[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Oct 15 12:06:12 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
70334db1 by Salvatore Bonaccorso at 2019-10-15T11:05:46Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2019-17594 (There is a heap-based buffer over-read in the _nc_find_entry fun
 	NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
 	NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
 CVE-2019-17593 (JIZHICMS 1.5.1 allows admin.php/Admin/adminadd.html CSRF to add an adm ...)
-	TODO: check
+	NOT-FOR-US: JIZHICMS
 CVE-2019-17592 (The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular ...)
 	TODO: check
 CVE-2019-17591
@@ -285,7 +285,7 @@ CVE-2019-17513
 CVE-2019-17512
 	RESERVED
 CVE-2019-17511 (There are some web interfaces without authentication requirements on D ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2019-17510 (D-Link DIR-846 devices with firmware 100A35 allow remote attackers to  ...)
 	NOT-FOR-US: D-Link
 CVE-2019-17509 (D-Link DIR-846 devices with firmware 100A35 allow remote attackers to  ...)
@@ -595,7 +595,7 @@ CVE-2019-17410
 CVE-2019-17409
 	RESERVED
 CVE-2019-17408 (parserIfLabel in inc/zzz_template.php in ZZZCMS zzzphp 1.7.3 allows re ...)
-	TODO: check
+	NOT-FOR-US: ZZZCMS
 CVE-2019-17407
 	RESERVED
 CVE-2019-XXXX [Remote code execution vulnerability]
@@ -1073,7 +1073,7 @@ CVE-2019-17178 (HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through
 CVE-2019-17177 (libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0 ...)
 	TODO: check
 CVE-2019-17176 (Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPa ...)
-	TODO: check
+	NOT-FOR-US: Genesys PureEngage Digital (eServices)
 CVE-2019-17175 (joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path ...)
 	NOT-FOR-US: joyplus-cms
 CVE-2019-17174
@@ -1372,9 +1372,9 @@ CVE-2019-17046 (Ilch 2.1.22 allows remote code execution because php is listed u
 CVE-2019-17045 (Ilch 2.1.22 allows stored XSS via the title, text, or email id to the  ...)
 	NOT-FOR-US: Ilch CMS
 CVE-2019-17044 (An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution pe ...)
-	TODO: check
+	NOT-FOR-US: BMC Patrol Agent
 CVE-2019-17043 (An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution pe ...)
-	TODO: check
+	NOT-FOR-US: BMC Patrol Agent
 CVE-2019-17042 (An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmc ...)
 	{DLA-1952-1}
 	- rsyslog <unfixed> (bug #942065)
@@ -2722,7 +2722,7 @@ CVE-2019-16521
 CVE-2019-16520
 	RESERVED
 CVE-2019-16519 (ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to exe ...)
-	TODO: check
+	NOT-FOR-US: ESET Cyber Security
 CVE-2019-16518 (An issue was discovered on Swell Kit Mod devices that use the Vandy Va ...)
 	NOT-FOR-US: Swell Kit Mod devices
 CVE-2019-16517
@@ -3156,7 +3156,7 @@ CVE-2019-16346 (ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in
 CVE-2019-16345
 	RESERVED
 CVE-2019-16344 (A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR ...)
-	TODO: check
+	NOT-FOR-US: ScadaBR
 CVE-2019-16343
 	RESERVED
 CVE-2018-21017 (GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c. ...)
@@ -3306,7 +3306,7 @@ CVE-2019-16284
 CVE-2019-16283
 	RESERVED
 CVE-2019-16282 (In NCH Express Invoice v7.12, persistent cross site scripting (XSS) ex ...)
-	TODO: check
+	NOT-FOR-US: NCH Express Invoice
 CVE-2019-16281
 	RESERVED
 CVE-2019-16280



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70334db1542f5a042eadd3e2a60138f61ced6a78

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70334db1542f5a042eadd3e2a60138f61ced6a78
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191015/0ea01639/attachment.html>


More information about the debian-security-tracker-commits mailing list