Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
247336a9 by Salvatore Bonaccorso at 2019-11-04T20:59:18Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -43,7 +43,7 @@ CVE-2019-18665 (The Log module in SECUDOS DOMOS before 5.6
allows local file inc
CVE-2019-18664 (The Log module in SECUDOS DOMOS before 5.6 allows XSS. ...)
NOT-FOR-US: SECUDOS DOMOS
CVE-2019-18663 (A SQL injection vulnerability in a /login/forgot1 POST request
in ARP- ...)
- TODO: check
+ NOT-FOR-US: ARP-GUARD
CVE-2019-18662 (An issue was discovered in YouPHPTube through 7.7. User input
passed t ...)
NOT-FOR-US: YouPHPTube
CVE-2019-18661 (Fastweb FASTGate 1.0.1b devices allow partial authentication
bypass by ...)
@@ -8729,7 +8729,7 @@ CVE-2019-15685
CVE-2019-15684
RESERVED
CVE-2019-15683 (TurboVNC server code contains stack buffer overflow
vulnerability in c ...)
- TODO: check
+ NOT-FOR-US: TurboVNC
CVE-2019-15682 (RDesktop version 1.8.4 contains multiple out-of-bound access
read vuln ...)
{DSA-4473-1 DLA-1837-1}
- rdesktop 1.8.6-1
@@ -13374,11 +13374,11 @@ CVE-2019-14362 (Openbravo ERP before 3.0PR19Q1.3 is
affected by Directory Traver
CVE-2019-14361
REJECTED
CVE-2019-14360 (On Hyundai Pay Kasse HK-1000 devices, a side channel for the
row-based ...)
- TODO: check
+ NOT-FOR-US: Hyundai Pay Kasse HK-1000 devices
CVE-2019-14359 (** DISPUTED ** On BC Vault devices, a side channel for the
row-based S ...)
NOT-FOR-US: BC Vault devices
CVE-2019-14358 (On Archos Safe-T devices, a side channel for the row-based
OLED displa ...)
- TODO: check
+ NOT-FOR-US: Archos Safe-T devices
CVE-2019-14357 (** DISPUTED ** On Mooltipass Mini devices, a side channel for
the row- ...)
NOT-FOR-US: Mooltipass Mini devices
CVE-2019-14356 (** DISPUTED ** On Coldcard MK1 and MK2 devices, a side channel
for the ...)
@@ -16505,9 +16505,9 @@ CVE-2019-13499
CVE-2019-13498 (One Identity Cloud Access Manager 8.1.3 does not use HTTP
Strict Trans ...)
NOT-FOR-US: One Identity Cloud Access Manager
CVE-2019-13497 (One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows
CSRF fo ...)
- TODO: check
+ NOT-FOR-US: One Identity Cloud Access Manager
CVE-2019-13496 (One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows
OTP byp ...)
- TODO: check
+ NOT-FOR-US: One Identity Cloud Access Manager
CVE-2019-13495
RESERVED
CVE-2019-13494 (nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x
before 10.0. ...)
@@ -55543,7 +55543,7 @@ CVE-2018-19033
CVE-2018-19032
RESERVED
CVE-2018-19031 (A command injection vulnerability exists when the authorized
user pass ...)
- TODO: check
+ NOT-FOR-US: 360 routers
CVE-2018-19030
RESERVED
CVE-2018-19029 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows an
attacker using ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/247336a9bb2512145811d83da6f3a83b4c0fc84e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/247336a9bb2512145811d83da6f3a83b4c0fc84e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
