[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Mon Nov 4 20:59:51 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
247336a9 by Salvatore Bonaccorso at 2019-11-04T20:59:18Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -43,7 +43,7 @@ CVE-2019-18665 (The Log module in SECUDOS DOMOS before 5.6 allows local file inc
CVE-2019-18664 (The Log module in SECUDOS DOMOS before 5.6 allows XSS. ...)
NOT-FOR-US: SECUDOS DOMOS
CVE-2019-18663 (A SQL injection vulnerability in a /login/forgot1 POST request in ARP- ...)
- TODO: check
+ NOT-FOR-US: ARP-GUARD
CVE-2019-18662 (An issue was discovered in YouPHPTube through 7.7. User input passed t ...)
NOT-FOR-US: YouPHPTube
CVE-2019-18661 (Fastweb FASTGate 1.0.1b devices allow partial authentication bypass by ...)
@@ -8729,7 +8729,7 @@ CVE-2019-15685
CVE-2019-15684
RESERVED
CVE-2019-15683 (TurboVNC server code contains stack buffer overflow vulnerability in c ...)
- TODO: check
+ NOT-FOR-US: TurboVNC
CVE-2019-15682 (RDesktop version 1.8.4 contains multiple out-of-bound access read vuln ...)
{DSA-4473-1 DLA-1837-1}
- rdesktop 1.8.6-1
@@ -13374,11 +13374,11 @@ CVE-2019-14362 (Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traver
CVE-2019-14361
REJECTED
CVE-2019-14360 (On Hyundai Pay Kasse HK-1000 devices, a side channel for the row-based ...)
- TODO: check
+ NOT-FOR-US: Hyundai Pay Kasse HK-1000 devices
CVE-2019-14359 (** DISPUTED ** On BC Vault devices, a side channel for the row-based S ...)
NOT-FOR-US: BC Vault devices
CVE-2019-14358 (On Archos Safe-T devices, a side channel for the row-based OLED displa ...)
- TODO: check
+ NOT-FOR-US: Archos Safe-T devices
CVE-2019-14357 (** DISPUTED ** On Mooltipass Mini devices, a side channel for the row- ...)
NOT-FOR-US: Mooltipass Mini devices
CVE-2019-14356 (** DISPUTED ** On Coldcard MK1 and MK2 devices, a side channel for the ...)
@@ -16505,9 +16505,9 @@ CVE-2019-13499
CVE-2019-13498 (One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Trans ...)
NOT-FOR-US: One Identity Cloud Access Manager
CVE-2019-13497 (One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows CSRF fo ...)
- TODO: check
+ NOT-FOR-US: One Identity Cloud Access Manager
CVE-2019-13496 (One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP byp ...)
- TODO: check
+ NOT-FOR-US: One Identity Cloud Access Manager
CVE-2019-13495
RESERVED
CVE-2019-13494 (nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0. ...)
@@ -55543,7 +55543,7 @@ CVE-2018-19033
CVE-2018-19032
RESERVED
CVE-2018-19031 (A command injection vulnerability exists when the authorized user pass ...)
- TODO: check
+ NOT-FOR-US: 360 routers
CVE-2018-19030
RESERVED
CVE-2018-19029 (LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/247336a9bb2512145811d83da6f3a83b4c0fc84e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/247336a9bb2512145811d83da6f3a83b4c0fc84e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191104/153d83cc/attachment.html>
More information about the debian-security-tracker-commits
mailing list