[Git][security-tracker-team/security-tracker][master] NFUs

Thu, 31 Oct 2019 07:40:37 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9e2cc2cc by Moritz Muehlenhoff at 2019-10-31T14:38:42Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,9 +7,9 @@ CVE-2019-18647
 CVE-2019-18646
        RESERVED
 CVE-2019-18645 (The quarantine restoration function in Total Defense 
Anti-virus 11.5.2 ...)
-       TODO: check
+       NOT-FOR-US: Total Defense Anti-virus
 CVE-2019-18644 (The malware scan function in Total Defense Anti-virus 
11.5.2.28 is vul ...)
-       TODO: check
+       NOT-FOR-US: Total Defense Anti-virus
 CVE-2019-18643
        RESERVED
 CVE-2019-18642
@@ -27,13 +27,13 @@ CVE-2019-18637
 CVE-2019-18636
        RESERVED
 CVE-2019-18635 (An issue was discovered in Mooltipass Moolticute through 
v0.42.1 and v ...)
-       TODO: check
+       NOT-FOR-US: Mooltipass Moolticute
 CVE-2019-18634
        RESERVED
 CVE-2019-18633 (European Commission eIDAS-Node Integration Package before 
2.3.1 has Mi ...)
-       TODO: check
+       NOT-FOR-US: European Commission eIDAS-Node Integration Package
 CVE-2019-18632 (European Commission eIDAS-Node Integration Package before 
2.3.1 allows ...)
-       TODO: check
+       NOT-FOR-US: European Commission eIDAS-Node Integration Package
 CVE-2019-18631
        RESERVED
 CVE-2019-18630
@@ -1187,13 +1187,13 @@ CVE-2019-18209 (templates/pad.html in Etherpad-Lite 
1.7.5 has XSS when the brows
 CVE-2019-18208
        RESERVED
 CVE-2019-18207 (In Zucchetti InfoBusiness before and including 4.4.1, an 
authenticated ...)
-       TODO: check
+       NOT-FOR-US: Zucchetti InfoBusiness
 CVE-2019-18206 (A cross-site request forgery (CSRF) vulnerability in Zucchetti 
InfoBus ...)
-       TODO: check
+       NOT-FOR-US: Zucchetti InfoBusiness
 CVE-2019-18205 (Multiple Reflected Cross-site Scripting (XSS) vulnerabilities 
exist in ...)
-       TODO: check
+       NOT-FOR-US: Zucchetti InfoBusiness
 CVE-2019-18204 (Zucchetti InfoBusiness before and including 4.4.1 allows any 
authentic ...)
-       TODO: check
+       NOT-FOR-US: Zucchetti InfoBusiness
 CVE-2019-18203 (On the RICOH MP 501 printer, HTML Injection and Stored XSS 
vulnerabili ...)
        NOT-FOR-US: Ricoh
 CVE-2019-18202 (Information Disclosure is possible on WAGO Series PFC100 and 
PFC200 de ...)
@@ -3565,7 +3565,7 @@ CVE-2019-17553 (An issue was discovered in MetInfo v7.0.0 
beta. There is SQL Inj
 CVE-2019-17552 (An issue was discovered in idreamsoft iCMS v7.0.14. There is a 
spider_ ...)
        NOT-FOR-US: idreamsoft iCMS
 CVE-2019-17551 (Apak Wholesale Floorplanning Finance 6.31.8.3 and 6.31.8.5 
allows XSS  ...)
-       TODO: check
+       NOT-FOR-US: Apak Wholesale Floorplanning Finance
 CVE-2019-17550
        RESERVED
 CVE-2019-17549
@@ -4273,17 +4273,17 @@ CVE-2019-17328
 CVE-2019-17327
        RESERVED
 CVE-2019-17326 (ClipSoft REXPERT 1.0.0.527 and earlier version allows remote 
attacker  ...)
