[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Thu May 14 12:19:44 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8a95e1da by Moritz Muehlenhoff at 2020-05-14T13:19:28+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14082,9 +14082,9 @@ CVE-2020-7457
CVE-2020-7456
RESERVED
CVE-2020-7455 (In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-ST ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2020-7454 (In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-ST ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2020-7453 (In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEAS ...)
- kfreebsd-10 <unfixed> (unimportant)
NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:08.jail.asc
@@ -30168,9 +30168,9 @@ CVE-2019-19171
CVE-2019-19170
RESERVED
CVE-2019-19169 (Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Dext5.ocx ActiveX
CVE-2019-19168 (Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Dext5.ocx ActiveX
CVE-2019-19167 (Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary co ...)
NOT-FOR-US: Tobesoft Nexacro
CVE-2019-19166 (Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability t ...)
@@ -30178,11 +30178,11 @@ CVE-2019-19166 (Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerabi
CVE-2019-19165 (AxECM.cab(ActiveX Control) in Inogard Ebiz4u contains a vulnerability ...)
NOT-FOR-US: Inogard Ebiz4u
CVE-2019-19164 (dext5.ocx ActiveX Control in Dext5 Upload 5.0.0.112 and earlier versio ...)
- TODO: check
+ NOT-FOR-US: Dext5.ocx ActiveX
CVE-2019-19163
RESERVED
CVE-2019-19162 (A use-after-free vulnerability in the TOBESOFT XPLATFORM versions 9.1 ...)
- TODO: check
+ NOT-FOR-US: TOBESOFT XPLATFORM
CVE-2019-19161
RESERVED
CVE-2019-19160
@@ -41716,7 +41716,7 @@ CVE-2019-16114 (In ATutor 2.2.4, an unauthenticated attacker can change the appl
CVE-2019-16113 (Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-im ...)
NOT-FOR-US: Bludit
CVE-2019-16112 (TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting ...)
- TODO: check
+ NOT-FOR-US: TylerTech Eagle
CVE-2019-16111
RESERVED
CVE-2019-16110 (The network protocol of Blade Shadow though 2.13.3 allows remote attac ...)
@@ -42329,20 +42329,22 @@ CVE-2019-15882
CVE-2019-15881
RESERVED
CVE-2019-15880 (In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, ins ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2019-15879 (In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-ST ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2019-15878 (In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and ...)
- TODO: check
+ - kfreebsd-10 <unfixed> (unimportant)
+ NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:14.sctp.asc
CVE-2019-15877 (In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-REL ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2019-15876 (In FreeBSD 12.1-STABLE before r356089, 12.1-RELEASE before 12.1-RELEAS ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2019-15875 (In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEAS ...)
- kfreebsd-10 <unfixed> (unimportant)
NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:03.thrmisc.asc
CVE-2019-15874 (In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEAS ...)
- TODO: check
+ - kfreebsd-10 <unfixed> (unimportant)
+ NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:10.ipfw.asc
CVE-2019-15873 (The profilegrid-user-profiles-groups-and-communities plugin before 2.8 ...)
NOT-FOR-US: profilegrid-user-profiles-groups-and-communities plugin for WordPress
CVE-2019-15872 (The LoginPress plugin before 1.1.4 for WordPress has SQL injection via ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a95e1da66bb2870cd6629a0f867c26701e7de8d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a95e1da66bb2870cd6629a0f867c26701e7de8d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200514/199de466/attachment.html>
More information about the debian-security-tracker-commits
mailing list