[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Mar 14 19:41:46 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
13efa14c by Salvatore Bonaccorso at 2019-03-14T19:41:04Z
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,25 +21,25 @@ CVE-2019-9771 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There i
 CVE-2019-9770 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a ...)
 	- libredwg <itp> (bug #595191)
 CVE-2019-9769 (PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser ...)
-	TODO: check
+	NOT-FOR-US: PilusCart
 CVE-2019-9768 (Thinkst Canarytokens through 2019-03-01 relies on limited variation in ...)
-	TODO: check
+	NOT-FOR-US: Thinkst Canarytokens
 CVE-2019-9767 (Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting ...)
-	TODO: check
+	NOT-FOR-US: Free MP3 CD Ripper
 CVE-2019-9766 (Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting ...)
-	TODO: check
+	NOT-FOR-US: Free MP3 CD Ripper
 CVE-2019-9765 (In Blog_mini 1.0, XSS exists via the author name of a comment reply in ...)
-	TODO: check
+	NOT-FOR-US: Blog_mini
 CVE-2019-9764
 	RESERVED
 CVE-2019-9763
 	RESERVED
 CVE-2019-9762 (A SQL Injection was discovered in PHPSHE 1.7 in ...)
-	TODO: check
+	NOT-FOR-US: PHPSHE
 CVE-2019-9761 (An XXE issue was discovered in PHPSHE 1.7, which can be used to read any ...)
-	TODO: check
+	NOT-FOR-US: PHPSHE
 CVE-2019-9760 (FTPGetter Standard v.5.97.0.177 allows remote code execution when a ...)
-	TODO: check
+	NOT-FOR-US: FTPGetter
 CVE-2019-9759
 	RESERVED
 CVE-2019-9758
@@ -105,7 +105,7 @@ CVE-2019-9738 (jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the '
 CVE-2019-9737 (Editor.md 1.5.0 has DOM-based XSS via vectors involving the '<EMBED ...)
 	NOT-FOR-US: pandao Editor.md
 CVE-2019-9736 (DOM-based XSS exists in 1024Tools Markdown 1.0 via vectors involving ...)
-	TODO: check
+	NOT-FOR-US: 1024Tools Markdown
 CVE-2019-9735 (An issue was discovered in the iptables firewall module in OpenStack ...)
 	- neutron 2:13.0.2-13 (bug #924508)
 	NOTE: https://launchpad.net/bugs/1818385
@@ -582,7 +582,7 @@ CVE-2019-9559
 CVE-2019-9558 (Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site ...)
 	NOT-FOR-US: Mailtraq WebMail
 CVE-2019-9557 (Ability Mail Server 4.2.6 has Persistent Cross Site Scripting (XSS) ...)
-	TODO: check
+	NOT-FOR-US: Ability Mail Server
 CVE-2019-9556
 	RESERVED
 CVE-2019-9555 (Sagemcom F at st 5260 routers using firmware version 0.4.39, in WPA mode, ...)
@@ -7531,17 +7531,17 @@ CVE-2019-6603
 CVE-2019-6602
 	RESERVED
 CVE-2019-6601 (In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6600 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6599 (In BIG-IP 11.6.1-11.6.3.2 or 11.5.1-11.5.8, or Enterprise Manager ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6598 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6597 (In BIG-IP 13.0.0-13.1.1.1, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6596 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6, ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6595 (Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2019-6594 (On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and ...)
@@ -9256,7 +9256,7 @@ CVE-2019-5926
 CVE-2019-5925 (Cross-site scripting vulnerability in Dradis Community Edition Dradis ...)
 	NOT-FOR-US: Dradis
 CVE-2019-5924 (Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15 ...)
-	TODO: check
+	NOT-FOR-US: Smart Forms
 CVE-2019-5923 (Directory traversal vulnerability in iChain Insurance Wallet App for ...)
 	NOT-FOR-US: iChain Insurance Wallet App for iOS
 CVE-2019-5922 (Untrusted search path vulnerability in The installer of Microsoft ...)
@@ -14051,9 +14051,9 @@ CVE-2019-3718
 CVE-2019-3717
 	RESERVED
 CVE-2019-3716 (RSA Archer versions, prior to 6.5 SP2, contain an information exposure ...)
-	TODO: check
+	NOT-FOR-US: RSA
 CVE-2019-3715 (RSA Archer versions, prior to 6.5 SP1, contain an information exposure ...)
-	TODO: check
+	NOT-FOR-US: RSA
 CVE-2019-3714
 	RESERVED
 CVE-2019-3713
@@ -14061,7 +14061,7 @@ CVE-2019-3713
 CVE-2019-3712 (Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ...)
 	NOT-FOR-US: Dell
 CVE-2019-3711 (RSA Authentication Manager versions prior to 8.4 P1 contain an ...)
-	TODO: check
+	NOT-FOR-US: RSA
 CVE-2019-3710
 	RESERVED
 CVE-2019-3709
@@ -14255,7 +14255,7 @@ CVE-2019-3617
 CVE-2019-3616
 	RESERVED
 CVE-2019-3615 (Data Leakage Attacks vulnerability in the web interface in McAfee ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2019-3614
 	RESERVED
 CVE-2019-3613
@@ -20427,7 +20427,7 @@ CVE-2019-1725
 CVE-2019-1724
 	RESERVED
 CVE-2019-1723 (A vulnerability in the Cisco Common Services Platform Collector (CSPC) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1722
 	RESERVED
 CVE-2019-1721
@@ -29116,7 +29116,7 @@ CVE-2018-17946 (The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPr
 CVE-2018-17945
 	RESERVED
 CVE-2018-17944 (On certain Lexmark devices that communicate with an LDAP or SMTP ...)
-	TODO: check
+	NOT-FOR-US: Lexmark
 CVE-2018-17943
 	RESERVED
 CVE-2018-17942 (The convert_to_decimal function in vasnprintf.c in Gnulib before ...)
@@ -78548,7 +78548,7 @@ CVE-2018-0391 (A vulnerability in the password change function of Cisco Prime ..
 CVE-2018-0390 (A vulnerability in the web framework of Cisco Webex could allow an ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0389 (A vulnerability in the implementation of Session Initiation Protocol ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-0388 (A vulnerability in the web-based interface of Cisco Wireless LAN ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0387 (A vulnerability in Cisco Webex Teams (for Windows and macOS) could ...)
@@ -179347,7 +179347,7 @@ CVE-2015-2256
 CVE-2015-2255 (Huawei AR1220 routers with software before V200R005SPH006 allow remote ...)
 	NOT-FOR-US: Huawei
 CVE-2015-2254 (Huawei OceanStor UDS devices with software before V100R002C01SPC102 ...)
-	TODO: check
+	NOT-FOR-US: Huawei OceanStor UDS devices
 CVE-2015-2253 (The XML interface in Huawei OceanStor UDS devices with software ...)
 	NOT-FOR-US: Huawei
 CVE-2015-2252 (Huawei OceanStor UDS devices with software before V100R002C01SPC102 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/13efa14c019c3daee8c6d38d28d13b434532e82b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/13efa14c019c3daee8c6d38d28d13b434532e82b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190314/ce59b026/attachment.html>

More information about the debian-security-tracker-commits mailing list