[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Sep 3 21:29:57 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
013021bd by Salvatore Bonaccorso at 2019-09-03T20:29:26Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2019-15889 (The download-manager plugin before 2.9.94 for WordPress has XSS via th ...)
-	TODO: check
+	NOT-FOR-US: download-manager plugin for WordPress
 CVE-2019-15888
 	RESERVED
 CVE-2019-15887
@@ -31,27 +31,27 @@ CVE-2019-15875
 CVE-2019-15874
 	RESERVED
 CVE-2019-15873 (The profilegrid-user-profiles-groups-and-communities plugin before 2.8 ...)
-	TODO: check
+	NOT-FOR-US: profilegrid-user-profiles-groups-and-communities plugin for WordPress
 CVE-2019-15872 (The LoginPress plugin before 1.1.4 for WordPress has SQL injection via ...)
-	TODO: check
+	NOT-FOR-US: LoginPress plugin for WordPress
 CVE-2019-15871 (The LoginPress plugin before 1.1.4 for WordPress has no capability che ...)
-	TODO: check
+	NOT-FOR-US: LoginPress plugin for WordPress
 CVE-2019-15870 (The CarSpot theme before 2.1.7 for WordPress has stored XSS via the Ph ...)
-	TODO: check
+	NOT-FOR-US: CarSpot theme for WordPress
 CVE-2019-15869 (The JobCareer theme before 2.5.1 for WordPress has stored XSS. ...)
-	TODO: check
+	NOT-FOR-US: JobCareer theme for WordPress
 CVE-2019-15868 (The affiliates-manager plugin before 2.6.6 for WordPress has CSRF. ...)
-	TODO: check
+	NOT-FOR-US: affiliates-manager plugin for WordPress
 CVE-2019-15867 (The slick-popup plugin before 1.7.2 for WordPress has a hardcoded Omak ...)
-	TODO: check
+	NOT-FOR-US: slick-popup plugin for WordPress
 CVE-2019-15866 (The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file ...)
-	TODO: check
+	NOT-FOR-US: crelly-slider plugin for WordPress
 CVE-2019-15865 (The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has CSRF. ...)
-	TODO: check
+	NOT-FOR-US: breadcrumbs-by-menu plugin for WordPress
 CVE-2019-15864 (The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has XSS. ...)
-	TODO: check
+	NOT-FOR-US: breadcrumbs-by-menu plugin for WordPress
 CVE-2019-15863 (The ConvertPlus plugin before 3.4.5 for WordPress has an unintended ac ...)
-	TODO: check
+	NOT-FOR-US: ConvertPlus plugin for WordPress
 CVE-2019-XXXX [VSV00003 DoS]
 	- varnish <unfixed> (bug #939333)
 	[stretch] - varnish <not-affected> (Only a security issue in 6.0 and later)
@@ -33781,13 +33781,13 @@ CVE-2019-3756
 CVE-2019-3755
 	RESERVED
 CVE-2019-3754 (Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116,  ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2019-3753 (Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K runn ...)
 	NOT-FOR-US: EMC
 CVE-2019-3752
 	RESERVED
 CVE-2019-3751 (Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0 ...)
-	TODO: check
+	NOT-FOR-US: EMC
 CVE-2019-3750
 	RESERVED
 CVE-2019-3749



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/013021bdb4097de9f4ddf1cdfc061dbad110a257

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/013021bdb4097de9f4ddf1cdfc061dbad110a257
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190903/383c0920/attachment.html>


More information about the debian-security-tracker-commits mailing list