[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso
carnil at debian.org
Thu Dec 5 08:23:47 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ba8c3a5f by Salvatore Bonaccorso at 2019-12-05T08:23:17Z
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1029,9 +1029,9 @@ CVE-2020-1976
CVE-2020-1975
RESERVED
CVE-2019-19598 (D-Link DAP-1860 devices before v1.04b03 Beta allow access to administr ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2019-19597 (D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote co ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2019-19596 (GitBook through 2.6.9 allows XSS via a local .md file. ...)
TODO: check
CVE-2019-19595
@@ -1051,7 +1051,7 @@ CVE-2019-19589 (The Lever PDF Embedder plugin 4.4 for WordPress does not block t
CVE-2019-19588 (The validators package 0.12.2 through 0.12.5 for Python enters an infi ...)
TODO: check
CVE-2019-19587 (In WSO2 Enterprise Integrator 6.5.0, reflected XSS occurs when updatin ...)
- TODO: check
+ NOT-FOR-US: WSO2 Enterprise Integrator
CVE-2019-19586
RESERVED
CVE-2019-19585
@@ -1074,7 +1074,7 @@ CVE-2019-19579 (An issue was discovered in Xen through 4.12.x allowing attackers
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-306.html
CVE-2019-19576 (class.upload.php in verot.net class.upload before 1.0.3 and 2.x before ...)
- TODO: check
+ NOT-FOR-US: K2 extension for Joomla!
CVE-2019-19575
RESERVED
CVE-2019-19574
@@ -11894,7 +11894,7 @@ CVE-2019-16754 (RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN
CVE-2019-16753 (An issue was discovered in Decentralized Anonymous Payment System (DAP ...)
TODO: check
CVE-2019-16752 (An issue was discovered in Decentralized Anonymous Payment System (DAP ...)
- TODO: check
+ NOT-FOR-US: Decentralized Anonymous Payment System (DAPS)
CVE-2019-16751 (An issue was discovered in Devise Token Auth through 1.1.2. The omniau ...)
NOT-FOR-US: Devise Token Auth
CVE-2019-16750
@@ -29163,7 +29163,7 @@ CVE-2019-11218 (Improper handling of extra parameters in the AccountController (
CVE-2019-11217 (The GitController in Jakub Chodounsky Bonobo Git Server before 6.5.0 a ...)
NOT-FOR-US: Bonobo Git Server
CVE-2019-11216 (BMC Smart Reporting 7.3 20180418 allows authenticated XXE within the i ...)
- TODO: check
+ NOT-FOR-US: BMC Smart Reporting
CVE-2019-11215
RESERVED
CVE-2019-11214
@@ -113802,9 +113802,9 @@ CVE-2017-17052 (The mm_init function in kernel/fork.c in the Linux kernel before
CVE-2018-0730 (This command injection vulnerability in File Station allows attackers ...)
TODO: check
CVE-2018-0729 (This command injection vulnerability in Music Station allows attackers ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2018-0728 (This improper access control vulnerability in Helpdesk allows attacker ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2018-0727
RESERVED
CVE-2018-0726
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ba8c3a5f1b2ac045fb86a5dc6399db4c7e8edd01
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ba8c3a5f1b2ac045fb86a5dc6399db4c7e8edd01
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191205/ddec4aaa/attachment.html>
More information about the debian-security-tracker-commits
mailing list