Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a0fb4ffa by Salvatore Bonaccorso at 2019-08-12T20:24:43Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -9,15 +9,15 @@ CVE-2019-14971 CVE-2019-14970 RESERVED CVE-2019-14969 (Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\N ...) - TODO: check + NOT-FOR-US: Netwrix Auditor CVE-2019-14968 (An issue was discovered in imcat 4.9. There is SQL Injection via the i ...) TODO: check CVE-2019-14967 (An issue was discovered in Frappe Framework 10, 11 before 11.1.46, and ...) - TODO: check + NOT-FOR-US: Frappe Framework CVE-2019-14966 (An issue was discovered in Frappe Framework 10 through 12 before 12.0. ...) - TODO: check + NOT-FOR-US: Frappe Framework CVE-2019-14965 (An issue was discovered in Frappe Framework 10 through 12 before 12.0. ...) - TODO: check + NOT-FOR-US: Frappe Framework CVE-2019-14964 RESERVED CVE-2019-14963 @@ -45,19 +45,19 @@ CVE-2019-14953 CVE-2019-14952 RESERVED CVE-2019-14951 (The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Le ...) - TODO: check + NOT-FOR-US: Telenav Scout GPS Link app CVE-2019-14950 (The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS vi ...) - TODO: check + NOT-FOR-US: wp-live-chat-support plugin for WordPress CVE-2019-14949 (The wp-database-backup plugin before 5.1.2 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: wp-database-backup plugin for WordPress CVE-2019-14948 (The woocommerce-product-addon plugin before 18.4 for WordPress has XSS ...) - TODO: check + NOT-FOR-US: woocommerce-product-addon plugin for WordPress CVE-2019-14947 (The ultimate-member plugin before 2.0.52 for WordPress has XSS during ...) - TODO: check + NOT-FOR-US: ultimate-member plugin for WordPress CVE-2019-14946 (The ultimate-member plugin before 2.0.52 for WordPress has XSS related ...) - TODO: check + NOT-FOR-US: ultimate-member plugin for WordPress CVE-2019-14945 (The ultimate-member plugin before 2.0.54 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: ultimate-member plugin for WordPress CVE-2019-14944 RESERVED CVE-2019-14943 @@ -67,7 +67,7 @@ CVE-2019-14942 CVE-2019-14941 RESERVED CVE-2019-14940 (In Storage Performance Development Kit (SPDK) before 19.07, a user of ...) - TODO: check + NOT-FOR-US: Storage Performance Development Kit CVE-2019-14939 (An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for N ...) TODO: check CVE-2019-14938 @@ -77,41 +77,41 @@ CVE-2019-14937 CVE-2019-14936 RESERVED CVE-2019-14935 (3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA% ...) - TODO: check + NOT-FOR-US: 3CX Phone 15 on Windows CVE-2019-14934 (An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_ki ...) TODO: check CVE-2019-14933 (Bagisto 0.1.5 allows CSRF under /admin URIs. ...) TODO: check CVE-2019-14932 (The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 ...) - TODO: check + NOT-FOR-US: Recruitment module in Humanica Humatrix CVE-2018-20966 (The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in t ...) - TODO: check + NOT-FOR-US: woocommerce-jetpack plugin for WordPress CVE-2018-20965 (The ultimate-member plugin before 2.0.4 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: ultimate-member plugin for WordPress CVE-2018-20964 RESERVED CVE-2018-20963 RESERVED CVE-2017-18508 (The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: wp-live-chat-support plugin for WordPress CVE-2017-18507 RESERVED CVE-2017-18506 (The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for Wo ...) - TODO: check + NOT-FOR-US: woocommerce-pdf-invoices-packing-slips plugin for WordPress CVE-2017-18505 (The twitter-plugin plugin before 2.55 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: twitter-plugin plugin for WordPress CVE-2017-18504 (The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF. ...) - TODO: check + NOT-FOR-US: twitter-cards-meta plugin for WordPress CVE-2017-18503 (The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: twitter-cards-meta plugin for WordPress CVE-2017-18502 (The subscriber plugin before 1.3.5 for WordPress has multiple XSS issu ...) - TODO: check + NOT-FOR-US: subscriber plugin for WordPress CVE-2017-18501 (The social-login-bws plugin before 0.2 for WordPress has multiple XSS ...) - TODO: check + NOT-FOR-US: social-login-bws plugin for WordPress CVE-2017-18500 (The social-buttons-pack plugin before 1.1.1 for WordPress has multiple ...) - TODO: check + NOT-FOR-US: social-buttons-pack plugin for WordPress CVE-2017-18499 (The simple-membership plugin before 3.5.7 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: simple-membership plugin for WordPress CVE-2017-18498 RESERVED CVE-2017-18497 @@ -137,21 +137,21 @@ CVE-2017-18488 CVE-2017-18487 RESERVED CVE-2016-10879 (The wp-live-chat-support plugin before 6.2.02 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: wp-live-chat-support plugin for WordPress CVE-2016-10878 (The wp-google-map-plugin plugin before 3.1.2 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: wp-google-map-plugin plugin for WordPress CVE-2016-10877 (The wp-editor plugin before 1.2.6.3 for WordPress has multiple XSS iss ...) - TODO: check + NOT-FOR-US: wp-editor plugin for WordPress CVE-2016-10876 (The wp-database-backup plugin before 4.3.1 for WordPress has CSRF. ...) - TODO: check + NOT-FOR-US: wp-database-backup plugin for WordPress CVE-2016-10875 (The wp-database-backup plugin before 4.3.1 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: wp-database-backup plugin for WordPress CVE-2016-10874 (The wp-database-backup plugin before 4.3.3 for WordPress has CSRF. ...) - TODO: check + NOT-FOR-US: wp-database-backup plugin for WordPress CVE-2016-10873 (The wp-database-backup plugin before 4.3.3 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: wp-database-backup plugin for WordPress CVE-2016-10872 (The ultimate-member plugin before 1.3.40 for WordPress has XSS on the ...) - TODO: check + NOT-FOR-US: ultimate-member plugin for WordPress CVE-2016-10871 RESERVED CVE-2016-10870 @@ -165,13 +165,13 @@ CVE-2016-10867 CVE-2016-10866 RESERVED CVE-2015-9306 (The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS ...) - TODO: check + NOT-FOR-US: wp-ultimate-csv-importer plugin for WordPress CVE-2015-9305 (The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS rel ...) - TODO: check + NOT-FOR-US: wp-google-map-plugin plugin for WordPress CVE-2015-9304 (The ultimate-member plugin before 1.3.18 for WordPress has XSS via tex ...) - TODO: check + NOT-FOR-US: ultimate-member plugin for WordPress CVE-2015-9303 (The simple-share-buttons-adder plugin before 6.0.0 for WordPress has X ...) - TODO: check + NOT-FOR-US: simple-share-buttons-adder plugin for WordPress CVE-2015-9302 RESERVED CVE-2015-9301 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a0fb4ffa4c4223409a781d878f66381b1fa1059e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a0fb4ffa4c4223409a781d878f66381b1fa1059e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits