[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Mar 8 09:50:28 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1f6f0499 by Salvatore Bonaccorso at 2019-03-08T09:49:52Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2019-9633 (gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent ...)
 	TODO: check
 CVE-2019-9632 (ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via ...)
-	TODO: check
+	NOT-FOR-US: ESAFENET CDG
 CVE-2019-9631 (Poppler 0.74.0 has a heap-based buffer over-read in the ...)
 	TODO: check
 CVE-2019-9630
@@ -73,7 +73,7 @@ CVE-2019-9600 (The Olive Tree FTP Server (aka com.theolivetree.ftpserver) applic
 CVE-2019-9599 (The AirDroid application through 4.2.1.6 for Android allows remote ...)
 	NOT-FOR-US: AirDroid application for Android
 CVE-2019-9598 (An issue was discovered in Cscms 4.1.0. There is an admin.php/pay CSRF ...)
-	TODO: check
+	NOT-FOR-US: Cscms
 CVE-2019-9597
 	RESERVED
 CVE-2019-9596
@@ -993,7 +993,7 @@ CVE-2019-9187 [Server-side request forgery via aggregate plugin]
 CVE-2019-9186
 	RESERVED
 CVE-2019-9185 (Controller/Async/FilesystemManager.php in the filemanager in Bolt ...)
-	TODO: check
+	NOT-FOR-US: Bolt CMS
 CVE-2019-9184 (SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for ...)
 	NOT-FOR-US: J2Store plugin for Joomla!
 CVE-2019-9183
@@ -1178,15 +1178,15 @@ CVE-2019-9123 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. The
 CVE-2019-9122 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They ...)
 	NOT-FOR-US: D-Link
 CVE-2019-9121 (An issue was discovered on Motorola C1 and M2 devices with firmware ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2019-9120 (An issue was discovered on Motorola C1 and M2 devices with firmware ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2019-9119 (An issue was discovered on Motorola C1 and M2 devices with firmware ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2019-9118 (An issue was discovered on Motorola C1 and M2 devices with firmware ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2019-9117 (An issue was discovered on Motorola C1 and M2 devices with firmware ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2019-9116 (** DISPUTED ** DLL hijacking is possible in Sublime Text 3 version ...)
 	NOT-FOR-US: Sublime Text Windows build
 CVE-2019-9115 (In irisnet-crypto before 1.1.7 for IRISnet, the util/utils.js file ...)
@@ -2744,13 +2744,13 @@ CVE-2019-8442
 CVE-2019-8441
 	RESERVED
 CVE-2019-8440 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS ...)
-	TODO: check
+	NOT-FOR-US: DiliCMS
 CVE-2019-8439 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS ...)
-	TODO: check
+	NOT-FOR-US: DiliCMS
 CVE-2019-8438 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS ...)
-	TODO: check
+	NOT-FOR-US: DiliCMS
 CVE-2019-8437 (njiandan-cms through 2013-05-23 has index.php/admin/user_new CSRF to ...)
-	TODO: check
+	NOT-FOR-US: njiandan-cms
 CVE-2019-8436 (imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] ...)
 	NOT-FOR-US: imcat
 CVE-2019-8435 (admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header. ...)
@@ -4407,9 +4407,9 @@ CVE-2019-7662 (An assertion failure was discovered in ...)
 	- binaryen 66-1
 	NOTE: https://github.com/WebAssembly/binaryen/issues/1872
 CVE-2019-7661 (An issue was discovered in PHPMyWind 5.5. The method parameter of the ...)
-	TODO: check
+	NOT-FOR-US: PHPMyWind
 CVE-2019-7660 (An issue was discovered in PHPMyWind 5.5. The username parameter of the ...)
-	TODO: check
+	NOT-FOR-US: PHPMyWind
 CVE-2019-7659 (Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a ...)
 	{DLA-1681-1}
 	- gsoap 2.8.75-1
@@ -6808,7 +6808,7 @@ CVE-2019-6712
 CVE-2019-6711
 	RESERVED
 CVE-2019-6710 (Zyxel NBG-418N v2 v1.00(AAXM.4)C0 devices allow login.cgi CSRF. ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2018-20742 (An issue was discovered in UC Berkeley RISE Opaque before 2018-12-01. ...)
 	NOT-FOR-US: UC Berkeley RISE Opaque
 CVE-2019-6709
@@ -10788,7 +10788,7 @@ CVE-2019-5021
 CVE-2019-5020
 	RESERVED
 CVE-2019-5019 (A heap overflow vulnerability exists in the PowerPoint document ...)
-	TODO: check
+	NOT-FOR-US: Rainbow PDF Office Server Document Converter
 CVE-2019-5018
 	RESERVED
 CVE-2019-5017
@@ -13530,7 +13530,7 @@ CVE-2019-3714
 CVE-2019-3713
 	RESERVED
 CVE-2019-3712 (Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2019-3711
 	RESERVED
 CVE-2019-3710
@@ -20141,11 +20141,11 @@ CVE-2019-1602
 CVE-2019-1601
 	RESERVED
 CVE-2019-1600 (A vulnerability in the file system permissions of Cisco FXOS Software ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1599 (A vulnerability in the network stack of Cisco NX-OS Software could ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1598 (Multiple vulnerabilities in the implementation of the Lightweight ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1597 (Multiple vulnerabilities in the implementation of the Lightweight ...)
 	NOT-FOR-US: Cisco
 CVE-2019-1596 (A vulnerability in the Bash shell implementation for Cisco NX-OS ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1f6f049949037f6422fb8e86045b7b5151646dd6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1f6f049949037f6422fb8e86045b7b5151646dd6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190308/85510be5/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list