[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Mon Feb 11 15:31:39 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fb8dda88 by Salvatore Bonaccorso at 2019-02-11T15:31:17Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2019-XXXX [borgbackup unspecified security issue]
- borgbackup 1.1.9-1
CVE-2019-7721 (lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the ...)
- TODO: check
+ NOT-FOR-US: nc-cms
CVE-2019-7720 (taocms through 2014-05-24 allows eval injection by placing PHP code in ...)
TODO: check
CVE-2019-7719 (Nibbleblog 4.0.5 allows eval injection by placing PHP code in the ...)
TODO: check
CVE-2019-7718 (An issue was discovered in Metinfo 6.x. An attacker can leverage a race ...)
- TODO: check
+ NOT-FOR-US: Metinfo
CVE-2019-7717
RESERVED
CVE-2019-7716
@@ -47,27 +47,27 @@ CVE-2019-7700 (A heap-based buffer over-read was discovered in ...)
CVE-2019-7699 (A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in ...)
TODO: check
CVE-2019-7698 (An issue was discovered in ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2019-7697 (An issue was discovered in Bento4 v1.5.1-627. There is an assertion ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2018-20780 (Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka ...)
TODO: check
CVE-2018-20779 (Traq 3.7.1 allows SQL Injection via a tickets?search= URI. ...)
TODO: check
CVE-2018-20778 (admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a ...)
- TODO: check
+ NOT-FOR-US: Frog CMS
CVE-2018-20777 (Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field. ...)
- TODO: check
+ NOT-FOR-US: Frog CMS
CVE-2018-20776 (Frog CMS 0.9.5 provides a directory listing for a /public request. ...)
- TODO: check
+ NOT-FOR-US: Frog CMS
CVE-2018-20775 (admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution ...)
- TODO: check
+ NOT-FOR-US: Frog CMS
CVE-2018-20774 (Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field. ...)
- TODO: check
+ NOT-FOR-US: Frog CMS
CVE-2018-20773 (Frog CMS 0.9.5 allows PHP code execution by visiting ...)
- TODO: check
+ NOT-FOR-US: Frog CMS
CVE-2018-20772 (Frog CMS 0.9.5 allows PHP code execution via <?php to the ...)
- TODO: check
+ NOT-FOR-US: Frog CMS
CVE-2019-7696
RESERVED
CVE-2019-7695
@@ -75,7 +75,7 @@ CVE-2019-7695
CVE-2019-7694
RESERVED
CVE-2019-7693 (Axios Italia Axios RE 1.7.0/7.0.0 devices have XSS via the ...)
- TODO: check
+ NOT-FOR-US: Axios Italia Axios RE devices
CVE-2019-7692 (install/install.php in CIM 0.9.3 allows remote attackers to execute ...)
TODO: check
CVE-2019-7691
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb8dda88315b1dd3577d84e44600a56b1c5695a0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb8dda88315b1dd3577d84e44600a56b1c5695a0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190211/a0b1736c/attachment.html>
More information about the debian-security-tracker-commits
mailing list