[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Sat, 23 Nov 2019 00:25:00 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
219a624f by Salvatore Bonaccorso at 2019-11-23T08:23:47Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -727,9 +727,9 @@ CVE-2019-18912
 CVE-2019-18911
        RESERVED
 CVE-2019-18910 (The Citrix Receiver wrapper function does not safely handle 
user suppl ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2019-18909 (The VPN software within HP ThinPro does not safely handle user 
supplie ...)
-       TODO: check
+       NOT-FOR-US: HP ThinPro
 CVE-2019-18908
        RESERVED
 CVE-2019-18907
@@ -10432,9 +10432,9 @@ CVE-2019-16288 (On Tenda N301 wireless routers, a long 
string in the wifiSSID pa
 CVE-2019-16287 (An attacker may be able to leverage the application filter 
bypass vuln ...)
        TODO: check
 CVE-2019-16286 (An attacker may be able to bypass the OS application filter 
meant to r ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2019-16285 (If a local user has been configured and logged in, an 
unauthenticated  ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2019-16284 (A potential security vulnerability has been identified in 
multiple HP  ...)
        NOT-FOR-US: HP
 CVE-2019-16283
@@ -32142,7 +32142,7 @@ CVE-2019-9538
 CVE-2019-9537
        RESERVED
 CVE-2019-9536 (Apple iPhone 3GS bootrom malloc implementation returns a 
non-NULL poin ...)
-       TODO: check
+       NOT-FOR-US: Apple iPhone 3GS
 CVE-2019-9535 (A vulnerability exists in the way that iTerm2 integrates with 
tmux's c ...)
        NOT-FOR-US: iTerm2
 CVE-2019-9534 (The Cobham EXPLORER 710, firmware version 1.07, does not 
validate its  ...)
@@ -42755,7 +42755,7 @@ CVE-2019-5511 (VMware Workstation (15.x before 15.0.3, 
14.x before 14.1.6) runni
 CVE-2019-5510
        RESERVED
 CVE-2019-5509 (ONTAP Select Deploy administration utility versions 2.11.2 
through 2.1 ...)
-       TODO: check
+       NOT-FOR-US: ONTAP Select Deploy administration utility
 CVE-2019-5508 (Clustered Data ONTAP versions 9.2 through 9.6 are susceptible 
to a vul ...)
        NOT-FOR-US: Clustered Data ONTAP
 CVE-2019-5507 (SnapManager for Oracle prior to version 3.4.2P1 are susceptible 
to a v ...)
@@ -43732,9 +43732,9 @@ CVE-2019-5074
 CVE-2019-5073
        RESERVED
 CVE-2019-5072 (An exploitable command injection vulnerability exists in the 
/goform/W ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2019-5071 (An exploitable command injection vulnerability exists in the 
/goform/W ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2019-5070 (An exploitable SQL injection vulnerability exists in the 
unauthenticat ...)
        NOT-FOR-US: eFront LMS
 CVE-2019-5069 (A code execution vulnerability exists in Epignosis eFront LMS 
v5.2.12. ...)
@@ -46963,7 +46963,7 @@ CVE-2019-3656
 CVE-2019-3655
        RESERVED
 CVE-2019-3654 (Authentication Bypass vulnerability in the Microsoft Windows 
client in ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2019-3653 (Improper access control vulnerability in Configuration tool in 
McAfee  ...)
        NOT-FOR-US: McAfee Endpoint Security (ENS)
 CVE-2019-3652 (Code Injection vulnerability in EPSetup.exe in McAfee Endpoint 
Securit ...)
@@ -47551,9 +47551,9 @@ CVE-2019-3430
 CVE-2019-3429
        RESERVED
 CVE-2019-3428 (The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted 
by a c ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2019-3427 (The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted 
by a c ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2019-3426 (The 9000EV5.0R1B12 version, and all earlier versions of ZTE 
product ZX ...)
        NOT-FOR-US: ZTE
 CVE-2019-3425 (The 9000EV5.0R1B12 version, and all earlier versions of ZTE 
product ZX ...)
@@ -210095,7 +210095,7 @@ CVE-2015-3142 (The kernel-invoked coredump processor 
in Automatic Bug Reporting
 CVE-2015-3141 (Multiple cross-site request forgery (CSRF) vulnerabilities in 
Synametr ...)
        NOT-FOR-US: Synametrics Technologies Xeams
 CVE-2015-3140 (Multiple cross-site request forgery (CSRF) vulnerabilities in 
Synametr ...)
-       TODO: check
+       NOT-FOR-US: Synametrics
 CVE-2015-3139
        RESERVED
 CVE-2015-3138 (print-wb.c in tcpdump before 4.7.4 allows remote attackers to 
cause a  ...)
@@ -247849,7 +247849,7 @@ CVE-2013-6241 (The Birthday widget in the backend in 
Open-Xchange (OX) AppSuite
 CVE-2013-6240
        RESERVED
 CVE-2013-6239 (Cross-site scripting (XSS) vulnerability in the photo gallery 
model in ...)
-       TODO: check
+       NOT-FOR-US: Exis Contexis
 CVE-2013-6238
        RESERVED
 CVE-2013-6237 (The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 
3.5.4 an ...)
@@ -279148,7 +279148,7 @@ CVE-2002-2483
 CVE-2012-1002 (SQL injection vulnerability in author/edit.php in OpenConf 4.x 
before  ...)
        NOT-FOR-US: OpenConf
 CVE-2012-1001 (Multiple cross-site scripting (XSS) vulnerabilities in Chyrp 
before 2. ...)
-       TODO: check
+       NOT-FOR-US: Chyrp
 CVE-2012-1000 (Multiple cross-site scripting (XSS) vulnerabilities in LEPTON 
1.1.3 an ...)
        NOT-FOR-US: LEPTON
 CVE-2012-0999 (SQL injection vulnerability in modules/news/rss.php in LEPTON 
before 1 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/219a624fbae582a71f7048f6007b1a7eddcac7b3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/219a624fbae582a71f7048f6007b1a7eddcac7b3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to