[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Apr 10 07:04:34 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e822b71b by Salvatore Bonaccorso at 2019-04-10T06:04:13Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10113,7 +10113,7 @@ CVE-2019-7175 (In ImageMagick before 7.0.8-25, some memory leaks exist in Decode
NOTE: https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1450
CVE-2019-7174 (Roxy Fileman 1.4.5 allows attackers to execute renamefile.php (aka Ren ...)
- TODO: check
+ NOT-FOR-US: Roxy Fileman
CVE-2019-7173 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacke ...)
NOT-FOR-US: Croogo
CVE-2019-7172 (A stored-self XSS exists in ATutor through v2.2.4, allowing an attacke ...)
@@ -27311,7 +27311,7 @@ CVE-2019-0776 (An information disclosure vulnerability exists when the win32k co
CVE-2019-0775 (An information disclosure vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0774 (An information disclosure vulnerability exists when the Windows GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2019-0773 (A remote code execution vulnerability exists in the way that the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0772 (A remote code execution vulnerability exists in the way that the VBScr ...)
@@ -27411,7 +27411,7 @@ CVE-2019-0728 (A remote code execution vulnerability exists in Visual Studio Cod
CVE-2019-0727
RESERVED
CVE-2019-0726 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0725
RESERVED
CVE-2019-0724 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
@@ -27467,25 +27467,25 @@ CVE-2019-0700
CVE-2019-0699
RESERVED
CVE-2019-0698 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0697 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0696 (An elevation of privilege vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0695 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
NOT-FOR-US: Microsoft
CVE-2019-0694 (An elevation of privilege vulnerability exists due to an integer overf ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0693 (An elevation of privilege vulnerability exists due to an integer overf ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0692 (An elevation of privilege vulnerability exists due to an integer overf ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0691
RESERVED
CVE-2019-0690 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
NOT-FOR-US: Microsoft
CVE-2019-0689 (An elevation of privilege vulnerability exists due to an integer overf ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0688
RESERVED
CVE-2019-0687
@@ -27499,7 +27499,7 @@ CVE-2019-0684
CVE-2019-0683 (An elevation of privilege vulnerability exists in Active Directory For ...)
NOT-FOR-US: Microsoft
CVE-2019-0682 (An elevation of privilege vulnerability exists due to an integer overf ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0681
RESERVED
CVE-2019-0680 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -27529,11 +27529,11 @@ CVE-2019-0669 (An information disclosure vulnerability exists when Microsoft Exc
CVE-2019-0668 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
NOT-FOR-US: Microsoft
CVE-2019-0667 (A remote code execution vulnerability exists in the way that the VBScr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0666 (A remote code execution vulnerability exists in the way that the VBScr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0665 (A remote code execution vulnerability exists in the way that the VBScr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0664 (An information disclosure vulnerability exists when the Windows GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0663 (An information disclosure vulnerability exists when the Windows kernel ...)
@@ -27585,7 +27585,7 @@ CVE-2019-0641 (A security feature bypass vulnerability exists in Microsoft Edge
CVE-2019-0640 (A remote code execution vulnerability exists in the way that the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0639 (A remote code execution vulnerability exists in the way that the Chakr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0638
RESERVED
CVE-2019-0637 (A security feature bypass vulnerability exists when Windows Defender F ...)
@@ -27629,13 +27629,13 @@ CVE-2019-0619 (An information disclosure vulnerability exists when the Windows G
CVE-2019-0618 (A remote code execution vulnerability exists in the way that the Windo ...)
NOT-FOR-US: Microsoft
CVE-2019-0617 (A remote code execution vulnerability exists when the Windows Jet Data ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0616 (An information disclosure vulnerability exists when the Windows GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0615 (An information disclosure vulnerability exists when the Windows GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0614 (An information disclosure vulnerability exists when the Windows GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0613 (A remote code execution vulnerability exists in .NET Framework and Vis ...)
NOT-FOR-US: Microsoft
CVE-2019-0612 (A security feature bypass vulnerability exists when Click2Play protect ...)
@@ -190907,7 +190907,7 @@ CVE-2014-9188 (Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider
CVE-2014-9187 (Multiple heap-based buffer overflow vulnerabilities exist in Honeywell ...)
NOT-FOR-US: Honeywell Experion PKS
CVE-2014-9186 (A file inclusion vulnerability exists in the confd.exe module in Honey ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2014-9185 (Static code injection vulnerability in install.php in Morfy CMS 1.05 a ...)
NOT-FOR-US: Morfy CMS
CVE-2014-9184 (ZTE ZXDSL 831CII allows remote attackers to bypass authentication via ...)
@@ -201128,9 +201128,9 @@ CVE-2014-5438 (Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG86
CVE-2014-5437 (Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS To ...)
NOT-FOR-US: Arris Touchstone
CVE-2014-5436 (A directory traversal vulnerability exists in the confd.exe module in ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2014-5435 (An arbitrary memory write vulnerability exists in the dual_onsrv.exe m ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2014-5434 (Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) wi ...)
NOT-FOR-US: Baxter SIGMA Spectrum Infusion System
CVE-2014-5433 (An unauthenticated remote attacker may be able to execute commands to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e822b71bdb6d53f07a8292b0c8654391c0124a54
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e822b71bdb6d53f07a8292b0c8654391c0124a54
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190410/c6c4cfdf/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list