[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Oct 16 21:45:04 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c2263baf by Salvatore Bonaccorso at 2019-10-16T20:44:36Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2019-17663 (D-Link DIR-866L 1.03B04 devices allow XSS via HtmlResponseMessage in t ...)
 	NOT-FOR-US: D-Link
 CVE-2019-17662 (ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a c ...)
-	TODO: check
+	NOT-FOR-US: ThinVNC
 CVE-2019-17661
 	RESERVED
 CVE-2019-17660 (A cross-site scripting (XSS) vulnerability in admin/translate/translat ...)
@@ -437,7 +437,7 @@ CVE-2019-17514 (library/glob.html in the Python 2 and 3 documentation before 201
 CVE-2019-17513
 	RESERVED
 CVE-2019-17512 (There are some web interfaces without authentication requirements on D ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2019-17511 (There are some web interfaces without authentication requirements on D ...)
 	NOT-FOR-US: D-Link
 CVE-2019-17510 (D-Link DIR-846 devices with firmware 100A35 allow remote attackers to  ...)
@@ -643,9 +643,9 @@ CVE-2019-17438
 CVE-2019-17437
 	RESERVED
 CVE-2019-17436 (A Local Privilege Escalation vulnerability exists in GlobalProtect Age ...)
-	TODO: check
+	NOT-FOR-US: GlobalProtect Agent
 CVE-2019-17435 (A Local Privilege Escalation vulnerability exists in the GlobalProtect ...)
-	TODO: check
+	NOT-FOR-US: GlobalProtect Agent
 CVE-2019-17434 (LavaLite through 5.7 has XSS via a crafted account name that is mishan ...)
 	NOT-FOR-US: LavaLite
 CVE-2019-17433 (z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles s ...)
@@ -4414,7 +4414,7 @@ CVE-2019-15964
 CVE-2019-15963
 	RESERVED
 CVE-2019-15962 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15961
 	RESERVED
 CVE-2019-15960
@@ -4631,7 +4631,7 @@ CVE-2019-15895 (search-exclude.php in the "Search Exclude" plugin before 1.2.4 f
 CVE-2019-15894 (An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, ...)
 	NOT-FOR-US: Espressif
 CVE-2019-15893 (Sonatype Nexus Repository Manager 2.x before 2.14.15 allows Remote Cod ...)
-	TODO: check
+	NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2019-15891 (An issue was discovered in CKFinder through 2.6.2.1 and 3.x through 3. ...)
 	NOT-FOR-US: CKFinder
 CVE-2019-15890 (libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reas ...)
@@ -6317,57 +6317,57 @@ CVE-2019-15284
 CVE-2019-15283
 	RESERVED
 CVE-2019-15282 (A vulnerability in the web-based management interface of Cisco Identit ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15281 (A vulnerability in the web-based management interface of Cisco Identit ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15280 (A vulnerability in the web-based management interface of Cisco Firepow ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15279
 	RESERVED
 CVE-2019-15278
 	RESERVED
 CVE-2019-15277 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15276
 	RESERVED
 CVE-2019-15275 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15274 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15273 (Multiple vulnerabilities in the CLI of Cisco TelePresence Collaboratio ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15272 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
 	NOT-FOR-US: Cisco
 CVE-2019-15271
 	RESERVED
 CVE-2019-15270 (A vulnerability in the web-based management interface of Cisco Firepow ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15269 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15268 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15267
 	RESERVED
 CVE-2019-15266 (A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Soft ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15265 (A vulnerability in the bridge protocol data unit (BPDU) forwarding fun ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15264 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15263
 	RESERVED
 CVE-2019-15262 (A vulnerability in the Secure Shell (SSH) session management for Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15261 (A vulnerability in the Point-to-Point Tunneling Protocol (PPTP) VPN pa ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15260 (A vulnerability in Cisco Aironet Access Points (APs) Software could al ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15259 (A vulnerability in Cisco Unified Contact Center Express (UCCX) Softwar ...)
 	NOT-FOR-US: Cisco
 CVE-2019-15258 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15257 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15256 (A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature ...)
 	NOT-FOR-US: Cisco
 CVE-2019-15255
@@ -6377,31 +6377,31 @@ CVE-2019-15254
 CVE-2019-15253
 	RESERVED
 CVE-2019-15252 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15251 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15250 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15249 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15248 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15247 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15246 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15245 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15244 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15243 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15242 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15241 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15240 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-15292 (An issue was discovered in the Linux kernel before 5.0.9. There is a u ...)
 	{DLA-1930-1 DLA-1919-1}
 	- linux 4.19.37-1
@@ -15099,7 +15099,7 @@ CVE-2019-12720
 CVE-2019-12719
 	RESERVED
 CVE-2019-12718 (A vulnerability in the web-based interface of Cisco Small Business Sma ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-12717 (A vulnerability in a CLI command related to the virtualization manager ...)
 	NOT-FOR-US: Cisco
 CVE-2019-12716 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
@@ -15119,19 +15119,19 @@ CVE-2019-12710 (A vulnerability in the web-based interface of Cisco Unified Comm
 CVE-2019-12709 (A vulnerability in a CLI command related to the virtualization manager ...)
 	NOT-FOR-US: Cisco
 CVE-2019-12708 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-12707 (A vulnerability in the web-based interface of multiple Cisco Unified C ...)
 	NOT-FOR-US: Cisco
 CVE-2019-12706 (A vulnerability in the Sender Policy Framework (SPF) functionality of  ...)
 	NOT-FOR-US: Cisco
 CVE-2019-12705 (A vulnerability in the web-based management interface of Cisco Express ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-12704 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-12703 (A vulnerability in the web-based management interface of Cisco SPA122  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-12702 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-12701 (A vulnerability in the file and malware inspection feature of Cisco Fi ...)
 	NOT-FOR-US: Cisco
 CVE-2019-12700 (A vulnerability in the configuration of the Pluggable Authentication M ...)
@@ -15259,7 +15259,7 @@ CVE-2019-12640
 CVE-2019-12639
 	RESERVED
 CVE-2019-12638 (A vulnerability in the web-based management interface of Cisco Identit ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-12637 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	TODO: check
 CVE-2019-12636 (A vulnerability in the web-based management interface of Cisco Small B ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2263baf22e20c9e2861017aa339ab8094768ed9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2263baf22e20c9e2861017aa339ab8094768ed9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191016/9dcb0b74/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list