[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 18 12:29:17 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0ea3b552 by Salvatore Bonaccorso at 2020-01-18T13:28:41+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2020-7224
CVE-2020-7223
RESERVED
CVE-2020-7222 (An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06- ...)
- TODO: check
+ NOT-FOR-US: Amcrest Web Server
CVE-2020-7221
RESERVED
CVE-2020-7220
@@ -246,7 +246,7 @@ CVE-2020-7105 (async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allo
- hiredis <unfixed>
NOTE: https://github.com/redis/hiredis/issues/747
CVE-2020-7104 (The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via th ...)
- TODO: check
+ NOT-FOR-US: chained-quiz plugin for WordPress
CVE-2019-20380
RESERVED
CVE-2020-7103
@@ -2686,7 +2686,7 @@ CVE-2020-5957
CVE-2019-20358
RESERVED
CVE-2019-20357 (A Persistent Arbitrary Code Execution vulnerability exists in the Tren ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2020-5956
RESERVED
CVE-2020-5955
@@ -11419,9 +11419,9 @@ CVE-2019-19699
CVE-2019-19698 (marc-q libwav through 2017-04-20 has a NULL pointer dereference in wav ...)
NOT-FOR-US: libwav
CVE-2019-19697 (An arbitrary code execution vulnerability exists in the Trend Micro Se ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2019-19696 (A RootCA vulnerability found in Trend Micro Password Manager for Windo ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2019-19695 (A privilege escalation vulnerability in Trend Micro Antivirus for Mac ...)
NOT-FOR-US: Trend Micro
CVE-2019-19694
@@ -27119,7 +27119,7 @@ CVE-2019-15627 (Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Ag
CVE-2019-15626 (The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), ...)
NOT-FOR-US: Deep Security Manager application (Trend Micro)
CVE-2019-15625 (A memory usage vulnerability exists in Trend Micro Password Manager 3. ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2019-15624
RESERVED
CVE-2019-15623
@@ -58341,7 +58341,7 @@ CVE-2019-5147
CVE-2019-5146
RESERVED
CVE-2019-5145 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
- TODO: check
+ NOT-FOR-US: Foxit PDF Reader
CVE-2019-5144 (An exploitable heap underflow vulnerability exists in the derive_taps_ ...)
NOT-FOR-US: Kakadu Software SDK
CVE-2019-5143
@@ -170543,7 +170543,7 @@ CVE-2017-3213 (The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not v
CVE-2017-3212 (The Space Coast Credit Union Mobile app 2.2 for iOS and 2.1.0.1104 for ...)
NOT-FOR-US: Space Coast Credit Union Mobile app
CVE-2017-3211 (Yopify, an e-commerce notification plugin, up to April 06, 2017, leaks ...)
- TODO: check
+ NOT-FOR-US: Yopify (e-commerce notification plugin)
CVE-2017-3210 (Applications developed using the Portrait Display SDK, versions 2.30 t ...)
NOT-FOR-US: Portrait Display SDK
CVE-2017-3209 (The DBPOWER U818A WIFI quadcopter drone provides FTP access over its o ...)
@@ -211567,7 +211567,7 @@ CVE-2015-7876 (The escapeLike function in sqlsrv/database.inc in the Drupal 7 dr
CVE-2015-7875 (ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal do ...)
NOT-FOR-US: Ctools module for Drupal
CVE-2015-7874 (Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and ear ...)
- TODO: check
+ NOT-FOR-US: KiTTY Portable
CVE-2015-7873 (The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 ...)
{DSA-3382-1}
- phpmyadmin 4:4.5.1-1 (low)
@@ -212620,7 +212620,7 @@ CVE-2015-7557 (The _rsvg_node_poly_build_path function in rsvg-shapes.c in librs
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=738050 (not public accessible)
NOTE: https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df (2.40.7)
CVE-2015-7556 (DeleGate 9.9.13 allows local users to gain privileges as demonstrated ...)
- TODO: check
+ NOT-FOR-US: DeleGate
CVE-2015-7555 (Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allow ...)
{DLA-389-1}
- giflib 5.1.2-0.1 (bug #808704)
@@ -218141,7 +218141,7 @@ CVE-2015-5468 (Directory traversal vulnerability in the WP e-Commerce Shop Styli
CVE-2015-5467
RESERVED
CVE-2015-5466 (Silicon Integrated Systems XGI WindowsXP Display Manager (aka XGI VGA ...)
- TODO: check
+ NOT-FOR-US: Silicon Integrated Systems XGI WindowsXP Display Manager
CVE-2015-5465 (Silicon Integrated Systems WindowsXP Display Manager (aka VGA Driver M ...)
NOT-FOR-US: Silicon Integrated Systems
CVE-2015-5464 (The Gemalto SafeNet Luna HSM allows remote authenticated users to bypa ...)
@@ -246464,7 +246464,7 @@ CVE-2014-5011 (DOMPDF before 0.6.2 allows Information Disclosure. ...)
CVE-2014-5010
RESERVED
CVE-2014-5007 (Directory traversal vulnerability in the agentLogUploader servlet in Z ...)
- TODO: check
+ NOT-FOR-US: ZOHO ManageEngine
CVE-2014-5006 (Directory traversal vulnerability in ZOHO ManageEngine Desktop Central ...)
NOT-FOR-US: ZOHO ManageEngine
CVE-2014-5005 (Directory traversal vulnerability in ZOHO ManageEngine Desktop Central ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0ea3b552f7192aab200aac24c6ee0f4806e6e4b2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0ea3b552f7192aab200aac24c6ee0f4806e6e4b2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200118/5e28997d/attachment.html>
More information about the debian-security-tracker-commits
mailing list