[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Nov 7 20:17:28 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
024c553b by Salvatore Bonaccorso at 2019-11-07T20:16:46Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2019-18817
 	RESERVED
 CVE-2019-18816 (po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 allows pos ...)
-	TODO: check
+	NOT-FOR-US: PopojiCMS
 CVE-2019-18815 (PopojiCMS 2.0.1 allows refer= Open Redirection. ...)
-	TODO: check
+	NOT-FOR-US: PopojiCMS
 CVE-2019-18814 (An issue was discovered in the Linux kernel through 5.3.9. There is a  ...)
 	TODO: check
 CVE-2019-18813 (A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc ...)
@@ -5964,9 +5964,9 @@ CVE-2019-17607 (HongCMS 3.0.0 has XSS via the install/index.php servername param
 CVE-2019-17606 (The Post editor functionality in the hexo-admin plugin versions 2.3.0  ...)
 	NOT-FOR-US: hexo-admin Node module
 CVE-2019-17605 (A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15  ...)
-	TODO: check
+	NOT-FOR-US: eyeCMS
 CVE-2019-17604 (An Insecure Direct Object Reference (IDOR) vulnerability in eyecomms e ...)
-	TODO: check
+	NOT-FOR-US: eyeCMS
 CVE-2019-17603
 	RESERVED
 CVE-2019-17602 (An issue was discovered in Zoho ManageEngine OpManager before 12.4 bui ...)
@@ -7050,7 +7050,7 @@ CVE-2019-17224 (The web interface of the Compal Broadband CH7465LG modem (versio
 CVE-2019-17223 (There is HTML Injection in the Note field in Dolibarr ERP/CRM 10.0.2 v ...)
 	- dolibarr <removed>
 CVE-2019-17222 (An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is  ...)
-	TODO: check
+	NOT-FOR-US: Intelbras WRN 150 devices
 CVE-2019-17221 (PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as d ...)
 	- phantomjs <unfixed>
 	NOTE: https://www.darkmatter.ae/blogs/breaching-the-perimeter-phantomjs-arbitrary-file-read/
@@ -22157,7 +22157,7 @@ CVE-2019-12333
 CVE-2019-12332
 	RESERVED
 CVE-2019-12331 (PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner ...)
-	TODO: check
+	NOT-FOR-US: PHPOffice PhpSpreadsheet
 CVE-2019-12330
 	RESERVED
 CVE-2019-12329
@@ -23041,7 +23041,7 @@ CVE-2019-11998
 CVE-2019-11997
 	RESERVED
 CVE-2019-11996 (Potential security vulnerabilities have been identified with HPE Nimbl ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2019-11995
 	RESERVED
 CVE-2019-11994
@@ -39179,7 +39179,7 @@ CVE-2019-6340 (Some field types do not properly sanitize data from non-form sour
 	- drupal7 <not-affected> (Drupal 7 core not affected)
 	NOTE: https://www.drupal.org/sa-core-2019-003
 CVE-2019-6337 (For the printers listed a maliciously crafted print file might cause c ...)
-	TODO: check
+	NOT-FOR-US: HP Inkjet printers
 CVE-2019-6336
 	RESERVED
 CVE-2019-6335 (A potential security vulnerability has been identified with Samsung La ...)
@@ -39767,11 +39767,11 @@ CVE-2019-6124
 CVE-2019-6123
 	RESERVED
 CVE-2019-6122 (A Username Enumeration via Error Message issue was discovered in NiceH ...)
-	TODO: check
+	NOT-FOR-US: NiceHash Miner
 CVE-2019-6121 (An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Auth ...)
-	TODO: check
+	NOT-FOR-US: NiceHash Miner
 CVE-2019-6120 (An issue was discovered in NiceHash Miner before 2.0.3.0. A missing ra ...)
-	TODO: check
+	NOT-FOR-US: NiceHash Miner
 CVE-2019-6119
 	RESERVED
 CVE-2019-6118
@@ -41115,11 +41115,11 @@ CVE-2019-5646
 CVE-2019-5645
 	RESERVED
 CVE-2019-5644 (Computing For Good's Basic Laboratory Information System (also known a ...)
-	TODO: check
+	NOT-FOR-US: Computing For Good's Basic Laboratory Information System
 CVE-2019-5643 (Computing For Good's Basic Laboratory Information System (also known a ...)
-	TODO: check
+	NOT-FOR-US: Computing For Good's Basic Laboratory Information System
 CVE-2019-5642 (Rapid7 Metasploit Pro version 4.16.0-2019081901 and prior suffers from ...)
-	TODO: check
+	NOT-FOR-US: Rapid7 Metasploit Pro
 CVE-2019-5641
 	RESERVED
 CVE-2019-5640
@@ -41169,7 +41169,7 @@ CVE-2019-5619
 CVE-2019-5618
 	RESERVED
 CVE-2019-5617 (Computing For Good's Basic Laboratory Information System (also known a ...)
-	TODO: check
+	NOT-FOR-US: Computing For Good's Basic Laboratory Information System
 CVE-2019-5616 (CircuitWerkes Sicon-8, a hardware device used for managing electrical  ...)
 	NOT-FOR-US: CircuitWerkes Sicon-8
 CVE-2019-5615 (Users with Site-level permissions can access files containing the user ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/024c553b42cc3794a22481c343d087341ad5b0c3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/024c553b42cc3794a22481c343d087341ad5b0c3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191107/c0849575/attachment.html>

More information about the debian-security-tracker-commits mailing list