[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Mon, 28 Oct 2019 13:46:17 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a0695689 by Salvatore Bonaccorso at 2019-10-28T20:42:00Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -995,7 +995,7 @@ CVE-2019-18198 (In the Linux kernel before 5.3.4, a 
reference count usage error
        NOTE: 
https://git.kernel.org/linus/ca7a03c4175366a92cee0ccc4fec0038c3266e26
        NOTE: https://launchpad.net/bugs/1847478
 CVE-2019-18195 (An issue was discovered on TerraMaster FS-210 4.0.19 devices. 
Normal u ...)
-       TODO: check
+       NOT-FOR-US: TerraMaster FS-210 devices
 CVE-2019-18194
        RESERVED
 CVE-2019-18193
@@ -4271,7 +4271,7 @@ CVE-2019-17226 (CMS Made Simple (CMSMS) 2.2.11 allows XSS 
via the Site Admin &gt
 CVE-2019-17225 (Subrion 4.2.1 allows XSS via the panel/members/ Username, Full 
Name, o ...)
        NOT-FOR-US: Subrion CMS
 CVE-2019-17224 (The web interface of the Compal Broadband CH7465LG modem 
(version CH74 ...)
-       TODO: check
+       NOT-FOR-US: Compal Broadband CH7465LG modem
 CVE-2019-17223 (There is HTML Injection in the Note field in Dolibarr ERP/CRM 
10.0.2 v ...)
        - dolibarr <removed>
 CVE-2019-17222
@@ -4359,7 +4359,7 @@ CVE-2019-17183 (Foxit Reader before 9.7 allows an Access 
Violation and crash if
 CVE-2019-17182
        RESERVED
 CVE-2019-17181 (A remote SEH buffer overflow has been discovered in IntraSrv 
1.0 (2007 ...)
-       TODO: check
+       NOT-FOR-US: IntraSrv
 CVE-2019-17180 (Valve Steam Client before 2019-09-12 allows placing or 
appending parti ...)
        NOT-FOR-US: Steam on Windows
 CVE-2019-17179 (4.1.0, 4.1.1, 4.1.2, 4.1.2.3, 4.1.2.6, 4.1.2.7, 4.2.0, 4.2.1, 
4.2.2, 5 ...)
@@ -5035,7 +5035,7 @@ CVE-2019-16899 (In Advantech WebAccess/HMI Designer 
2.1.9.31, Data from a Faulti
 CVE-2019-16898
        RESERVED
 CVE-2019-16897 (In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total 
Security  ...)
-       TODO: check
+       NOT-FOR-US: K7
 CVE-2019-16896
        RESERVED
 CVE-2019-16895
@@ -5660,9 +5660,9 @@ CVE-2019-16665 (An issue was discovered in ThinkSAAS 
2.91. There is XSS via the
 CVE-2019-16664 (An issue was discovered in ThinkSAAS 2.91. There is XSS via 
the index. ...)
        NOT-FOR-US: ThinkSAAS
 CVE-2019-16663 (An issue was discovered in rConfig 3.9.2. An attacker can 
directly exe ...)
-       TODO: check
+       NOT-FOR-US: rConfig
 CVE-2019-16662 (An issue was discovered in rConfig 3.9.2. An attacker can 
directly exe ...)
-       TODO: check
+       NOT-FOR-US: rConfig
 CVE-2019-16661 (Ogma CMS 0.5 has XSS via creation of a new blog. ...)
        NOT-FOR-US: Ogma CMS
 CVE-2019-16660 (joyplus-cms 1.6.0 has 
admin_ajax.php?action=savexml&amp;tab=vodplay CS ...)
@@ -10827,19 +10827,19 @@ CVE-2013-7475 (The contact-form-plugin plugin before 
3.52 for WordPress has XSS.
 CVE-2012-6713 (The job-manager plugin before 0.7.19 for WordPress has multiple 
XSS is ...)
        NOT-FOR-US: job-manager plugin for WordPress
 CVE-2019-14931 (An issue was discovered on Mitsubishi Electric ME-RTU devices 
through  ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi Electric ME-RTU devices
 CVE-2019-14930 (An issue was discovered on Mitsubishi Electric ME-RTU devices 
through  ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi Electric ME-RTU devices
 CVE-2019-14929 (An issue was discovered on Mitsubishi Electric ME-RTU devices 
through  ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi Electric ME-RTU devices
 CVE-2019-14928 (An issue was discovered on Mitsubishi Electric ME-RTU devices 
through  ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi Electric ME-RTU devices
 CVE-2019-14927 (An issue was discovered on Mitsubishi Electric ME-RTU devices 
through  ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi Electric ME-RTU devices
 CVE-2019-14926 (An issue was discovered on Mitsubishi Electric ME-RTU devices 
through  ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi Electric ME-RTU devices
 CVE-2019-14925 (An issue was discovered on Mitsubishi Electric ME-RTU devices 
through  ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi Electric ME-RTU devices
 CVE-2019-14924 (An issue was discovered in GCDWebServer before 3.5.3. The 
method moveI ...)
        NOT-FOR-US: GCDWebServer
 CVE-2019-14923 (EyesOfNetwork 5.1 allows Remote Command Execution via shell 
metacharac ...)
@@ -12749,7 +12749,7 @@ CVE-2019-14452 (Sigil before 0.9.16 is vulnerable to a 
directory traversal, allo
 CVE-2019-14451 (RepetierServer.exe in Repetier-Server 0.8 through 0.91 does 
not proper ...)
        NOT-FOR-US: Repetier-Server
 CVE-2019-14450 (A directory traversal vulnerability was discovered in 
RepetierServer.e ...)
-       TODO: check
+       NOT-FOR-US: Repetier-Server
 CVE-2019-14449
        RESERVED
 CVE-2019-14448
@@ -38418,11 +38418,11 @@ CVE-2019-5540
 CVE-2019-5539
        RESERVED
 CVE-2019-5538 (Sensitive information disclosure vulnerability resulting from a 
lack o ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2019-5537 (Sensitive information disclosure vulnerability resulting from a 
lack o ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2019-5536 (VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before 
ESXi650-20 ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2019-5535 (VMware Workstation and Fusion contain a network 
denial-of-service vuln ...)
        NOT-FOR-US: VMware
 CVE-2019-5534 (VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 
U3 and  ...)
@@ -42711,7 +42711,7 @@ CVE-2019-3638 (Reflected Cross Site Scripting 
vulnerability in Administrators we
 CVE-2019-3637 (Privilege Escalation vulnerability in McAfee FRP 5.x prior to 
5.1.0.20 ...)
        NOT-FOR-US: McAfee
 CVE-2019-3636 (A File Masquerade vulnerability in McAfee Total Protection 
(MTP) versi ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2019-3635 (Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior 
to 7.8. ...)
        NOT-FOR-US: McAfee
 CVE-2019-3634 (Buffer overflow in McAfee Data Loss Prevention (DLPe) for 
Windows 11.x ...)
@@ -112476,7 +112476,7 @@ CVE-2017-15727 (In phpMyFAQ before 2.9.9, there is 
Stored Cross-site Scripting (
 CVE-2017-15726
        RESERVED
 CVE-2017-15725 (An XML External Entity Injection vulnerability exists in Dzone 
AnswerH ...)
-       TODO: check
+       NOT-FOR-US: Dzone AnswerHub
 CVE-2017-15724
        RESERVED
 CVE-2017-15723 (In Irssi before 1.0.5, overlong nicks or targets may result in 
a NULL  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a06956896022a33409021327e0a8f42050ad59e1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a06956896022a33409021327e0a8f42050ad59e1
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to