[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
carnil at debian.org
Fri Mar 8 18:18:18 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1a96a8ff by Salvatore Bonaccorso at 2019-03-08T18:17:52Z
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13444,13 +13444,13 @@ CVE-2019-3786
CVE-2019-3785
RESERVED
CVE-2019-3784 (Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry Stratos
CVE-2019-3783 (Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry Stratos
CVE-2019-3782 (Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently ...)
NOT-FOR-US: Cloud Foundry
CVE-2019-3781 (Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry CLI
CVE-2019-3780
RESERVED
CVE-2019-3779
@@ -13462,7 +13462,7 @@ CVE-2019-3777 (Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12
CVE-2019-3776 (Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x ...)
TODO: check
CVE-2019-3775 (Cloud Foundry UAA, versions prior to v70.0, allows a user to update ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry UAA
CVE-2019-3774 (Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported ...)
NOT-FOR-US: Spring Batch
CVE-2019-3773 (Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported ...)
@@ -22807,9 +22807,9 @@ CVE-2019-0745
CVE-2019-0744
RESERVED
CVE-2019-0743 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft Team Foundation Server
CVE-2019-0742 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft Team Foundation Server
CVE-2019-0741 (An information disclosure vulnerability exists in the way Azure IoT ...)
TODO: check
CVE-2019-0740
@@ -22837,7 +22837,7 @@ CVE-2019-0730
CVE-2019-0729 (An Elevation of Privilege vulnerability exists in the way Azure IoT ...)
TODO: check
CVE-2019-0728 (A remote code execution vulnerability exists in Visual Studio Code ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0727
RESERVED
CVE-2019-0726
@@ -22845,7 +22845,7 @@ CVE-2019-0726
CVE-2019-0725
RESERVED
CVE-2019-0724 (An elevation of privilege vulnerability exists in Microsoft Exchange ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0723
RESERVED
CVE-2019-0722
@@ -22921,7 +22921,7 @@ CVE-2019-0688
CVE-2019-0687
RESERVED
CVE-2019-0686 (An elevation of privilege vulnerability exists in Microsoft Exchange ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0685
RESERVED
CVE-2019-0684
@@ -22941,23 +22941,23 @@ CVE-2019-0678
CVE-2019-0677
RESERVED
CVE-2019-0676 (An information disclosure vulnerability exists when Internet Explorer ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0675 (A remote code execution vulnerability exists when the Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0674 (A remote code execution vulnerability exists when the Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0673 (A remote code execution vulnerability exists when the Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0672 (A remote code execution vulnerability exists when the Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0671 (A remote code execution vulnerability exists when the Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0670 (A spoofing vulnerability exists in Microsoft SharePoint when the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0669 (An information disclosure vulnerability exists when Microsoft Excel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0668 (An elevation of privilege vulnerability exists when Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0667
RESERVED
CVE-2019-0666
@@ -22965,105 +22965,105 @@ CVE-2019-0666
CVE-2019-0665
RESERVED
CVE-2019-0664 (An information disclosure vulnerability exists when the Windows GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0663 (An information disclosure vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0662 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0661 (An information disclosure vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0660 (An information disclosure vulnerability exists when the Windows GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0659 (An elevation of privilege vulnerability exists when the Storage ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0658 (An information disclosure vulnerability exists when the scripting ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0657 (A vulnerability exists in certain .Net Framework API's and Visual ...)
NOT-FOR-US: .NET core
CVE-2019-0656 (An elevation of privilege vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0655 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0654 (A spoofing vulnerability exists when Microsoft browsers improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0653
RESERVED
CVE-2019-0652 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0651 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0650 (A remote code execution vulnerability exists when Microsoft Edge ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0649 (A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0648 (An information disclosure vulnerability exists when Chakra improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0647 (An information disclosure vulnerability exists when Team Foundation ...)
NOT-FOR-US: Microsoft
CVE-2019-0646 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
NOT-FOR-US: Microsoft
CVE-2019-0645 (A remote code execution vulnerability exists when Microsoft Edge ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0644 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0643 (An information disclosure vulnerability exists in the way that ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0642 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0641 (A security feature bypass vulnerability exists in Microsoft Edge ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0640 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0639
RESERVED
CVE-2019-0638
RESERVED
CVE-2019-0637 (A security feature bypass vulnerability exists when Windows Defender ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0636 (An information vulnerability exists when Windows improperly discloses ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0635 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0634 (A remote code execution vulnerability exists when Microsoft Edge ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0633 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0632 (A security feature bypass vulnerability exists in Windows which could ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0631 (A security feature bypass vulnerability exists in Windows which could ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0630 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0629
RESERVED
CVE-2019-0628 (An information disclosure vulnerability exists when the win32k ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0627 (A security feature bypass vulnerability exists in Windows which could ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0626 (A memory corruption vulnerability exists in the Windows Server DHCP ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0625 (A remote code execution vulnerability exists when the Windows Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0624 (A spoofing vulnerability exists when a Skype for Business 2015 server ...)
NOT-FOR-US: Microsoft
CVE-2019-0623 (An elevation of privilege vulnerability exists in Windows when the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0622 (An elevation of privilege vulnerability exists when Skype for Andriod ...)
NOT-FOR-US: Skype for Android
CVE-2019-0621 (An information disclosure vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0620
RESERVED
CVE-2019-0619 (An information disclosure vulnerability exists when the Windows GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0618 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0617
RESERVED
CVE-2019-0616 (An information disclosure vulnerability exists when the Windows GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0615 (An information disclosure vulnerability exists when the Windows GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0614
RESERVED
CVE-2019-0613 (A remote code execution vulnerability exists in .NET Framework and ...)
