[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Apr 25 21:41:26 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e700815d by Salvatore Bonaccorso at 2019-04-25T20:40:48Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2019-11537 (In osTicket before 1.12, XSS exists via /upload/file.php, /upload/scp/ ...)
-	TODO: check
+	NOT-FOR-US: osTicket
 CVE-2019-11536
 	RESERVED
 CVE-2019-11535
@@ -35,15 +35,15 @@ CVE-2019-11521
 CVE-2019-11520
 	RESERVED
 CVE-2019-11519 (Libraries/Nop.Services/Localization/LocalizationService.cs in nopComme ...)
-	TODO: check
+	NOT-FOR-US: nopCommerce
 CVE-2019-11518 (An issue was discovered in SEMCMS 3.8. SEMCMS_Inquiry.php allows AID[] ...)
-	TODO: check
+	NOT-FOR-US: SEMCMS
 CVE-2019-11517
 	RESERVED
 CVE-2019-11516
 	RESERVED
 CVE-2018-20823 (The gyroscope on Xiaomi Mi 5s devices allows attackers to cause a deni ...)
-	TODO: check
+	NOT-FOR-US: Xiaomi Mi 5s devices
 CVE-2019-11515 (core/classes/db_backup.php in Gila CMS 1.10.1 allows admin/db_backup?d ...)
 	NOT-FOR-US: Gila CMS
 CVE-2019-11514 (User/Command/ConfirmEmailHandler.php in Flarum before 0.1.0-beta.8 mis ...)
@@ -1362,7 +1362,7 @@ CVE-2019-10957
 CVE-2019-10956
 	RESERVED
 CVE-2019-10955 (In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versi ...)
-	TODO: check
+	NOT-FOR-US: Rockwell Automation
 CVE-2019-10954
 	RESERVED
 CVE-2019-10953 (ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable ...)
@@ -5191,7 +5191,7 @@ CVE-2019-9671
 CVE-2019-9670
 	RESERVED
 CVE-2019-9669 (The Wordfence plugin 7.2.3 for WordPress allows XSS via a unique attac ...)
-	TODO: check
+	NOT-FOR-US: Wordfence plugin for WordPress
 CVE-2019-9668
 	RESERVED
 CVE-2019-9667
@@ -24100,9 +24100,9 @@ CVE-2018-20055
 CVE-2018-20054
 	RESERVED
 CVE-2018-20053 (An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. ...)
-	TODO: check
+	NOT-FOR-US: Cerner Connectivity Engine (CCE) 4 devices
 CVE-2018-20052 (An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. ...)
-	TODO: check
+	NOT-FOR-US: Cerner Connectivity Engine (CCE) 4 devices
 CVE-2018-20051 (Mishandling of '>' on the Jooan JA-Q1H Wi-Fi camera with firmware 2 ...)
 	NOT-FOR-US: Jooan JA-Q1H Wi-Fi camera
 CVE-2018-20050 (Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi camera with f ...)
@@ -33343,7 +33343,7 @@ CVE-2018-18371
 CVE-2018-18370
 	RESERVED
 CVE-2018-18369 (Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows ...)
-	TODO: check
+	NOT-FOR-US: Norton Security
 CVE-2018-18368
 	RESERVED
 CVE-2018-18367
@@ -80102,7 +80102,7 @@ CVE-2017-17553 (The Dolphin Browser for Android 12.0.2 suffers from an insecure
 CVE-2017-17552 (/LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allo ...)
 	NOT-FOR-US: Zoho ManageEngine AD Manager Plus
 CVE-2018-1360 (A cleartext transmission of sensitive information vulnerability in For ...)
-	TODO: check
+	NOT-FOR-US: Fortinet
 CVE-2018-1359
 	RESERVED
 CVE-2018-1358
@@ -86441,7 +86441,7 @@ CVE-2017-16560 (SanDisk Secure Access 3.01 vault decrypts and copies encrypted f
 CVE-2017-16559
 	RESERVED
 CVE-2017-16558 (Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 contains an SQL injection vu ...)
-	TODO: check
+	NOT-FOR-US: Contao
 CVE-2017-16557 (K7 Antivirus Premium before 15.1.0.53 allows local users to gain privi ...)
 	NOT-FOR-US: K7 Antivirus
 CVE-2017-16556 (In K7 Antivirus Premium before 15.1.0.53, user-controlled input can be ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e700815d567547ba2602c023fdfd7c1deef7d64f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e700815d567547ba2602c023fdfd7c1deef7d64f
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190425/488f4bd3/attachment.html>

More information about the debian-security-tracker-commits mailing list