[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Thu May 14 12:19:44 BST 2020



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8a95e1da by Moritz Muehlenhoff at 2020-05-14T13:19:28+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14082,9 +14082,9 @@ CVE-2020-7457
 CVE-2020-7456
 	RESERVED
 CVE-2020-7455 (In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-ST ...)
-	TODO: check
+	NOT-FOR-US: FreeBSD
 CVE-2020-7454 (In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-ST ...)
-	TODO: check
+	NOT-FOR-US: FreeBSD
 CVE-2020-7453 (In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEAS ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:08.jail.asc
@@ -30168,9 +30168,9 @@ CVE-2019-19171
 CVE-2019-19170
 	RESERVED
 CVE-2019-19169 (Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Dext5.ocx ActiveX
 CVE-2019-19168 (Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Dext5.ocx ActiveX
 CVE-2019-19167 (Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary co ...)
 	NOT-FOR-US: Tobesoft Nexacro
 CVE-2019-19166 (Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability t ...)
@@ -30178,11 +30178,11 @@ CVE-2019-19166 (Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerabi
 CVE-2019-19165 (AxECM.cab(ActiveX Control) in Inogard Ebiz4u contains a vulnerability  ...)
 	NOT-FOR-US: Inogard Ebiz4u
 CVE-2019-19164 (dext5.ocx ActiveX Control in Dext5 Upload 5.0.0.112 and earlier versio ...)
-	TODO: check
+	NOT-FOR-US: Dext5.ocx ActiveX
 CVE-2019-19163
 	RESERVED
 CVE-2019-19162 (A use-after-free vulnerability in the TOBESOFT XPLATFORM versions 9.1  ...)
-	TODO: check
+	NOT-FOR-US: TOBESOFT XPLATFORM
 CVE-2019-19161
 	RESERVED
 CVE-2019-19160
@@ -41716,7 +41716,7 @@ CVE-2019-16114 (In ATutor 2.2.4, an unauthenticated attacker can change the appl
 CVE-2019-16113 (Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-im ...)
 	NOT-FOR-US: Bludit
 CVE-2019-16112 (TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting ...)
-	TODO: check
+	NOT-FOR-US: TylerTech Eagle
 CVE-2019-16111
 	RESERVED
 CVE-2019-16110 (The network protocol of Blade Shadow though 2.13.3 allows remote attac ...)
@@ -42329,20 +42329,22 @@ CVE-2019-15882
 CVE-2019-15881
 	RESERVED
 CVE-2019-15880 (In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, ins ...)
-	TODO: check
+	NOT-FOR-US: FreeBSD
 CVE-2019-15879 (In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-ST ...)
-	TODO: check
+	NOT-FOR-US: FreeBSD
 CVE-2019-15878 (In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and ...)
-	TODO: check
+	- kfreebsd-10 <unfixed> (unimportant)
+	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:14.sctp.asc
 CVE-2019-15877 (In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-REL ...)
-	TODO: check
+	NOT-FOR-US: FreeBSD
 CVE-2019-15876 (In FreeBSD 12.1-STABLE before r356089, 12.1-RELEASE before 12.1-RELEAS ...)
-	TODO: check
+	NOT-FOR-US: FreeBSD
 CVE-2019-15875 (In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEAS ...)
 	- kfreebsd-10 <unfixed> (unimportant)
 	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:03.thrmisc.asc
 CVE-2019-15874 (In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEAS ...)
-	TODO: check
+	- kfreebsd-10 <unfixed> (unimportant)
+	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:10.ipfw.asc
 CVE-2019-15873 (The profilegrid-user-profiles-groups-and-communities plugin before 2.8 ...)
 	NOT-FOR-US: profilegrid-user-profiles-groups-and-communities plugin for WordPress
 CVE-2019-15872 (The LoginPress plugin before 1.1.4 for WordPress has SQL injection via ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a95e1da66bb2870cd6629a0f867c26701e7de8d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a95e1da66bb2870cd6629a0f867c26701e7de8d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200514/199de466/attachment.html>


More information about the debian-security-tracker-commits mailing list