[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Mon Aug 26 21:30:07 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
09b6f80a by Salvatore Bonaccorso at 2019-08-26T20:29:47Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2019-15639
CVE-2019-15638
RESERVED
CVE-2019-15637 (Numerous Tableau products are vulnerable to XXE via a malicious workbo ...)
- TODO: check
+ NOT-FOR-US: Tableau
CVE-2019-15636
RESERVED
CVE-2019-15635
@@ -141,7 +141,7 @@ CVE-2019-15573 (Gesior-AAC before 2019-05-01 allows SQL injection in tankyou.php
CVE-2019-15572 (Gesior-AAC before 2019-05-01 allows ServiceCategoryID SQL injection in ...)
TODO: check
CVE-2019-15571 (The WEB control panel before 2019-04-30 for ClonOS allows SQL injectio ...)
- TODO: check
+ NOT-FOR-US: WEB control panel for ClonOS
CVE-2019-15570 (BEdita through 4.0.0-RC2 allows SQL injection during a save operation ...)
TODO: check
CVE-2019-15569 (HM Courts & Tribunals ccd-data-store-api before 2019-06-10 allows ...)
@@ -151,11 +151,11 @@ CVE-2019-15568 (idseq-web before 2019-07-01 in Infectious Disease Sequencing Pla
CVE-2019-15567 (OpenForis Arena before 2019-05-07 allows SQL injection in the sorting ...)
TODO: check
CVE-2019-15566 (The Alfresco application before 1.8.7 for Android allows SQL injection ...)
- TODO: check
+ NOT-FOR-US: Alfresco application for Android
CVE-2019-15565 (The ICOMMKT connector before 1.0.7 for PrestaShop allows SQL injection ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2019-15564 (The Compassion Switzerland addons 10.01.4 for Odoo allow SQL injection ...)
- TODO: check
+ NOT-FOR-US: Compassion Switzerland addons for Odoo
CVE-2019-15563 (Observational Health Data Sciences and Informatics (OHDSI) WebAPI befo ...)
TODO: check
CVE-2019-15562 (GORM before 1.9.10 allows SQL injection via incomplete parentheses. ...)
@@ -275,7 +275,7 @@ CVE-2019-15526 (An issue was discovered on D-Link DIR-823G devices with firmware
CVE-2019-15525 (There is Missing SSL Certificate Validation in the pw3270 terminal emu ...)
TODO: check
CVE-2019-15524 (CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by a .php ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2019-15523
RESERVED
CVE-2019-15522
@@ -309,15 +309,15 @@ CVE-2019-15509
CVE-2019-15508 (In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy ...)
TODO: check
CVE-2019-15507 (In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request pr ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2019-15506 (An issue was discovered in Kaseya Virtual System Administrator (VSA) t ...)
- TODO: check
+ NOT-FOR-US: Kaseya Virtual System Administrator (VSA)
CVE-2019-15505 (drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through ...)
- linux <unfixed>
CVE-2019-15504 (drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2 ...)
- linux <unfixed>
CVE-2019-15503 (cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCM ...)
- TODO: check
+ NOT-FOR-US: AltaVoz Prontus
CVE-2019-15502
RESERVED
CVE-2019-15501 (Reflected cross site scripting (XSS) in L-Soft LISTSERV before 16.5-20 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/09b6f80af4ff2e3888b6fb8461ca031f51be780d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/09b6f80af4ff2e3888b6fb8461ca031f51be780d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190826/99beaf7f/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list