[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Tue, 06 Aug 2019 13:20:00 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ec18a486 by Salvatore Bonaccorso at 2019-08-06T20:18:01Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,7 +27,7 @@ CVE-2019-14698
 CVE-2019-14696 (Open-School 3.0, and Community Edition 2.3, allows XSS via the 
osv/ind ...)
        TODO: check
 CVE-2019-14695 (A SQL injection vulnerability exists in the Sygnoos Popup 
Builder plug ...)
-       TODO: check
+       NOT-FOR-US: Sygnoos Popup Builder plugin for WordPress
 CVE-2019-14694
        RESERVED
 CVE-2019-14693
@@ -1107,49 +1107,49 @@ CVE-2016-10799
 CVE-2016-10798
        RESERVED
 CVE-2016-10797 (cPanel before 58.0.4 allows WHM "Purchase and Install an SSL 
Certifica ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10796 (cPanel before 58.0.4 initially uses weak permissions for 
Apache HTTP S ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10795 (cPanel before 59.9999.145 allows stored XSS in the WHM 
tail_upcp2.cgi  ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10794 (cPanel before 59.9999.145 allows arbitrary file-read 
operations becaus ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10793 (cPanel before 59.9999.145 allows arbitrary code execution due 
to an in ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10792 (cPanel before 59.9999.145 allows code execution in the context 
of othe ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10791 (cPanel before 60.0.15 does not ensure that system accounts 
lack a vali ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10790 (cPanel before 60.0.25 does not use TLS for HTTP POSTs to 
listinput.cpa ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10789 (cPanel before 60.0.25 allows code execution via the cpsrvd 403 
error r ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10788 (cPanel before 60.0.25 allows arbitrary code execution via 
Maketext in  ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10787 (The Host Access Control feature in cPanel before 60.0.25 
mishandles ac ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10786 (cPanel before 60.0.25 allows members of the nobody group to 
read Apach ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10785 (cPanel before 60.0.25 allows attackers to discover file 
contents durin ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10784 (cPanel before 60.0.25 allows self XSS in the alias upload 
interface (S ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10783 (cPanel before 60.0.25 allows self stored XSS in SSL_listkeys 
(SEC-182) ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10782 (cPanel before 60.0.25 allows self stored XSS in postgres API1 
listdbs  ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10781 (cPanel before 60.0.25 allows self XSS in the UI_confirm API 
(SEC-180). ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10780 (cPanel before 60.0.25 allows stored XSS in the ftp_sessions 
API (SEC-1 ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10779 (cPanel before 60.0.25 allows stored XSS in 
api1_listautoresponders (SE ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10778 (cPanel before 60.0.25 allows self stored XSS in the 
listftpstable API  ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10777 (cPanel before 60.0.25 allows self XSS in WHM Tweak Settings 
for autodi ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10776 (cPanel before 60.0.25 allows stored XSS during the homedir 
removal pha ...)
-       TODO: check
+       NOT-FOR-US: cPanel
 CVE-2016-10775 (cPanel before 60.0.25 allows arbitrary file-chown operations 
via reass ...)
        NOT-FOR-US: cPanel
 CVE-2016-10774 (cPanel before 60.0.25 allows self XSS in the 
tail_ea4_migration.cgi in ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec18a486122114d91596684966ec47c872c7f3ac

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec18a486122114d91596684966ec47c872c7f3ac
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to