[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Thu Oct 31 14:39:48 GMT 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9e2cc2cc by Moritz Muehlenhoff at 2019-10-31T14:38:42Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,9 +7,9 @@ CVE-2019-18647
 CVE-2019-18646
 	RESERVED
 CVE-2019-18645 (The quarantine restoration function in Total Defense Anti-virus 11.5.2 ...)
-	TODO: check
+	NOT-FOR-US: Total Defense Anti-virus
 CVE-2019-18644 (The malware scan function in Total Defense Anti-virus 11.5.2.28 is vul ...)
-	TODO: check
+	NOT-FOR-US: Total Defense Anti-virus
 CVE-2019-18643
 	RESERVED
 CVE-2019-18642
@@ -27,13 +27,13 @@ CVE-2019-18637
 CVE-2019-18636
 	RESERVED
 CVE-2019-18635 (An issue was discovered in Mooltipass Moolticute through v0.42.1 and v ...)
-	TODO: check
+	NOT-FOR-US: Mooltipass Moolticute
 CVE-2019-18634
 	RESERVED
 CVE-2019-18633 (European Commission eIDAS-Node Integration Package before 2.3.1 has Mi ...)
-	TODO: check
+	NOT-FOR-US: European Commission eIDAS-Node Integration Package
 CVE-2019-18632 (European Commission eIDAS-Node Integration Package before 2.3.1 allows ...)
-	TODO: check
+	NOT-FOR-US: European Commission eIDAS-Node Integration Package
 CVE-2019-18631
 	RESERVED
 CVE-2019-18630
@@ -1187,13 +1187,13 @@ CVE-2019-18209 (templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the brows
 CVE-2019-18208
 	RESERVED
 CVE-2019-18207 (In Zucchetti InfoBusiness before and including 4.4.1, an authenticated ...)
-	TODO: check
+	NOT-FOR-US: Zucchetti InfoBusiness
 CVE-2019-18206 (A cross-site request forgery (CSRF) vulnerability in Zucchetti InfoBus ...)
-	TODO: check
+	NOT-FOR-US: Zucchetti InfoBusiness
 CVE-2019-18205 (Multiple Reflected Cross-site Scripting (XSS) vulnerabilities exist in ...)
-	TODO: check
+	NOT-FOR-US: Zucchetti InfoBusiness
 CVE-2019-18204 (Zucchetti InfoBusiness before and including 4.4.1 allows any authentic ...)
-	TODO: check
+	NOT-FOR-US: Zucchetti InfoBusiness
 CVE-2019-18203 (On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabili ...)
 	NOT-FOR-US: Ricoh
 CVE-2019-18202 (Information Disclosure is possible on WAGO Series PFC100 and PFC200 de ...)
@@ -3565,7 +3565,7 @@ CVE-2019-17553 (An issue was discovered in MetInfo v7.0.0 beta. There is SQL Inj
 CVE-2019-17552 (An issue was discovered in idreamsoft iCMS v7.0.14. There is a spider_ ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2019-17551 (Apak Wholesale Floorplanning Finance 6.31.8.3 and 6.31.8.5 allows XSS  ...)
-	TODO: check
+	NOT-FOR-US: Apak Wholesale Floorplanning Finance
 CVE-2019-17550
 	RESERVED
 CVE-2019-17549
@@ -4273,17 +4273,17 @@ CVE-2019-17328
 CVE-2019-17327
 	RESERVED
 CVE-2019-17326 (ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker  ...)
-	TODO: check
+	NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17325 (ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker  ...)
-	TODO: check
+	NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17324 (ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traver ...)
-	TODO: check
+	NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17323 (ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file c ...)
-	TODO: check
+	NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17322 (ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file c ...)
-	TODO: check
+	NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17321 (ClipSoft REXPERT 1.0.0.527 and earlier version have an information dis ...)
-	TODO: check
+	NOT-FOR-US: ClipSoft REXPERT
 CVE-2019-17320 (NetSarang XFTP Client 6.0149 and earlier version contains a buffer ove ...)
 	NOT-FOR-US: NetSarang XFTP Client
 CVE-2019-17319 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...)
@@ -23916,7 +23916,7 @@ CVE-2019-10764
 CVE-2019-10763
 	RESERVED
 CVE-2019-10762 (columnQuote in medoo before 1.7.5 allows remote attackers to perform a ...)
-	TODO: check
+	NOT-FOR-US: medoo
 CVE-2019-10761
 	RESERVED
 CVE-2019-10760 (safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A  ...)
@@ -55644,11 +55644,11 @@ CVE-2018-18933 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in Foxit
 CVE-2018-18932
 	RESERVED
 CVE-2018-18931 (An issue was discovered in the Tightrope Media Carousel digital signag ...)
-	TODO: check
+	NOT-FOR-US: Tightrope Media Carousel
 CVE-2018-18930 (The Tightrope Media Carousel digital signage product 7.0.4.104 contain ...)
-	TODO: check
+	NOT-FOR-US: Tightrope Media Carousel
 CVE-2018-18929 (The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4. ...)
-	TODO: check
+	NOT-FOR-US: Tightrope Media Carousel
 CVE-2018-18928 (International Components for Unicode (ICU) for C/C++ 63.1 has an integ ...)
 	- icu 63.1-3
 	[stretch] - icu <not-affected> (Vulnerable code not present)
@@ -56247,7 +56247,7 @@ CVE-2018-18680
 CVE-2018-18679
 	RESERVED
 CVE-2018-18678 (GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to injec ...)
-	TODO: check
+	NOT-FOR-US: GNU Board
 CVE-2018-18677
 	RESERVED
 CVE-2018-18676 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbit ...)
@@ -62401,7 +62401,7 @@ CVE-2018-16418 (A buffer overflow when handling string concatenation in util_acl
 	NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-628c8445c4e7ae92bbc4be08ba11a4c3
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
 CVE-2018-16417 (Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11,  ...)
-	TODO: check
+	NOT-FOR-US: Aruba Instant
 CVE-2018-16416 (Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inl ...)
 	NOT-FOR-US: FUEL CMS
 CVE-2018-16415
@@ -257328,7 +257328,7 @@ CVE-2013-1393 (Cross-site scripting (XSS) vulnerability in the CurvyCorners modu
 CVE-2013-1392
 	RESERVED
 CVE-2013-1391 (Authentication bypass vulnerability in the the web interface in Hunt C ...)
-	TODO: check
+	NOT-FOR-US: DVR systems
 CVE-2013-1390
 	RESERVED
 CVE-2013-1389 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 11, 9. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9e2cc2cc91c4f4a8663ee059d6971b80e9df8baf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9e2cc2cc91c4f4a8663ee059d6971b80e9df8baf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191031/897c3b27/attachment.html>

More information about the debian-security-tracker-commits mailing list