Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7545395e by Moritz Muehlenhoff at 2019-11-06T08:28:19Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2019-18787
CVE-2019-18785
RESERVED
CVE-2019-18784 (SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions
prior to ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2019-18783
RESERVED
CVE-2019-18782
@@ -2417,7 +2417,7 @@ CVE-2019-18683 (An issue was discovered in
drivers/media/platform/vivid in the L
CVE-2019-18675
RESERVED
CVE-2019-18674 (An issue was discovered in Joomla! before 3.9.13. A missing
access che ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2019-18673 (On SHIFT BitBox02 devices, a side channel for the row-based
OLED displ ...)
NOT-FOR-US: SHIFT BitBox02 devices
CVE-2019-18672
@@ -2465,7 +2465,7 @@ CVE-2019-18652
CVE-2019-18651
RESERVED
CVE-2019-18650 (An issue was discovered in Joomla! before 3.9.13. A missing
token chec ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2018-21030 (Jupyter Notebook before 5.5.0 does not use a CSP header to
treat serve ...)
- jupyter-notebook 5.7.4-1
NOTE: https://github.com/jupyter/notebook/pull/3341
@@ -7011,9 +7011,9 @@ CVE-2019-17214 (The WebARX plugin 1.3.0 for WordPress
allows firewall bypass by
CVE-2019-17213 (The WebARX plugin 1.3.0 for WordPress has unauthenticated
stored XSS v ...)
NOT-FOR-US: WebARX plugin for WordPress
CVE-2019-17212 (Buffer overflows were discovered in the CoAP library in Arm
Mbed OS 5. ...)
- TODO: check
+ NOT-FOR-US: Arm Mbed OS
CVE-2019-17211 (An integer overflow was discovered in the CoAP library in Arm
Mbed OS ...)
- TODO: check
+ NOT-FOR-US: Arm Mbed OS
CVE-2019-17210 (A denial-of-service issue was discovered in the MQTT library
in Arm Mb ...)
NOT-FOR-US: Arm Mbed OS
CVE-2019-17209
@@ -9349,7 +9349,7 @@ CVE-2019-16286
CVE-2019-16285
RESERVED
CVE-2019-16284 (A potential security vulnerability has been identified in
multiple HP ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2019-16283
RESERVED
CVE-2019-16282 (In NCH Express Invoice v7.12, persistent cross site scripting
(XSS) ex ...)
@@ -34433,19 +34433,19 @@ CVE-2019-8235 (An insecure direct object reference
(IDOR) vulnerability exists i
CVE-2019-8234 (Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a
cross-site r ...)
NOT-FOR-US: Adobe
CVE-2019-8233 (In Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or
2.3.2-p1 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8232 (In Magento prior to 1.9.4.3, Magento prior to 1.14.4.3, Magento
2.2 pr ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8231 (In Magento to 1.9.4.3 and Magento prior to 1.14.4.3, an
authenticated ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8230 (In Magentoprior to 1.9.4.3, and Magento prior to 1.14.4.3, an
authenti ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8229 (In Magento prior to 1.9.4.3, and Magento prior to 1.14.4.3, an
authent ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8228 (in Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an
authenti ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8227 (In Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an
authenti ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8226 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier,
2017.0 ...)
NOT-FOR-US: Adobe
CVE-2019-8225 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier,
2017.0 ...)
@@ -34581,111 +34581,111 @@ CVE-2019-8161 (Adobe Acrobat and Reader versions ,
2019.012.20040 and earlier, 2
CVE-2019-8160 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier,
2017.0 ...)
