       TODO: check
+       NOT-FOR-US: MemberSonic Lite plugin for WordPress
 CVE-2016-10970 (The supportflow plugin before 0.7 for WordPress has XSS via a 
ticket e ...)
-       TODO: check
+       NOT-FOR-US: supportflow plugin for WordPress
 CVE-2016-10969 (The supportflow plugin before 0.7 for WordPress has XSS via a 
discussi ...)
-       TODO: check
+       NOT-FOR-US: supportflow plugin for WordPress
 CVE-2016-10968 (The peepso-core plugin before 1.6.1 for WordPress has 
PeepSoProfilePre ...)
-       TODO: check
+       NOT-FOR-US: peepso-core plugin for WordPress
 CVE-2016-10967 (The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via 
the wp-c ...)
-       TODO: check
+       NOT-FOR-US: real3d-flipbook-lite plugin for WordPress
 CVE-2016-10966 (The real3d-flipbook-lite plugin 1.0 for WordPress has 
bookName=../ dir ...)
-       TODO: check
+       NOT-FOR-US: real3d-flipbook-lite plugin for WordPress
 CVE-2016-10965 (The real3d-flipbook-lite plugin 1.0 for WordPress has 
deleteBook=../ d ...)
-       TODO: check
+       NOT-FOR-US: real3d-flipbook-lite plugin for WordPress
 CVE-2016-10964 (The dwnldr plugin before 1.01 for WordPress has XSS via the 
User-Agent ...)
-       TODO: check
+       NOT-FOR-US: dwnldr plugin for WordPress
 CVE-2016-10963 (The icegram plugin before 1.9.19 for WordPress has XSS. ...)
-       TODO: check
+       NOT-FOR-US: icegram plugin for WordPress
 CVE-2016-10962 (The icegram plugin before 1.9.19 for WordPress has CSRF via 
the wp-adm ...)
-       TODO: check
+       NOT-FOR-US: icegram plugin for WordPress
 CVE-2016-10961 (The colorway theme before 3.4.2 for WordPress has XSS via the 
contactN ...)
-       TODO: check
+       NOT-FOR-US: colorway theme for WordPress
 CVE-2016-10960 (The wsecure plugin before 2.4 for WordPress has remote code 
execution  ...)
-       TODO: check
+       NOT-FOR-US: wsecure plugin for WordPress
 CVE-2016-10959 (The estatik plugin before 2.3.1 for WordPress has 
authenticated arbitr ...)
-       TODO: check
+       NOT-FOR-US: estatik plugin for WordPress
 CVE-2016-10958 (The estatik plugin before 2.3.0 for WordPress has 
unauthenticated arbi ...)
-       TODO: check
+       NOT-FOR-US: estatik plugin for WordPress
 CVE-2016-10957 (The Akal theme through 2016-08-22 for WordPress has XSS via 
the framew ...)
        TODO: check
 CVE-2016-10956 (The mail-masta plugin 1.0 for WordPress has local file 
inclusion in co ...)
-       TODO: check
+       NOT-FOR-US: mail-masta plugin for WordPress
 CVE-2010-5333 (The web server in Integard Pro and Home before 2.0.0.9037 and 
2.2.x be ...)
        NOT-FOR-US: Integard
 CVE-2019-16319 (In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon 
dissector ...)
@@ -34370,7 +34370,7 @@ CVE-2019-4149 (IBM Business Automation Workflow 
V18.0.0.0 through V18.0.0.2 and
 CVE-2019-4148 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 
6.0.0.1 is vu ...)
        NOT-FOR-US: IBM
 CVE-2019-4147 (IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable 
to SQL ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2019-4146 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 
6.0.0.1 could ...)
        NOT-FOR-US: IBM
 CVE-2019-4145 (IBM Security Access Manager 9.0.1 through 9.0.6 could reveal 
highly se ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/deea5fcbfde0bff2042b82b5b97a6509979d023e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/deea5fcbfde0bff2042b82b5b97a6509979d023e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to