[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Aug 21 21:18:42 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1d07bb64 by Salvatore Bonaccorso at 2019-08-21T20:17:58Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -236,7 +236,7 @@ CVE-2019-15211 (An issue was discovered in the Linux kernel before 5.2.6. There
CVE-2018-20978 (The wp-all-import plugin before 3.4.7 for WordPress has XSS. ...)
NOT-FOR-US: Wordpress plugin
CVE-2018-20977 (The all-in-one-schemaorg-rich-snippets plugin before 1.5.0 for WordPre ...)
- TODO: check
+ NOT-FOR-US: all-in-one-schemaorg-rich-snippets plugin for WordPress
CVE-2017-18569 (The my-wp-translate plugin before 1.0.4 for WordPress has CSRF. ...)
NOT-FOR-US: Wordpress plugin
CVE-2017-18568 (The my-wp-translate plugin before 1.0.4 for WordPress has XSS. ...)
@@ -246,31 +246,31 @@ CVE-2017-18567 (The wp-all-import plugin before 3.4.6 for WordPress has XSS. ...
CVE-2017-18566 (The user-role plugin before 1.5.6 for WordPress has multiple XSS issue ...)
NOT-FOR-US: Wordpress plugin
CVE-2017-18565 (The updater plugin before 1.35 for WordPress has multiple XSS issues. ...)
- TODO: check
+ NOT-FOR-US: updater plugin for WordPress
CVE-2017-18564 (The sender plugin before 1.2.1 for WordPress has multiple XSS issues. ...)
- TODO: check
+ NOT-FOR-US: sender plugin for WordPress
CVE-2017-18563 (The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the ...)
- TODO: check
+ NOT-FOR-US: rsvp plugin for WordPress
CVE-2017-18562 (The error-log-viewer plugin before 1.0.6 for WordPress has multiple XS ...)
- TODO: check
+ NOT-FOR-US: error-log-viewer plugin for WordPress
CVE-2017-18561 (The embed-comment-images plugin before 0.6 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: embed-comment-images plugin for WordPress
CVE-2017-18560 (The content-audit plugin before 1.9.2 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: content-audit plugin for WordPress
CVE-2017-18559 (The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issue ...)
- TODO: check
+ NOT-FOR-US: cforms2 plugin for WordPress
CVE-2017-18558 (The bws-testimonials plugin before 0.1.9 for WordPress has multiple XS ...)
- TODO: check
+ NOT-FOR-US: bws-testimonials plugin for WordPress
CVE-2017-18557 (The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS ...)
- TODO: check
+ NOT-FOR-US: bws-google-maps plugin for WordPress
CVE-2017-18556 (The bws-google-analytics plugin before 1.7.1 for WordPress has multipl ...)
- TODO: check
+ NOT-FOR-US: bws-google-analytics plugin for WordPress
CVE-2017-18555 (The booking-sms plugin before 1.1.0 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: booking-sms plugin for WordPress
CVE-2017-18554 (The analytics-tracker plugin before 1.1.1 for WordPress has XSS via a ...)
- TODO: check
+ NOT-FOR-US: analytics-tracker plugin for WordPress
CVE-2017-18553 (The ad-buttons plugin before 2.3.2 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: ad-buttons plugin for WordPress
CVE-2016-10915 (The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF. ...)
NOT-FOR-US: Wordpress plugin
CVE-2016-10914 (The add-from-server plugin before 3.3.2 for WordPress has CSRF for imp ...)
@@ -278,15 +278,15 @@ CVE-2016-10914 (The add-from-server plugin before 3.3.2 for WordPress has CSRF f
CVE-2016-10913 (The wp-latest-posts plugin before 3.7.5 for WordPress has XSS. ...)
NOT-FOR-US: Wordpress plugin
CVE-2016-10912 (The universal-analytics plugin before 1.3.1 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: universal-analytics plugin for WordPress
CVE-2016-10911 (The profile-builder plugin before 2.4.2 for WordPress has multiple XSS ...)
- TODO: check
+ NOT-FOR-US: profile-builder plugin for WordPress
CVE-2016-10910 (The formbuilder plugin before 1.06 for WordPress has multiple XSS issu ...)
- TODO: check
+ NOT-FOR-US: formbuilder plugin for WordPress
CVE-2016-10909 (The booking-calendar-contact-form plugin before 1.0.24 for WordPress h ...)
- TODO: check
+ NOT-FOR-US: booking-calendar-contact-form plugin for WordPress
CVE-2016-10908 (The booking-calendar-contact-form plugin before 1.0.24 for WordPress h ...)
