Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0dc7f5de by Salvatore Bonaccorso at 2020-01-08T21:24:01+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2020-6583 (BigProf Online Invoicing System (OIS) through 2.6 has XSS that
can be ...)
- TODO: check
+ NOT-FOR-US: BigProf Online Invoicing System (OIS)
CVE-2020-6582
RESERVED
CVE-2020-6581
@@ -815,15 +815,15 @@ CVE-2020-6177
CVE-2019-20367 (nlist.c in libbsd before 0.10.0 has an out-of-bounds read
during a com ...)
TODO: check
CVE-2019-20366 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4
via isTr ...)
- TODO: check
+ NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20365 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4
via sear ...)
- TODO: check
+ NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20364 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4
via cach ...)
- TODO: check
+ NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20363 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4
via alia ...)
- TODO: check
+ NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20362 (In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before
19.08.3 ...)
- TODO: check
+ NOT-FOR-US: Teradici
CVE-2020-6176
RESERVED
CVE-2020-6175
@@ -2169,9 +2169,9 @@ CVE-2020-5513 (Gila CMS 1.11.8 allows /cm/delete?t=../
Directory Traversal. ...)
CVE-2020-5512 (Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal.
...)
NOT-FOR-US: Gila CMS
CVE-2020-5511 (PHPGurukul Small CRM v2.0 was found vulnerable to
authentication bypas ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Small CRM
CVE-2020-5510 (PHPGurukul Hostel Management System v2.0 allows SQL injection
via the ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Hostel Management System
CVE-2020-5509
RESERVED
CVE-2020-5508
@@ -3126,7 +3126,7 @@ CVE-2020-5185
CVE-2020-5184
RESERVED
CVE-2020-5183 (FTPGetter Professional 5.97.0.223 is vulnerable to a memory
corruption ...)
- TODO: check
+ NOT-FOR-US: FTPGetter Professional
CVE-2020-5182
RESERVED
CVE-2020-5181
@@ -11357,7 +11357,7 @@ CVE-2019-19546 (Norton Password Manager, prior to
6.6.2.5, may be susceptible to
CVE-2019-19545 (Norton Password Manager, prior to 6.6.2.5, may be susceptible
to a cro ...)
NOT-FOR-US: Norton Password Manager
CVE-2019-19544 (CA Automic Dollar Universe 5.3.3 contains a vulnerability,
related to ...)
- TODO: check
+ NOT-FOR-US: CA Automic Dollar Universe
CVE-2019-19542 (The ListingPro theme before v2.0.14.2 for WordPress has
Persistent XSS ...)
NOT-FOR-US: ListingPro theme for WordPress
CVE-2019-19541 (The ListingPro theme before v2.0.14.2 for WordPress has
Persistent XSS ...)
@@ -11440,7 +11440,7 @@ CVE-2019-19520 (xlock in OpenBSD 6.6 allows local users
to gain the privileges o
CVE-2019-19519 (In OpenBSD 6.6, local users can use the su -L option to
achieve any lo ...)
NOT-FOR-US: OpenBSD
CVE-2019-19518 (CA Automic Sysload 5.6.0 through 6.1.2 contains a
vulnerability, relat ...)
- TODO: check
+ NOT-FOR-US: CA Automic Sysload
CVE-2020-1964
RESERVED
CVE-2020-1963
@@ -11646,7 +11646,7 @@ CVE-2019-19497 (MDaemon Email Server 17.5.1 allows XSS
via the filename of an at
CVE-2019-19496 (Alfresco Enterprise before 5.2.5 allows stored XSS via an
uploaded HTM ...)
NOT-FOR-US: Alfresco
CVE-2019-19495 (The web interface on the Technicolor TC7230 STEB 01.25 is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: Technicolor
CVE-2019-19494
RESERVED
CVE-2019-19493 (Kentico before 12.0.50 allows file uploads in which the
Content-Type h ...)
