[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Mon Sep 30 21:25:05 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c3fcb6c6 by Salvatore Bonaccorso at 2019-09-30T20:23:54Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
CVE-2019-17051 (Evernote before 7.13 GA on macOS allows code execution because the com ...)
- TODO: check
+ NOT-FOR-US: Evernote
CVE-2019-17050 (An issue was discovered in the Voyager package through 1.2.7 for Larav ...)
TODO: check
CVE-2019-17049 (NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in t ...)
- TODO: check
+ NOT-FOR-US: NETGEAR
CVE-2019-17048
RESERVED
CVE-2019-17047
RESERVED
CVE-2019-17046 (Ilch 2.1.22 allows remote code execution because php is listed under " ...)
- TODO: check
+ NOT-FOR-US: Ilch CMS
CVE-2019-17045 (Ilch 2.1.22 allows stored XSS via the title, text, or email id to the ...)
- TODO: check
+ NOT-FOR-US: Ilch CMS
CVE-2019-17044
RESERVED
CVE-2019-17043
@@ -107,9 +107,9 @@ CVE-2019-16999 (CloudBoot through 2019-03-08 allows SQL Injection via a crafted
CVE-2019-16998
RESERVED
CVE-2019-16997 (In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/lan ...)
- TODO: check
+ NOT-FOR-US: Metinfo
CVE-2019-16996 (In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/pro ...)
- TODO: check
+ NOT-FOR-US: Metinfo
CVE-2017-18636 (CDG through 2017-01-01 allows downloadDocument.jsp?command=download&am ...)
TODO: check
CVE-2019-16995 (In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_final ...)
@@ -6482,7 +6482,7 @@ CVE-2018-20962 (The Backpack\CRUD Backpack component before 3.4.9 for Laravel al
CVE-2019-14753 (SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buff ...)
NOT-FOR-US: SICK FX0-GPNT00000 and FX0-GENT00000 devices
CVE-2019-14752 (SuiteCRM 7.10.x and 7.11.x has XSS. ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2019-14751 (NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, a ...)
- nltk 3.4.5-1 (low; bug #935201)
[buster] - nltk <no-dsa> (Minor issue)
@@ -11296,9 +11296,9 @@ CVE-2019-13469
CVE-2019-13468
RESERVED
CVE-2019-13467 (Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk ...)
- TODO: check
+ NOT-FOR-US: Western Digital SSD Dashboard and SanDisk SSD Dashboard applications
CVE-2019-13466 (Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard ...)
- TODO: check
+ NOT-FOR-US: Western Digital SSD Dashboard and SanDisk SSD Dashboard
CVE-2019-13465
RESERVED
CVE-2019-13464 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3fcb6c6e605faf197fa363978bb7777f9f207e7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3fcb6c6e605faf197fa363978bb7777f9f207e7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190930/776eaa6b/attachment.html>
More information about the debian-security-tracker-commits
mailing list