[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Mon Mar 18 16:11:37 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9435a2f5 by Moritz Muehlenhoff at 2019-03-18T16:11:12Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,9 +3,9 @@ CVE-2019-9846 (RockOA 1.8.7 allows remote attackers to obtain sensitive informat
CVE-2019-9845
RESERVED
CVE-2019-9844 (simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows ...)
- TODO: check
+ NOT-FOR-US: Khan Academy simple-markdown
CVE-2019-9843 (In DiffPlug Spotless before 1.20.0 (library and Maven plugin) and ...)
- TODO: check
+ NOT-FOR-US: DiffPlug Spotless
CVE-2019-9842
RESERVED
CVE-2019-9841
@@ -6281,7 +6281,7 @@ CVE-2019-7225
CVE-2019-7224
RESERVED
CVE-2019-7223 (InvoicePlane 1.5 has stored XSS via the index.php/invoices/ajax/save ...)
- TODO: check
+ NOT-FOR-US: InvoicePlane
CVE-2019-7222 [KVM: x86: work around leak of uninitialized stack contents]
RESERVED
- linux 4.19.20-1
@@ -8917,7 +8917,7 @@ CVE-2019-6151
CVE-2019-6150
RESERVED
CVE-2019-6149 (An unquoted search path vulnerability was identified in Lenovo Dynamic ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2019-6148
RESERVED
CVE-2019-6147
@@ -10297,7 +10297,7 @@ CVE-2019-5618
CVE-2019-5617
RESERVED
CVE-2019-5616 (CircuitWerkes Sicon-8, a hardware device used for managing electrical ...)
- TODO: check
+ NOT-FOR-US: CircuitWerkes Sicon-8
CVE-2019-5615
RESERVED
CVE-2019-5614
@@ -18784,7 +18784,7 @@ CVE-2018-20108
CVE-2018-20107
REJECTED
CVE-2018-20106 (In yast2-printer up to and including version 4.0.2 the SMB printer ...)
- TODO: check
+ NOT-FOR-US: yast2-printer
CVE-2018-20105
RESERVED
CVE-2018-20104
@@ -23763,7 +23763,7 @@ CVE-2019-0615 (An information disclosure vulnerability exists when the Windows G
CVE-2019-0614
RESERVED
CVE-2019-0613 (A remote code execution vulnerability exists in .NET Framework and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0612
RESERVED
CVE-2019-0611
@@ -25139,13 +25139,13 @@ CVE-2018-19395 (ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows .
- php5 <not-affected> (Windows-specific)
NOTE: https://bugs.php.net/bug.php?id=77177
CVE-2018-19394 (Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, ...)
- TODO: check
+ NOT-FOR-US: Cobham Satcom Sailor
CVE-2018-19393 (Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Cobham Satcom Sailor
CVE-2018-19392 (Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an ...)
- TODO: check
+ NOT-FOR-US: Cobham Satcom Sailor
CVE-2018-19391 (Cobham Satcom Sailor 250 and 500 devices before 1.25 contained ...)
- TODO: check
+ NOT-FOR-US: Cobham Satcom Sailor
CVE-2018-19390 (FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to ...)
NOT-FOR-US: Foxit
CVE-2018-19389 (FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to ...)
@@ -25669,7 +25669,7 @@ CVE-2019-0137
CVE-2019-0136
RESERVED
CVE-2019-0135 (Improper permissions in the installer for Intel(R) Accelerated Storage ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-0134
RESERVED
CVE-2019-0133
@@ -25695,9 +25695,9 @@ CVE-2019-0124
CVE-2019-0123
RESERVED
CVE-2019-0122 (Double free in Intel(R) SGX SDK for Linux before version 2.2 and ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-0121 (Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-0120
RESERVED
CVE-2019-0119
@@ -28361,15 +28361,15 @@ CVE-2018-18258 (An issue was discovered in BageCMS 3.1.3. The attacker can execu
CVE-2018-18257 (An issue was discovered in BageCMS 3.1.3. An attacker can delete any ...)
NOT-FOR-US: BageCMS
CVE-2018-18256 (An issue was discovered in CapMon Access Manager 5.4.1.1005. A regular ...)
- TODO: check
+ NOT-FOR-US: CapMon Access Manager
CVE-2018-18255 (An issue was discovered in CapMon Access Manager 5.4.1.1005. The ...)
