[Git][security-tracker-team/security-tracker][master] Process NFUs

Wed Apr 3 21:07:31 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dcc9818f by Salvatore Bonaccorso at 2019-04-03T20:07:08Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -104,7 +104,7 @@ CVE-2019-10675
 CVE-2019-10674
 	RESERVED
 CVE-2019-10673 (A CSRF vulnerability in a logged-in user's profile edit form in the Ul ...)
-	TODO: check
+	NOT-FOR-US: Ultimate Member plugin for WordPress
 CVE-2019-10671
 	RESERVED
 CVE-2019-10670
@@ -10661,7 +10661,7 @@ CVE-2019-6533 (Registers used to store Modbus values can be read and written fro
 CVE-2019-6532
 	RESERVED
 CVE-2019-6531 (An attacker could retrieve passwords from a HTTP GET request from the  ...)
-	TODO: check
+	NOT-FOR-US: Kunbus
 CVE-2019-6530
 	RESERVED
 CVE-2019-6529
@@ -10712,7 +10712,7 @@ CVE-2019-6508 (An issue was discovered in creditease-sec insight through 2018-09
 CVE-2019-6507 (An issue was discovered in creditease-sec insight through 2018-09-11.  ...)
 	NOT-FOR-US: creditease-sec
 CVE-2019-6506 (SalesAgility SuiteCRM 7.11.0 allows SQL Injection. ...)
-	TODO: check
+	NOT-FOR-US: SalesAgility SuiteCRM
 CVE-2019-6505
 	RESERVED
 CVE-2019-6504 (Insufficient output sanitization in the Automic Web Interface (AWI), i ...)
@@ -28472,7 +28472,7 @@ CVE-2018-19277 (securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows
 CVE-2018-19276 (OpenMRS before 2.24.0 is affected by an Insecure Object Deserializatio ...)
 	NOT-FOR-US: OpenMRS
 CVE-2018-19275 (The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before  ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2018-19274 (Passing an absolute path to a file_exists check in phpBB before 3.2.4  ...)
 	{DLA-1593-1}
 	- phpbb3 <removed>
@@ -116391,11 +116391,11 @@ CVE-2017-6051 (An Uncontrolled Search Path Element issue was discovered in BLF-T
 CVE-2017-6050 (A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2. ...)
 	NOT-FOR-US: Ecava IntegraXor
 CVE-2017-6049 (Detcon Sitewatch Gateway, all versions without cellular, an attacker c ...)
-	TODO: check
+	NOT-FOR-US: Detcon Sitewatch Gateway
 CVE-2017-6048 (A Command Injection issue was discovered in Satel Iberia SenNet Data L ...)
 	NOT-FOR-US: Satel Iberia SenNet Data Logger and Electricity Meters
 CVE-2017-6047 (Detcon Sitewatch Gateway, all versions without cellular, Passwords are ...)
-	TODO: check
+	NOT-FOR-US: Detcon Sitewatch Gateway
 CVE-2017-6046 (An Insufficiently Protected Credentials issue was discovered in Sierra ...)
 	NOT-FOR-US: Sierra Wireless AirLink Raven
 CVE-2017-6045 (An Information Exposure issue was discovered in Trihedral VTScada Vers ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dcc9818f725b2a8a1d1e7f6a0ed5471b84264a21

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dcc9818f725b2a8a1d1e7f6a0ed5471b84264a21
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190403/9eb84f28/attachment.html>
