[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Fri, 27 Dec 2019 12:24:05 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5ab23720 by Salvatore Bonaccorso at 2019-12-27T20:23:03Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2019-20049 (An issue was discovered on Alcatel-Lucent OmniVista 4760 
devices. A re ...)
-       TODO: check
+       NOT-FOR-US: Alcatel-Lucent OmniVista 4760 devices
 CVE-2019-20048 (An issue was discovered on Alcatel-Lucent OmniVista 8770 
devices befor ...)
-       TODO: check
+       NOT-FOR-US: Alcatel-Lucent OmniVista 8770 devices
 CVE-2019-20047 (An issue was discovered on Alcatel-Lucent OmniVista 4760 
devices, and  ...)
-       TODO: check
+       NOT-FOR-US: Alcatel-Lucent OmniVista 4760 devices
 CVE-2019-20046
        RESERVED
 CVE-2019-20045
@@ -1338,7 +1338,7 @@ CVE-2019-19783 (An issue was discovered in Cyrus IMAP 
before 2.5.15, 3.0.x befor
 CVE-2019-19782 (The FTP client in AceaXe Plus 1.0 allows a buffer overflow via 
a long  ...)
        NOT-FOR-US: AceaXe Plus
 CVE-2019-19781 (An issue was discovered in Citrix Application Delivery 
Controller (ADC ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2019-19780
        RESERVED
 CVE-2019-19779
@@ -15678,7 +15678,7 @@ CVE-2019-16898
 CVE-2019-16897 (In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total 
Security  ...)
        NOT-FOR-US: K7
 CVE-2019-16896 (In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll 
(aka the ba ...)
-       TODO: check
+       NOT-FOR-US: K7 Ultimate Security
 CVE-2019-16895
        REJECTED
 CVE-2019-16894 (download.php in inoERP 4.15 allows SQL injection through 
insecure dese ...)
@@ -239633,7 +239633,7 @@ CVE-2014-4594 (Cross-site scripting (XSS) 
vulnerability in index.php in the Word
 CVE-2014-4593 (Cross-site scripting (XSS) vulnerability in 
wp-plugins-net/index.php i ...)
        NOT-FOR-US: WordPress plugin WP Plugin Manager
 CVE-2014-4592 (Cross-site scripting (XSS) vulnerability in 
rss.class/scripts/magpie_d ...)
-       TODO: check
+       NOT-FOR-US: WP-Planet plugin for WordPress
 CVE-2014-4591 (Cross-site scripting (XSS) vulnerability in picasa_upload.php 
in the W ...)
        NOT-FOR-US: WordPress plugin WP-Picasa-Image
 CVE-2014-4590 (Cross-site scripting (XSS) vulnerability in get.php in the WP 
Microblo ...)
@@ -239683,7 +239683,7 @@ CVE-2014-4569 (Cross-site scripting (XSS) 
vulnerability in ls/vv_login.php in th
 CVE-2014-4568 (Cross-site scripting (XSS) vulnerability in 
posts/videowhisper/r_logou ...)
        NOT-FOR-US: WordPress plugin
 CVE-2014-4567 (Cross-site scripting (XSS) vulnerability in 
comments/videowhisper2/r_l ...)
-       TODO: check
+       NOT-FOR-US: Video Comments Webcam Recorder plugin for WordPress
 CVE-2014-4566 (Cross-site scripting (XSS) vulnerability in 
res/fake_twitter/frame.php ...)
        NOT-FOR-US: WordPress plugin
 CVE-2014-4565 (Multiple cross-site scripting (XSS) vulnerabilities in 
vcc.js.php in t ...)
@@ -239699,9 +239699,9 @@ CVE-2014-4561
 CVE-2014-4560 (Cross-site scripting (XSS) vulnerability in 
includes/getTipo.php in th ...)
        NOT-FOR-US: WordPress plugin ToolPage
 CVE-2014-4559 (Multiple cross-site scripting (XSS) vulnerabilities in 
test-plugin.php ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2014-4558 (Cross-site scripting (XSS) vulnerability in test-plugin.php in 
the Swi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2014-4557 (Cross-site scripting (XSS) vulnerability in test-plugin.php in 
the Swi ...)
        NOT-FOR-US: WordPress plugin Swipe Checkout for Jigoshop
 CVE-2014-4556 (Cross-site scripting (XSS) vulnerability in test-plugin.php in 
the Swi ...)
@@ -239721,7 +239721,7 @@ CVE-2014-4550
 CVE-2014-4549 (Multiple cross-site scripting (XSS) vulnerabilities in 
pages/3DComplet ...)
        NOT-FOR-US: WordPress plugin WooCommerce SagePay Direct Payment Gateway
 CVE-2014-4548 (Cross-site scripting (XSS) vulnerability in tinymce/popup.php 
in the R ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2014-4547 (Multiple cross-site scripting (XSS) vulnerabilities in 
templates/defau ...)
