[Git][security-tracker-team/security-tracker][master] Process NFUs

Thu, 07 Nov 2019 12:18:03 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
024c553b by Salvatore Bonaccorso at 2019-11-07T20:16:46Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2019-18817
        RESERVED
 CVE-2019-18816 (po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 
allows pos ...)
-       TODO: check
+       NOT-FOR-US: PopojiCMS
 CVE-2019-18815 (PopojiCMS 2.0.1 allows refer= Open Redirection. ...)
-       TODO: check
+       NOT-FOR-US: PopojiCMS
 CVE-2019-18814 (An issue was discovered in the Linux kernel through 5.3.9. 
There is a  ...)
        TODO: check
 CVE-2019-18813 (A memory leak in the dwc3_pci_probe() function in 
drivers/usb/dwc3/dwc ...)
@@ -5964,9 +5964,9 @@ CVE-2019-17607 (HongCMS 3.0.0 has XSS via the 
install/index.php servername param
 CVE-2019-17606 (The Post editor functionality in the hexo-admin plugin 
versions 2.3.0  ...)
        NOT-FOR-US: hexo-admin Node module
 CVE-2019-17605 (A mass assignment vulnerability in eyecomms eyeCMS through 
2019-10-15  ...)
-       TODO: check
+       NOT-FOR-US: eyeCMS
 CVE-2019-17604 (An Insecure Direct Object Reference (IDOR) vulnerability in 
eyecomms e ...)
-       TODO: check
+       NOT-FOR-US: eyeCMS
 CVE-2019-17603
        RESERVED
 CVE-2019-17602 (An issue was discovered in Zoho ManageEngine OpManager before 
12.4 bui ...)
@@ -7050,7 +7050,7 @@ CVE-2019-17224 (The web interface of the Compal Broadband 
CH7465LG modem (versio
 CVE-2019-17223 (There is HTML Injection in the Note field in Dolibarr ERP/CRM 
10.0.2 v ...)
        - dolibarr <removed>
 CVE-2019-17222 (An issue was discovered on Intelbras WRN 150 1.0.17 devices. 
There is  ...)
-       TODO: check
+       NOT-FOR-US: Intelbras WRN 150 devices
 CVE-2019-17221 (PhantomJS through 2.1.1 has an arbitrary file read 
vulnerability, as d ...)
        - phantomjs <unfixed>
        NOTE: 
https://www.darkmatter.ae/blogs/breaching-the-perimeter-phantomjs-arbitrary-file-read/
@@ -22157,7 +22157,7 @@ CVE-2019-12333
 CVE-2019-12332
        RESERVED
 CVE-2019-12331 (PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The 
XmlScanner ...)
-       TODO: check
+       NOT-FOR-US: PHPOffice PhpSpreadsheet
 CVE-2019-12330
        RESERVED
 CVE-2019-12329
@@ -23041,7 +23041,7 @@ CVE-2019-11998
 CVE-2019-11997
        RESERVED
 CVE-2019-11996 (Potential security vulnerabilities have been identified with 
HPE Nimbl ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2019-11995
        RESERVED
 CVE-2019-11994
@@ -39179,7 +39179,7 @@ CVE-2019-6340 (Some field types do not properly 
sanitize data from non-form sour
        - drupal7 <not-affected> (Drupal 7 core not affected)
        NOTE: https://www.drupal.org/sa-core-2019-003
 CVE-2019-6337 (For the printers listed a maliciously crafted print file might 
cause c ...)
-       TODO: check
+       NOT-FOR-US: HP Inkjet printers
 CVE-2019-6336
        RESERVED
 CVE-2019-6335 (A potential security vulnerability has been identified with 
Samsung La ...)
@@ -39767,11 +39767,11 @@ CVE-2019-6124
 CVE-2019-6123
        RESERVED
 CVE-2019-6122 (A Username Enumeration via Error Message issue was discovered 
in NiceH ...)
-       TODO: check
+       NOT-FOR-US: NiceHash Miner
 CVE-2019-6121 (An issue was discovered in NiceHash Miner before 2.0.3.0. 
Missing Auth ...)
-       TODO: check
+       NOT-FOR-US: NiceHash Miner
 CVE-2019-6120 (An issue was discovered in NiceHash Miner before 2.0.3.0. A 
missing ra ...)
-       TODO: check
+       NOT-FOR-US: NiceHash Miner
 CVE-2019-6119
        RESERVED
 CVE-2019-6118
@@ -41115,11 +41115,11 @@ CVE-2019-5646
 CVE-2019-5645
        RESERVED
 CVE-2019-5644 (Computing For Good's Basic Laboratory Information System (also 
known a ...)
-       TODO: check
+       NOT-FOR-US: Computing For Good's Basic Laboratory Information System
 CVE-2019-5643 (Computing For Good's Basic Laboratory Information System (also 
known a ...)
-       TODO: check
+       NOT-FOR-US: Computing For Good's Basic Laboratory Information System
 CVE-2019-5642 (Rapid7 Metasploit Pro version 4.16.0-2019081901 and prior 
suffers from ...)
-       TODO: check
+       NOT-FOR-US: Rapid7 Metasploit Pro
 CVE-2019-5641
        RESERVED
 CVE-2019-5640
@@ -41169,7 +41169,7 @@ CVE-2019-5619
 CVE-2019-5618
        RESERVED
 CVE-2019-5617 (Computing For Good's Basic Laboratory Information System (also 
known a ...)
-       TODO: check
+       NOT-FOR-US: Computing For Good's Basic Laboratory Information System
 CVE-2019-5616 (CircuitWerkes Sicon-8, a hardware device used for managing 
electrical  ...)
        NOT-FOR-US: CircuitWerkes Sicon-8
 CVE-2019-5615 (Users with Site-level permissions can access files containing 
the user ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/024c553b42cc3794a22481c343d087341ad5b0c3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/024c553b42cc3794a22481c343d087341ad5b0c3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to