[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon May 6 21:22:04 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
43c2a3ed by Salvatore Bonaccorso at 2019-05-06T20:21:25Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2019-11807 (The WooCommerce Checkout Manager plugin before 4.3 for WordPress allow ...)
-	TODO: check
+	NOT-FOR-US: WooCommerce Checkout Manager plugin for WordPress
 CVE-2019-11806
 	RESERVED
 CVE-2019-11805
@@ -16396,7 +16396,7 @@ CVE-2019-5433 (A user having access to the UI of a Revive Adserver instance coul
 CVE-2019-5432 (A specifically malformed MQTT Subscribe packet crashes MQTT Brokers us ...)
 	TODO: check
 CVE-2019-5431 (This vulnerability was caused by an incomplete fix to CVE-2017-0911. T ...)
-	TODO: check
+	NOT-FOR-US: Twitter Kit for iOS
 CVE-2019-5430 (In UniFi Video 3.10.0 and prior, due to the lack of CSRF protection, i ...)
 	TODO: check
 CVE-2019-5429 (Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacke ...)
@@ -45694,7 +45694,7 @@ CVE-2018-13985
 CVE-2018-13984
 	RESERVED
 CVE-2018-13983 (ImpressCMS 1.3.10 has XSS via the PATH_INFO to htdocs/install/index.ph ...)
-	TODO: check
+	NOT-FOR-US: ImpressCMS
 CVE-2018-13982 (Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is pro ...)
 	- smarty3 3.1.33+20180830.1.3a78a21f+selfpack1-1
 	[jessie] - smarty3 <not-affected> (vulnerable code not present)
@@ -73176,31 +73176,31 @@ CVE-2018-4075
 CVE-2018-4074
 	RESERVED
 CVE-2018-4073 (An exploitable Permission Assignment vulnerability exists in the ACEMa ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4072 (An exploitable Permission Assignment vulnerability exists in the ACEMa ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4071 (An exploitable Information Disclosure vulnerability exists in the ACEM ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4070 (An exploitable Information Disclosure vulnerability exists in the ACEM ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4069 (An information disclosure vulnerability exists in the ACEManager authe ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4068 (An exploitable information disclosure vulnerability exists in the ACEM ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4067 (An exploitable information disclosure vulnerability exists in the ACEM ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4066 (An exploitable cross-site request forgery vulnerability exists in the  ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4065 (An exploitable cross-site scripting vulnerability exists in the ACEMan ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4064
 	RESERVED
 CVE-2018-4063 (An exploitable remote code execution vulnerability exists in the uploa ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4062 (A hard-coded credentials vulnerability exists in the snmpd function of ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4061 (An exploitable command injection vulnerability exists in the ACEManage ...)
-	TODO: check
+	NOT-FOR-US: Sierra Wireless AirLink ES450 firmware
 CVE-2018-4060
 	RESERVED
 CVE-2018-4059 (An exploitable unsafe default configuration vulnerability exists in th ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43c2a3ed72412cac684ad7b1f556ce6e78f15928

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43c2a3ed72412cac684ad7b1f556ce6e78f15928
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190506/e795eeee/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list