[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Mar 26 20:56:49 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ec10457d by Salvatore Bonaccorso at 2019-03-26T20:56:23Z
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,7 +61,7 @@ CVE-2019-10070
 CVE-2019-10069
 	RESERVED
 CVE-2019-10068 (An issue was discovered in Kentico before 12.0.15. Due to a failure to ...)
-	TODO: check
+	NOT-FOR-US: Kentico
 CVE-2019-10067
 	RESERVED
 CVE-2019-10066
@@ -80,7 +80,7 @@ CVE-2019-10062
 CVE-2019-10061 (utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js)  ...)
 	TODO: check
 CVE-2019-10060 (The Verix Multi-app Conductor application 2.7 for Verifone Verix suffe ...)
-	TODO: check
+	NOT-FOR-US: Verix Multi-app Conductor application for Verifone Verix
 CVE-2019-10059
 	RESERVED
 CVE-2019-10058
@@ -1480,7 +1480,7 @@ CVE-2019-9766 (Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when conve
 CVE-2019-9765 (In Blog_mini 1.0, XSS exists via the author name of a comment reply in ...)
 	NOT-FOR-US: Blog_mini
 CVE-2019-9764 (HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to ...)
-	TODO: check
+	NOT-FOR-US: HashiCorp Consul
 CVE-2019-9763
 	RESERVED
 CVE-2019-9762 (A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment ...)
@@ -3280,23 +3280,23 @@ CVE-2019-9063 (PHP Scripts Mall Auction website script 2.0.4 allows parameter ta
 CVE-2019-9062 (PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Reques ...)
 	NOT-FOR-US: PHP Scripts Mall Online Food Ordering Script
 CVE-2019-9061 (An issue was discovered in CMS Made Simple 2.2.8. In the module Module ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2019-9060
 	RESERVED
 CVE-2019-9059 (An issue was discovered in CMS Made Simple 2.2.8. It is possible, with ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2019-9058 (An issue was discovered in CMS Made Simple 2.2.8. In the administrator ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2019-9057 (An issue was discovered in CMS Made Simple 2.2.8. In the module FilePi ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2019-9056
 	RESERVED
 CVE-2019-9055 (An issue was discovered in CMS Made Simple 2.2.8. In the module Design ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2019-9054
 	RESERVED
 CVE-2019-9053 (An issue was discovered in CMS Made Simple 2.2.8. It is possible with  ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2019-9052 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerabi ...)
 	NOT-FOR-US: Pluck CMS
 CVE-2019-9051 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerabi ...)
@@ -6479,7 +6479,7 @@ CVE-2019-7648 (controller/fetchpwd.php and controller/doAction.php in Hotels_Ser
 CVE-2019-7647
 	RESERVED
 CVE-2019-7646 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.763 is vu ...)
-	TODO: check
+	NOT-FOR-US: CentOS Web Panel
 CVE-2019-7645
 	RESERVED
 CVE-2019-7644
@@ -15901,7 +15901,7 @@ CVE-2019-3608
 CVE-2019-3607
 	RESERVED
 CVE-2019-3606 (Data Leakage Attacks vulnerability in the web portal component when in ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2019-3605
 	RESERVED
 CVE-2019-3604 (Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) ...)
@@ -15919,7 +15919,7 @@ CVE-2019-3599 (Information Disclosure vulnerability in Remote logging (which is
 CVE-2019-3598 (Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x all ...)
 	NOT-FOR-US: McAfee Agent
 CVE-2019-3597 (Authentication Bypass vulnerability in McAfee Network Security Manager ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2019-3596
 	RESERVED
 CVE-2019-3595
@@ -224917,11 +224917,11 @@ CVE-2013-2809 (The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54
 CVE-2013-2808 (Heap-based buffer overflow in Xper in Philips Xper Information Managem ...)
 	NOT-FOR-US: Xper
 CVE-2013-2807 (Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, ...)
-	TODO: check
+	NOT-FOR-US: Rockwell Automation
 CVE-2013-2806 (Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, ...)
-	TODO: check
+	NOT-FOR-US: Rockwell Automation
 CVE-2013-2805 (Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, ...)
-	TODO: check
+	NOT-FOR-US: Rockwell Automation
 CVE-2013-2804 (The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 ...)
 	NOT-FOR-US: TOP Server OPC Server
 CVE-2013-2803 (ProSoft RadioLinx ControlScape before 6.00.040 uses a deficient PRNG a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec10457d140cbb84889b35a99eae368599f0464c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec10457d140cbb84889b35a99eae368599f0464c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190326/913e5e10/attachment.html>

More information about the debian-security-tracker-commits mailing list