[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Sep 20 21:14:16 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
02ffb8f7 by Salvatore Bonaccorso at 2019-09-20T20:13:48Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -215,91 +215,91 @@ CVE-2019-16539
 CVE-2019-16538
 	RESERVED
 CVE-2016-11013 (The wp-listings plugin before 2.0.2 for WordPress has includes/views/s ...)
-	TODO: check
+	NOT-FOR-US: wp-listings plugin for WordPress
 CVE-2016-11012 (The sola-support-tickets plugin before 3.13 for WordPress has incorrec ...)
-	TODO: check
+	NOT-FOR-US: sola-support-tickets plugin for WordPress
 CVE-2016-11011 (The wp-invoice plugin before 4.1.1 for WordPress has wpi_update_user_o ...)
-	TODO: check
+	NOT-FOR-US: wp-invoice plugin for WordPress
 CVE-2016-11010 (The wp-invoice plugin before 4.1.1 for WordPress has incorrect access  ...)
-	TODO: check
+	NOT-FOR-US: wp-invoice plugin for WordPress
 CVE-2016-11009 (The wp-invoice plugin before 4.1.1 for WordPress has incorrect access  ...)
-	TODO: check
+	NOT-FOR-US: wp-invoice plugin for WordPress
 CVE-2016-11008 (The wp-invoice plugin before 4.1.1 for WordPress has incorrect access  ...)
-	TODO: check
+	NOT-FOR-US: wp-invoice plugin for WordPress
 CVE-2016-11007 (The wp-invoice plugin before 4.1.1 for WordPress has incorrect access  ...)
-	TODO: check
+	NOT-FOR-US: wp-invoice plugin for WordPress
 CVE-2016-11006 (The wp-invoice plugin before 4.1.1 for WordPress has incorrect access  ...)
-	TODO: check
+	NOT-FOR-US: wp-invoice plugin for WordPress
 CVE-2016-11005 (The instalinker plugin before 1.1.2 for WordPress has includes/instali ...)
-	TODO: check
+	NOT-FOR-US: instalinker plugin for WordPress
 CVE-2016-11004 (The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privi ...)
-	TODO: check
+	NOT-FOR-US: Elegant Themes Monarch plugin for WordPress
 CVE-2016-11003 (The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privile ...)
-	TODO: check
+	NOT-FOR-US: Elegant Themes Bloom plugin for WordPress
 CVE-2016-11002 (The Elegant Themes Extra theme before 1.2.4 for WordPress has privileg ...)
-	TODO: check
+	NOT-FOR-US: Elegant Themes Extra theme for WordPress
 CVE-2016-11001 (The user-submitted-posts plugin before 20160215 for WordPress has XSS  ...)
-	TODO: check
+	NOT-FOR-US: user-submitted-posts plugin for WordPress
 CVE-2016-11000 (The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL inje ...)
-	TODO: check
+	NOT-FOR-US: wp-ultimate-exporter plugin for WordPress
 CVE-2016-10999 (The Goodnews theme through 2016-02-28 for WordPress has XSS via the s  ...)
 	TODO: check
 CVE-2016-10998 (The ocim-mp3 plugin through 2016-03-07 for WordPress has wp-content/pl ...)
 	TODO: check
 CVE-2016-10997 (The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant a ...)
-	TODO: check
+	NOT-FOR-US: beauty-premium theme for WordPress
 CVE-2016-10996 (The optinmonster plugin before 1.1.4.6 for WordPress has incorrect acc ...)
-	TODO: check
+	NOT-FOR-US: optinmonster plugin for WordPress
 CVE-2015-9408 (The xpinner-lite plugin through 2.2 for WordPress has wp-admin/options ...)
-	TODO: check
+	NOT-FOR-US: xpinner-lite plugin for WordPress
 CVE-2015-9407 (The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php ...)
-	TODO: check
+	NOT-FOR-US: xpinner-lite plugin for WordPress
 CVE-2015-9406
 	RESERVED
 CVE-2015-9405 (The wp-piwik plugin before 1.0.5 for WordPress has XSS. ...)
