[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Wed, 06 Nov 2019 00:29:43 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7545395e by Moritz Muehlenhoff at 2019-11-06T08:28:19Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2019-18787
 CVE-2019-18785
        RESERVED
 CVE-2019-18784 (SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions 
prior to ...)
-       TODO: check
+       NOT-FOR-US: SuiteCRM
 CVE-2019-18783
        RESERVED
 CVE-2019-18782
@@ -2417,7 +2417,7 @@ CVE-2019-18683 (An issue was discovered in 
drivers/media/platform/vivid in the L
 CVE-2019-18675
        RESERVED
 CVE-2019-18674 (An issue was discovered in Joomla! before 3.9.13. A missing 
access che ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2019-18673 (On SHIFT BitBox02 devices, a side channel for the row-based 
OLED displ ...)
        NOT-FOR-US: SHIFT BitBox02 devices
 CVE-2019-18672
@@ -2465,7 +2465,7 @@ CVE-2019-18652
 CVE-2019-18651
        RESERVED
 CVE-2019-18650 (An issue was discovered in Joomla! before 3.9.13. A missing 
token chec ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2018-21030 (Jupyter Notebook before 5.5.0 does not use a CSP header to 
treat serve ...)
        - jupyter-notebook 5.7.4-1
        NOTE: https://github.com/jupyter/notebook/pull/3341
@@ -7011,9 +7011,9 @@ CVE-2019-17214 (The WebARX plugin 1.3.0 for WordPress 
allows firewall bypass by
 CVE-2019-17213 (The WebARX plugin 1.3.0 for WordPress has unauthenticated 
stored XSS v ...)
        NOT-FOR-US: WebARX plugin for WordPress
 CVE-2019-17212 (Buffer overflows were discovered in the CoAP library in Arm 
Mbed OS 5. ...)
-       TODO: check
+       NOT-FOR-US: Arm Mbed OS
 CVE-2019-17211 (An integer overflow was discovered in the CoAP library in Arm 
Mbed OS  ...)
-       TODO: check
+       NOT-FOR-US: Arm Mbed OS
 CVE-2019-17210 (A denial-of-service issue was discovered in the MQTT library 
in Arm Mb ...)
        NOT-FOR-US: Arm Mbed OS
 CVE-2019-17209
@@ -9349,7 +9349,7 @@ CVE-2019-16286
 CVE-2019-16285
        RESERVED
 CVE-2019-16284 (A potential security vulnerability has been identified in 
multiple HP  ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2019-16283
        RESERVED
 CVE-2019-16282 (In NCH Express Invoice v7.12, persistent cross site scripting 
(XSS) ex ...)
@@ -34433,19 +34433,19 @@ CVE-2019-8235 (An insecure direct object reference 
(IDOR) vulnerability exists i
 CVE-2019-8234 (Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a 
cross-site r ...)
        NOT-FOR-US: Adobe
 CVE-2019-8233 (In Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 
2.3.2-p1 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8232 (In Magento prior to 1.9.4.3, Magento prior to 1.14.4.3, Magento 
2.2 pr ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8231 (In Magento to 1.9.4.3 and Magento prior to 1.14.4.3, an 
authenticated  ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8230 (In Magentoprior to 1.9.4.3, and Magento prior to 1.14.4.3, an 
authenti ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8229 (In Magento prior to 1.9.4.3, and Magento prior to 1.14.4.3, an 
authent ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8228 (in Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an 
authenti ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8227 (In Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an 
authenti ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8226 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 
2017.0 ...)
        NOT-FOR-US: Adobe
 CVE-2019-8225 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 
2017.0 ...)
@@ -34581,111 +34581,111 @@ CVE-2019-8161 (Adobe Acrobat and Reader versions , 
2019.012.20040 and earlier, 2
 CVE-2019-8160 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 
2017.0 ...)
