[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Wed Sep 25 09:59:29 BST 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2376fbcc by Moritz Muehlenhoff at 2019-09-25T08:59:14Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4772,13 +4772,13 @@ CVE-2019-15092 (The webtoffee "WordPress Users & WooCommerce Customers Impor
CVE-2019-15091 (filemgr.php in Artica Integria IMS 5.0.86 allows index.php?sec=wiki&am ...)
NOT-FOR-US: Artica Integria IMS
CVE-2019-15089 (An issue was discovered in PRiSE adAS 1.7.0. Forms have no CSRF protec ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-15088 (An issue was discovered in PRiSE adAS 1.7.0. Password hashes are compa ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-15087 (An issue was discovered in PRiSE adAS 1.7.0. An authenticated user can ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-15086 (An issue was discovered in PRiSE adAS 1.7.0. The newentityID parameter ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-15085 (An issue was discovered in PRiSE adAS 1.7.0. The current database pass ...)
TODO: check
CVE-2019-15084 (Realtek Waves MaxxAudio driver 1.6.2.0, as used on Dell laptops, insta ...)
@@ -5172,9 +5172,9 @@ CVE-2019-15003
CVE-2019-15002
RESERVED
CVE-2019-15001 (The Jira Importers Plugin in Atlassian Jira Server and Data Cente from ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2019-15000 (The commit diff rest endpoint in Bitbucket Server and Data Center befo ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2019-14999 (The Uninstall REST endpoint in Atlassian Universal Plugin Manager befo ...)
NOT-FOR-US: Atlassian
CVE-2019-14998 (The Webwork action Cross-Site Request Forgery (CSRF) protection implem ...)
@@ -5186,7 +5186,7 @@ CVE-2019-14996 (The FilterPickerPopup.jspa resource in Jira before version 7.13.
CVE-2019-14995 (The /rest/api/1.0/render resource in Jira before version 8.4.0 allows ...)
NOT-FOR-US: Atlassian Jira
CVE-2019-14994 (The Customer Context Filter in Atlassian Jira Service Desk Server and ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2019-14993 (Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressi ...)
NOT-FOR-US: Istio
CVE-2019-14992
@@ -5488,17 +5488,17 @@ CVE-2019-14918
CVE-2019-14917
RESERVED
CVE-2019-14916 (An issue was discovered in PRiSE adAS 1.7.0. A file's format is not pr ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14915 (An issue was discovered in PRiSE adAS 1.7.0. Certificate data are not ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14914 (An issue was discovered in PRiSE adAS 1.7.0. The path is not properly ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14913 (An issue was discovered in PRiSE adAS 1.7.0. Log data are not properly ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14912 (An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does n ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14911 (An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does n ...)
- TODO: check
+ NOT-FOR-US: PRiSE adAS
CVE-2019-14910
RESERVED
CVE-2019-14909
@@ -5907,7 +5907,7 @@ CVE-2019-14754 (Open-School 3.0, and Community Edition 2.3, allows SQL Injection
CVE-2018-20962 (The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows X ...)
NOT-FOR-US: Backpack\CRUD Backpack
CVE-2019-14753 (SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buff ...)
- TODO: check
+ NOT-FOR-US: SICK FX0-GPNT00000 and FX0-GENT00000 devices
CVE-2019-14752
RESERVED
CVE-2019-14751 (NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, a ...)
@@ -6711,7 +6711,7 @@ CVE-2019-14459 (nfdump 1.6.17 and earlier is affected by an integer overflow in
NOTE: https://github.com/phaag/nfdump/issues/171
NOTE: https://github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b
CVE-2019-14458 (VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of ...)
- TODO: check
+ NOT-FOR-US: VIVOTEK IP Camera devices
CVE-2019-14457 (VIVOTEK IP Camera devices with firmware before 0x20x have a stack-base ...)
NOT-FOR-US: VIVOTEK IP Camera devices
CVE-2019-14456 (Opengear console server firmware releases prior to 4.5.0 have a stored ...)
@@ -7894,11 +7894,11 @@ CVE-2019-14256
CVE-2019-14255 (A Server Side Request Forgery (SSRF) vulnerability in go-camo up to ve ...)
NOT-FOR-US: go-camo
CVE-2019-14254 (An issue was discovered in the secure portal in Publisure 2.1.2. Becau ...)
- TODO: check
+ NOT-FOR-US: Publisure
CVE-2019-14253 (An issue was discovered in servletcontroller in the secure portal in P ...)
- TODO: check
+ NOT-FOR-US: Publisure
CVE-2019-14252 (An issue was discovered in the secure portal in Publisure 2.1.2. Once ...)
- TODO: check
+ NOT-FOR-US: Publisure
CVE-2019-14251
RESERVED
CVE-2019-14250 (An issue was discovered in GNU libiberty, as distributed in GNU Binuti ...)
@@ -36763,11 +36763,11 @@ CVE-2019-3742 (Dell/Alienware Digital Delivery versions prior to 3.5.2013 contai
CVE-2019-3741 (Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a ...)
NOT-FOR-US: EMC
CVE-2019-3740 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Inform ...)
- TODO: check
+ NOT-FOR-US: RSA
CVE-2019-3739 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Informati ...)
- TODO: check
+ NOT-FOR-US: RSA
CVE-2019-3738 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improp ...)
- TODO: check
+ NOT-FOR-US: RSA
CVE-2019-3737 (Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by a ...)
NOT-FOR-US: Dell EMC Avamar ADMe Web Interface
CVE-2019-3736
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2376fbccbd62c5b7e150b60032d34bb1765d7a3c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2376fbccbd62c5b7e150b60032d34bb1765d7a3c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190925/af6d8c8a/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list