- TODO: check
+ NOT-FOR-US: booking-calendar-contact-form plugin for WordPress
CVE-2015-9332 (The uninstall plugin before 1.2 for WordPress has CSRF to delete all t ...)
NOT-FOR-US: Wordpress plugin
CVE-2015-9331 (The wp-all-import plugin before 3.2.4 for WordPress has no prevention ...)
@@ -296,23 +296,23 @@ CVE-2015-9330 (The wp-all-import plugin before 3.2.5 for WordPress has blind SQL
CVE-2015-9329 (The wp-all-import plugin before 3.2.5 for WordPress has reflected XSS. ...)
NOT-FOR-US: Wordpress plugin
CVE-2015-9328 (The profile-builder plugin before 2.2.5 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: profile-builder plugin for WordPress
CVE-2015-9327 (The flickr-justified-gallery plugin before 3.4.0 for WordPress has XSS ...)
- TODO: check
+ NOT-FOR-US: flickr-justified-gallery plugin for WordPress
CVE-2014-10381 (The user-domain-whitelist plugin before 1.5 for WordPress has CSRF. ...)
NOT-FOR-US: Wordpress plugin
CVE-2014-10380 (The profile-builder plugin before 1.1.66 for WordPress has multiple XS ...)
- TODO: check
+ NOT-FOR-US: profile-builder plugin for WordPress
CVE-2014-10379 (The duplicate-post plugin before 2.6 for WordPress has SQL injection. ...)
- TODO: check
+ NOT-FOR-US: duplicate-post plugin for WordPress
CVE-2014-10378 (The duplicate-post plugin before 2.6 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: duplicate-post plugin for WordPress
CVE-2014-10377 (The cforms2 plugin before 13.2 for WordPress has XSS in lib_ajax.php. ...)
- TODO: check
+ NOT-FOR-US: cforms2 plugin for WordPress
CVE-2012-6715 (The formbuilder plugin before 0.9.1 for WordPress has XSS via a Refere ...)
- TODO: check
+ NOT-FOR-US: formbuilder plugin for WordPress
CVE-2012-6714 (The count-per-day plugin before 3.2.3 for WordPress has XSS via search ...)
- TODO: check
+ NOT-FOR-US: count-per-day plugin for WordPress
CVE-2011-5328 (The user-access-manager plugin before 1.2 for WordPress has CSRF. ...)
NOT-FOR-US: Wordpress plugin
CVE-2019-15210
@@ -569,13 +569,13 @@ CVE-2019-15114 (The formcraft-form-builder plugin before 1.2.2 for WordPress has
CVE-2019-15113 (The companion-sitemap-generator plugin before 3.7.0 for WordPress has ...)
NOT-FOR-US: companion-sitemap-generator plugin for WordPress
CVE-2019-15112 (The wp-slimstat plugin before 4.8.1 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: wp-slimstat plugin for WordPress
CVE-2019-15111 (The wp-front-end-profile plugin before 0.2.2 for WordPress has a privi ...)
- TODO: check
+ NOT-FOR-US: wp-front-end-profile plugin for WordPress
CVE-2019-15110 (The wp-front-end-profile plugin before 0.2.2 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: wp-front-end-profile plugin for WordPress
CVE-2019-15109 (The the-events-calendar plugin before 4.8.2 for WordPress has XSS via ...)
- TODO: check
+ NOT-FOR-US: the-events-calendar plugin for WordPress
CVE-2019-15108 (An issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-P ...)
NOT-FOR-US: WSO2 API Manager
CVE-2019-15107 (An issue was discovered in Webmin 1.882 through 1.921. The parameter o ...)
@@ -631,7 +631,7 @@ CVE-2018-20972 (The companion-auto-update plugin before 3.2.1 for WordPress has
CVE-2018-20971 (The church-admin plugin before 1.2550 for WordPress has CSRF affecting ...)
NOT-FOR-US: church-admin plugin for WordPress
CVE-2018-20970 (The pdf-print plugin before 2.0.3 for WordPress has multiple XSS issue ...)
- TODO: check
+ NOT-FOR-US: pdf-print plugin for WordPress
CVE-2018-20969 (do_ed_script in pch.c in GNU patch through 2.7.6 does not block string ...)
{DSA-4489-1 DLA-1864-1}
- patch 2.7.6-5
@@ -653,19 +653,19 @@ CVE-2017-18542 (The zendesk-help-center plugin before 1.0.5 for WordPress has mu
CVE-2017-18541 (The xo-security plugin before 1.5.3 for WordPress has XSS. ...)
