[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Thu Oct 31 14:39:48 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9e2cc2cc by Moritz Muehlenhoff at 2019-10-31T14:38:42Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,9 +7,9 @@ CVE-2019-18647
CVE-2019-18646
RESERVED
CVE-2019-18645 (The quarantine restoration function in Total Defense Anti-virus 11.5.2 ...)
- TODO: check
+ NOT-FOR-US: Total Defense Anti-virus
CVE-2019-18644 (The malware scan function in Total Defense Anti-virus 11.5.2.28 is vul ...)
- TODO: check
+ NOT-FOR-US: Total Defense Anti-virus
CVE-2019-18643
RESERVED
CVE-2019-18642
@@ -27,13 +27,13 @@ CVE-2019-18637
CVE-2019-18636
RESERVED
CVE-2019-18635 (An issue was discovered in Mooltipass Moolticute through v0.42.1 and v ...)
- TODO: check
+ NOT-FOR-US: Mooltipass Moolticute
CVE-2019-18634
RESERVED
CVE-2019-18633 (European Commission eIDAS-Node Integration Package before 2.3.1 has Mi ...)
- TODO: check
+ NOT-FOR-US: European Commission eIDAS-Node Integration Package
CVE-2019-18632 (European Commission eIDAS-Node Integration Package before 2.3.1 allows ...)
- TODO: check
+ NOT-FOR-US: European Commission eIDAS-Node Integration Package
CVE-2019-18631
RESERVED
CVE-2019-18630
@@ -1187,13 +1187,13 @@ CVE-2019-18209 (templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the brows
CVE-2019-18208
RESERVED
CVE-2019-18207 (In Zucchetti InfoBusiness before and including 4.4.1, an authenticated ...)
- TODO: check
+ NOT-FOR-US: Zucchetti InfoBusiness
CVE-2019-18206 (A cross-site request forgery (CSRF) vulnerability in Zucchetti InfoBus ...)
- TODO: check
+ NOT-FOR-US: Zucchetti InfoBusiness
CVE-2019-18205 (Multiple Reflected Cross-site Scripting (XSS) vulnerabilities exist in ...)
- TODO: check
+ NOT-FOR-US: Zucchetti InfoBusiness
CVE-2019-18204 (Zucchetti InfoBusiness before and including 4.4.1 allows any authentic ...)
- TODO: check
+ NOT-FOR-US: Zucchetti InfoBusiness
CVE-2019-18203 (On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabili ...)
NOT-FOR-US: Ricoh
CVE-2019-18202 (Information Disclosure is possible on WAGO Series PFC100 and PFC200 de ...)
@@ -3565,7 +3565,7 @@ CVE-2019-17553 (An issue was discovered in MetInfo v7.0.0 beta. There is SQL Inj
CVE-2019-17552 (An issue was discovered in idreamsoft iCMS v7.0.14. There is a spider_ ...)
NOT-FOR-US: idreamsoft iCMS
CVE-2019-17551 (Apak Wholesale Floorplanning Finance 6.31.8.3 and 6.31.8.5 allows XSS ...)
- TODO: check
+ NOT-FOR-US: Apak Wholesale Floorplanning Finance
CVE-2019-17550
RESERVED
CVE-2019-17549
@@ -4273,17 +4273,17 @@ CVE-2019-17328
CVE-2019-17327
RESERVED
CVE-2019-17326 (ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker ...)
- TODO: check
+ NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17325 (ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker ...)
- TODO: check
+ NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17324 (ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traver ...)
- TODO: check
+ NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17323 (ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file c ...)
- TODO: check
+ NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17322 (ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file c ...)
- TODO: check
+ NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17321 (ClipSoft REXPERT 1.0.0.527 and earlier version have an information dis ...)
- TODO: check
+ NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17320 (NetSarang XFTP Client 6.0149 and earlier version contains a buffer ove ...)
NOT-FOR-US: NetSarang XFTP Client
CVE-2019-17319 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...)
@@ -23916,7 +23916,7 @@ CVE-2019-10764
CVE-2019-10763
RESERVED
CVE-2019-10762 (columnQuote in medoo before 1.7.5 allows remote attackers to perform a ...)
- TODO: check
+ NOT-FOR-US: medoo
CVE-2019-10761
RESERVED
CVE-2019-10760 (safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A ...)
@@ -55644,11 +55644,11 @@ CVE-2018-18933 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in Foxit
CVE-2018-18932
RESERVED
CVE-2018-18931 (An issue was discovered in the Tightrope Media Carousel digital signag ...)
- TODO: check
+ NOT-FOR-US: Tightrope Media Carousel
CVE-2018-18930 (The Tightrope Media Carousel digital signage product 7.0.4.104 contain ...)
- TODO: check
+ NOT-FOR-US: Tightrope Media Carousel
CVE-2018-18929 (The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4. ...)
- TODO: check
+ NOT-FOR-US: Tightrope Media Carousel
CVE-2018-18928 (International Components for Unicode (ICU) for C/C++ 63.1 has an integ ...)
- icu 63.1-3
[stretch] - icu <not-affected> (Vulnerable code not present)
@@ -56247,7 +56247,7 @@ CVE-2018-18680
CVE-2018-18679
RESERVED
CVE-2018-18678 (GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to injec ...)
- TODO: check
+ NOT-FOR-US: GNU Board
CVE-2018-18677
RESERVED
CVE-2018-18676 (GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbit ...)
@@ -62401,7 +62401,7 @@ CVE-2018-16418 (A buffer overflow when handling string concatenation in util_acl
NOTE: https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-628c8445c4e7ae92bbc4be08ba11a4c3
NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/
CVE-2018-16417 (Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, ...)
- TODO: check
+ NOT-FOR-US: Aruba Instant
CVE-2018-16416 (Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inl ...)
NOT-FOR-US: FUEL CMS
CVE-2018-16415
@@ -257328,7 +257328,7 @@ CVE-2013-1393 (Cross-site scripting (XSS) vulnerability in the CurvyCorners modu
CVE-2013-1392
RESERVED
CVE-2013-1391 (Authentication bypass vulnerability in the the web interface in Hunt C ...)
- TODO: check
+ NOT-FOR-US: DVR systems
CVE-2013-1390
RESERVED
CVE-2013-1389 (Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 11, 9. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9e2cc2cc91c4f4a8663ee059d6971b80e9df8baf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9e2cc2cc91c4f4a8663ee059d6971b80e9df8baf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191031/897c3b27/attachment.html>
More information about the debian-security-tracker-commits
mailing list