Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8d2c2419 by Salvatore Bonaccorso at 2020-01-24T09:55:42+01:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -238869,7 +238869,7 @@ CVE-2012-6665 (Directory traversal vulnerability in
index.php in phpMoneyBooks 1
CVE-2012-6664
RESERVED
CVE-2012-6663 (General Electric D20ME devices are not properly configured and
reveal ...)
- TODO: check
+ NOT-FOR-US: General Electric D20ME devices
CVE-2014-8988 (MantisBT before 1.2.18 allows remote authenticated users to
bypass the ...)
{DSA-3120-1}
- mantis <removed>
@@ -241510,7 +241510,7 @@ CVE-2014-7861 (The IOHIDSecurePromptClient function
in Apple OS X does not prope
CVE-2011-5282 (mIRC prior to 7.22 has a message leak because chopping of
outbound mes ...)
NOT-FOR-US: mIRC
CVE-2008-7314 (mIRC before 6.35 allows attackers to cause a denial of service
(crash) ...)
- TODO: check
+ NOT-FOR-US: mIRC
CVE-2014-7975 (The do_umount function in fs/namespace.c in the Linux kernel
through 3 ...)
- linux 3.16.7-1
[wheezy] - linux <not-affected> (User namespaces only usable in later
kernels)
@@ -249058,7 +249058,7 @@ CVE-2014-4644 (SQL injection vulnerability in
superlinks.php in the superlinks p
CVE-2014-4643 (Multiple heap-based buffer overflows in the client in Core FTP
LE 2.2 ...)
NOT-FOR-US: Core FTP client
CVE-2012-6649 (WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to
execute ...)
- TODO: check
+ NOT-FOR-US: WordPress WP GPX Maps Plugin
CVE-2014-4721 (The phpinfo implementation in ext/standard/info.c in PHP before
5.4.30 ...)
{DSA-2974-1 DLA-0018-1}
- php5 5.6.0~rc1+dfsg-2 (low)
@@ -262879,9 +262879,9 @@ CVE-2013-6775 (The Chainfire SuperSU package before
1.69 for Android allows atta
CVE-2013-6774 (Untrusted search path vulnerability in the ChainsDD Superuser
package ...)
NOT-FOR-US: Chainfire SuperSU package
CVE-2013-6773 (Splunk 5.0.3 has an Unquoted Service Path in Windows for
Universal For ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2013-6772 (Splunk before 5.0.4 lacks X-Frame-Options which can allow
Clickjacking ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2013-6771 (Directory traversal vulnerability in the collect script in
Splunk befo ...)
NOT-FOR-US: Splunk
CVE-2013-6770 (The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1
for Andro ...)
@@ -286371,7 +286371,7 @@ CVE-2009-5123 (The Antivirus component in Comodo
Internet Security before 3.11.1
CVE-2012-4667 (Multiple cross-site scripting (XSS) vulnerabilities in
SquidClamav 5.x ...)
- squidclamav <removed> (bug #685398)
CVE-2012-4606 (Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6
Common Cri ...)
- TODO: check
+ NOT-FOR-US: Citrix XenServer
CVE-2011-5117 (Sophos SafeGuard Enterprise Device Encryption 5.x through
5.50.8.13, S ...)
NOT-FOR-US: Sophos SafeGuard
CVE-2011-5116 (SQL injection vulnerability in setseed-hub in SetSeed CMS
5.8.20, 5.11 ...)
@@ -293019,7 +293019,7 @@ CVE-2012-2088 (Integer signedness error in the
TIFFReadDirectory function in tif
- tiff 4.0-1 (bug #678140)
- tiff3 3.9.6-6
CVE-2012-2087 (ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and
chown entir ...)
- TODO: check
+ NOT-FOR-US: ISPConfig
CVE-2012-2086 (SQL injection vulnerability in the get_last_conversation_lines
functio ...)
{DSA-2453-2 DSA-2453-1}
- gajim 0.15-1 (low; bug #668038)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8d2c24199ea3f2fce5aadb1663d6c200ae813cb4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8d2c24199ea3f2fce5aadb1663d6c200ae813cb4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
