[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Jan 8 20:24:27 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0dc7f5de by Salvatore Bonaccorso at 2020-01-08T21:24:01+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2020-6583 (BigProf Online Invoicing System (OIS) through 2.6 has XSS that can be ...)
- TODO: check
+ NOT-FOR-US: BigProf Online Invoicing System (OIS)
CVE-2020-6582
RESERVED
CVE-2020-6581
@@ -815,15 +815,15 @@ CVE-2020-6177
CVE-2019-20367 (nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a com ...)
TODO: check
CVE-2019-20366 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via isTr ...)
- TODO: check
+ NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20365 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via sear ...)
- TODO: check
+ NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20364 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via cach ...)
- TODO: check
+ NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20363 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via alia ...)
- TODO: check
+ NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20362 (In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3 ...)
- TODO: check
+ NOT-FOR-US: Teradici
CVE-2020-6176
RESERVED
CVE-2020-6175
@@ -2169,9 +2169,9 @@ CVE-2020-5513 (Gila CMS 1.11.8 allows /cm/delete?t=../ Directory Traversal. ...)
CVE-2020-5512 (Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal. ...)
NOT-FOR-US: Gila CMS
CVE-2020-5511 (PHPGurukul Small CRM v2.0 was found vulnerable to authentication bypas ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Small CRM
CVE-2020-5510 (PHPGurukul Hostel Management System v2.0 allows SQL injection via the ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Hostel Management System
CVE-2020-5509
RESERVED
CVE-2020-5508
@@ -3126,7 +3126,7 @@ CVE-2020-5185
CVE-2020-5184
RESERVED
CVE-2020-5183 (FTPGetter Professional 5.97.0.223 is vulnerable to a memory corruption ...)
- TODO: check
+ NOT-FOR-US: FTPGetter Professional
CVE-2020-5182
RESERVED
CVE-2020-5181
@@ -11357,7 +11357,7 @@ CVE-2019-19546 (Norton Password Manager, prior to 6.6.2.5, may be susceptible to
CVE-2019-19545 (Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cro ...)
NOT-FOR-US: Norton Password Manager
CVE-2019-19544 (CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to ...)
- TODO: check
+ NOT-FOR-US: CA Automic Dollar Universe
CVE-2019-19542 (The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS ...)
NOT-FOR-US: ListingPro theme for WordPress
CVE-2019-19541 (The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS ...)
@@ -11440,7 +11440,7 @@ CVE-2019-19520 (xlock in OpenBSD 6.6 allows local users to gain the privileges o
CVE-2019-19519 (In OpenBSD 6.6, local users can use the su -L option to achieve any lo ...)
NOT-FOR-US: OpenBSD
CVE-2019-19518 (CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, relat ...)
- TODO: check
+ NOT-FOR-US: CA Automic Sysload
CVE-2020-1964
RESERVED
CVE-2020-1963
@@ -11646,7 +11646,7 @@ CVE-2019-19497 (MDaemon Email Server 17.5.1 allows XSS via the filename of an at
CVE-2019-19496 (Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTM ...)
NOT-FOR-US: Alfresco
CVE-2019-19495 (The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: Technicolor
CVE-2019-19494
RESERVED
CVE-2019-19493 (Kentico before 12.0.50 allows file uploads in which the Content-Type h ...)
@@ -21294,7 +21294,7 @@ CVE-2019-17078
CVE-2019-17077
RESERVED
CVE-2019-17076 (An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1. Deser ...)
- TODO: check
+ NOT-FOR-US: Jamf Pro
CVE-2019-17075 (An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cx ...)
- linux 5.3.7-1
[jessie] - linux <ignored> (Not a problem in practice)
@@ -56860,7 +56860,7 @@ CVE-2019-5084 (An exploitable heap out-of-bounds write vulnerability exists in t
CVE-2019-5083 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
NOT-FOR-US: Accusoft ImageGear
CVE-2019-5082 (An exploitable heap buffer overflow vulnerability exists in the iochec ...)
- TODO: check
+ NOT-FOR-US: WAGO Firmware
CVE-2019-5081 (An exploitable heap buffer overflow vulnerability exists in the iochec ...)
NOT-FOR-US: WAGO
CVE-2019-5080 (An exploitable denial-of-service vulnerability exists in the iocheckd ...)
@@ -186161,19 +186161,19 @@ CVE-2016-6593 (A code-execution vulnerability exists during startup in jhi.dll a
CVE-2016-6592
RESERVED
CVE-2016-6591 (A security bypass vulnerability exists in Symantec Norton App Lock 1.0 ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6590 (A privilege escalation vulnerability exists when loading DLLs during b ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6589 (A Denial of Service vulnerability exists in the ITMS workflow process ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6588 (A Cross-Site Scripting (XSS) vulnerability exists in the ITMS workflow ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6587 (An Information Disclosure vulnerability exists in the mid.dat file sto ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6586 (A security bypass vulnerability exists in Symantec Norton Mobile Secur ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6585 (A Denial of Service vulnerability exists in Symantec Norton Mobile Sec ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-6584
RESERVED
CVE-2016-6583
@@ -244118,7 +244118,7 @@ CVE-2014-5289 (Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to
CVE-2014-5288
RESERVED
CVE-2014-5287 (A Bash script injection vulnerability exists in Kemp Load Master 7.1-1 ...)
- TODO: check
+ NOT-FOR-US: Kemp Load Master
CVE-2014-5286 (The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveM ...)
NOT-FOR-US: TIBCO
CVE-2014-5285 (Unspecified vulnerability in the Authentication Module in TIBCO Spotfi ...)
@@ -254953,7 +254953,7 @@ CVE-2014-1456 (Cross-site scripting (XSS) vulnerability in the login page in Ope
CVE-2014-1455 (SQL injection vulnerability in the password reset functionality in Pea ...)
NOT-FOR-US: Pearson eSIS Enterprise Student Information System
CVE-2014-1454 (Pearson eSIS (Enterprise Student Information System) message board has ...)
- TODO: check
+ NOT-FOR-US: Pearson eSIS (Enterprise Student Information System) message board
CVE-2014-1453 (The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not acquir ...)
{DSA-2952-1}
- kfreebsd-8 <removed>
@@ -255119,7 +255119,7 @@ CVE-2014-1447 (Race condition in the virNetServerClientStartKeepAlive function i
NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=066c8ef6c18bc1faf8b3e10787b39796a7a06cc0
NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=173c2914734eb5c32df6d35a82bf503e12261bcf
CVE-2014-1409 (MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5. ...)
- TODO: check
+ NOT-FOR-US: MobileIron VSP
CVE-2014-1404
RESERVED
CVE-2014-1403 (Cross-site scripting (XSS) vulnerability in name.html in easyXDM befor ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0dc7f5deadb1506f0102271661908f0cb58d3f72
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0dc7f5deadb1506f0102271661908f0cb58d3f72
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200108/1bbf9ffc/attachment.html>
More information about the debian-security-tracker-commits
mailing list