Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c2263baf by Salvatore Bonaccorso at 2019-10-16T20:44:36Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2019-17663 (D-Link DIR-866L 1.03B04 devices allow XSS via
HtmlResponseMessage in t ...)
NOT-FOR-US: D-Link
CVE-2019-17662 (ThinVNC 1.0b1 is vulnerable to arbitrary file read, which
leads to a c ...)
- TODO: check
+ NOT-FOR-US: ThinVNC
CVE-2019-17661
RESERVED
CVE-2019-17660 (A cross-site scripting (XSS) vulnerability in
admin/translate/translat ...)
@@ -437,7 +437,7 @@ CVE-2019-17514 (library/glob.html in the Python 2 and 3
documentation before 201
CVE-2019-17513
RESERVED
CVE-2019-17512 (There are some web interfaces without authentication
requirements on D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2019-17511 (There are some web interfaces without authentication
requirements on D ...)
NOT-FOR-US: D-Link
CVE-2019-17510 (D-Link DIR-846 devices with firmware 100A35 allow remote
attackers to ...)
@@ -643,9 +643,9 @@ CVE-2019-17438
CVE-2019-17437
RESERVED
CVE-2019-17436 (A Local Privilege Escalation vulnerability exists in
GlobalProtect Age ...)
- TODO: check
+ NOT-FOR-US: GlobalProtect Agent
CVE-2019-17435 (A Local Privilege Escalation vulnerability exists in the
GlobalProtect ...)
- TODO: check
+ NOT-FOR-US: GlobalProtect Agent
CVE-2019-17434 (LavaLite through 5.7 has XSS via a crafted account name that
is mishan ...)
NOT-FOR-US: LavaLite
CVE-2019-17433 (z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the
Roles s ...)
@@ -4414,7 +4414,7 @@ CVE-2019-15964
CVE-2019-15963
RESERVED
CVE-2019-15962 (A vulnerability in the CLI of Cisco TelePresence Collaboration
Endpoin ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15961
RESERVED
CVE-2019-15960
@@ -4631,7 +4631,7 @@ CVE-2019-15895 (search-exclude.php in the "Search
Exclude" plugin before 1.2.4 f
CVE-2019-15894 (An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x
through 3.0.9, ...)
NOT-FOR-US: Espressif
CVE-2019-15893 (Sonatype Nexus Repository Manager 2.x before 2.14.15 allows
Remote Cod ...)
- TODO: check
+ NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2019-15891 (An issue was discovered in CKFinder through 2.6.2.1 and 3.x
through 3. ...)
NOT-FOR-US: CKFinder
CVE-2019-15890 (libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in
ip_reas ...)
@@ -6317,57 +6317,57 @@ CVE-2019-15284
CVE-2019-15283
RESERVED
CVE-2019-15282 (A vulnerability in the web-based management interface of Cisco
Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15281 (A vulnerability in the web-based management interface of Cisco
Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15280 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15279
RESERVED
CVE-2019-15278
RESERVED
CVE-2019-15277 (A vulnerability in the CLI of Cisco TelePresence Collaboration
Endpoin ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15276
RESERVED
CVE-2019-15275 (A vulnerability in the CLI of Cisco TelePresence Collaboration
Endpoin ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15274 (A vulnerability in the CLI of Cisco TelePresence Collaboration
Endpoin ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15273 (Multiple vulnerabilities in the CLI of Cisco TelePresence
Collaboratio ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15272 (A vulnerability in the web-based interface of Cisco Unified
Communicat ...)
NOT-FOR-US: Cisco
CVE-2019-15271
RESERVED
CVE-2019-15270 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15269 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15268 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15267
RESERVED
CVE-2019-15266 (A vulnerability in the CLI of Cisco Wireless LAN Controller
(WLC) Soft ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15265 (A vulnerability in the bridge protocol data unit (BPDU)
forwarding fun ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15264 (A vulnerability in the Control and Provisioning of Wireless
Access Poi ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15263
RESERVED
CVE-2019-15262 (A vulnerability in the Secure Shell (SSH) session management
for Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15261 (A vulnerability in the Point-to-Point Tunneling Protocol
(PPTP) VPN pa ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15260 (A vulnerability in Cisco Aironet Access Points (APs) Software
could al ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15259 (A vulnerability in Cisco Unified Contact Center Express (UCCX)
Softwar ...)
NOT-FOR-US: Cisco
CVE-2019-15258 (A vulnerability in the web-based management interface of Cisco
SPA100 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15257 (A vulnerability in the web-based management interface of Cisco
SPA100 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15256 (A vulnerability in the Internet Key Exchange version 1 (IKEv1)
feature ...)
NOT-FOR-US: Cisco
CVE-2019-15255
@@ -6377,31 +6377,31 @@ CVE-2019-15254
CVE-2019-15253
RESERVED
CVE-2019-15252 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15251 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15250 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15249 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15248 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15247 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15246 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15245 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15244 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15243 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15242 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15241 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15240 (Multiple vulnerabilities in Cisco SPA100 Series Analog
Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15292 (An issue was discovered in the Linux kernel before 5.0.9.
There is a u ...)
{DLA-1930-1 DLA-1919-1}
- linux 4.19.37-1
@@ -15099,7 +15099,7 @@ CVE-2019-12720
CVE-2019-12719
RESERVED
CVE-2019-12718 (A vulnerability in the web-based interface of Cisco Small
Business Sma ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12717 (A vulnerability in a CLI command related to the virtualization
manager ...)
NOT-FOR-US: Cisco
CVE-2019-12716 (A vulnerability in the web-based interface of Cisco Unified
Communicat ...)
@@ -15119,19 +15119,19 @@ CVE-2019-12710 (A vulnerability in the web-based
interface of Cisco Unified Comm
CVE-2019-12709 (A vulnerability in a CLI command related to the virtualization
manager ...)
NOT-FOR-US: Cisco
CVE-2019-12708 (A vulnerability in the web-based management interface of Cisco
SPA100 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12707 (A vulnerability in the web-based interface of multiple Cisco
Unified C ...)
NOT-FOR-US: Cisco
CVE-2019-12706 (A vulnerability in the Sender Policy Framework (SPF)
functionality of ...)
NOT-FOR-US: Cisco
CVE-2019-12705 (A vulnerability in the web-based management interface of Cisco
Express ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12704 (A vulnerability in the web-based management interface of Cisco
SPA100 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12703 (A vulnerability in the web-based management interface of Cisco
SPA122 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12702 (A vulnerability in the web-based management interface of Cisco
SPA100 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12701 (A vulnerability in the file and malware inspection feature of
Cisco Fi ...)
NOT-FOR-US: Cisco
CVE-2019-12700 (A vulnerability in the configuration of the Pluggable
Authentication M ...)
@@ -15259,7 +15259,7 @@ CVE-2019-12640
CVE-2019-12639
RESERVED
CVE-2019-12638 (A vulnerability in the web-based management interface of Cisco
Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12637 (Multiple vulnerabilities in the web-based management interface
of Cisc ...)
TODO: check
CVE-2019-12636 (A vulnerability in the web-based management interface of Cisco
Small B ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2263baf22e20c9e2861017aa339ab8094768ed9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2263baf22e20c9e2861017aa339ab8094768ed9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