NOT-FOR-US: Adobe
CVE-2019-8159 (A remote code execution vulnerability exists in Magento 2.2
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8158 (An XPath entity injection vulnerability exists in Magento 2.2
prior to ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8157 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8156 (A server-side request forgery (SSRF) vulnerability exists in
Magento 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8155 (Magento prior to 1.9.4.3 and prior to 1.14.4.3 included a
user's CSRF ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8154 (A remote code execution vulnerability exists in Magento 2.2
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8153 (A mitigation bypass to prevent cross-site scripting (XSS)
exists in Ma ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8152 (A stored cross-site scripting (XSS) vulnerability exists in in
Magento ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8151 (A remote code execution vulnerability exists in Magento 2.2
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8150 (A remote code execution vulnerability exists in Magento 2.2
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8149 (Insecure authentication and session management vulnerability
exists in ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8148 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8147 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8146 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8145 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8144 (A remote code execution vulnerability exists in Magento 2.3
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8143 (A SQL injection vulnerability exists in Magento 2.2 prior to
2.2.10, M ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8142 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8141 (A remote code execution vulnerability exists in Magento 2.1
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8140 (An unrestricted file upload vulnerability exists in Magento 2.2
prior ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8139 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8138 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8137 (A remote code execution vulnerability exists in Magento 2.2
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8136 (An insecure component vulnerability exists in Magento 2.2 prior
to 2.2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8135 (A remote code execution vulnerability exists in Magento 2.2
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8134 (A SQL injection vulnerability exists in Magento 2.2 prior to
2.2.10, M ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8133 (A security bypass vulnerability exists in Magento 2.2 prior to
2.2.10, ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8132 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8131 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8130 (A SQL injection vulnerability exists in Magento 2.2 prior to
2.2.10, M ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8129 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8128 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8127 (A SQL injection vulnerability exists in Magento 2.2 prior to
2.2.10, M ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8126 (An XML entity injection vulnerability exists in Magento 2.2
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8125 (A remote code execution vulnerability exists in Magento 1 prior
to 1.9 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8124 (An insufficient logging and monitoring vulnerability exists in
Magento ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8123 (An insufficient logging and monitoring vulnerability exists in
Magento ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8122 (A remote code execution vulnerability exists in Magento 2.1
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8121 (An insecure component vulnerability exists in Magento 2.1 prior
to 2.1 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8120 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8119 (A remote code execution vulnerability exists in Magento 2.1
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8118 (Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10,
Magento 2.3 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8117 (A stored cross-site scripting (XSS) vulnerability exists in
Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8116 (Insecure authentication and session management vulnerability
exists in ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8115 (A reflected cross-site scripting (XSS) vulnerability exists in
Magento ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8114 (A remote code execution vulnerability exists in Magento 1 prior
to 1.9 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8113 (Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or
2.3.2-p1 us ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8112 (A security bypass vulnerability exists in Magento 2.2 prior to
2.2.10, ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8111 (A remote code execution vulnerability exists in Magento 2.2
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8110 (A remote code execution vulnerability exists in Magento 2.2
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8109 (A remote code execution vulnerability exists in Magento 2.2
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8108 (Insecure authentication and session management vulnerability
exists in ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8107 (An arbitrary file deletion vulnerability exists in Magento 2.2
prior t ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8106 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier,
2019.01 ...)
NOT-FOR-US: Adobe
CVE-2019-8105 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier,
2019.01 ...)
@@ -34713,13 +34713,13 @@ CVE-2019-8095 (Adobe Acrobat and Reader versions,
2019.012.20035 and earlier, 20
CVE-2019-8094 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier,
2019.01 ...)
NOT-FOR-US: Adobe
CVE-2019-8093 (An arbitrary file access vulnerability exists in Magento 2.2
prior to ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8092 (A reflected cross-site scripting (XSS) vulnerability exists in
Magento ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8091 (A remote code execution vulnerability exists in Magento 1 prior
to 1.9 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8090 (An arbitrary file deletion vulnerability exists in Magento 2.1
prior t ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8089 (Adobe Experience Manager Forms versions 6.3-6.5 have a
reflected cross ...)
NOT-FOR-US: Adobe
CVE-2019-8088 (Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a
command ...)
@@ -39627,7 +39627,7 @@ CVE-2019-6144 (This vulnerability allows a normal
(non-admin) user to disable th
CVE-2019-6143 (Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x
before 6.4 ...)
NOT-FOR-US: Forcepoint Next Generation Firewall (Forcepoint NGFW)
CVE-2019-6142 (It has been reported that XSS is possible in Forcepoint Email
Security ...)
- TODO: check
+ NOT-FOR-US: Forcepoint
CVE-2019-6141
RESERVED
CVE-2019-6140 (A configuration issue has been discovered in Forcepoint Email
Security ...)
@@ -42265,9 +42265,9 @@ CVE-2019-5091
CVE-2019-5090
RESERVED
CVE-2019-5089 (An exploitable memory corruption vulnerability exists in
Investintech ...)
- TODO: check
+ NOT-FOR-US: Investintech
CVE-2019-5088 (An exploitable memory corruption vulnerability exists in
Investintech ...)
- TODO: check
+ NOT-FOR-US: Investintech
CVE-2019-5087
RESERVED
CVE-2019-5086
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7545395e70e43d4f9801424001f328bb951550d9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7545395e70e43d4f9801424001f328bb951550d9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