- TODO: check
+ NOT-FOR-US: CapMon Access Manager
CVE-2018-18254 (An issue was discovered in CapMon Access Manager 5.4.1.1005. An ...)
- TODO: check
+ NOT-FOR-US: CapMon Access Manager
CVE-2018-18253 (An issue was discovered in CapMon Access Manager 5.4.1.1005. ...)
- TODO: check
+ NOT-FOR-US: CapMon Access Manager
CVE-2018-18252 (An issue was discovered in CapMon Access Manager 5.4.1.1005. ...)
- TODO: check
+ NOT-FOR-US: CapMon Access Manager
CVE-2018-18251
RESERVED
CVE-2019-0085
@@ -28664,7 +28664,7 @@ CVE-2018-18207 (Virtualmin 6.03 allows Frame Injection via the settings-editor_r
CVE-2018-18206 (In the client in Bytom before 1.0.6, checkTopicRegister in ...)
NOT-FOR-US: Bytom
CVE-2018-18205 (Topvision CC8800 CMTS C-E devices allow remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Topvision CC8800 CMTS C-E devices
CVE-2018-18204
RESERVED
CVE-2018-18203 (A vulnerability in the update mechanism of Subaru StarLink Harman head ...)
@@ -28898,11 +28898,11 @@ CVE-2018-18093 (Improper file permissions in the installer for Intel VTune Ampli
CVE-2018-18092
RESERVED
CVE-2018-18091 (Use after free in Kernel Mode Driver in Intel(R) Graphics Driver for ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-18090 (Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-18089 (Multiple out of bounds read in igdkm64.sys in Intel(R) Graphics Driver ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-18088 (OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the ...)
{DSA-4405-1 DLA-1579-1}
- openjpeg2 2.3.0-2 (low; bug #910763)
@@ -29308,9 +29308,9 @@ CVE-2018-17958 (Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl81
CVE-2018-17957 (The YaST2 RMT module for configuring the SUSE Repository Mirroring ...)
NOT-FOR-US: YaST2 RMT module
CVE-2018-17956 (In yast2-samba-provision up to and including version 1.0.1 the ...)
- TODO: check
+ NOT-FOR-US: yast2-samba-provision
CVE-2018-17955 (In yast2-multipath before version 4.1.1 a static temporary filename ...)
- TODO: check
+ NOT-FOR-US: yast2-multipath
CVE-2018-17954
RESERVED
CVE-2018-17953 (A incorrect variable in a SUSE specific patch for pam_access rule ...)
@@ -29479,7 +29479,7 @@ CVE-2018-18021 (arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12
CVE-2018-17884 (XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestbook ...)
NOT-FOR-US: WordPress plugin gwolle-gb
CVE-2018-17882 (An Integer overflow vulnerability exists in the batchTransfer function ...)
- TODO: check
+ NOT-FOR-US: CryptoBotsBattle
CVE-2018-17881 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration ...)
NOT-FOR-US: D-Link DIR-823G 2018-09-19 devices
CVE-2018-17880 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration ...)
@@ -35616,9 +35616,9 @@ CVE-2018-15511
CVE-2018-15510
RESERVED
CVE-2018-15509 (Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 ...)
- TODO: check
+ NOT-FOR-US: Five9 Agent Desktop Plus
CVE-2018-15508 (Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing ...)
- TODO: check
+ NOT-FOR-US: Five9 Agent Desktop Plus
CVE-2018-15507
RESERVED
CVE-2018-15506
@@ -44182,13 +44182,13 @@ CVE-2018-12225
CVE-2018-12224 (Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* ...)
NOT-FOR-US: Intel
CVE-2018-12223 (Insufficient access control in User Mode Driver in Intel(R) Graphics ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-12222 (Insufficient input validation in Kernel Mode Driver in Intel(R) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-12221 (Insufficient input validation in Kernel Mode Driver in Intel(R) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-12220 (Logic bug in Kernel Mode Driver in Intel(R) Graphics Driver for ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-12219 (Insufficient input validation in Kernel Mode Driver in Intel(R) ...)
TODO: check
CVE-2018-12218 (Unhandled exception in User Mode Driver in Intel(R) Graphics Driver ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9435a2f5daa0368bd9a7d57b69d8f1c537f7e1df
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9435a2f5daa0368bd9a7d57b69d8f1c537f7e1df
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190318/7478e1a6/attachment.html>
More information about the debian-security-tracker-commits
mailing list