[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Wed Nov 6 08:28:51 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7545395e by Moritz Muehlenhoff at 2019-11-06T08:28:19Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2019-18787
CVE-2019-18785
RESERVED
CVE-2019-18784 (SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions prior to ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2019-18783
RESERVED
CVE-2019-18782
@@ -2417,7 +2417,7 @@ CVE-2019-18683 (An issue was discovered in drivers/media/platform/vivid in the L
CVE-2019-18675
RESERVED
CVE-2019-18674 (An issue was discovered in Joomla! before 3.9.13. A missing access che ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2019-18673 (On SHIFT BitBox02 devices, a side channel for the row-based OLED displ ...)
NOT-FOR-US: SHIFT BitBox02 devices
CVE-2019-18672
@@ -2465,7 +2465,7 @@ CVE-2019-18652
CVE-2019-18651
RESERVED
CVE-2019-18650 (An issue was discovered in Joomla! before 3.9.13. A missing token chec ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2018-21030 (Jupyter Notebook before 5.5.0 does not use a CSP header to treat serve ...)
- jupyter-notebook 5.7.4-1
NOTE: https://github.com/jupyter/notebook/pull/3341
@@ -7011,9 +7011,9 @@ CVE-2019-17214 (The WebARX plugin 1.3.0 for WordPress allows firewall bypass by
CVE-2019-17213 (The WebARX plugin 1.3.0 for WordPress has unauthenticated stored XSS v ...)
NOT-FOR-US: WebARX plugin for WordPress
CVE-2019-17212 (Buffer overflows were discovered in the CoAP library in Arm Mbed OS 5. ...)
- TODO: check
+ NOT-FOR-US: Arm Mbed OS
CVE-2019-17211 (An integer overflow was discovered in the CoAP library in Arm Mbed OS ...)
- TODO: check
+ NOT-FOR-US: Arm Mbed OS
CVE-2019-17210 (A denial-of-service issue was discovered in the MQTT library in Arm Mb ...)
NOT-FOR-US: Arm Mbed OS
CVE-2019-17209
@@ -9349,7 +9349,7 @@ CVE-2019-16286
CVE-2019-16285
RESERVED
CVE-2019-16284 (A potential security vulnerability has been identified in multiple HP ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2019-16283
RESERVED
CVE-2019-16282 (In NCH Express Invoice v7.12, persistent cross site scripting (XSS) ex ...)
@@ -34433,19 +34433,19 @@ CVE-2019-8235 (An insecure direct object reference (IDOR) vulnerability exists i
CVE-2019-8234 (Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a cross-site r ...)
NOT-FOR-US: Adobe
CVE-2019-8233 (In Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8232 (In Magento prior to 1.9.4.3, Magento prior to 1.14.4.3, Magento 2.2 pr ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8231 (In Magento to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8230 (In Magentoprior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenti ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8229 (In Magento prior to 1.9.4.3, and Magento prior to 1.14.4.3, an authent ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8228 (in Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenti ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8227 (In Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenti ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8226 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
NOT-FOR-US: Adobe
CVE-2019-8225 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
@@ -34581,111 +34581,111 @@ CVE-2019-8161 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2
CVE-2019-8160 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
NOT-FOR-US: Adobe
CVE-2019-8159 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8158 (An XPath entity injection vulnerability exists in Magento 2.2 prior to ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8157 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8156 (A server-side request forgery (SSRF) vulnerability exists in Magento 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8155 (Magento prior to 1.9.4.3 and prior to 1.14.4.3 included a user's CSRF ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8154 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8153 (A mitigation bypass to prevent cross-site scripting (XSS) exists in Ma ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8152 (A stored cross-site scripting (XSS) vulnerability exists in in Magento ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8151 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8150 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8149 (Insecure authentication and session management vulnerability exists in ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8148 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8147 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8146 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8145 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8144 (A remote code execution vulnerability exists in Magento 2.3 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8143 (A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, M ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8142 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8141 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8140 (An unrestricted file upload vulnerability exists in Magento 2.2 prior ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8139 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8138 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8137 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8136 (An insecure component vulnerability exists in Magento 2.2 prior to 2.2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8135 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8134 (A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, M ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8133 (A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8132 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8131 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8130 (A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, M ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8129 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8128 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8127 (A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, M ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8126 (An XML entity injection vulnerability exists in Magento 2.2 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8125 (A remote code execution vulnerability exists in Magento 1 prior to 1.9 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8124 (An insufficient logging and monitoring vulnerability exists in Magento ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8123 (An insufficient logging and monitoring vulnerability exists in Magento ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8122 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8121 (An insecure component vulnerability exists in Magento 2.1 prior to 2.1 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8120 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8119 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8118 (Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8117 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8116 (Insecure authentication and session management vulnerability exists in ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8115 (A reflected cross-site scripting (XSS) vulnerability exists in Magento ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8114 (A remote code execution vulnerability exists in Magento 1 prior to 1.9 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8113 (Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 us ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8112 (A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8111 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8110 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8109 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8108 (Insecure authentication and session management vulnerability exists in ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8107 (An arbitrary file deletion vulnerability exists in Magento 2.2 prior t ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8106 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
NOT-FOR-US: Adobe
CVE-2019-8105 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
@@ -34713,13 +34713,13 @@ CVE-2019-8095 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 20
CVE-2019-8094 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
NOT-FOR-US: Adobe
CVE-2019-8093 (An arbitrary file access vulnerability exists in Magento 2.2 prior to ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8092 (A reflected cross-site scripting (XSS) vulnerability exists in Magento ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8091 (A remote code execution vulnerability exists in Magento 1 prior to 1.9 ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8090 (An arbitrary file deletion vulnerability exists in Magento 2.1 prior t ...)
- TODO: check
+ NOT-FOR-US: Magento
CVE-2019-8089 (Adobe Experience Manager Forms versions 6.3-6.5 have a reflected cross ...)
NOT-FOR-US: Adobe
CVE-2019-8088 (Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command ...)
@@ -39627,7 +39627,7 @@ CVE-2019-6144 (This vulnerability allows a normal (non-admin) user to disable th
CVE-2019-6143 (Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4 ...)
NOT-FOR-US: Forcepoint Next Generation Firewall (Forcepoint NGFW)
CVE-2019-6142 (It has been reported that XSS is possible in Forcepoint Email Security ...)
- TODO: check
+ NOT-FOR-US: Forcepoint
CVE-2019-6141
RESERVED
CVE-2019-6140 (A configuration issue has been discovered in Forcepoint Email Security ...)
@@ -42265,9 +42265,9 @@ CVE-2019-5091
CVE-2019-5090
RESERVED
CVE-2019-5089 (An exploitable memory corruption vulnerability exists in Investintech ...)
- TODO: check
+ NOT-FOR-US: Investintech
CVE-2019-5088 (An exploitable memory corruption vulnerability exists in Investintech ...)
- TODO: check
+ NOT-FOR-US: Investintech
CVE-2019-5087
RESERVED
CVE-2019-5086
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7545395e70e43d4f9801424001f328bb951550d9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7545395e70e43d4f9801424001f328bb951550d9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191106/bcd9b925/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list