[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Dec 7 08:16:55 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
83a3f76c by Salvatore Bonaccorso at 2019-12-07T08:16:14Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6364,7 +6364,7 @@ CVE-2019-18577
 CVE-2019-18576
 	RESERVED
 CVE-2019-18575 (Dell Command Configure versions prior to 4.2.1 contain an uncontrolled ...)
-	TODO: check
+	NOT-FOR-US: Dell Command Configure
 CVE-2019-18574 (RSA Authentication Manager software versions prior to 8.4 P8 contain a ...)
 	NOT-FOR-US: RSA Authentication Manager software
 CVE-2019-18573
@@ -28331,7 +28331,7 @@ CVE-2019-11557 (The WebDorado Contact Form Builder plugin before 1.0.69 for Word
 CVE-2019-11556
 	RESERVED
 CVE-2019-11554 (The Audible application through 2.34.0 for Android has Missing SSL Cer ...)
-	TODO: check
+	NOT-FOR-US: Audible application for Android
 CVE-2019-11553 (In Code42 for Enterprise through 6.8.4, an administrator without web r ...)
 	NOT-FOR-US: Code42 for Enterprise
 CVE-2019-11552 (Code42 Enterprise and Crashplan for Small Business Client version 6.7  ...)
@@ -29050,7 +29050,7 @@ CVE-2019-11295
 CVE-2019-11294
 	RESERVED
 CVE-2019-11293 (Cloud Foundry UAA Release, versions prior to v74.10.0, when set to log ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry UAA Release
 CVE-2019-11292
 	RESERVED
 CVE-2019-11291 (Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior  ...)
@@ -41200,7 +41200,7 @@ CVE-2019-7203
 CVE-2019-7202
 	RESERVED
 CVE-2019-7201 (An unquoted service path vulnerability is reported to affect the servi ...)
-	TODO: check
+	NOT-FOR-US: QNAP NetBak Replicator
 CVE-2019-7200
 	RESERVED
 CVE-2019-7199
@@ -41208,17 +41208,17 @@ CVE-2019-7199
 CVE-2019-7198
 	RESERVED
 CVE-2019-7197 (A stored cross-site scripting (XSS) vulnerability has been reported to ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2019-7196
 	RESERVED
 CVE-2019-7195 (This external control of file name or path vulnerability allows remote ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2019-7194 (This external control of file name or path vulnerability allows remote ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2019-7193 (This improper input validation vulnerability allows remote attackers t ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2019-7192 (This improper access control vulnerability allows remote attackers to  ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2019-7191
 	RESERVED
 CVE-2019-7190
@@ -41232,11 +41232,11 @@ CVE-2019-7187
 CVE-2019-7186
 	RESERVED
 CVE-2019-7185 (This cross-site scripting (XSS) vulnerability in Music Station allows  ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2019-7184 (This cross-site scripting (XSS) vulnerability in Video Station allows  ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2019-7183 (This improper link resolution vulnerability allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2019-7182
 	RESERVED
 CVE-2019-7181 (Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and ea ...)
@@ -93695,7 +93695,7 @@ CVE-2018-7284 (A Buffer Overflow issue was discovered in Asterisk through 13.19.
 CVE-2018-7283
 	RESERVED
 CVE-2018-7282 (The username parameter of the TITool PrintMonitor solution during the  ...)
-	TODO: check
+	NOT-FOR-US: TITool
 CVE-2018-7281 (CactusVPN 5.3.6 for macOS contains a root privilege escalation vulnera ...)
 	NOT-FOR-US: CactusVPN for macOS
 CVE-2018-7280 (The Ninja Forms plugin before 3.2.14 for WordPress has XSS. ...)
@@ -113924,7 +113924,7 @@ CVE-2017-17052 (The mm_init function in kernel/fork.c in the Linux kernel before
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/2b7e8665b4ff51c034c55df3cff76518d1a9ee3a
 CVE-2018-0730 (This command injection vulnerability in File Station allows attackers  ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2018-0729 (This command injection vulnerability in Music Station allows attackers ...)
 	NOT-FOR-US: QNAP
 CVE-2018-0728 (This improper access control vulnerability in Helpdesk allows attacker ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/83a3f76c853765b2c471c47dd6d45f14e3eb2719

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/83a3f76c853765b2c471c47dd6d45f14e3eb2719
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191207/7190acfa/attachment.html>

More information about the debian-security-tracker-commits mailing list