[Git][security-tracker-team/security-tracker][master] NFUs

Fri, 08 Nov 2019 00:41:08 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
74bf31e7 by Moritz Muehlenhoff at 2019-11-08T08:40:06Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31,13 +31,13 @@ CVE-2019-18823
 CVE-2019-18822
        RESERVED
 CVE-2019-18821 (Eximious Logo Designer 3.82 has a User Mode Write AV starting 
at ExiCu ...)
-       TODO: check
+       NOT-FOR-US: Eximious Logo Designer
 CVE-2019-18820 (Eximious Logo Designer 3.82 has Heap Corruption starting at 
ntdll!Rtlp ...)
-       TODO: check
+       NOT-FOR-US: Eximious Logo Designer
 CVE-2019-18819 (Eximious Logo Designer 3.82 has a User Mode Write AV starting 
at ExiVe ...)
-       TODO: check
+       NOT-FOR-US: Eximious Logo Designer
 CVE-2019-18818 (strapi before 3.0.0-beta.17.5 mishandles password resets 
within packag ...)
-       TODO: check
+       NOT-FOR-US: strapi CMS
 CVE-2019-18817
        RESERVED
 CVE-2019-18816 (po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 
allows pos ...)
@@ -86,7 +86,7 @@ CVE-2019-18802
 CVE-2019-18801
        RESERVED
 CVE-2019-18800 (Viber through 11.7.0.5 allows a remote attacker who can 
capture a vict ...)
-       TODO: check
+       NOT-FOR-US: Viber
 CVE-2019-18799 (LibSass before 3.6.3 allows a NULL pointer dereference in 
Sass::Parser ...)
        - libsass <unfixed>
        NOTE: https://github.com/sass/libsass/issues/3001
@@ -7931,19 +7931,19 @@ CVE-2019-16880 (An issue was discovered in the linea 
crate through 0.9.4 for Rus
 CVE-2019-16879
        RESERVED
 CVE-2019-16878 (Portainer before 1.22.1 has XSS (issue 2 of 2). ...)
-       TODO: check
+       NOT-FOR-US: Portainer
 CVE-2019-16877 (Portainer before 1.22.1 has Incorrect Access Control (issue 4 
of 4). ...)
-       TODO: check
+       NOT-FOR-US: Portainer
 CVE-2019-16876 (Portainer before 1.22.1 allows Directory Traversal. ...)
-       TODO: check
+       NOT-FOR-US: Portainer
 CVE-2019-16875
        RESERVED
 CVE-2019-16874 (Portainer before 1.22.1 has Incorrect Access Control (issue 2 
of 4). ...)
-       TODO: check
+       NOT-FOR-US: Portainer
 CVE-2019-16873 (Portainer before 1.22.1 has XSS (issue 1 of 2). ...)
-       TODO: check
+       NOT-FOR-US: Portainer
 CVE-2019-16872 (Portainer before 1.22.1 has Incorrect Access Control (issue 1 
of 4). ...)
-       TODO: check
+       NOT-FOR-US: Portainer
 CVE-2019-16871
        RESERVED
 CVE-2019-16870
@@ -13388,7 +13388,7 @@ CVE-2019-15007
 CVE-2019-15006
        RESERVED
 CVE-2019-15005 (The Atlassian Troubleshooting and Support Tools plugin prior 
to versio ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2019-15004 (The Customer Context Filter in Atlassian Jira Service Desk 
Server and  ...)
        NOT-FOR-US: Atlassian
 CVE-2019-15003 (The Customer Context Filter in Atlassian Jira Service Desk 
Server and  ...)
@@ -42325,7 +42325,7 @@ CVE-2019-5127 (A command injection have been found in 
YouPHPTube Encoder. A succ
 CVE-2019-5126
        RESERVED
 CVE-2019-5125 (An exploitable heap overflow vulnerability exists in the 
JPEG2000 pars ...)
-       TODO: check
+       NOT-FOR-US: LEADTOOLS
 CVE-2019-5124
        RESERVED
 CVE-2019-5123 (Specially crafted web requests can cause SQL injections in 
YouPHPTube  ...)
@@ -42375,9 +42375,9 @@ CVE-2019-5102
 CVE-2019-5101
        RESERVED
 CVE-2019-5100 (An exploitable integer overflow vulnerability exists in the BMP 
header ...)
-       TODO: check
+       NOT-FOR-US: LEADTOOLS
 CVE-2019-5099 (An exploitable integer underflow vulnerability exists in the 
CMP-parsi ...)
-       TODO: check
+       NOT-FOR-US: LEADTOOLS
 CVE-2019-5098
        RESERVED
 CVE-2019-5097
@@ -42410,7 +42410,7 @@ CVE-2019-5086
 CVE-2019-5085
        RESERVED
 CVE-2019-5084 (An exploitable heap out-of-bounds write vulnerability exists in 
the TI ...)
-       TODO: check
+       NOT-FOR-US: LEADTOOLS
 CVE-2019-5083
        RESERVED
 CVE-2019-5082
@@ -46261,7 +46261,7 @@ CVE-2019-3424
 CVE-2019-3423
        RESERVED
 CVE-2019-3422 (Security researcher Shen Ying from the Sec Consult Security Lab 
report ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2019-3421 (The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE 
produc ...)
        NOT-FOR-US: ZTE
 CVE-2019-3420
@@ -58982,7 +58982,7 @@ CVE-2018-18676 (GNUBOARD5 5.3.1.9 has XSS that allows 
remote attackers to inject
 CVE-2018-18675 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)
        NOT-FOR-US: GNU Board
 CVE-2018-18674 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)
-       TODO: check
+       NOT-FOR-US: GNU Board
 CVE-2018-18673 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)
        NOT-FOR-US: GNU Board
 CVE-2018-18672 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to 
inject arbit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/74bf31e7b6f05ac040622fb9116e49ec8d91e771

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/74bf31e7b6f05ac040622fb9116e49ec8d91e771
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to