[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Tue Nov 12 20:23:56 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
335454a4 by Salvatore Bonaccorso at 2019-11-12T20:23:22Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2019-18927
RESERVED
CVE-2019-18926 (Systematic IRIS Standards Management (ISM) v2.1 SP1 89 is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: Systematic IRIS Standards Management (ISM)
CVE-2019-18925 (Systematic IRIS WebForms 5.4 and its functionalities can be accessed a ...)
- TODO: check
+ NOT-FOR-US: Systematic IRIS WebForms
CVE-2019-18924 (Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By ...)
- TODO: check
+ NOT-FOR-US: Systematic IRIS WebForms
CVE-2019-18923
RESERVED
CVE-2019-18922
@@ -229,7 +229,7 @@ CVE-2019-18819 (Eximious Logo Designer 3.82 has a User Mode Write AV starting at
CVE-2019-18818 (strapi before 3.0.0-beta.17.5 mishandles password resets within packag ...)
NOT-FOR-US: strapi CMS
CVE-2019-18817 (Istio 1.3.x before 1.3.5 allows Denial of Service because continue_on_ ...)
- TODO: check
+ NOT-FOR-US: Istio
CVE-2019-18816 (po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 allows pos ...)
NOT-FOR-US: PopojiCMS
CVE-2019-18815 (PopojiCMS 2.0.1 allows refer= Open Redirection. ...)
@@ -2773,7 +2773,7 @@ CVE-2019-18657 (ClickHouse before 19.13.5.44 allows HTTP header injection via th
CVE-2019-18656 (Pimcore 6.2.3 has XSS in the translations grid because bundles/AdminBu ...)
NOT-FOR-US: Pimcore
CVE-2019-18655 (File Sharing Wizard version 1.5.0 build 2008 is affected by a Structur ...)
- TODO: check
+ NOT-FOR-US: File Sharing Wizard
CVE-2019-18654 (A Cross Site Scripting (XSS) issue exists in AVG AntiVirus (Internet S ...)
NOT-FOR-US: AVG
CVE-2019-18653 (A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, In ...)
@@ -7044,9 +7044,9 @@ CVE-2019-17362 (In LibTomCrypt through 1.18.2, the der_decode_utf8_string functi
CVE-2019-17361
RESERVED
CVE-2019-17360 (A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 a ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2018-21026 (A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 a ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2019-17359 (The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigge ...)
- bouncycastle <not-affected> (Vulnerable code introduced n 1.63)
NOTE: Introduced only in 1.63, fixed in 1.64.
@@ -7287,13 +7287,13 @@ CVE-2019-17239 (includes/settings/class-alg-download-plugins-settings.php in the
CVE-2019-17238
RESERVED
CVE-2019-17237 (includes/class-coming-soon-creator.php in the igniteup plugin through ...)
- TODO: check
+ NOT-FOR-US: igniteup plugin for WordPress
CVE-2019-17236 (includes/class-coming-soon-creator.php in the igniteup plugin through ...)
- TODO: check
+ NOT-FOR-US: igniteup plugin for WordPress
CVE-2019-17235 (includes/class-coming-soon-creator.php in the igniteup plugin through ...)
- TODO: check
+ NOT-FOR-US: igniteup plugin for WordPress
CVE-2019-17234 (includes/class-coming-soon-creator.php in the igniteup plugin through ...)
- TODO: check
+ NOT-FOR-US: igniteup plugin for WordPress
CVE-2019-17233 (Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8. ...)
NOT-FOR-US: Wordpress plugin
CVE-2019-17232 (Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8. ...)
@@ -11073,7 +11073,7 @@ CVE-2019-15817 (The easy-property-listings plugin before 3.4 for WordPress has X
CVE-2019-15816 (The wp-private-content-plus plugin before 2.0 for WordPress has no pro ...)
NOT-FOR-US: wp-private-content-plus plugin for WordPress
CVE-2019-15815 (ZyXEL P-1302-T10D v3 devices with firmware version 2.00(ABBX.3) and ea ...)
