[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Mar 19 20:33:36 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a8555e90 by Salvatore Bonaccorso at 2019-03-19T20:32:15Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,13 +15,13 @@ CVE-2019-9872
 CVE-2019-9871
 	RESERVED
 CVE-2019-9870 (plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor m ...)
-	TODO: check
+	NOT-FOR-US: w8tcha oEmbed plugin for CKEditor
 CVE-2019-9869
 	RESERVED
 CVE-2019-9868 (An issue was discovered in the Web Console in Veritas NetBackup Applia ...)
-	TODO: check
+	NOT-FOR-US: Veritas NetBackup Appliance
 CVE-2019-9867 (An issue was discovered in the Web Console in Veritas NetBackup Applia ...)
-	TODO: check
+	NOT-FOR-US: Veritas NetBackup Appliance
 CVE-2019-9866
 	RESERVED
 CVE-2019-9865
@@ -5873,11 +5873,11 @@ CVE-2019-7387 (A local file inclusion vulnerability exists in the web interface
 CVE-2019-7386 (A Denial of Service issue has been discovered in the Gecko component o ...)
 	NOT-FOR-US: KaiOS on Nokia devices
 CVE-2019-7385 (An authenticated shell command injection issue has been discovered in  ...)
-	TODO: check
+	NOT-FOR-US: Raisecom GPON Devices
 CVE-2019-7384 (An authenticated shell command injection issue has been discovered in  ...)
-	TODO: check
+	NOT-FOR-US: Raisecom GPON Devices
 CVE-2019-7383 (An issue was discovered on Systrome Cumilon ISG-600C, ISG-600H, and IS ...)
-	TODO: check
+	NOT-FOR-US: Systrome devices
 CVE-2019-7382
 	RESERVED
 CVE-2019-7381
@@ -6185,7 +6185,7 @@ CVE-2019-7301 (Zen Load Balancer 3.10.1 allows remote authenticated admin users
 CVE-2019-7300 (Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary  ...)
 	NOT-FOR-US: Artica Proxy
 CVE-2019-7299 (A stored cross-site scripting (XSS) vulnerability in the submit_ticket ...)
-	TODO: check
+	NOT-FOR-US: WP Support Plus Responsive Ticket System plugin for WordPress
 CVE-2017-18361 (In Pylons Colander through 1.6, the URL validator allows an attacker t ...)
 	- python-colander <removed>
 	[stretch] - python-colander <no-dsa> (Minor issue)
@@ -6965,7 +6965,7 @@ CVE-2019-6974 (In the Linux kernel before 4.20.8, kvm_ioctl_create_device in vir
 	- linux 4.19.20-1
 	NOTE: https://git.kernel.org/linus/cfa39381173d5f969daf43582c95ad679189cbc9
 CVE-2019-6973 (Sricam IP CCTV cameras are vulnerable to denial of service via multipl ...)
-	TODO: check
+	NOT-FOR-US: Sricam IP CCTV cameras
 CVE-2019-6972
 	RESERVED
 CVE-2019-6971
@@ -7543,7 +7543,7 @@ CVE-2019-6718
 CVE-2019-6717
 	RESERVED
 CVE-2019-6716 (An unauthenticated Insecure Direct Object Reference (IDOR) in Wicket C ...)
-	TODO: check
+	NOT-FOR-US: LogonBox Nervepoint Access Manager
 CVE-2019-6715
 	RESERVED
 CVE-2019-6714 (An issue was discovered in BlogEngine.NET through 3.3.6.0. A path trav ...)
@@ -8053,9 +8053,9 @@ CVE-2018-20739
 CVE-2018-20738
 	RESERVED
 CVE-2018-20737 (An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. Reflected ...)
-	TODO: check
+	NOT-FOR-US: WSO2 API Manager
 CVE-2018-20736 (An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. A DOM-bas ...)
-	TODO: check
+	NOT-FOR-US: WSO2 API Manager
 CVE-2019-6488 (The string component in the GNU C Library (aka glibc or libc6) through ...)
 	- glibc 2.28-6 (unimportant)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24097
@@ -8685,9 +8685,9 @@ CVE-2019-6275
 CVE-2019-6274
 	RESERVED
 CVE-2019-6273 (download_file in GL.iNet GL-AR300M-Lite devices with firmware 2.27 all ...)
-	TODO: check
+	NOT-FOR-US: GL.iNet GL-AR300M-Lite devices
 CVE-2019-6272 (Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite ...)
-	TODO: check
+	NOT-FOR-US: GL.iNet GL-AR300M-Lite devices
 CVE-2019-6271
 	RESERVED
 CVE-2019-6270



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8555e907018ea04cf65b16604f9c5262e289452

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8555e907018ea04cf65b16604f9c5262e289452
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190319/5407a890/attachment.html>

More information about the debian-security-tracker-commits mailing list