NOT-FOR-US: xo-security plugin for WordPress
CVE-2017-18540 (The weblibrarian plugin before 3.4.8.7 for WordPress has XSS via front ...)
- TODO: check
+ NOT-FOR-US: weblibrarian plugin for WordPress
CVE-2017-18539 (The weblibrarian plugin before 3.4.8.6 for WordPress has XSS via front ...)
- TODO: check
+ NOT-FOR-US: weblibrarian plugin for WordPress
CVE-2017-18538 (The weblibrarian plugin before 3.4.8.5 for WordPress has XSS via front ...)
- TODO: check
+ NOT-FOR-US: weblibrarian plugin for WordPress
CVE-2017-18537 (The visitors-online plugin before 1.0.0 for WordPress has multiple XSS ...)
- TODO: check
+ NOT-FOR-US: visitors-online plugin for WordPress
CVE-2017-18536 (The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: stop-user-enumeration plugin for WordPress
CVE-2017-18535 (The smokesignal plugin before 1.2.7 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: smokesignal plugin for WordPress
CVE-2017-18534 (The share-on-diaspora plugin before 0.7.2 for WordPress has reflected ...)
- TODO: check
+ NOT-FOR-US: share-on-diaspora plugin for WordPress
CVE-2017-18533 (The rimons-twitter-widget plugin before 1.3 for WordPress has XSS. ...)
NOT-FOR-US: Wordpress plugin
CVE-2017-18532 (The realty plugin before 1.1.0 for WordPress has multiple XSS issues. ...)
@@ -685,21 +685,21 @@ CVE-2017-18526 (The moreads-se plugin before 1.4.7 for WordPress has XSS. ...)
CVE-2016-10904 (The olimometer plugin before 2.57 for WordPress has SQL injection. ...)
NOT-FOR-US: olimometer plugin for WordPress
CVE-2016-10903 (The GoDaddy godaddy-email-marketing-sign-up-forms plugin before 1.1.3 ...)
- TODO: check
+ NOT-FOR-US: GoDaddy godaddy-email-marketing-sign-up-forms plugin for WordPress
CVE-2016-10902 (The wp-customer-reviews plugin before 3.0.9 for WordPress has CSRF in ...)
- TODO: check
+ NOT-FOR-US: wp-customer-reviews plugin for WordPress
CVE-2016-10901 (The wp-customer-reviews plugin before 3.0.9 for WordPress has XSS in t ...)
- TODO: check
+ NOT-FOR-US: wp-customer-reviews plugin for WordPress
CVE-2016-10900 (The uji-countdown plugin before 2.0.7 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: uji-countdown plugin for WordPress
CVE-2016-10899 (The total-security plugin before 3.4.1 for WordPress has a settings-ch ...)
- TODO: check
+ NOT-FOR-US: total-security plugin for WordPress
CVE-2016-10898 (The total-security plugin before 3.4.1 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: total-security plugin for WordPress
CVE-2016-10897 (The sermon-browser plugin before 0.45.16 for WordPress has multiple XS ...)
- TODO: check
+ NOT-FOR-US: sermon-browser plugin for WordPress
CVE-2016-10896 (The seo-redirection plugin before 4.3 for WordPress has stored XSS. ...)
- TODO: check
+ NOT-FOR-US: seo-redirection plugin for WordPress
CVE-2016-10895 (The option-tree plugin before 2.6.0 for WordPress has XSS via an add_l ...)
NOT-FOR-US: Wordpress plugin
CVE-2015-9326 (The wp-business-intelligence-lite plugin before 1.6.3 for WordPress ha ...)
@@ -713,7 +713,7 @@ CVE-2015-9323 (The 404-to-301 plugin before 2.0.3 for WordPress has SQL injectio
CVE-2015-9322 (The erident-custom-login-and-dashboard plugin before 3.5 for WordPress ...)
NOT-FOR-US: erident-custom-login-and-dashboard plugin for WordPress
CVE-2015-9321 (The shortcode-factory plugin before 1.1.1 for WordPress has XSS via ad ...)
- TODO: check
+ NOT-FOR-US: shortcode-factory plugin for WordPress
CVE-2015-9320 (The option-tree plugin before 2.5.4 for WordPress has XSS related to a ...)
NOT-FOR-US: Wordpress plugin
CVE-2014-10376 (The i-recommend-this plugin before 3.7.3 for WordPress has SQL injecti ...)
@@ -770,7 +770,7 @@ CVE-2019-15065
CVE-2019-15064
RESERVED
CVE-2017-18525 (The megamenu plugin before 2.4 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: megamenu plugin for WordPress
CVE-2017-18524 (The football-pool plugin before 2.6.5 for WordPress has multiple XSS i ...)