        NOT-FOR-US: Adobe
 CVE-2019-8159 (A remote code execution vulnerability exists in Magento 2.2 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8158 (An XPath entity injection vulnerability exists in Magento 2.2 
prior to ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8157 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8156 (A server-side request forgery (SSRF) vulnerability exists in 
Magento 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8155 (Magento prior to 1.9.4.3 and prior to 1.14.4.3 included a 
user's CSRF  ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8154 (A remote code execution vulnerability exists in Magento 2.2 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8153 (A mitigation bypass to prevent cross-site scripting (XSS) 
exists in Ma ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8152 (A stored cross-site scripting (XSS) vulnerability exists in in 
Magento ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8151 (A remote code execution vulnerability exists in Magento 2.2 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8150 (A remote code execution vulnerability exists in Magento 2.2 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8149 (Insecure authentication and session management vulnerability 
exists in ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8148 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8147 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8146 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8145 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8144 (A remote code execution vulnerability exists in Magento 2.3 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8143 (A SQL injection vulnerability exists in Magento 2.2 prior to 
2.2.10, M ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8142 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8141 (A remote code execution vulnerability exists in Magento 2.1 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8140 (An unrestricted file upload vulnerability exists in Magento 2.2 
prior  ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8139 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8138 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8137 (A remote code execution vulnerability exists in Magento 2.2 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8136 (An insecure component vulnerability exists in Magento 2.2 prior 
to 2.2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8135 (A remote code execution vulnerability exists in Magento 2.2 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8134 (A SQL injection vulnerability exists in Magento 2.2 prior to 
2.2.10, M ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8133 (A security bypass vulnerability exists in Magento 2.2 prior to 
2.2.10, ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8132 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8131 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8130 (A SQL injection vulnerability exists in Magento 2.2 prior to 
2.2.10, M ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8129 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8128 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8127 (A SQL injection vulnerability exists in Magento 2.2 prior to 
2.2.10, M ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8126 (An XML entity injection vulnerability exists in Magento 2.2 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8125 (A remote code execution vulnerability exists in Magento 1 prior 
to 1.9 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8124 (An insufficient logging and monitoring vulnerability exists in 
Magento ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8123 (An insufficient logging and monitoring vulnerability exists in 
Magento ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8122 (A remote code execution vulnerability exists in Magento 2.1 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8121 (An insecure component vulnerability exists in Magento 2.1 prior 
to 2.1 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8120 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8119 (A remote code execution vulnerability exists in Magento 2.1 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8118 (Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, 
Magento 2.3  ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8117 (A stored cross-site scripting (XSS) vulnerability exists in 
Magento 2. ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8116 (Insecure authentication and session management vulnerability 
exists in ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8115 (A reflected cross-site scripting (XSS) vulnerability exists in 
Magento ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8114 (A remote code execution vulnerability exists in Magento 1 prior 
to 1.9 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8113 (Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 
2.3.2-p1 us ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8112 (A security bypass vulnerability exists in Magento 2.2 prior to 
2.2.10, ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8111 (A remote code execution vulnerability exists in Magento 2.2 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8110 (A remote code execution vulnerability exists in Magento 2.2 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8109 (A remote code execution vulnerability exists in Magento 2.2 
prior to 2 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8108 (Insecure authentication and session management vulnerability 
exists in ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8107 (An arbitrary file deletion vulnerability exists in Magento 2.2 
prior t ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8106 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 
2019.01 ...)
        NOT-FOR-US: Adobe
 CVE-2019-8105 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 
2019.01 ...)
@@ -34713,13 +34713,13 @@ CVE-2019-8095 (Adobe Acrobat and Reader versions, 
2019.012.20035 and earlier, 20
 CVE-2019-8094 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 
2019.01 ...)
        NOT-FOR-US: Adobe
 CVE-2019-8093 (An arbitrary file access vulnerability exists in Magento 2.2 
prior to  ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8092 (A reflected cross-site scripting (XSS) vulnerability exists in 
Magento ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8091 (A remote code execution vulnerability exists in Magento 1 prior 
to 1.9 ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8090 (An arbitrary file deletion vulnerability exists in Magento 2.1 
prior t ...)
-       TODO: check
+       NOT-FOR-US: Magento
 CVE-2019-8089 (Adobe Experience Manager Forms versions 6.3-6.5 have a 
reflected cross ...)
        NOT-FOR-US: Adobe
 CVE-2019-8088 (Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a 
command ...)
@@ -39627,7 +39627,7 @@ CVE-2019-6144 (This vulnerability allows a normal 
(non-admin) user to disable th
 CVE-2019-6143 (Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x 
before 6.4 ...)
        NOT-FOR-US: Forcepoint Next Generation Firewall (Forcepoint NGFW)
 CVE-2019-6142 (It has been reported that XSS is possible in Forcepoint Email 
Security ...)
-       TODO: check
+       NOT-FOR-US: Forcepoint
 CVE-2019-6141
        RESERVED
 CVE-2019-6140 (A configuration issue has been discovered in Forcepoint Email 
Security ...)
@@ -42265,9 +42265,9 @@ CVE-2019-5091
 CVE-2019-5090
        RESERVED
 CVE-2019-5089 (An exploitable memory corruption vulnerability exists in 
Investintech  ...)
-       TODO: check
+       NOT-FOR-US: Investintech
 CVE-2019-5088 (An exploitable memory corruption vulnerability exists in 
Investintech  ...)
-       TODO: check
+       NOT-FOR-US: Investintech
 CVE-2019-5087
        RESERVED
 CVE-2019-5086



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7545395e70e43d4f9801424001f328bb951550d9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7545395e70e43d4f9801424001f328bb951550d9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to