[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Jul 18 09:20:03 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a590f3d5 by Salvatore Bonaccorso at 2019-07-18T08:19:14Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2019-13645 (Firefly III before 4.7.17.3 is vulnerable to stored XSS due to l
 CVE-2019-13644 (Firefly III before 4.7.17.1 is vulnerable to stored XSS due to lack of ...)
 	TODO: check
 CVE-2019-13643 (Stored XSS in EspoCRM before 5.6.4 allows remote attackers to execute  ...)
-	TODO: check
+	NOT-FOR-US: EspoCRM
 CVE-2019-13642
 	RESERVED
 CVE-2019-13641
@@ -19,7 +19,7 @@ CVE-2019-13639
 CVE-2019-13638
 	RESERVED
 CVE-2019-13637 (In LogMeIn join.me before 3.16.0.5505, an attacker could execute arbit ...)
-	TODO: check
+	NOT-FOR-US: LogMeIn join.me
 CVE-2019-13636 (In GNU patch through 2.7.6, the following of symlinks is mishandled in ...)
 	- patch <unfixed>
 	NOTE: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=dce4683cbbe107a95f1f0d45fabc304acfb5d71a
@@ -1143,7 +1143,7 @@ CVE-2019-13579
 CVE-2019-13578
 	RESERVED
 CVE-2019-13577 (SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthe ...)
-	TODO: check
+	NOT-FOR-US: SnmpAdm.exe in MAPLE WBT SNMP Administrator
 CVE-2018-20852 (http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py ...)
 	- python3.7 3.7.3~rc1-1
 	- python3.5 <removed>
@@ -1329,7 +1329,7 @@ CVE-2019-13495
 CVE-2019-13494 (nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0. ...)
 	NOT-FOR-US: Castle Rock SNMPc
 CVE-2019-13493 (In Sitecore 9.0 rev 171002, Persistent XSS exists in the Media Library ...)
-	TODO: check
+	NOT-FOR-US: Sitecore
 CVE-2019-13492
 	RESERVED
 CVE-2019-13491
@@ -1432,9 +1432,9 @@ CVE-2019-13450 (In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312
 CVE-2019-13449 (In the Zoom Client before 4.4.2 on macOS, remote attackers can cause a ...)
 	NOT-FOR-US: Zoom Client on macOS
 CVE-2019-13448 (An issue was discovered in Sertek Xpare 3.67. The login form does not  ...)
-	TODO: check
+	NOT-FOR-US: Sertek Xpare
 CVE-2019-13447 (An issue was discovered in Sertek Xpare 3.67. The login form does not  ...)
-	TODO: check
+	NOT-FOR-US: Sertek Xpare
 CVE-2019-13446
 	REJECTED
 CVE-2019-13445
@@ -2895,7 +2895,7 @@ CVE-2019-12878
 CVE-2019-12877
 	RESERVED
 CVE-2019-12876 (Zoho ManageEngine ADManager Plus 6.6.5, ADSelfService Plus 5.7, and De ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2019-12875 (Alpine Linux abuild through 3.4.0 allows an unprivileged member of the ...)
 	NOT-FOR-US: Alpine Linux
 CVE-2019-12874 (An issue was discovered in zlib_decompress_extra in modules/demux/mkv/ ...)
@@ -10768,7 +10768,7 @@ CVE-2019-1010285
 CVE-2019-1010284
 	RESERVED
 CVE-2019-1010283 (Univention Corporate Server univention-directory-notifier 12.0.1-3 and ...)
-	TODO: check
+	NOT-FOR-US: Univention Corporate Server univention-directory-notifier
 CVE-2019-1010282
 	RESERVED
 CVE-2019-1010281
@@ -23189,7 +23189,7 @@ CVE-2019-5224
 CVE-2019-5223
 	RESERVED
 CVE-2019-5222 (There is an information disclosure vulnerability on Secure Input of ce ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2019-5221 (There is a path traversal vulnerability on Huawei Share. The software  ...)
 	NOT-FOR-US: Huawei
 CVE-2019-5220 (There is a Factory Reset Protection (FRP) bypass vulnerability on seve ...)
@@ -25735,15 +25735,15 @@ CVE-2019-3975
 CVE-2019-3974
 	RESERVED
 CVE-2019-3973 (Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Deni ...)
-	TODO: check
+	NOT-FOR-US: Comodo Antivirus
 CVE-2019-3972 (Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Deni ...)
-	TODO: check
+	NOT-FOR-US: Comodo Antivirus
 CVE-2019-3971 (Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local  ...)
-	TODO: check
+	NOT-FOR-US: Comodo Antivirus
 CVE-2019-3970 (Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrar ...)
-	TODO: check
+	NOT-FOR-US: Comodo Antivirus
 CVE-2019-3969 (Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Pr ...)
-	TODO: check
+	NOT-FOR-US: Comodo Antivirus
 CVE-2019-3968
 	RESERVED
 CVE-2019-3967
@@ -32651,13 +32651,13 @@ CVE-2019-1945
 CVE-2019-1944
 	RESERVED
 CVE-2019-1943 (A vulnerability in the web interface of Cisco Small Business 200, 300, ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1942 (A vulnerability in the sponsor portal web interface for Cisco Identity ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1941 (A vulnerability in the web-based management interface of Cisco Identit ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1940 (A vulnerability in the Web Services Management Agent (WSMA) feature of ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1939
 	RESERVED
 CVE-2019-1938
@@ -32691,19 +32691,19 @@ CVE-2019-1925
 CVE-2019-1924
 	RESERVED
 CVE-2019-1923 (A vulnerability in Cisco Small Business SPA500 Series IP Phones could  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1922 (A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1921 (A vulnerability in the attachment scanning of Cisco AsyncOS Software f ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1920 (A vulnerability in the 802.11r Fast Transition (FT) implementation for ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1919 (A vulnerability in the Cisco FindIT Network Management Software virtua ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1918
 	RESERVED
 CVE-2019-1917 (A vulnerability in the REST API interface of Cisco Vision Dynamic Sign ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1916
 	RESERVED
 CVE-2019-1915



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a590f3d57c45750b7d01c8db9b5e65c3c0f910cd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a590f3d57c45750b7d01c8db9b5e65c3c0f910cd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190718/e6a5e322/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list