Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ba8c3a5f by Salvatore Bonaccorso at 2019-12-05T08:23:17Z
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1029,9 +1029,9 @@ CVE-2020-1976
CVE-2020-1975
RESERVED
CVE-2019-19598 (D-Link DAP-1860 devices before v1.04b03 Beta allow access to
administr ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2019-19597 (D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary
remote co ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2019-19596 (GitBook through 2.6.9 allows XSS via a local .md file. ...)
TODO: check
CVE-2019-19595
@@ -1051,7 +1051,7 @@ CVE-2019-19589 (The Lever PDF Embedder plugin 4.4 for
WordPress does not block t
CVE-2019-19588 (The validators package 0.12.2 through 0.12.5 for Python enters
an infi ...)
TODO: check
CVE-2019-19587 (In WSO2 Enterprise Integrator 6.5.0, reflected XSS occurs when
updatin ...)
- TODO: check
+ NOT-FOR-US: WSO2 Enterprise Integrator
CVE-2019-19586
RESERVED
CVE-2019-19585
@@ -1074,7 +1074,7 @@ CVE-2019-19579 (An issue was discovered in Xen through
4.12.x allowing attackers
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-306.html
CVE-2019-19576 (class.upload.php in verot.net class.upload before 1.0.3 and
2.x before ...)
- TODO: check
+ NOT-FOR-US: K2 extension for Joomla!
CVE-2019-19575
RESERVED
CVE-2019-19574
@@ -11894,7 +11894,7 @@ CVE-2019-16754 (RIOT 2019.07 contains a NULL pointer
dereference in the MQTT-SN
CVE-2019-16753 (An issue was discovered in Decentralized Anonymous Payment
System (DAP ...)
TODO: check
CVE-2019-16752 (An issue was discovered in Decentralized Anonymous Payment
System (DAP ...)
- TODO: check
+ NOT-FOR-US: Decentralized Anonymous Payment System (DAPS)
CVE-2019-16751 (An issue was discovered in Devise Token Auth through 1.1.2.
The omniau ...)
NOT-FOR-US: Devise Token Auth
CVE-2019-16750
@@ -29163,7 +29163,7 @@ CVE-2019-11218 (Improper handling of extra parameters
in the AccountController (
CVE-2019-11217 (The GitController in Jakub Chodounsky Bonobo Git Server before
6.5.0 a ...)
NOT-FOR-US: Bonobo Git Server
CVE-2019-11216 (BMC Smart Reporting 7.3 20180418 allows authenticated XXE
within the i ...)
- TODO: check
+ NOT-FOR-US: BMC Smart Reporting
CVE-2019-11215
RESERVED
CVE-2019-11214
@@ -113802,9 +113802,9 @@ CVE-2017-17052 (The mm_init function in kernel/fork.c
in the Linux kernel before
CVE-2018-0730 (This command injection vulnerability in File Station allows
attackers ...)
TODO: check
CVE-2018-0729 (This command injection vulnerability in Music Station allows
attackers ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2018-0728 (This improper access control vulnerability in Helpdesk allows
attacker ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2018-0727
RESERVED
CVE-2018-0726
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ba8c3a5f1b2ac045fb86a5dc6399db4c7e8edd01
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ba8c3a5f1b2ac045fb86a5dc6399db4c7e8edd01
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