-	TODO: check
+	NOT-FOR-US: wp-piwik plugin for WordPress
 CVE-2015-9404 (The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS. ...)
-	TODO: check
+	NOT-FOR-US: neuvoo-jobroll plugin for WordPress
 CVE-2015-9403 (The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS. ...)
-	TODO: check
+	NOT-FOR-US: neuvoo-jobroll plugin for WordPress
 CVE-2015-9402 (The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs ...)
-	TODO: check
+	NOT-FOR-US: users-ultra plugin for WordPress
 CVE-2015-9401 (The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/to ...)
-	TODO: check
+	NOT-FOR-US: websimon-tables plugin for WordPress
 CVE-2015-9400 (The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admi ...)
-	TODO: check
+	NOT-FOR-US: wordpress-meta-robots plugin for WordPress
 CVE-2015-9399 (The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/gr ...)
-	TODO: check
+	NOT-FOR-US: wp-stats-dashboard plugin for WordPress
 CVE-2015-9398 (The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php  ...)
-	TODO: check
+	NOT-FOR-US: gocodes plugin for WordPress
 CVE-2015-9397 (The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php  ...)
-	TODO: check
+	NOT-FOR-US: gocodes plugin for WordPress
 CVE-2015-9396 (The auto-thickbox-plus plugin through 1.9 for WordPress has wp-content ...)
-	TODO: check
+	NOT-FOR-US: auto-thickbox-plus plugin for WordPress
 CVE-2015-9395 (The users-ultra plugin before 1.5.64 for WordPress has SQL Injection v ...)
-	TODO: check
+	NOT-FOR-US: users-ultra plugin for WordPress
 CVE-2015-9394 (The users-ultra plugin before 1.5.63 for WordPress has CSRF via action ...)
-	TODO: check
+	NOT-FOR-US: users-ultra plugin for WordPress
 CVE-2015-9393 (The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_d ...)
-	TODO: check
+	NOT-FOR-US: users-ultra plugin for WordPress
 CVE-2015-9392 (The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_n ...)
-	TODO: check
+	NOT-FOR-US: users-ultra plugin for WordPress
 CVE-2015-9391 (The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 pa ...)
-	TODO: check
+	NOT-FOR-US: yawpp plugin for WordPress
 CVE-2015-9390 (The admin-management-xtended plugin before 2.4.0.1 for WordPress has p ...)
-	TODO: check
+	NOT-FOR-US: admin-management-xtended plugin for WordPress
 CVE-2015-9389 (The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via a quiz n ...)
-	TODO: check
+	NOT-FOR-US: mtouch-quiz plugin for WordPress
 CVE-2015-9388 (The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/edit.ph ...)
-	TODO: check
+	NOT-FOR-US: mtouch-quiz plugin for WordPress
 CVE-2015-9387 (The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options ...)
-	TODO: check
+	NOT-FOR-US: mtouch-quiz plugin for WordPress
 CVE-2015-9386 (The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via the quiz ...)
-	TODO: check
+	NOT-FOR-US: mtouch-quiz plugin for WordPress
 CVE-2015-9385 (The quotes-and-tips plugin before 1.20 for WordPress has XSS. ...)
-	TODO: check
+	NOT-FOR-US: quotes-and-tips plugin for WordPress
 CVE-2015-9384 (The relevant plugin before 1.0.8 for WordPress has XSS. ...)
-	TODO: check
+	NOT-FOR-US: relevant plugin for WordPress
 CVE-2014-10397
 	RESERVED
 CVE-2014-10396
@@ -34295,7 +34295,7 @@ CVE-2019-4567
 CVE-2019-4566
 	RESERVED
 CVE-2019-4565 (IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not require that ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4564
 	RESERVED
 CVE-2019-4563
@@ -34415,7 +34415,7 @@ CVE-2019-4507
 CVE-2019-4506
 	RESERVED
 CVE-2019-4505 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deploy ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4504
 	RESERVED
 CVE-2019-4503



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/02ffb8f74d514a25449f033681e61556509170fd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/02ffb8f74d514a25449f033681e61556509170fd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190920/41bbc61f/attachment.html>

More information about the debian-security-tracker-commits mailing list