[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Mon Aug 12 21:25:09 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a0fb4ffa by Salvatore Bonaccorso at 2019-08-12T20:24:43Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,15 +9,15 @@ CVE-2019-14971
CVE-2019-14970
RESERVED
CVE-2019-14969 (Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\N ...)
- TODO: check
+ NOT-FOR-US: Netwrix Auditor
CVE-2019-14968 (An issue was discovered in imcat 4.9. There is SQL Injection via the i ...)
TODO: check
CVE-2019-14967 (An issue was discovered in Frappe Framework 10, 11 before 11.1.46, and ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2019-14966 (An issue was discovered in Frappe Framework 10 through 12 before 12.0. ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2019-14965 (An issue was discovered in Frappe Framework 10 through 12 before 12.0. ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2019-14964
RESERVED
CVE-2019-14963
@@ -45,19 +45,19 @@ CVE-2019-14953
CVE-2019-14952
RESERVED
CVE-2019-14951 (The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Le ...)
- TODO: check
+ NOT-FOR-US: Telenav Scout GPS Link app
CVE-2019-14950 (The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS vi ...)
- TODO: check
+ NOT-FOR-US: wp-live-chat-support plugin for WordPress
CVE-2019-14949 (The wp-database-backup plugin before 5.1.2 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: wp-database-backup plugin for WordPress
CVE-2019-14948 (The woocommerce-product-addon plugin before 18.4 for WordPress has XSS ...)
- TODO: check
+ NOT-FOR-US: woocommerce-product-addon plugin for WordPress
CVE-2019-14947 (The ultimate-member plugin before 2.0.52 for WordPress has XSS during ...)
- TODO: check
+ NOT-FOR-US: ultimate-member plugin for WordPress
CVE-2019-14946 (The ultimate-member plugin before 2.0.52 for WordPress has XSS related ...)
- TODO: check
+ NOT-FOR-US: ultimate-member plugin for WordPress
CVE-2019-14945 (The ultimate-member plugin before 2.0.54 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: ultimate-member plugin for WordPress
CVE-2019-14944
RESERVED
CVE-2019-14943
@@ -67,7 +67,7 @@ CVE-2019-14942
CVE-2019-14941
RESERVED
CVE-2019-14940 (In Storage Performance Development Kit (SPDK) before 19.07, a user of ...)
- TODO: check
+ NOT-FOR-US: Storage Performance Development Kit
CVE-2019-14939 (An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for N ...)
TODO: check
CVE-2019-14938
@@ -77,41 +77,41 @@ CVE-2019-14937
CVE-2019-14936
RESERVED
CVE-2019-14935 (3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA% ...)
- TODO: check
+ NOT-FOR-US: 3CX Phone 15 on Windows
CVE-2019-14934 (An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_ki ...)
TODO: check
CVE-2019-14933 (Bagisto 0.1.5 allows CSRF under /admin URIs. ...)
TODO: check
CVE-2019-14932 (The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 ...)
- TODO: check
+ NOT-FOR-US: Recruitment module in Humanica Humatrix
CVE-2018-20966 (The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in t ...)
- TODO: check
+ NOT-FOR-US: woocommerce-jetpack plugin for WordPress
CVE-2018-20965 (The ultimate-member plugin before 2.0.4 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: ultimate-member plugin for WordPress
CVE-2018-20964
RESERVED
CVE-2018-20963
RESERVED
CVE-2017-18508 (The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: wp-live-chat-support plugin for WordPress
CVE-2017-18507
RESERVED
CVE-2017-18506 (The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for Wo ...)
- TODO: check
+ NOT-FOR-US: woocommerce-pdf-invoices-packing-slips plugin for WordPress
CVE-2017-18505 (The twitter-plugin plugin before 2.55 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: twitter-plugin plugin for WordPress
CVE-2017-18504 (The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF. ...)
- TODO: check
+ NOT-FOR-US: twitter-cards-meta plugin for WordPress
CVE-2017-18503 (The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: twitter-cards-meta plugin for WordPress
CVE-2017-18502 (The subscriber plugin before 1.3.5 for WordPress has multiple XSS issu ...)
- TODO: check
+ NOT-FOR-US: subscriber plugin for WordPress
CVE-2017-18501 (The social-login-bws plugin before 0.2 for WordPress has multiple XSS ...)
- TODO: check
+ NOT-FOR-US: social-login-bws plugin for WordPress
CVE-2017-18500 (The social-buttons-pack plugin before 1.1.1 for WordPress has multiple ...)
- TODO: check
+ NOT-FOR-US: social-buttons-pack plugin for WordPress
CVE-2017-18499 (The simple-membership plugin before 3.5.7 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: simple-membership plugin for WordPress
CVE-2017-18498
RESERVED
CVE-2017-18497
@@ -137,21 +137,21 @@ CVE-2017-18488
CVE-2017-18487
RESERVED
CVE-2016-10879 (The wp-live-chat-support plugin before 6.2.02 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: wp-live-chat-support plugin for WordPress
CVE-2016-10878 (The wp-google-map-plugin plugin before 3.1.2 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: wp-google-map-plugin plugin for WordPress
CVE-2016-10877 (The wp-editor plugin before 1.2.6.3 for WordPress has multiple XSS iss ...)
- TODO: check
+ NOT-FOR-US: wp-editor plugin for WordPress
CVE-2016-10876 (The wp-database-backup plugin before 4.3.1 for WordPress has CSRF. ...)
- TODO: check
+ NOT-FOR-US: wp-database-backup plugin for WordPress
CVE-2016-10875 (The wp-database-backup plugin before 4.3.1 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: wp-database-backup plugin for WordPress
CVE-2016-10874 (The wp-database-backup plugin before 4.3.3 for WordPress has CSRF. ...)
- TODO: check
+ NOT-FOR-US: wp-database-backup plugin for WordPress
CVE-2016-10873 (The wp-database-backup plugin before 4.3.3 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: wp-database-backup plugin for WordPress
CVE-2016-10872 (The ultimate-member plugin before 1.3.40 for WordPress has XSS on the ...)
- TODO: check
+ NOT-FOR-US: ultimate-member plugin for WordPress
CVE-2016-10871
RESERVED
CVE-2016-10870
@@ -165,13 +165,13 @@ CVE-2016-10867
CVE-2016-10866
RESERVED
CVE-2015-9306 (The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS ...)
- TODO: check
+ NOT-FOR-US: wp-ultimate-csv-importer plugin for WordPress
CVE-2015-9305 (The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS rel ...)
- TODO: check
+ NOT-FOR-US: wp-google-map-plugin plugin for WordPress
CVE-2015-9304 (The ultimate-member plugin before 1.3.18 for WordPress has XSS via tex ...)
- TODO: check
+ NOT-FOR-US: ultimate-member plugin for WordPress
CVE-2015-9303 (The simple-share-buttons-adder plugin before 6.0.0 for WordPress has X ...)
- TODO: check
+ NOT-FOR-US: simple-share-buttons-adder plugin for WordPress
CVE-2015-9302
RESERVED
CVE-2015-9301
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a0fb4ffa4c4223409a781d878f66381b1fa1059e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a0fb4ffa4c4223409a781d878f66381b1fa1059e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190812/c463d56b/attachment.html>
More information about the debian-security-tracker-commits
mailing list