NOT-FOR-US: Wordpress plugin
CVE-2017-18523 (The eelv-newsletter plugin before 4.6.1 for WordPress has CSRF in the ...)
@@ -778,7 +778,7 @@ CVE-2017-18523 (The eelv-newsletter plugin before 4.6.1 for WordPress has CSRF i
CVE-2017-18522 (The eelv-newsletter plugin before 4.6.1 for WordPress has XSS in the a ...)
NOT-FOR-US: Wordpress plugin
CVE-2017-18521 (The democracy-poll plugin before 5.4 for WordPress has CSRF via wp-adm ...)
- TODO: check
+ NOT-FOR-US: democracy-poll plugin for WordPress
CVE-2017-18520 (The democracy-poll plugin before 5.4 for WordPress has XSS via update_ ...)
NOT-FOR-US: Wordpress plugin
CVE-2017-18519 (The customer-area plugin before 7.4.3 for WordPress has XSS via admin ...)
@@ -788,7 +788,7 @@ CVE-2017-18518 (The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS
CVE-2017-18517 (The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS i ...)
NOT-FOR-US: Wordpress plugin
CVE-2017-18516 (The bws-linkedin plugin before 1.0.5 for WordPress has multiple XSS is ...)
- TODO: check
+ NOT-FOR-US: bws-linkedin plugin for WordPress
CVE-2016-10894 (xtrlock through 2.10 does not block multitouch events. Consequently, a ...)
- xtrlock <unfixed> (bug #830726)
CVE-2016-10893 (The crayon-syntax-highlighter plugin before 2.8.4 for WordPress has mu ...)
@@ -796,9 +796,9 @@ CVE-2016-10893 (The crayon-syntax-highlighter plugin before 2.8.4 for WordPress
CVE-2016-10892 (The chained-quiz plugin before 1.0 for WordPress has multiple XSS issu ...)
NOT-FOR-US: Wordpress plugin
CVE-2016-10891 (The aryo-activity-log plugin before 2.3.3 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: aryo-activity-log plugin for WordPress
CVE-2016-10890 (The aryo-activity-log plugin before 2.3.2 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: aryo-activity-log plugin for WordPress
CVE-2015-9319 (The gregs-high-performance-seo plugin before 1.6.2 for WordPress has X ...)
NOT-FOR-US: Wordpress plugin
CVE-2015-9318 (The awesome-support plugin before 3.1.7 for WordPress has a security i ...)
@@ -30248,15 +30248,15 @@ CVE-2019-4487
CVE-2019-4486
RESERVED
CVE-2019-4485 (IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4484 (IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4483 (IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend A ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4482 (IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to cro ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4481 (IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend A ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4480
RESERVED
CVE-2019-4479
@@ -30298,7 +30298,7 @@ CVE-2019-4462
CVE-2019-4461
RESERVED
CVE-2019-4460 (IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4459
RESERVED
CVE-2019-4458
@@ -30344,7 +30344,7 @@ CVE-2019-4439 (IBM Cloud Private 3.1.0, 3.1.1, and 3.1.2 does not invalidate ses
CVE-2019-4438
RESERVED
CVE-2019-4437 (IBM API Connect 2018.1 through 2018.4.1.6 may inadvertently leak sensi ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4436
RESERVED
CVE-2019-4435
@@ -30352,7 +30352,7 @@ CVE-2019-4435
CVE-2019-4434
RESERVED
CVE-2019-4433 (IBM InfoSphere Global Name Management 5.0 and 6.0 and IBM InfoSphere I ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4432
RESERVED
CVE-2019-4431
@@ -30368,9 +30368,9 @@ CVE-2019-4427
CVE-2019-4426
RESERVED
CVE-2019-4425 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 coul ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4424 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4423
RESERVED
CVE-2019-4422
@@ -30378,9 +30378,9 @@ CVE-2019-4422
CVE-2019-4421
RESERVED
CVE-2019-4420 (IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4419 (IBM Intelligent Operations Center V5.1.0 through V5.2.0 is vulnerable ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4418
RESERVED
CVE-2019-4417
@@ -30414,7 +30414,7 @@ CVE-2019-4404
CVE-2019-4403 (IBM Connections 6.0 is vulnerable to cross-site scripting. This vulner ...)
