[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Fri Feb 22 13:37:13 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9824502d by Moritz Muehlenhoff at 2019-02-22T13:36:49Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2019-9002 (An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through ...)
- TODO: check
+ NOT-FOR-US: Tiny Issue
CVE-2019-9001
RESERVED
CVE-2019-9000
@@ -11,7 +11,7 @@ CVE-2019-8998
CVE-2019-8997
RESERVED
CVE-2019-8996 (In Signiant Manager+Agents before 13.5, the implementation of the set ...)
- TODO: check
+ NOT-FOR-US: Signiant
CVE-2019-8995
RESERVED
CVE-2019-8994
@@ -35,11 +35,11 @@ CVE-2019-8986
CVE-2019-8985 (On Netis WF2880 and WF2411 2.1.36123 devices, there is a stack-based ...)
NOT-FOR-US: Netis devices
CVE-2019-8984 (MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2). ...)
- TODO: check
+ NOT-FOR-US: MDaemon Webmail
CVE-2019-8983 (MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2). ...)
- TODO: check
+ NOT-FOR-US: MDaemon Webmail
CVE-2019-8982 (com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 ...)
- TODO: check
+ NOT-FOR-US: WaveMaker Studio
CVE-2019-8981
RESERVED
CVE-2018-20783 (In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x ...)
@@ -58,7 +58,7 @@ CVE-2019-8980 (A memory leak in the kernel_read_file function in fs/exec.c in th
NOTE: https://lore.kernel.org/lkml/20190219021038.11340-1-yuehaibing@huawei.com/
NOTE: https://lore.kernel.org/lkml/20190219022512.GW2217@ZenIV.linux.org.uk/
CVE-2019-8979 (Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when ...)
- TODO: check
+ - libkohana2-php <removed>
CVE-2019-8978
RESERVED
CVE-2019-8977
@@ -134,15 +134,15 @@ CVE-2019-8952
CVE-2019-8951
RESERVED
CVE-2019-1003028 (A server-side request forgery vulnerability exists in Jenkins JMS ...)
- TODO: check
+ NOT-FOR-US: Jenkins
CVE-2019-1003027 (A server-side request forgery vulnerability exists in Jenkins ...)
- TODO: check
+ NOT-FOR-US: Jenkins
CVE-2019-1003026 (A server-side request forgery vulnerability exists in Jenkins ...)
- TODO: check
+ NOT-FOR-US: Jenkins
CVE-2019-1003025 (A exposure of sensitive information vulnerability exists in Jenkins ...)
- TODO: check
+ NOT-FOR-US: Jenkins
CVE-2019-1003024 (A sandbox bypass vulnerability exists in Jenkins Script Security ...)
- TODO: check
+ NOT-FOR-US: Jenkins
CVE-2019-8950 (The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices ...)
NOT-FOR-US: DASAN
CVE-2019-8949
@@ -7686,7 +7686,7 @@ CVE-2019-5729
CVE-2019-5728
RESERVED
CVE-2019-5727 (Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2019-5726
RESERVED
CVE-2019-5725 (qibosoft through V7 allows remote attackers to read arbitrary files via ...)
@@ -11394,7 +11394,7 @@ CVE-2019-3926
CVE-2019-3925
RESERVED
CVE-2019-3924 (MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is ...)
- TODO: check
+ NOT-FOR-US: MikroTik
CVE-2019-3923 (Nessus versions 8.2.1 and earlier were found to contain a stored XSS ...)
NOT-FOR-US: Nessus
CVE-2019-3922
@@ -16270,7 +16270,7 @@ CVE-2019-2396 (Vulnerability in the Oracle CRM Technical Foundation component of
CVE-2019-2395 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2018-20146 (An issue was discovered in Liquidware ProfileUnity before 6.8.0 with ...)
- TODO: check
+ NOT-FOR-US: Liquidware ProfileUnity
CVE-2018-20153 (In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could ...)
