[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Fri Aug 9 23:48:22 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
65946f6c by Salvatore Bonaccorso at 2019-08-09T22:47:47Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,37 +5,37 @@ CVE-2019-14807
CVE-2019-14806 (Pallets Werkzeug before 0.15.3, when used with Docker, has insufficien ...)
TODO: check
CVE-2019-14805 (studio/builder_menu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the ...)
- TODO: check
+ NOT-FOR-US: UNA
CVE-2019-14804 (studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via t ...)
- TODO: check
+ NOT-FOR-US: UNA
CVE-2019-14803
RESERVED
CVE-2019-14802
RESERVED
CVE-2017-18486 (Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privi ...)
- TODO: check
+ NOT-FOR-US: Jitbit Helpdesk
CVE-2019-14801 (The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress ...)
- TODO: check
+ NOT-FOR-US: FV Flowplayer Video Player plugin for WordPress
CVE-2019-14800
RESERVED
CVE-2019-14799 (The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress ...)
- TODO: check
+ NOT-FOR-US: FV Flowplayer Video Player plugin for WordPress
CVE-2019-14798 (The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authent ...)
- TODO: check
+ NOT-FOR-US: 10Web Photo Gallery plugin for WordPress
CVE-2019-14797 (The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authent ...)
- TODO: check
+ NOT-FOR-US: 10Web Photo Gallery plugin for WordPress
CVE-2019-14796 (The mq-woocommerce-products-price-bulk-edit (aka Woocommerce Products ...)
- TODO: check
+ NOT-FOR-US: mq-woocommerce-products-price-bulk-edit (aka Woocommerce Products Price Bulk Edit) plugin for WordPress
CVE-2019-14795
RESERVED
CVE-2019-14794 (The Meta Box plugin before 4.16.2 for WordPress mishandles the uploadi ...)
- TODO: check
+ NOT-FOR-US: Meta Box plugin for WordPress
CVE-2019-14793 (The Meta Box plugin before 4.16.3 for WordPress allows file deletion v ...)
- TODO: check
+ NOT-FOR-US: Meta Box plugin for WordPress
CVE-2019-14792 (The WP Google Maps plugin before 7.11.35 for WordPress allows XSS via ...)
- TODO: check
+ NOT-FOR-US: WP Google Maps plugin for WordPress
CVE-2019-14791 (The Appointment Booking Calendar plugin 1.3.18 for WordPress allows XS ...)
- TODO: check
+ NOT-FOR-US: Appointment Booking Calendar plugin for WordPress
CVE-2019-14790
RESERVED
CVE-2019-14789
@@ -43,11 +43,11 @@ CVE-2019-14789
CVE-2019-14788
RESERVED
CVE-2019-14787 (The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XS ...)
- TODO: check
+ NOT-FOR-US: Tribulant Newsletters plugin for WordPress
CVE-2019-14786
RESERVED
CVE-2019-14785 (The "CP Contact Form with PayPal" plugin before 1.2.99 for WordPress h ...)
- TODO: check
+ NOT-FOR-US: "CP Contact Form with PayPal" plugin for WordPress
CVE-2019-14784
RESERVED
CVE-2019-14783 (On Samsung mobile devices with N(7.x), and O(8.x), P(9.0) software, Fo ...)
@@ -59,7 +59,7 @@ CVE-2019-14781
CVE-2019-14780
RESERVED
CVE-2016-10865 (The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cros ...)
- TODO: check
+ NOT-FOR-US: Lightbox Plus Colorbox plugin for WordPress
CVE-2019-14779
RESERVED
CVE-2019-14778
@@ -1770,7 +1770,7 @@ CVE-2019-14314
CVE-2019-14313 (A SQL injection vulnerability exists in the 10Web Photo Gallery plugin ...)
NOT-FOR-US: 10Web Photo Gallery plugin for WordPress
CVE-2019-14312 (Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulner ...)
- TODO: check
+ NOT-FOR-US: Aptana Jaxer
CVE-2019-14311
RESERVED
CVE-2019-14310
@@ -7934,11 +7934,11 @@ CVE-2019-12267
CVE-2019-12266
RESERVED
CVE-2019-12265 (Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Le ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks
CVE-2019-12264 (Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect ...)
NOT-FOR-US: Wind River VxWorks
CVE-2019-12263 (Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP comp ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks
CVE-2019-12262
RESERVED
CVE-2019-12261
@@ -7946,13 +7946,13 @@ CVE-2019-12261
CVE-2019-12260
RESERVED
CVE-2019-12259 (Wind River VxWorks 6.9 and vx7 has an array index error in the IGMPv3 ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks
CVE-2019-12258
RESERVED
CVE-2019-12257 (Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the DHCP clien ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks
CVE-2019-12256 (Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 compo ...)
- TODO: check
+ NOT-FOR-US: Wind River VxWorks
CVE-2019-12255
RESERVED
CVE-2019-12254
@@ -26208,7 +26208,7 @@ CVE-2019-5500
CVE-2019-5499
RESERVED
CVE-2019-5498 (OnCommand Insight versions through 7.3.6 may disclose sensitive accoun ...)
- TODO: check
+ NOT-FOR-US: OnCommand Insight
CVE-2019-5497 (NetApp AFF A700s Baseboard Management Controller (BMC) firmware versio ...)
NOT-FOR-US: NetApp AFF A700s Baseboard Management Controller firmware
CVE-2019-5496 (Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP ...)
@@ -26456,33 +26456,33 @@ CVE-2019-5410
CVE-2019-5409
RESERVED
CVE-2019-5408 (Command View Advanced Edition (CVAE) products contain a vulnerability ...)
- TODO: check
+ NOT-FOR-US: Command View Advanced Edition (CVAE) products
CVE-2019-5407 (A remote information disclosure vulnerability was discovered in HPE 3P ...)
- TODO: check
+ NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5406 (A remote session reuse vulnerability was discovered in HPE 3PAR StoreS ...)
- TODO: check
+ NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5405 (A remote authorization bypass vulnerability was discovered in HPE 3PAR ...)
- TODO: check
+ NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5404 (A remote script injection vulnerability was discovered in HPE 3PAR Sto ...)
- TODO: check
+ NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5403 (A remote multiple cross-site scripting vulnerability was discovered in ...)
- TODO: check
+ NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5402 (A remote authorization bypass vulnerability was discovered in HPE 3PAR ...)
- TODO: check
+ NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5401 (A potential security vulnerability has been identified in HP2910al-48G ...)
NOT-FOR-US: HP HP2910al-48G
CVE-2019-5400 (A remote session reuse vulnerability was discovered in HPE 3PAR Servic ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2019-5399 (A remote gain authorized access vulnerability was discovered in HPE 3P ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2019-5398 (A remote multiple multiple cross-site vulnerability was discovered in ...)
TODO: check
CVE-2019-5397 (A remote bypass of security restrictions vulnerability was discovered ...)
TODO: check
CVE-2019-5396 (A remote authentication bypass vulnerability was discovered in HPE 3PA ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2019-5395 (A remote arbitrary file upload vulnerability was discovered in HPE 3PA ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2019-5394 (The HPE Nonstop Maintenance Entity family of products are vulnerable t ...)
NOT-FOR-US: HPE
CVE-2019-5393 (A remote code execution vulnerability was identified in HPE Intelligen ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/65946f6caade9a589df20879d0a7ed41de88420b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/65946f6caade9a589df20879d0a7ed41de88420b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190809/6b3f718f/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list