[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Oct 16 21:45:04 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c2263baf by Salvatore Bonaccorso at 2019-10-16T20:44:36Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2019-17663 (D-Link DIR-866L 1.03B04 devices allow XSS via HtmlResponseMessage in t ...)
NOT-FOR-US: D-Link
CVE-2019-17662 (ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a c ...)
- TODO: check
+ NOT-FOR-US: ThinVNC
CVE-2019-17661
RESERVED
CVE-2019-17660 (A cross-site scripting (XSS) vulnerability in admin/translate/translat ...)
@@ -437,7 +437,7 @@ CVE-2019-17514 (library/glob.html in the Python 2 and 3 documentation before 201
CVE-2019-17513
RESERVED
CVE-2019-17512 (There are some web interfaces without authentication requirements on D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2019-17511 (There are some web interfaces without authentication requirements on D ...)
NOT-FOR-US: D-Link
CVE-2019-17510 (D-Link DIR-846 devices with firmware 100A35 allow remote attackers to ...)
@@ -643,9 +643,9 @@ CVE-2019-17438
CVE-2019-17437
RESERVED
CVE-2019-17436 (A Local Privilege Escalation vulnerability exists in GlobalProtect Age ...)
- TODO: check
+ NOT-FOR-US: GlobalProtect Agent
CVE-2019-17435 (A Local Privilege Escalation vulnerability exists in the GlobalProtect ...)
- TODO: check
+ NOT-FOR-US: GlobalProtect Agent
CVE-2019-17434 (LavaLite through 5.7 has XSS via a crafted account name that is mishan ...)
NOT-FOR-US: LavaLite
CVE-2019-17433 (z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles s ...)
@@ -4414,7 +4414,7 @@ CVE-2019-15964
CVE-2019-15963
RESERVED
CVE-2019-15962 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15961
RESERVED
CVE-2019-15960
@@ -4631,7 +4631,7 @@ CVE-2019-15895 (search-exclude.php in the "Search Exclude" plugin before 1.2.4 f
CVE-2019-15894 (An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, ...)
NOT-FOR-US: Espressif
CVE-2019-15893 (Sonatype Nexus Repository Manager 2.x before 2.14.15 allows Remote Cod ...)
- TODO: check
+ NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2019-15891 (An issue was discovered in CKFinder through 2.6.2.1 and 3.x through 3. ...)
NOT-FOR-US: CKFinder
CVE-2019-15890 (libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reas ...)
@@ -6317,57 +6317,57 @@ CVE-2019-15284
CVE-2019-15283
RESERVED
CVE-2019-15282 (A vulnerability in the web-based management interface of Cisco Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15281 (A vulnerability in the web-based management interface of Cisco Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15280 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15279
RESERVED
CVE-2019-15278
RESERVED
CVE-2019-15277 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15276
RESERVED
CVE-2019-15275 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15274 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15273 (Multiple vulnerabilities in the CLI of Cisco TelePresence Collaboratio ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15272 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
NOT-FOR-US: Cisco
CVE-2019-15271
RESERVED
CVE-2019-15270 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15269 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15268 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15267
RESERVED
CVE-2019-15266 (A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Soft ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15265 (A vulnerability in the bridge protocol data unit (BPDU) forwarding fun ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15264 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15263
RESERVED
CVE-2019-15262 (A vulnerability in the Secure Shell (SSH) session management for Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15261 (A vulnerability in the Point-to-Point Tunneling Protocol (PPTP) VPN pa ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15260 (A vulnerability in Cisco Aironet Access Points (APs) Software could al ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15259 (A vulnerability in Cisco Unified Contact Center Express (UCCX) Softwar ...)
NOT-FOR-US: Cisco
CVE-2019-15258 (A vulnerability in the web-based management interface of Cisco SPA100 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15257 (A vulnerability in the web-based management interface of Cisco SPA100 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15256 (A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature ...)
NOT-FOR-US: Cisco
CVE-2019-15255
@@ -6377,31 +6377,31 @@ CVE-2019-15254
CVE-2019-15253
RESERVED
CVE-2019-15252 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15251 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15250 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15249 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15248 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15247 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15246 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15245 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15244 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15243 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15242 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15241 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15240 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-15292 (An issue was discovered in the Linux kernel before 5.0.9. There is a u ...)
{DLA-1930-1 DLA-1919-1}
- linux 4.19.37-1
@@ -15099,7 +15099,7 @@ CVE-2019-12720
CVE-2019-12719
RESERVED
CVE-2019-12718 (A vulnerability in the web-based interface of Cisco Small Business Sma ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12717 (A vulnerability in a CLI command related to the virtualization manager ...)
NOT-FOR-US: Cisco
CVE-2019-12716 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
@@ -15119,19 +15119,19 @@ CVE-2019-12710 (A vulnerability in the web-based interface of Cisco Unified Comm
CVE-2019-12709 (A vulnerability in a CLI command related to the virtualization manager ...)
NOT-FOR-US: Cisco
CVE-2019-12708 (A vulnerability in the web-based management interface of Cisco SPA100 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12707 (A vulnerability in the web-based interface of multiple Cisco Unified C ...)
NOT-FOR-US: Cisco
CVE-2019-12706 (A vulnerability in the Sender Policy Framework (SPF) functionality of ...)
NOT-FOR-US: Cisco
CVE-2019-12705 (A vulnerability in the web-based management interface of Cisco Express ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12704 (A vulnerability in the web-based management interface of Cisco SPA100 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12703 (A vulnerability in the web-based management interface of Cisco SPA122 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12702 (A vulnerability in the web-based management interface of Cisco SPA100 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12701 (A vulnerability in the file and malware inspection feature of Cisco Fi ...)
NOT-FOR-US: Cisco
CVE-2019-12700 (A vulnerability in the configuration of the Pluggable Authentication M ...)
@@ -15259,7 +15259,7 @@ CVE-2019-12640
CVE-2019-12639
RESERVED
CVE-2019-12638 (A vulnerability in the web-based management interface of Cisco Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-12637 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
TODO: check
CVE-2019-12636 (A vulnerability in the web-based management interface of Cisco Small B ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2263baf22e20c9e2861017aa339ab8094768ed9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2263baf22e20c9e2861017aa339ab8094768ed9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191016/9dcb0b74/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list