- TODO: check
+ NOT-FOR-US: ZyXEL
CVE-2019-15814 (Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow auth ...)
NOT-FOR-US: Sentrifugo
CVE-2019-15813 (Multiple file upload restriction bypass vulnerabilities in Sentrifugo ...)
@@ -21504,9 +21504,9 @@ CVE-2019-12722
CVE-2019-12721
RESERVED
CVE-2019-12720 (AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvc ...)
- TODO: check
+ NOT-FOR-US: AUO SunVeillance Monitoring System
CVE-2019-12719 (An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance ...)
- TODO: check
+ NOT-FOR-US: AUO SunVeillance Monitoring System
CVE-2019-12718 (A vulnerability in the web-based interface of Cisco Small Business Sma ...)
NOT-FOR-US: Cisco
CVE-2019-12717 (A vulnerability in a CLI command related to the virtualization manager ...)
@@ -43769,7 +43769,7 @@ CVE-2019-4654
CVE-2019-4653
RESERVED
CVE-2019-4652 (IBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure file per ...)
- TODO: check
+ NOT-FOR-US: IBM Spectrum Protect Plus
CVE-2019-4651
RESERVED
CVE-2019-4650
@@ -54141,9 +54141,9 @@ CVE-2019-1459
CVE-2019-1458
RESERVED
CVE-2019-1457 (A security feature bypass vulnerability exists in Microsoft Office sof ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1456 (A remote code execution vulnerability exists in Microsoft Windows when ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1455
RESERVED
CVE-2019-1454
@@ -54157,71 +54157,71 @@ CVE-2019-1451
CVE-2019-1450
RESERVED
CVE-2019-1449 (A security feature bypass vulnerability exists in the way that Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1448 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1447 (A spoofing vulnerability exists when Office Online does not validate o ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1446 (An information disclosure vulnerability exists when Microsoft Excel im ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1445 (A spoofing vulnerability exists when Office Online does not validate o ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1444
RESERVED
CVE-2019-1443 (An information disclosure vulnerability exists in Microsoft SharePoint ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1442 (A security feature bypass vulnerability exists when Microsoft Office d ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1441 (A remote code execution vulnerability exists when the Windows font lib ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1440 (An information disclosure vulnerability exists when the win32k compone ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1439 (An information disclosure vulnerability exists when the Windows GDI co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1438 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1437 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1436 (An information disclosure vulnerability exists when the win32k compone ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1435 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1434 (An elevation of privilege vulnerability exists in Windows when the Win ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1433 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1432 (An information disclosure vulnerability exists when DirectWrite improp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1431
RESERVED
CVE-2019-1430 (A remote code execution vulnerability exists when Windows Media Founda ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1429 (A remote code execution vulnerability exists in the way that the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1428 (A remote code execution vulnerability exists in the way that the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1427 (A remote code execution vulnerability exists in the way that the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1426 (A remote code execution vulnerability exists in the way that the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1425 (An elevation of privilege vulnerability exists when Visual Studio fail ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1424 (A security feature bypass vulnerability exists when Windows Netlogon i ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1423 (An elevation of privilege vulnerability exists in the way that the Sta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1422 (An elevation of privilege vulnerability exists in the way that the iph ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1421
RESERVED
CVE-2019-1420 (An elevation of privilege vulnerability exists in the way that the dss ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1419 (A remote code execution vulnerability exists in Microsoft Windows when ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1418 (An information vulnerability exists when Windows Modules Installer Ser ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1417 (An elevation of privilege vulnerability exists when the Windows Data S ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1416 (An elevation of privilege vulnerability exists due to a race condition ...)
TODO: check
CVE-2019-1415 (An elevation of privilege vulnerability exists in Windows Installer be ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/335454a4e881f6b227333639a1092d6f9ded60fa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/335454a4e881f6b227333639a1092d6f9ded60fa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191112/67039eed/attachment.html>
More information about the debian-security-tracker-commits
mailing list