@@ -23073,47 +23073,47 @@ CVE-2019-0612
CVE-2019-0611
RESERVED
CVE-2019-0610 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0609
RESERVED
CVE-2019-0608
RESERVED
CVE-2019-0607 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0606 (A remote code execution vulnerability exists when Internet Explorer ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0605 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0604 (A remote code execution vulnerability exists in Microsoft SharePoint ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0603
RESERVED
CVE-2019-0602 (An information disclosure vulnerability exists when the Windows GDI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0601 (An information disclosure vulnerability exists when the Human ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0600 (An information disclosure vulnerability exists when the Human ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0599 (A remote code execution vulnerability exists when the Windows Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0598 (A remote code execution vulnerability exists when the Windows Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0597 (A remote code execution vulnerability exists when the Windows Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0596 (A remote code execution vulnerability exists when the Windows Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0595 (A remote code execution vulnerability exists when the Windows Jet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0594 (A remote code execution vulnerability exists in Microsoft SharePoint ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0593 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0592
RESERVED
CVE-2019-0591 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0590 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0589
RESERVED
CVE-2019-0588 (An information disclosure vulnerability exists when the Microsoft ...)
@@ -23214,7 +23214,7 @@ CVE-2019-0542 (A remote code execution vulnerability exists in Xterm.js when the
CVE-2019-0541 (A remote code execution vulnerability exists in the way that the ...)
NOT-FOR-US: Microsoft
CVE-2019-0540 (A security feature bypass vulnerability exists when Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0539 (A remote code execution vulnerability exists in the way that the ...)
NOT-FOR-US: Microsoft
CVE-2019-0538 (A remote code execution vulnerability exists when the Windows Jet ...)
@@ -27153,7 +27153,7 @@ CVE-2018-18451
CVE-2018-18450 (apps\admin\controller\content\SingleController.php in PbootCMS before ...)
NOT-FOR-US: PbooCMS
CVE-2018-18449 (EmpireCMS 7.5 allows CSRF for adding a user account via an ...)
- TODO: check
+ NOT-FOR-US: EmpireCMS
CVE-2018-18448
RESERVED
CVE-2018-18447
@@ -28479,7 +28479,7 @@ CVE-2018-17990
CVE-2018-17989
RESERVED
CVE-2018-17988 (LayerBB 1.1.1 has SQL Injection via the search.php search_query ...)
- TODO: check
+ NOT-FOR-US: LayerBB
CVE-2018-17987 (The determineWinner function of a smart contract implementation for ...)
NOT-FOR-US: Some Ethereum application
CVE-2018-17986 (rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password ...)
@@ -29845,21 +29845,21 @@ CVE-2018-17431 (Web Console in Comodo UTM Firewall before 2.7.0 allows remote ..
CVE-2018-17430
RESERVED
CVE-2018-17429 (/console/account/manage.php?type=action&action=add in JTBC v3.0(C) has ...)
- TODO: check
+ NOT-FOR-US: JTBC
CVE-2018-17428 (An issue was discovered in OPAC EasyWeb Five 5.7. There is SQL ...)
NOT-FOR-US: OPAC EasyWeb Five
CVE-2018-17427 (SIMDComp before 0.1.0 allows remote attackers to cause a denial of ...)
NOT-FOR-US: SIMDComp
CVE-2018-17426 (WUZHI CMS 4.1.0 has stored XSS via the "Extension module" "SMS in ...)
- TODO: check
+ NOT-FOR-US: WUZHI CMS
CVE-2018-17425 (WUZHI CMS 4.1.0 has stored XSS via the "Membership Center" "I want to ...)
- TODO: check
+ NOT-FOR-US: WUZHI CMS
CVE-2018-17424
RESERVED
CVE-2018-17423
RESERVED
CVE-2018-17422 (dotCMS before 5.0.2 has open redirects via the ...)
- TODO: check
+ NOT-FOR-US: dotCMS
CVE-2018-17421 (An issue was discovered in ZrLog 2.0.3. There is stored XSS in the file ...)
TODO: check
CVE-2018-17420 (An issue was discovered in ZrLog 2.0.3. There is a SQL injection ...)
@@ -29867,7 +29867,7 @@ CVE-2018-17420 (An issue was discovered in ZrLog 2.0.3. There is a SQL injection
CVE-2018-17419 (An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS ...)
TODO: check
CVE-2018-17418 (Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP code ...)
- TODO: check
+ NOT-FOR-US: Monstra CMS
CVE-2018-17417
RESERVED
CVE-2018-17416 (A SQL injection vulnerability exists in zzcms v8.3 via the ...)
@@ -31526,7 +31526,7 @@ CVE-2018-16806 (A Pektron Passive Keyless Entry and Start (PKES) system, as used
CVE-2018-16805 (In b3log Solo 2.9.3, XSS in the Input page under the Publish Articles ...)
NOT-FOR-US: b3log
CVE-2018-16804 (An issue was discovered in UCMS 1.4.6. There is XSS in the title bar, ...)
- TODO: check
+ NOT-FOR-US: UCMS
CVE-2018-16803 (In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows ...)
NOT-FOR-US: CIMTechniques CIMScan
CVE-2018-16801
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1a96a8ff850e0d4d0b63d211419a3a5b1f3cfdf8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1a96a8ff850e0d4d0b63d211419a3a5b1f3cfdf8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190308/a0c31514/attachment.html>
More information about the debian-security-tracker-commits
mailing list