Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2376fbcc by Moritz Muehlenhoff at 2019-09-25T08:59:14Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4772,13 +4772,13 @@ CVE-2019-15092 (The webtoffee "WordPress Users &
WooCommerce Customers Impor
CVE-2019-15091 (filemgr.php in Artica Integria IMS 5.0.86 allows
index.php?sec=wiki&am ...)
NOT-FOR-US: Artica Integria IMS
CVE-2019-15089 (An issue was discovered in PRiSE adAS 1.7.0. Forms have no
CSRF protec ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-15088 (An issue was discovered in PRiSE adAS 1.7.0. Password hashes
are compa ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-15087 (An issue was discovered in PRiSE adAS 1.7.0. An authenticated
user can ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-15086 (An issue was discovered in PRiSE adAS 1.7.0. The newentityID
parameter ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-15085 (An issue was discovered in PRiSE adAS 1.7.0. The current
database pass ...)
TODO: check
CVE-2019-15084 (Realtek Waves MaxxAudio driver 1.6.2.0, as used on Dell
laptops, insta ...)
@@ -5172,9 +5172,9 @@ CVE-2019-15003
CVE-2019-15002
RESERVED
CVE-2019-15001 (The Jira Importers Plugin in Atlassian Jira Server and Data
Cente from ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2019-15000 (The commit diff rest endpoint in Bitbucket Server and Data
Center befo ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2019-14999 (The Uninstall REST endpoint in Atlassian Universal Plugin
Manager befo ...)
NOT-FOR-US: Atlassian
CVE-2019-14998 (The Webwork action Cross-Site Request Forgery (CSRF)
protection implem ...)
@@ -5186,7 +5186,7 @@ CVE-2019-14996 (The FilterPickerPopup.jspa resource in
Jira before version 7.13.
CVE-2019-14995 (The /rest/api/1.0/render resource in Jira before version 8.4.0
allows ...)
NOT-FOR-US: Atlassian Jira
CVE-2019-14994 (The Customer Context Filter in Atlassian Jira Service Desk
Server and ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2019-14993 (Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular
expressi ...)
NOT-FOR-US: Istio
CVE-2019-14992
@@ -5488,17 +5488,17 @@ CVE-2019-14918
CVE-2019-14917
RESERVED
CVE-2019-14916 (An issue was discovered in PRiSE adAS 1.7.0. A file's format
is not pr ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14915 (An issue was discovered in PRiSE adAS 1.7.0. Certificate data
are not ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14914 (An issue was discovered in PRiSE adAS 1.7.0. The path is not
properly ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14913 (An issue was discovered in PRiSE adAS 1.7.0. Log data are not
properly ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14912 (An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO
module does n ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14911 (An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO
module does n ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14910
RESERVED
CVE-2019-14909
@@ -5907,7 +5907,7 @@ CVE-2019-14754 (Open-School 3.0, and Community Edition
2.3, allows SQL Injection
CVE-2018-20962 (The Backpack\CRUD Backpack component before 3.4.9 for Laravel
allows X ...)
NOT-FOR-US: Backpack\CRUD Backpack
CVE-2019-14753 (SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0
have a Buff ...)
- TODO: check
+ NOT-FOR-US: SICK FX0-GPNT00000 and FX0-GENT00000 devices
CVE-2019-14752
RESERVED
CVE-2019-14751 (NLTK Downloader before 3.4.5 is vulnerable to a directory
traversal, a ...)
@@ -6711,7 +6711,7 @@ CVE-2019-14459 (nfdump 1.6.17 and earlier is affected by
an integer overflow in
NOTE: https://github.com/phaag/nfdump/issues/171
NOTE:
https://github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b
CVE-2019-14458 (VIVOTEK IP Camera devices with firmware before 0x20x allow a
denial of ...)
- TODO: check
+ NOT-FOR-US: VIVOTEK IP Camera devices
CVE-2019-14457 (VIVOTEK IP Camera devices with firmware before 0x20x have a
stack-base ...)
NOT-FOR-US: VIVOTEK IP Camera devices
CVE-2019-14456 (Opengear console server firmware releases prior to 4.5.0 have
a stored ...)
@@ -7894,11 +7894,11 @@ CVE-2019-14256
CVE-2019-14255 (A Server Side Request Forgery (SSRF) vulnerability in go-camo
up to ve ...)
NOT-FOR-US: go-camo
CVE-2019-14254 (An issue was discovered in the secure portal in Publisure
2.1.2. Becau ...)
- TODO: check
+ NOT-FOR-US: Publisure
CVE-2019-14253 (An issue was discovered in servletcontroller in the secure
portal in P ...)
- TODO: check
+ NOT-FOR-US: Publisure
CVE-2019-14252 (An issue was discovered in the secure portal in Publisure
2.1.2. Once ...)
- TODO: check
+ NOT-FOR-US: Publisure
CVE-2019-14251
RESERVED
CVE-2019-14250 (An issue was discovered in GNU libiberty, as distributed in
GNU Binuti ...)
@@ -36763,11 +36763,11 @@ CVE-2019-3742 (Dell/Alienware Digital Delivery
versions prior to 3.5.2013 contai
CVE-2019-3741 (Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116
contain a ...)
NOT-FOR-US: EMC
CVE-2019-3740 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an
Inform ...)
- TODO: check
+ NOT-FOR-US: RSA
CVE-2019-3739 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to
Informati ...)
- TODO: check
+ NOT-FOR-US: RSA
CVE-2019-3738 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an
Improp ...)
- TODO: check
+ NOT-FOR-US: RSA
CVE-2019-3737 (Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are
affected by a ...)
NOT-FOR-US: Dell EMC Avamar ADMe Web Interface
CVE-2019-3736
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2376fbccbd62c5b7e150b60032d34bb1765d7a3c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2376fbccbd62c5b7e150b60032d34bb1765d7a3c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