{DLA-1673-1}
- wordpress 5.0.1+dfsg1-1 (bug #916403)
@@ -16379,7 +16379,7 @@ CVE-2018-20145 (Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the o
NOTE: https://github.com/eclipse/mosquitto/commit/9097577b49b7fdcf45d30975976dd93808ccc0c4
NOTE: https://github.com/eclipse/mosquitto/issues/1073
CVE-2018-20122 (The web interface on FASTGate Fastweb devices with firmware through ...)
- TODO: check
+ NOT-FOR-US: FASTGate Fastweb
CVE-2018-20121
RESERVED
CVE-2018-20120
@@ -18293,11 +18293,11 @@ CVE-2019-1702
CVE-2019-1701
RESERVED
CVE-2019-1700 (A vulnerability in field-programmable gate array (FPGA) ingress buffer ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1699
RESERVED
CVE-2019-1698 (A vulnerability in the web-based user interface of Cisco Internet of ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1697
RESERVED
CVE-2019-1696
@@ -18311,7 +18311,7 @@ CVE-2019-1693
CVE-2019-1692
RESERVED
CVE-2019-1691 (A vulnerability in the detection engine of Cisco Firepower Threat ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1690
RESERVED
CVE-2019-1689
@@ -18323,15 +18323,15 @@ CVE-2019-1687
CVE-2019-1686
RESERVED
CVE-2019-1685 (A vulnerability in the Security Assertion Markup Language (SAML) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1684 (A vulnerability in the Cisco Discovery Protocol or Link Layer ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1683
RESERVED
CVE-2019-1682
RESERVED
CVE-2019-1681 (A vulnerability in the TFTP service of Cisco Network Convergence ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1680 (A vulnerability in Cisco Webex Business Suite could allow an ...)
NOT-FOR-US: Cisco
CVE-2019-1679 (A vulnerability in the web interface of Cisco TelePresence Conductor, ...)
@@ -18359,23 +18359,23 @@ CVE-2019-1669 (A vulnerability in the data acquisition (DAQ) component of Cisco
CVE-2019-1668 (A vulnerability in the chat feed feature of Cisco SocialMiner could ...)
NOT-FOR-US: Cisco
CVE-2019-1667 (A vulnerability in the Graphite interface of Cisco HyperFlex software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1666 (A vulnerability in the Graphite service of Cisco HyperFlex software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1665 (A vulnerability in the web-based management interface of Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1664 (A vulnerability in the hxterm service of Cisco HyperFlex Software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1663
RESERVED
CVE-2019-1662 (A vulnerability in the Quality of Voice Reporting (QOVR) service of ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1661 (A vulnerability in the web-based management interface of Cisco ...)
NOT-FOR-US: Cisco
CVE-2019-1660 (A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco ...)
NOT-FOR-US: Cisco
CVE-2019-1659 (A vulnerability in the Identity Services Engine (ISE) integration ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1658 (A vulnerability in the web-based management interface of Cisco Unified ...)
NOT-FOR-US: Cisco
CVE-2019-1657 (A vulnerability in Cisco AMP Threat Grid could allow an authenticated, ...)
@@ -33400,7 +33400,7 @@ CVE-2018-15382 (A vulnerability in Cisco HyperFlex Software could allow an ...)
CVE-2018-15381 (A Java deserialization vulnerability in Cisco Unity Express (CUE) ...)
NOT-FOR-US: Cisco
CVE-2018-15380 (A vulnerability in the cluster service manager of Cisco HyperFlex ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15379 (A vulnerability in which the HTTP web server for Cisco Prime ...)
NOT-FOR-US: Cisco
CVE-2018-15378 (A vulnerability in ClamAV versions prior to 0.100.2 could allow an ...)
@@ -56835,7 +56835,7 @@ CVE-2018-6689 (Authentication Bypass vulnerability in McAfee Data Loss Preventio
CVE-2018-6688
RESERVED
CVE-2018-6687 (Loop with Unreachable Exit Condition ('Infinite Loop') in McAfee ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2018-6686 (Authentication Bypass vulnerability in TPM autoboot in McAfee Drive ...)
NOT-FOR-US: McAfee
CVE-2018-6685
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9824502d9caac2a530b8951c92de23ecce153249
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9824502d9caac2a530b8951c92de23ecce153249
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190222/1e77522b/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list