Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e96c471d by Moritz Muehlenhoff at 2019-10-06T19:54:02Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,13 +11,13 @@ CVE-2019-17208
CVE-2019-17207
RESERVED
CVE-2019-17206 (Uncontrolled deserialization of a pickled object in models.py
in Frost ...)
- TODO: check
+ NOT-FOR-US: Frost Ming rediswrapper
CVE-2019-17205 (TeamPass 2.1.27.36 allows Stored XSS by placing a payload in
the usern ...)
- TODO: check
+ - teampass <itp> (bug #730180)
CVE-2019-17204 (TeamPass 2.1.27.36 allows Stored XSS by setting a crafted
Knowledge Ba ...)
- TODO: check
+ - teampass <itp> (bug #730180)
CVE-2019-17203 (TeamPass 2.1.27.36 allows Stored XSS at the Search page by
setting a c ...)
- TODO: check
+ - teampass <itp> (bug #730180)
CVE-2019-17202
RESERVED
CVE-2019-17201
@@ -41,9 +41,9 @@ CVE-2019-17194
CVE-2019-17193
RESERVED
CVE-2019-17192 (** DISPUTED ** The WebRTC component in the Signal Private
Messenger ap ...)
- TODO: check
+ NOT-FOR-US: Signal
CVE-2019-17191 (The Signal Private Messenger application before 4.47.7 for
Android all ...)
- TODO: check
+ NOT-FOR-US: Signal
CVE-2019-17190
RESERVED
CVE-2019-17189
@@ -65,7 +65,7 @@ CVE-2019-17182
CVE-2019-17181
RESERVED
CVE-2019-17180 (Valve Steam Client before 2019-09-12 allows placing or
appending parti ...)
- TODO: check
+ NOT-FOR-US: Steam on Windows
CVE-2019-17179 (XSS in library/custom_template/add_template.php in OpenEMR
through 5.0 ...)
NOT-FOR-US: OpenEMR
CVE-2019-17178 (HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG
through 2019-0 ...)
@@ -281,7 +281,7 @@ CVE-2019-17082
CVE-2019-17081
RESERVED
CVE-2019-17080 (mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows
code ex ...)
- TODO: check
+ NOT-FOR-US: Linux Mint
CVE-2019-17079
RESERVED
CVE-2019-17078
@@ -357,7 +357,7 @@ CVE-2019-17052 (ax25_create in net/ax25/af_ax25.c in the
AF_AX25 network module
CVE-2019-17051 (Evernote before 7.13 GA on macOS allows code execution because
the com ...)
NOT-FOR-US: Evernote
CVE-2019-17050 (An issue was discovered in the Voyager package through 1.2.7
for Larav ...)
- TODO: check
+ NOT-FOR-US: Voyager
CVE-2019-17049 (NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as
exploited in t ...)
NOT-FOR-US: NETGEAR
CVE-2019-17048
@@ -3646,7 +3646,7 @@ CVE-2019-15811 (In DomainMOD through 4.13, the parameter
daterange in the file r
CVE-2019-15810 (Insufficient sanitization during device search in Netdisco
2.042010 al ...)
NOT-FOR-US: Netdisco
CVE-2019-15809 (Smart cards from the Athena SCS manufacturer, based on the
Atmel Toolb ...)
- TODO: check
+ NOT-FOR-US: Athena SCS
CVE-2019-15808
RESERVED
CVE-2019-15806 (CommScope ARRIS TR4400 devices with firmware through
A1.00.004-180301 ...)
@@ -28346,7 +28346,7 @@ CVE-2019-7620
CVE-2019-7619
RESERVED
CVE-2019-7618 (A local file disclosure flaw was found in Elastic Code versions
7.3.0, ...)
- TODO: check
+ NOT-FOR-US: Elastic Code
CVE-2019-7617 (When the Elastic APM agent for Python versions before 5.1.0 is
run as ...)
NOT-FOR-US: Elastic APM agent for Python
CVE-2019-7616 (Kibana versions before 6.8.2 and 7.2.1 contain a server side
request f ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e96c471db6fbd268b91c8d8c1c605b6f48c01798
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e96c471db6fbd268b91c8d8c1c605b6f48c01798
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
