[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
carnil at debian.org
Fri Nov 15 20:27:09 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9efacee6 by Salvatore Bonaccorso at 2019-11-15T20:26:39Z
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3819,7 +3819,7 @@ CVE-2019-18374
CVE-2019-18373
RESERVED
CVE-2019-18372 (Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to ...)
- TODO: check
+ NOT-FOR-US: Symantec Endpoint Protection
CVE-2019-18371 (An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-s ...)
NOT-FOR-US: Xiaomi
CVE-2019-18370 (An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-s ...)
@@ -16367,11 +16367,11 @@ CVE-2019-14347 (Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote
CVE-2019-14346 (Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CS ...)
NOT-FOR-US: Schben Adive
CVE-2019-14345 (TemaTres 3.0 allows remote unprivileged users to create an administrat ...)
- TODO: check
+ NOT-FOR-US: TemaTres
CVE-2019-14344
RESERVED
CVE-2019-14343 (TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin ...)
- TODO: check
+ NOT-FOR-US: TemaTres
CVE-2019-14342
RESERVED
CVE-2019-14341
@@ -21618,13 +21618,13 @@ CVE-2019-12760 (** DISPUTED ** A deserialization vulnerability exists in the way
NOTE: https://github.com/davidhalter/parso/issues/75
NOTE: Not considered a security issue by upstream
CVE-2019-12759 (Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2019-12758 (Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2019-12757 (Symantec Endpoint Protection (SEP), prior to 14.2 RU2 & 12.1 RU6 M ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2019-12756 (Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptib ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2019-12755 (Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an ...)
NOT-FOR-US: Norton
CVE-2019-12754 (Symantec My VIP portal, previous version which has already been auto u ...)
@@ -57953,9 +57953,9 @@ CVE-2018-19271 (Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.2
CVE-2018-19270
REJECTED
CVE-2019-0185 (Insufficient access control in protected memory subsystem for SMM for ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-0184 (Insufficient access control in protected memory subsystem for Intel(R) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-0183 (Insufficient password protection in the attestation database for Open ...)
NOT-FOR-US: Open CIT
CVE-2019-0182 (Insufficient password protection in the attestation database for Open ...)
@@ -58038,9 +58038,9 @@ CVE-2019-0154 (Insufficient access control in subsystem for Intel (R) processor
CVE-2019-0153 (Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 m ...)
NOT-FOR-US: Intel(R) CSME
CVE-2019-0152 (Insufficient memory protection in System Management Mode (SMM) and Int ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-0151 (Insufficient memory protection in Intel(R) TXT for certain Intel(R) Co ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-0150 (Insufficient access control in firmware Intel(R) Ethernet 700 Series C ...)
TODO: check
CVE-2019-0149 (Insufficient input validation in i40e driver for Intel(R) Ethernet 700 ...)
@@ -58058,7 +58058,7 @@ CVE-2019-0144 (Unhandled exception in firmware for Intel(R) Ethernet 700 Series
CVE-2019-0143 (Unhandled exception in Kernel-mode drivers for Intel(R) Ethernet 700 S ...)
TODO: check
CVE-2019-0142 (Insufficient access control in ilp60x64.sys driver for Intel(R) Ethern ...)
- TODO: check
+ NOT-FOR-US: ilp60x64.sys driver for Intel
CVE-2019-0141
RESERVED
CVE-2019-0140 (Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controlle ...)
@@ -58100,9 +58100,9 @@ CVE-2019-0126 (Insufficient access control in silicon reference firmware for Int
CVE-2019-0125
RESERVED
CVE-2019-0124 (Insufficient memory protection in Intel(R) 6th Generation Core Process ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-0123 (Insufficient memory protection in Intel(R) 6th Generation Core Process ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2019-0122 (Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel ...)
NOT-FOR-US: Intel
CVE-2019-0121 (Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and ...)
@@ -60507,7 +60507,7 @@ CVE-2018-18370 (The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP co
CVE-2018-18369 (Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows ...)
NOT-FOR-US: Norton Security
CVE-2018-18368 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2018-18367 (Symantec Endpoint Protection Manager (SEPM) prior to and including 12. ...)
NOT-FOR-US: Symantec
CVE-2018-18366 (Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9efacee6e669199e599faa2c7b6b5f671ecb424e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9efacee6e669199e599faa2c7b6b5f671ecb424e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191115/7ef296f5/attachment.html>
More information about the debian-security-tracker-commits
mailing list