@@ -21294,7 +21294,7 @@ CVE-2019-17078
CVE-2019-17077
RESERVED
CVE-2019-17076 (An issue was discovered in Jamf Pro 9.x and 10.x before
10.15.1. Deser ...)
- TODO: check
+ NOT-FOR-US: Jamf Pro
CVE-2019-17075 (An issue was discovered in write_tpt_entry in
drivers/infiniband/hw/cx ...)
- linux 5.3.7-1
[jessie] - linux <ignored> (Not a problem in practice)
@@ -56860,7 +56860,7 @@ CVE-2019-5084 (An exploitable heap out-of-bounds write
vulnerability exists in t
CVE-2019-5083 (An exploitable out-of-bounds write vulnerability exists in the
igcore1 ...)
NOT-FOR-US: Accusoft ImageGear
CVE-2019-5082 (An exploitable heap buffer overflow vulnerability exists in the
iochec ...)
- TODO: check
+ NOT-FOR-US: WAGO Firmware
CVE-2019-5081 (An exploitable heap buffer overflow vulnerability exists in the
iochec ...)
NOT-FOR-US: WAGO
CVE-2019-5080 (An exploitable denial-of-service vulnerability exists in the
iocheckd ...)
@@ -186161,19 +186161,19 @@ CVE-2016-6593 (A code-execution vulnerability
exists during startup in jhi.dll a
CVE-2016-6592
RESERVED
CVE-2016-6591 (A security bypass vulnerability exists in Symantec Norton App
Lock 1.0 ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6590 (A privilege escalation vulnerability exists when loading DLLs
during b ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6589 (A Denial of Service vulnerability exists in the ITMS workflow
process ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6588 (A Cross-Site Scripting (XSS) vulnerability exists in the ITMS
workflow ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6587 (An Information Disclosure vulnerability exists in the mid.dat
file sto ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6586 (A security bypass vulnerability exists in Symantec Norton
Mobile Secur ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6585 (A Denial of Service vulnerability exists in Symantec Norton
Mobile Sec ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6584
RESERVED
CVE-2016-6583
@@ -244118,7 +244118,7 @@ CVE-2014-5289 (Buffer overflow in Senkas Kolibri 2.0
allows remote attackers to
CVE-2014-5288
RESERVED
CVE-2014-5287 (A Bash script injection vulnerability exists in Kemp Load
Master 7.1-1 ...)
- TODO: check
+ NOT-FOR-US: Kemp Load Master
CVE-2014-5286 (The ActiveMatrix Policy Manager Authentication module in TIBCO
ActiveM ...)
NOT-FOR-US: TIBCO
CVE-2014-5285 (Unspecified vulnerability in the Authentication Module in TIBCO
Spotfi ...)
@@ -254953,7 +254953,7 @@ CVE-2014-1456 (Cross-site scripting (XSS)
vulnerability in the login page in Ope
CVE-2014-1455 (SQL injection vulnerability in the password reset functionality
in Pea ...)
NOT-FOR-US: Pearson eSIS Enterprise Student Information System
CVE-2014-1454 (Pearson eSIS (Enterprise Student Information System) message
board has ...)
- TODO: check
+ NOT-FOR-US: Pearson eSIS (Enterprise Student Information System)
message board
CVE-2014-1453 (The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not
acquir ...)
{DSA-2952-1}
- kfreebsd-8 <removed>
@@ -255119,7 +255119,7 @@ CVE-2014-1447 (Race condition in the
virNetServerClientStartKeepAlive function i
NOTE:
http://libvirt.org/git/?p=libvirt.git;a=commit;h=066c8ef6c18bc1faf8b3e10787b39796a7a06cc0
NOTE:
http://libvirt.org/git/?p=libvirt.git;a=commit;h=173c2914734eb5c32df6d35a82bf503e12261bcf
CVE-2014-1409 (MobileIron VSP versions prior to 5.9.1 and Sentry versions
prior to 5. ...)
- TODO: check
+ NOT-FOR-US: MobileIron VSP
CVE-2014-1404
RESERVED
CVE-2014-1403 (Cross-site scripting (XSS) vulnerability in name.html in
easyXDM befor ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0dc7f5deadb1506f0102271661908f0cb58d3f72
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0dc7f5deadb1506f0102271661908f0cb58d3f72
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