        NOT-FOR-US: WordPress plugin Rezgo Online Booking
 CVE-2014-4546 (Cross-site scripting (XSS) vulnerability in book_ajax.php in 
the Rezgo ...)
@@ -239729,7 +239729,7 @@ CVE-2014-4546 (Cross-site scripting (XSS) 
vulnerability in book_ajax.php in the
 CVE-2014-4545 (Multiple cross-site scripting (XSS) vulnerabilities in 
pq_dialog.php i ...)
        NOT-FOR-US: WordPress plugin Pro Quoter
 CVE-2014-4544 (Cross-site scripting (XSS) vulnerability in the Podcast 
Channels plugi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2014-4543 (Multiple cross-site scripting (XSS) vulnerabilities in 
payper/payper.p ...)
        NOT-FOR-US: WordPress plugin Pay Per Media Player
 CVE-2014-4542 (Cross-site scripting (XSS) vulnerability in redirect.php in the 
Ooorl  ...)
@@ -239739,13 +239739,13 @@ CVE-2014-4541 (Cross-site scripting (XSS) 
vulnerability in shortcode-generator/p
 CVE-2014-4540 (Cross-site scripting (XSS) vulnerability in 
oleggo-twitter/twitter_log ...)
        NOT-FOR-US: WordPress plugin Oleggo LiveStream
 CVE-2014-4539 (Cross-site scripting (XSS) vulnerability in the Movies plugin 
0.6 and  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2014-4538 (Cross-site scripting (XSS) vulnerability in process.php in the 
Malware ...)
        NOT-FOR-US: WordPress plugin Malware Finder
 CVE-2014-4537 (Cross-site scripting (XSS) vulnerability in inpage.tpl.php in 
the Keyw ...)
        NOT-FOR-US: WordPress plugin Keyword Strategy Internal Links
 CVE-2014-4536 (Multiple cross-site scripting (XSS) vulnerabilities in 
tests/notAuto_t ...)
-       TODO: check
+       NOT-FOR-US: Infusionsoft Gravity Forms plugin for WordPress
 CVE-2014-4535
        RESERVED
 CVE-2014-4534 (Multiple cross-site scripting (XSS) vulnerabilities in 
videoplayer/aut ...)
@@ -239767,11 +239767,11 @@ CVE-2014-4527 (Multiple cross-site scripting (XSS) 
vulnerabilities in paginas/vi
 CVE-2014-4526 (Multiple cross-site scripting (XSS) vulnerabilities in 
callback.php in ...)
        NOT-FOR-US: WordPress plugin efence
 CVE-2014-4525 (Cross-site scripting (XSS) vulnerability in 
magpie/scripts/magpie_slas ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2014-4524 (Cross-site scripting (XSS) vulnerability in 
classes/custom-image/media ...)
        NOT-FOR-US: WordPress plugin WP Easy Post Types
 CVE-2014-4523 (Cross-site scripting (XSS) vulnerability in the Easy Career 
Openings p ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2014-4522 (Cross-site scripting (XSS) vulnerability in client-assist.php 
in the d ...)
        NOT-FOR-US: WordPress plugin dsSearchAgent: WordPress Edition
 CVE-2014-4521 (Cross-site scripting (XSS) vulnerability in client-assist.php 
in the d ...)
@@ -239779,7 +239779,7 @@ CVE-2014-4521 (Cross-site scripting (XSS) 
vulnerability in client-assist.php in
 CVE-2014-4520 (Cross-site scripting (XSS) vulnerability in phprack.php in the 
DMCA Wa ...)
        NOT-FOR-US: WordPress plugin DMCA WaterMarker
 CVE-2014-4519 (Cross-site scripting (XSS) vulnerability in the Conversador 
plugin 2.6 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2014-4518 (Cross-site scripting (XSS) vulnerability in xd_resize.php in 
the Conta ...)
        NOT-FOR-US: WordPress plugin Contact Form by ContactMe.com
 CVE-2014-4517 (Cross-site scripting (XSS) vulnerability in getNetworkSites.php 
in the ...)
@@ -257774,9 +257774,9 @@ CVE-2013-4978 (Stack-based buffer overflow in 
AloahaPDFViewer 5.0.0.7 and earlie
 CVE-2013-4977 (Buffer overflow in the RTSP Packet Handler in Hikvision 
DS-2CD7153-E I ...)
        NOT-FOR-US: Hikvision IP camera
 CVE-2013-4976 (Hikvision DS-2CD7153-E IP Camera has security bypass via 
hardcoded cre ...)
-       TODO: check
+       NOT-FOR-US: Hikvision DS-2CD7153-E IP Camera
 CVE-2013-4975 (Hikvision DS-2CD7153-E IP Camera has Privilege Escalation ...)
-       TODO: check
+       NOT-FOR-US: Hikvision DS-2CD7153-E IP Camera
 CVE-2013-4974 (RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 
throug ...)
