[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Sep 16 21:13:12 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
deea5fcb by Salvatore Bonaccorso at 2019-09-16T20:12:43Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -204,43 +204,43 @@ CVE-2019-16278
 CVE-2019-16277 (PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cstdlib/ ...)
 	TODO: check
 CVE-2017-18634 (The newspaper theme before 6.7.2 for WordPress has script injection vi ...)
-	TODO: check
+	NOT-FOR-US: newspaper theme for WordPress
 CVE-2016-10973 (The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin ...)
-	TODO: check
+	NOT-FOR-US: Brafton plugin for WordPress
 CVE-2016-10972 (The newspaper theme before 6.7.2 for WordPress has a lack of options a ...)
-	TODO: check
+	NOT-FOR-US: newspaper theme for WordPress
 CVE-2016-10971 (The MemberSonic Lite plugin before 1.302 for WordPress has incorrect l ...)
-	TODO: check
+	NOT-FOR-US: MemberSonic Lite plugin for WordPress
 CVE-2016-10970 (The supportflow plugin before 0.7 for WordPress has XSS via a ticket e ...)
-	TODO: check
+	NOT-FOR-US: supportflow plugin for WordPress
 CVE-2016-10969 (The supportflow plugin before 0.7 for WordPress has XSS via a discussi ...)
-	TODO: check
+	NOT-FOR-US: supportflow plugin for WordPress
 CVE-2016-10968 (The peepso-core plugin before 1.6.1 for WordPress has PeepSoProfilePre ...)
-	TODO: check
+	NOT-FOR-US: peepso-core plugin for WordPress
 CVE-2016-10967 (The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-c ...)
-	TODO: check
+	NOT-FOR-US: real3d-flipbook-lite plugin for WordPress
 CVE-2016-10966 (The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ dir ...)
-	TODO: check
+	NOT-FOR-US: real3d-flipbook-lite plugin for WordPress
 CVE-2016-10965 (The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ d ...)
-	TODO: check
+	NOT-FOR-US: real3d-flipbook-lite plugin for WordPress
 CVE-2016-10964 (The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent ...)
-	TODO: check
+	NOT-FOR-US: dwnldr plugin for WordPress
 CVE-2016-10963 (The icegram plugin before 1.9.19 for WordPress has XSS. ...)
-	TODO: check
+	NOT-FOR-US: icegram plugin for WordPress
 CVE-2016-10962 (The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-adm ...)
-	TODO: check
+	NOT-FOR-US: icegram plugin for WordPress
 CVE-2016-10961 (The colorway theme before 3.4.2 for WordPress has XSS via the contactN ...)
-	TODO: check
+	NOT-FOR-US: colorway theme for WordPress
 CVE-2016-10960 (The wsecure plugin before 2.4 for WordPress has remote code execution  ...)
-	TODO: check
+	NOT-FOR-US: wsecure plugin for WordPress
 CVE-2016-10959 (The estatik plugin before 2.3.1 for WordPress has authenticated arbitr ...)
-	TODO: check
+	NOT-FOR-US: estatik plugin for WordPress
 CVE-2016-10958 (The estatik plugin before 2.3.0 for WordPress has unauthenticated arbi ...)
-	TODO: check
+	NOT-FOR-US: estatik plugin for WordPress
 CVE-2016-10957 (The Akal theme through 2016-08-22 for WordPress has XSS via the framew ...)
 	TODO: check
 CVE-2016-10956 (The mail-masta plugin 1.0 for WordPress has local file inclusion in co ...)
-	TODO: check
+	NOT-FOR-US: mail-masta plugin for WordPress
 CVE-2010-5333 (The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x be ...)
 	NOT-FOR-US: Integard
 CVE-2019-16319 (In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector ...)
@@ -34370,7 +34370,7 @@ CVE-2019-4149 (IBM Business Automation Workflow V18.0.0.0 through V18.0.0.2 and
 CVE-2019-4148 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vu ...)
 	NOT-FOR-US: IBM
 CVE-2019-4147 (IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4146 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could ...)
 	NOT-FOR-US: IBM
 CVE-2019-4145 (IBM Security Access Manager 9.0.1 through 9.0.6 could reveal highly se ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/deea5fcbfde0bff2042b82b5b97a6509979d023e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/deea5fcbfde0bff2042b82b5b97a6509979d023e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190916/4c09ee64/attachment.html>

More information about the debian-security-tracker-commits mailing list