Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9fc64273 by Salvatore Bonaccorso at 2019-10-29T21:30:49Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17478,7 +17478,7 @@ CVE-2019-13068 (public/app/features/panel/panel_ctrl.ts
in Grafana before 6.2.5
CVE-2019-13067 (njs through 0.3.3, used in NGINX, has a buffer over-read in
nxt_utf8_d ...)
NOT-FOR-US: njs
CVE-2019-13066 (Sahi Pro 8.0.0 has a script manager arena located at
_s_/dyn/pro/DBRep ...)
- TODO: check
+ NOT-FOR-US: Sahi Pro
CVE-2019-13065
RESERVED
CVE-2019-13064
@@ -26117,7 +26117,7 @@ CVE-2019-9928 (GStreamer before 1.16.0 has a heap-based
buffer overflow in the R
CVE-2019-9927 (Caret before 2019-02-22 allows Remote Code Execution. ...)
NOT-FOR-US: Caret editor
CVE-2019-9926 (An issue was discovered in LabKey Server 19.1.0. It is possible
to for ...)
- TODO: check
+ NOT-FOR-US: LabKey Server
CVE-2019-9925 (S-CMS PHP v1.0 has XSS in 4.edu.php via the S_id parameter. ...)
NOT-FOR-US: S-CMS PHP
CVE-2019-9924 (rbash in Bash before 4.4-beta2 did not prevent the shell user
from mod ...)
@@ -27499,9 +27499,9 @@ CVE-2019-9760 (FTPGetter Standard v.5.97.0.177 allows
remote code execution when
CVE-2019-9759 (An issue was discovered in TONGDA Office Anywhere 10.18.190121.
There ...)
NOT-FOR-US: TONGDA Office Anywhere
CVE-2019-9758 (An issue was discovered in LabKey Server 19.1.0. The display
name of a ...)
- TODO: check
+ NOT-FOR-US: LabKey Server
CVE-2019-9757 (An issue was discovered in LabKey Server 19.1.0. Sending an SVG
contai ...)
- TODO: check
+ NOT-FOR-US: LabKey Server
CVE-2019-9756 (An issue was discovered in GitLab Community and Enterprise
Edition 10. ...)
[experimental] - gitlab 11.8.2-1
- gitlab 11.8.2-2 (bug #924447)
@@ -35104,27 +35104,27 @@ CVE-2019-6853
CVE-2019-6852
RESERVED
CVE-2019-6851 (A CWE-538: File and Directory Information Exposure
vulnerability exist ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6850 (A CWE-200: Information Exposure vulnerability exists in Modicon
M580, ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6849 (A CWE-200: Information Exposure vulnerability exists in Modicon
M580, ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6848 (A CWE-248: Uncaught Exception vulnerability exists in Modicon
M580, Mo ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6847 (A CWE-248: Uncaught Exception vulnerability exists in Modicon
M580, Mo ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6846 (A CWE-319: Cleartext Transmission of Sensitive Information
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6845 (A CWE-319: Cleartext Transmission of Sensitive Information
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6844 (A CWE-248: Uncaught Exception vulnerability exists in Modicon
M580, Mo ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6843 (A CWE-248: Uncaught Exception vulnerability exists in Modicon
M580, Mo ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6842 (A CWE-248: Uncaught Exception vulnerability exists in Modicon
M580, Mo ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6841 (A CWE-248: Uncaught Exception vulnerability exists in Modicon
M580, Mo ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6840 (A Format String: CWE-134 vulnerability exists in U.motion
Server (MEG6 ...)
NOT-FOR-US: Schneider
CVE-2019-6839 (An Improper Access Control: CWE-284 vulnerability exists in
U.motion S ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9fc6427329b69d0bb9d73b52e78b7e802c35fcae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9fc6427329b69d0bb9d73b52e78b7e802c35fcae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
