[Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Fri Jan 17 20:25:39 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
844affc2 by Salvatore Bonaccorso at 2020-01-17T21:24:53+01:00
Process NFUs
- - - - -
8c6fb072 by Salvatore Bonaccorso at 2020-01-17T21:25:22+01:00
Merge remote-tracking branch 'origin/master'
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -732,7 +732,7 @@ CVE-2020-6864
CVE-2020-6863
RESERVED
CVE-2020-6862 (V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Informati ...)
- TODO: check
+ NOT-FOR-US: ZTE F6x2W
CVE-2020-6861
RESERVED
CVE-2020-6860 (libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hd ...)
@@ -7210,7 +7210,7 @@ CVE-2020-3942
CVE-2020-3941 (The repair operation of VMware Tools for Windows 10.x.y has a race con ...)
NOT-FOR-US: VMware Tools for Windows
CVE-2020-3940 (VMware Workspace ONE SDK and dependent mobile application updates addr ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2019-20149 (ctorName in index.js in kind-of v6.0.2 allows external user input to o ...)
- node-kind-of 6.0.3+dfsg-1 (bug #948095)
[buster] - node-kind-of <no-dsa> (Minor issue; can be fixed via point release)
@@ -7589,7 +7589,7 @@ CVE-2019-20005 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The functi
CVE-2019-20004 (An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the ...)
NOT-FOR-US: Intelbras
CVE-2019-20003 (Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored ...)
- TODO: check
+ NOT-FOR-US: Feldtech easescreen Crystal 9.0 Web-Services
CVE-2019-20002
RESERVED
CVE-2019-20001
@@ -26339,9 +26339,9 @@ CVE-2019-15857
CVE-2019-15856
RESERVED
CVE-2019-15855 (An issue was discovered in Maarch RM before 2.5. A path traversal vuln ...)
- TODO: check
+ NOT-FOR-US: Maarch RM
CVE-2019-15854 (An issue was discovered in Maarch RM before 2.5. A privilege escalatio ...)
- TODO: check
+ NOT-FOR-US: Maarch RM
CVE-2019-15853
RESERVED
CVE-2019-15852
@@ -26629,7 +26629,7 @@ CVE-2019-15744 (The Sony Xperia Xperia XZs Android device with a build fingerpri
CVE-2019-15743 (The Sony Xperia Touch Android device with a build fingerprint of Sony/ ...)
NOT-FOR-US: Sony
CVE-2019-15742 (A local privilege-escalation vulnerability exists in the Poly Plantron ...)
- TODO: check
+ NOT-FOR-US: Poly Plantronics Hub
CVE-2019-15741 (An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. An unsaf ...)
NOT-FOR-US: GitLab Omnibus
CVE-2019-15740 (An issue was discovered in GitLab Community and Enterprise Edition 7.9 ...)
@@ -41997,11 +41997,11 @@ CVE-2019-10960 (Zebra Industrial Printers All Versions, Zebra printers are shipp
CVE-2019-10959 (BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build ...)
NOT-FOR-US: BD Alaris Gateway
CVE-2019-10958 (Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-2 ...)
- TODO: check
+ NOT-FOR-US: Geutebruck IP Cameras
CVE-2019-10957 (Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-2 ...)
- TODO: check
+ NOT-FOR-US: Geutebruck IP Cameras
CVE-2019-10956 (Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-2 ...)
- TODO: check
+ NOT-FOR-US: Geutebruck IP Cameras
CVE-2019-10955 (In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versi ...)
NOT-FOR-US: Rockwell Automation
CVE-2019-10954 (An attacker could send crafted SMTP packets to cause a denial-of-servi ...)
@@ -58323,9 +58323,9 @@ CVE-2019-5133 (An exploitable out-of-bounds write vulnerability exists in the ig
CVE-2019-5132 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
NOT-FOR-US: ImageGear
CVE-2019-5131 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
- TODO: check
+ NOT-FOR-US: Foxit PDF Reader
CVE-2019-5130 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
- TODO: check
+ NOT-FOR-US: Foxit PDF Reader
CVE-2019-5129 (A command injection have been found in YouPHPTube Encoder. A successfu ...)
NOT-FOR-US: YouPHPTube Encoder
CVE-2019-5128 (A command injection have been found in YouPHPTube Encoder. A successfu ...)
@@ -58333,7 +58333,7 @@ CVE-2019-5128 (A command injection have been found in YouPHPTube Encoder. A succ
CVE-2019-5127 (A command injection have been found in YouPHPTube Encoder. A successfu ...)
NOT-FOR-US: YouPHPTube Encoder
CVE-2019-5126 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
- TODO: check
+ NOT-FOR-US: Foxit PDF Reader
CVE-2019-5125 (An exploitable heap overflow vulnerability exists in the JPEG2000 pars ...)
NOT-FOR-US: LEADTOOLS
CVE-2019-5124
@@ -60715,7 +60715,7 @@ CVE-2019-3999
CVE-2019-3998
RESERVED
CVE-2019-3997 (Authentication bypass using an alternate path or channel in SimpliSafe ...)
- TODO: check
+ NOT-FOR-US: SimpliSafe SS3 firmware
CVE-2019-3996 (ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy ...)
NOT-FOR-US: Electronic Logbook (ELOG)
CVE-2019-3995 (ELOG 3.1.4-57bea22 and below is affected by a denial of service vulner ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4f48ac8a87f758ae77e91ea9be6d1789662366d7...8c6fb072e04028d2a9b8290349cf748a93e6f9f0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4f48ac8a87f758ae77e91ea9be6d1789662366d7...8c6fb072e04028d2a9b8290349cf748a93e6f9f0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200117/8aa48bba/attachment.html>
More information about the debian-security-tracker-commits
mailing list