        NOT-FOR-US: RealPlayer
 CVE-2013-4973 (Stack-based buffer overflow in RealNetworks RealPlayer before 
16.0.3.5 ...)
@@ -258293,9 +258293,9 @@ CVE-2013-4766 (The gather log service in Eucalyptus 
before 3.3.1 allows remote a
 CVE-2013-4765
        RESERVED
 CVE-2013-4764 (Samsung Galaxy S3/S4 exposes an unprotected component allowing 
an unpr ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2013-4763 (Samsung Galaxy S3/S4 exposes an unprotected component allowing 
arbitra ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2013-4762 (Puppet Enterprise before 3.0.1 does not sufficiently invalidate 
a sess ...)
        - puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4761 (Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 
3.2.x befo ...)
@@ -258477,15 +258477,15 @@ CVE-2013-4698 (Cybozu Mailwise 5.0.4 and 5.0.5 
allows remote authenticated users
 CVE-2013-4697 (Multiple unspecified vulnerabilities in Hitachi JP1/IT Desktop 
Managem ...)
        NOT-FOR-US: Hitachi
 CVE-2013-4695 (Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary 
Code Exe ...)
-       TODO: check
+       NOT-FOR-US: Winamp
 CVE-2013-4694 (Stack-based buffer overflow in gen_jumpex.dll in Winamp before 
5.64 Bu ...)
        NOT-FOR-US: Winamp
 CVE-2013-4693 (WordPress Xorbin Digital Flash Clock 1.0 has XSS ...)
-       TODO: check
+       NOT-FOR-US: WordPress Xorbin Digital Flash Clock
 CVE-2013-4692 (Xorbin Analog Flash Clock 1.0 extension for Joomia has XSS ...)
-       TODO: check
+       NOT-FOR-US: Xorbin Analog Flash Clock
 CVE-2013-4691 (Sencha Labs Connect has XSS with connect.methodOverride() ...)
-       TODO: check
+       NOT-FOR-US: Sencha Labs Connect
 CVE-2013-4690 (Juniper Junos 10.4 before 10.4S13, 11.4 before 11.4R7-S1, 12.1 
before  ...)
        NOT-FOR-US: Juniper Junos
 CVE-2013-4689 (J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 
12.1R befor ...)
@@ -258538,9 +258538,9 @@ CVE-2013-4667
 CVE-2013-4666
        RESERVED
 CVE-2013-4665 (SPBAS Business Automation Software 2012 has CSRF. ...)
-       TODO: check
+       NOT-FOR-US: SPBAS Business Automation Software
 CVE-2013-4664 (SPBAS Business Automation Software 2012 has XSS. ...)
-       TODO: check
+       NOT-FOR-US: SPBAS Business Automation Software
 CVE-2013-4663 (git_http_controller.rb in the redmine_git_hosting plugin for 
Redmine a ...)
        NOT-FOR-US: Redmine plugin redmine_git_hosting
 CVE-2013-4662 (The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 
through  ...)
@@ -258646,7 +258646,7 @@ CVE-2013-4623 (The x509parse_crt function in x509.h 
in PolarSSL 1.1.x before 1.1
 CVE-2013-4622 (The 3G Mobile Hotspot feature on the HTC Droid Incredible has a 
defaul ...)
        NOT-FOR-US: HTC Droid Incredible
 CVE-2013-4621 (Magnolia CMS before 4.5.9 has multiple access bypass 
vulnerabilities ...)
-       TODO: check
+       NOT-FOR-US: Magnolia CMS
 CVE-2013-4620 (Cross-site scripting (XSS) vulnerability in 
interface/main/onotes/offi ...)
        NOT-FOR-US: OpenEMR
 CVE-2013-4619 (Multiple SQL injection vulnerabilities in OpenEMR 4.1.1 allow 
remote a ...)
@@ -262835,13 +262835,13 @@ CVE-2013-3090 (Multiple cross-site scripting (XSS) 
vulnerabilities in Belkin N30
 CVE-2013-3089 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in 
Belkin ...)
        NOT-FOR-US: Belkin N300
 CVE-2013-3088 (Belkin N900 router (F9K1104v1) contains an Authentication 
Bypass using ...)
-       TODO: check
+       NOT-FOR-US: Belkin N900 router
 CVE-2013-3087 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin 
N900 rou ...)
        NOT-FOR-US: Belkin N900 router
 CVE-2013-3086 (Cross-site request forgery (CSRF) vulnerability in 
util_system.html in ...)
        NOT-FOR-US: Belkin N900
 CVE-2013-3085 (An authentication bypass exists in the web management interface 
in Bel ...)
-       TODO: check
+       NOT-FOR-US: Belkin
 CVE-2013-3084 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin 
Model F5 ...)
        NOT-FOR-US: Belkin router
 CVE-2013-3083 (Cross-site request forgery (CSRF) vulnerability in 
cgi-bin/system_sett ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ab237205c754d635804a06bc4a301b53f32fa07

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ab237205c754d635804a06bc4a301b53f32fa07
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to