Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
70334db1 by Salvatore Bonaccorso at 2019-10-15T11:05:46Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2019-17594 (There is a heap-based buffer over-read in the
_nc_find_entry fun
NOTE:
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
NOTE:
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
CVE-2019-17593 (JIZHICMS 1.5.1 allows admin.php/Admin/adminadd.html CSRF to
add an adm ...)
- TODO: check
+ NOT-FOR-US: JIZHICMS
CVE-2019-17592 (The csv-parse module before 4.4.6 for Node.js is vulnerable to
Regular ...)
TODO: check
CVE-2019-17591
@@ -285,7 +285,7 @@ CVE-2019-17513
CVE-2019-17512
RESERVED
CVE-2019-17511 (There are some web interfaces without authentication
requirements on D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2019-17510 (D-Link DIR-846 devices with firmware 100A35 allow remote
attackers to ...)
NOT-FOR-US: D-Link
CVE-2019-17509 (D-Link DIR-846 devices with firmware 100A35 allow remote
attackers to ...)
@@ -595,7 +595,7 @@ CVE-2019-17410
CVE-2019-17409
RESERVED
CVE-2019-17408 (parserIfLabel in inc/zzz_template.php in ZZZCMS zzzphp 1.7.3
allows re ...)
- TODO: check
+ NOT-FOR-US: ZZZCMS
CVE-2019-17407
RESERVED
CVE-2019-XXXX [Remote code execution vulnerability]
@@ -1073,7 +1073,7 @@ CVE-2019-17178 (HuffmanTree_makeFromFrequencies in
lodepng.c in LodePNG through
CVE-2019-17177 (libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x
through 2.0 ...)
TODO: check
CVE-2019-17176 (Genesys PureEngage Digital (eServices) 8.1.x allows XSS via
HtmlChatPa ...)
- TODO: check
+ NOT-FOR-US: Genesys PureEngage Digital (eServices)
CVE-2019-17175 (joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath=
absolute path ...)
NOT-FOR-US: joyplus-cms
CVE-2019-17174
@@ -1372,9 +1372,9 @@ CVE-2019-17046 (Ilch 2.1.22 allows remote code execution
because php is listed u
CVE-2019-17045 (Ilch 2.1.22 allows stored XSS via the title, text, or email id
to the ...)
NOT-FOR-US: Ilch CMS
CVE-2019-17044 (An issue was discovered in BMC Patrol Agent 9.0.10i. Weak
execution pe ...)
- TODO: check
+ NOT-FOR-US: BMC Patrol Agent
CVE-2019-17043 (An issue was discovered in BMC Patrol Agent 9.0.10i. Weak
execution pe ...)
- TODO: check
+ NOT-FOR-US: BMC Patrol Agent
CVE-2019-17042 (An issue was discovered in Rsyslog v8.1908.0.
contrib/pmcisconames/pmc ...)
{DLA-1952-1}
- rsyslog <unfixed> (bug #942065)
@@ -2722,7 +2722,7 @@ CVE-2019-16521
CVE-2019-16520
RESERVED
CVE-2019-16519 (ESET Cyber Security 6.7.900.0 for macOS allows a local
attacker to exe ...)
- TODO: check
+ NOT-FOR-US: ESET Cyber Security
CVE-2019-16518 (An issue was discovered on Swell Kit Mod devices that use the
Vandy Va ...)
NOT-FOR-US: Swell Kit Mod devices
CVE-2019-16517
@@ -3156,7 +3156,7 @@ CVE-2019-16346 (ngiflib 0.4 has a heap-based buffer
overflow in WritePixel() in
CVE-2019-16345
RESERVED
CVE-2019-16344 (A cross-site scripting (XSS) vulnerability in the login form
(/ScadaBR ...)
- TODO: check
+ NOT-FOR-US: ScadaBR
CVE-2019-16343
RESERVED
CVE-2018-21017 (GPAC 0.7.1 has a memory leak in dinf_Read in
isomedia/box_code_base.c. ...)
@@ -3306,7 +3306,7 @@ CVE-2019-16284
CVE-2019-16283
RESERVED
CVE-2019-16282 (In NCH Express Invoice v7.12, persistent cross site scripting
(XSS) ex ...)
- TODO: check
+ NOT-FOR-US: NCH Express Invoice
CVE-2019-16281
RESERVED
CVE-2019-16280
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/70334db1542f5a042eadd3e2a60138f61ced6a78
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/70334db1542f5a042eadd3e2a60138f61ced6a78
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