-       TODO: check
+       NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17325 (ClipSoft REXPERT 1.0.0.527 and earlier version allows remote 
attacker  ...)
-       TODO: check
+       NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17324 (ClipSoft REXPERT 1.0.0.527 and earlier version allows 
directory traver ...)
-       TODO: check
+       NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17323 (ClipSoft REXPERT 1.0.0.527 and earlier version allows 
arbitrary file c ...)
-       TODO: check
+       NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17322 (ClipSoft REXPERT 1.0.0.527 and earlier version allows 
arbitrary file c ...)
-       TODO: check
+       NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17321 (ClipSoft REXPERT 1.0.0.527 and earlier version have an 
information dis ...)
-       TODO: check
+       NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17320 (NetSarang XFTP Client 6.0149 and earlier version contains a 
buffer ove ...)
        NOT-FOR-US: NetSarang XFTP Client
 CVE-2019-17319 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL 
injection in the ...)
@@ -23916,7 +23916,7 @@ CVE-2019-10764
 CVE-2019-10763
        RESERVED
 CVE-2019-10762 (columnQuote in medoo before 1.7.5 allows remote attackers to 
perform a ...)
-       TODO: check
+       NOT-FOR-US: medoo
 CVE-2019-10761
        RESERVED
 CVE-2019-10760 (safer-eval before 1.3.2 are vulnerable to Arbitrary Code 
Execution. A  ...)
@@ -55644,11 +55644,11 @@ CVE-2018-18933 (The u3d plugin 9.3.0.10809 (aka 
plugins\U3DBrowser.fpi) in Foxit
 CVE-2018-18932
        RESERVED
 CVE-2018-18931 (An issue was discovered in the Tightrope Media Carousel 
digital signag ...)
-       TODO: check
+       NOT-FOR-US: Tightrope Media Carousel
 CVE-2018-18930 (The Tightrope Media Carousel digital signage product 7.0.4.104 
contain ...)
-       TODO: check
+       NOT-FOR-US: Tightrope Media Carousel
 CVE-2018-18929 (The Tightrope Media Carousel Seneca HDn Windows-based 
appliance 7.0.4. ...)
-       TODO: check
+       NOT-FOR-US: Tightrope Media Carousel
 CVE-2018-18928 (International Components for Unicode (ICU) for C/C++ 63.1 has 
an integ ...)
        - icu 63.1-3
        [stretch] - icu <not-affected> (Vulnerable code not present)
@@ -56247,7 +56247,7 @@ CVE-2018-18680
 CVE-2018-18679
        RESERVED
 CVE-2018-18678 (GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers 
to injec ...)
-       TODO: check
+       NOT-FOR-US: GNU Board
 CVE-2018-18677
        RESERVED
 CVE-2018-18676 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)
@@ -62401,7 +62401,7 @@ CVE-2018-16418 (A buffer overflow when handling string 
concatenation in util_acl
        NOTE: 
https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-628c8445c4e7ae92bbc4be08ba11a4c3
        NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
 CVE-2018-16417 (Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 
6.5.4.11,  ...)
-       TODO: check
+       NOT-FOR-US: Aruba Instant
 CVE-2018-16416 (Cross-site request forgery (CSRF) vulnerability in 
my_profile/edit?inl ...)
        NOT-FOR-US: FUEL CMS
 CVE-2018-16415
@@ -257328,7 +257328,7 @@ CVE-2013-1393 (Cross-site scripting (XSS) 
vulnerability in the CurvyCorners modu
 CVE-2013-1392
        RESERVED
 CVE-2013-1391 (Authentication bypass vulnerability in the the web interface in 
Hunt C ...)
-       TODO: check
+       NOT-FOR-US: DVR systems
 CVE-2013-1390
        RESERVED
 CVE-2013-1389 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 
11, 9. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9e2cc2cc91c4f4a8663ee059d6971b80e9df8baf

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9e2cc2cc91c4f4a8663ee059d6971b80e9df8baf
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to