NOT-FOR-US: IBM
CVE-2019-4402 (IBM API Connect 2018.1 through 2018.4.1.6 developer portal could allow ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4401
RESERVED
CVE-2019-4400
@@ -30538,11 +30538,11 @@ CVE-2019-4342
CVE-2019-4341
RESERVED
CVE-2019-4340 (IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is vulnerable ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4339
RESERVED
CVE-2019-4338 (IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not prop ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4337 (IBM Robotic Process Automation with Automation Anywhere 11 could allow ...)
NOT-FOR-US: IBM
CVE-2019-4336 (IBM Robotic Process Automation with Automation Anywhere 11 uses an ina ...)
@@ -30598,11 +30598,11 @@ CVE-2019-4312
CVE-2019-4311
RESERVED
CVE-2019-4310 (IBM Security Guardium Big Data Intelligence 4.0 (SonarG) uses an inade ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4309
RESERVED
CVE-2019-4308 (IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4307
RESERVED
CVE-2019-4306
@@ -30630,7 +30630,7 @@ CVE-2019-4296 (IBM Robotic Process Automation with Automation Anywhere 11 inform
CVE-2019-4295 (IBM Robotic Process Automation with Automation Anywhere 11 could allow ...)
NOT-FOR-US: IBM
CVE-2019-4294 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.6, 7.6.0.0 through 7 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4293 (IBM Storwize V7000 Unified (2073) 1.6 configuration may allow an attac ...)
NOT-FOR-US: IBM
CVE-2019-4292 (IBM Security Guardium 10.5 could allow a remote attacker to upload arb ...)
@@ -30712,7 +30712,7 @@ CVE-2019-4255
CVE-2019-4254
RESERVED
CVE-2019-4253 (IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a loca ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4252 (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 co ...)
NOT-FOR-US: IBM
CVE-2019-4251
@@ -30884,7 +30884,7 @@ CVE-2019-4169
CVE-2019-4168
RESERVED
CVE-2019-4167 (IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4166 (IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing att ...)
NOT-FOR-US: IBM
CVE-2019-4165 (IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to ...)
@@ -30978,13 +30978,13 @@ CVE-2019-4122
CVE-2019-4121
RESERVED
CVE-2019-4120 (IBM Cloud Private 3.1.1 and 3.1.2 is vulnerable to cross-site scriptin ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4119 (IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 ...)
NOT-FOR-US: IBM
CVE-2019-4118 (IBM Multicloud Manager 3.1.0, 3.1.1, and 3.1.2 ibm-mcm-chart could all ...)
NOT-FOR-US: IBM
CVE-2019-4117 (IBM Cloud Private 3.1.1 and 3.1.2 is vulnerable to cross-site request ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4116 (IBM Cloud Private 2.1.0, 3.1.0, and 3.1.1 could disclose highly sensit ...)
NOT-FOR-US: IBM
CVE-2019-4115
@@ -31120,7 +31120,7 @@ CVE-2019-4051 (Some URIs in IBM API Connect 2018.1 and 2018.4.1.3 disclose syste
CVE-2019-4050
RESERVED
CVE-2019-4049 (IBM MQ 9.1.0.0, 9.1.0.1, 9.1.1, and 9.1.0.2 is vulnerable to a denial ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4048 (IBM Maximo Asset Management 7.6 could allow a physical user of the sys ...)
NOT-FOR-US: IBM Maximo Asset Management
CVE-2019-4047 (IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated us ...)
@@ -31987,7 +31987,7 @@ CVE-2019-3755
CVE-2019-3754
RESERVED
CVE-2019-3753 (Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K runn ...)
- TODO: check
+ NOT-FOR-US: EMC
CVE-2019-3752
RESERVED
CVE-2019-3751
@@ -91772,7 +91772,7 @@ CVE-2018-1798 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulner
CVE-2018-1797 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using Enterpri ...)
NOT-FOR-US: IBM
CVE-2018-1796 (IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a loca ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1795 (IBM Robotic Process Automation with Automation Anywhere Enterprise 10 ...)
NOT-FOR-US: IBM
CVE-2018-1794 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using OAuth ea ...)
@@ -92092,19 +92092,19 @@ CVE-2018-1638 (IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce
CVE-2018-1637
RESERVED
CVE-2018-1636 (Stack-based buffer overflow in oninit in IBM Informix Dynamic Server E ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1635 (Stack-based buffer overflow in oninit in IBM Informix Dynamic Server E ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1634 (IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a loca ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1633 (IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a loca ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1632 (IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a loca ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1631 (IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a loca ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1630 (IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a loca ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1629
RESERVED
CVE-2018-1628
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d07bb6410367af8d87752d027d4b86e1c1bd213
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1d07bb6410367af8d87752d027d4b86e1c1bd213
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190821/ba384500/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list