Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d92c8f7d by Salvatore Bonaccorso at 2019-11-18T20:48:50Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2019-19113 (main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall
(aka Ne ...)
- TODO: check
+ NOT-FOR-US: newbee-mall
CVE-2019-19112
RESERVED
CVE-2019-19111
@@ -55,11 +55,11 @@ CVE-2019-19087
CVE-2019-19086
RESERVED
CVE-2019-19085 (A persistent cross-site scripting (XSS) vulnerability in
Octopus Serve ...)
- TODO: check
+ NOT-FOR-US: Octopus Server
CVE-2019-19084 (In Octopus Deploy 3.3.0 through 2019.10.4, an authenticated
user with ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2018-21031 (Plex Media Server 1.18.2.2029-36236cc4c allows remote
attackers to byp ...)
- TODO: check
+ NOT-FOR-US: Plex Media Server
CVE-2011-5331 (Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval. ...)
TODO: check
CVE-2011-5330 (Distributed Ruby (aka DRuby) 1.8 mishandles the sending of
syscalls. ...)
@@ -176,9 +176,9 @@ CVE-2019-19043 (A memory leak in the i40e_setup_macvlans()
function in drivers/n
CVE-2019-19042
RESERVED
CVE-2019-19041 (An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD
2.61, as d ...)
- TODO: check
+ NOT-FOR-US: Xorux
CVE-2019-19040 (KairosDB through 1.2.2 has XSS in view.html because of
showErrorMessag ...)
- TODO: check
+ NOT-FOR-US: KairosDB
CVE-2019-19039
RESERVED
CVE-2019-19038
@@ -8137,9 +8137,9 @@ CVE-2019-17060
CVE-2019-17059 (A shell injection vulnerability on the Sophos Cyberoam
firewall applia ...)
NOT-FOR-US: Sophos
CVE-2019-17058 (Footy Tipping Software AFL Web Edition 2019 allows arbitrary
file uplo ...)
- TODO: check
+ NOT-FOR-US: Footy Tipping Software AFL Web Edition
CVE-2019-17057 (Footy Tipping Software AFL Web Edition 2019 allows XSS. ...)
- TODO: check
+ NOT-FOR-US: Footy Tipping Software AFL Web Edition
CVE-2019-17056 (llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network
module i ...)
- linux 5.3.7-1
NOTE:
https://git.kernel.org/linus/3a359798b176183ef09efb7a3dc59abad1cc7104
@@ -15688,7 +15688,7 @@ CVE-2019-14468 (GnuCOBOL 2.2 has a buffer overflow in
cb_push_op in cobc/field.c
[jessie] - open-cobol <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/open-cobol/bugs/581/
CVE-2019-14467 (The Social Photo Gallery plugin 1.0 for WordPress allows
Remote Code E ...)
- TODO: check
+ NOT-FOR-US: Social Photo Gallery plugin for WordPress
CVE-2019-14466 [GOsa <= 2.7.5.2 uses unserialize to restore filter settings
from a cookie. Since this cookie is supplied by the client, authenticated users
can pass arbitrary content to unserialized, which opens GOsa up to a potential
PHP object injection.]
RESERVED
{DLA-1905-1}
@@ -47192,9 +47192,9 @@ CVE-2019-3426 (The 9000EV5.0R1B12 version, and all
earlier versions of ZTE produ
CVE-2019-3425 (The 9000EV5.0R1B12 version, and all earlier versions of ZTE
product ZX ...)
NOT-FOR-US: ZTE
CVE-2019-3424 (authentication issues vulnerability, which exists in V2.1.14
and below ...)
- TODO: check
+ NOT-FOR-US: C520V21 smart camera devices
CVE-2019-3423 (permission and access control vulnerability, which exists in
V2.1.14 a ...)
- TODO: check
+ NOT-FOR-US: C520V21 smart camera devices
CVE-2019-3422 (The Sec Consult Security Lab reported an information disclosure
vulner ...)
NOT-FOR-US: ZTE
CVE-2019-3421 (The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE
produc ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d92c8f7da0f9776891310c46e3dc775aa2cbd653
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d92c8f7da0f9776891310c46e3dc775aa2cbd653
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
