Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c29eb453 by Salvatore Bonaccorso at 2019-08-14T12:31:39Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2019-15030
CVE-2019-15029
RESERVED
CVE-2019-15028 (In Joomla! before 3.9.11, inadequate checks in com_contact
could allow ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2019-15027
RESERVED
CVE-2019-15026
@@ -153,11 +153,11 @@ CVE-2019-14988
CVE-2019-14987 (Adive Framework through 2.0.7 is affected by XSS in the Create
New Tab ...)
NOT-FOR-US: Adive Framework
CVE-2019-14986 (eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn before 2.3.0
installe ...)
- TODO: check
+ NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14985 (eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed
allow Remot ...)
- TODO: check
+ NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14984 (eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0
AddOn inst ...)
- TODO: check
+ NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14983
RESERVED
CVE-2019-14982 (In Exiv2 before v0.27.2, there is an integer overflow
vulnerability in ...)
@@ -1294,7 +1294,7 @@ CVE-2019-14531 (An issue was discovered in The Sleuth Kit
(TSK) 4.6.6. There is
NOTE: https://github.com/sleuthkit/sleuthkit/issues/1576
NOTE: Negligible security impact
CVE-2019-14530 (An issue was discovered in custom/ajax_download.php in OpenEMR
before ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2019-14529 (OpenEMR before 5.0.2 allows SQL Injection in
interface/forms/eye_mag/s ...)
NOT-FOR-US: OpenEMR
CVE-2019-14528 (GnuCOBOL 2.2 has a heap-based buffer overflow in read_literal
in cobc/ ...)
@@ -1335,7 +1335,7 @@ CVE-2019-14518
CVE-2019-14517 (pandao Editor.md 1.5.0 allows XSS via the Javascript:
string. ...)
NOT-FOR-US: pandao Editor.md
CVE-2019-14516 (The mAadhaar application 1.2.7 for Android lacks SSL
Certificate Valid ...)
- TODO: check
+ NOT-FOR-US: mAadhaar application for Android
CVE-2019-14515
RESERVED
CVE-2019-14514
@@ -2325,7 +2325,7 @@ CVE-2019-14361
CVE-2019-14360
RESERVED
CVE-2019-14359 (** DISPUTED ** On BC Vault devices, a side channel for the
row-based S ...)
- TODO: check
+ NOT-FOR-US: BC Vault devices
CVE-2019-14358
RESERVED
CVE-2019-14357 (** DISPUTED ** On Mooltipass Mini devices, a side channel for
the row- ...)
@@ -5425,7 +5425,7 @@ CVE-2019-13464 (An issue was discovered in OWASP
ModSecurity Core Rule Set (CRS)
CVE-2019-13463
RESERVED
CVE-2019-13462 (Lansweeper before 7.1.117.4 allows unauthenticated SQL
injection. ...)
- TODO: check
+ NOT-FOR-US: Lansweeper
CVE-2019-13461 (In PrestaShop before 1.7.6.0 RC2, the id_address_delivery and
id_addre ...)
NOT-FOR-US: PrestaShop
CVE-2019-13460
@@ -5543,17 +5543,17 @@ CVE-2019-13422
CVE-2019-13421
RESERVED
CVE-2019-13420 (Search Guard versions before 21.0 had an timing side channel
issue whe ...)
- TODO: check
+ NOT-FOR-US: Search Guard
CVE-2019-13419 (Search Guard versions before 23.1 had an issue that for
aggregations c ...)
- TODO: check
+ NOT-FOR-US: Search Guard
CVE-2019-13418 (Search Guard versions before 24.0 had an issue that values of
string a ...)
- TODO: check
+ NOT-FOR-US: Search Guard
CVE-2019-13417 (Search Guard versions before 24.0 had an issue that field caps
and map ...)
- TODO: check
+ NOT-FOR-US: Search Guard
CVE-2019-13416 (Search Guard versions before 24.3 had an issue when Cross
Cluster Sear ...)
- TODO: check
+ NOT-FOR-US: Search Guard
CVE-2019-13415 (Search Guard versions before 24.3 had an issue when Cross
Cluster Sear ...)
- TODO: check
+ NOT-FOR-US: Search Guard
CVE-2019-13414 (The Rencontre plugin before 3.1.3 for WordPress allows XSS via
inc/ren ...)
NOT-FOR-US: Wordpress plugin
CVE-2019-13413 (The Rencontre plugin before 3.1.3 for WordPress allows SQL
Injection v ...)
@@ -7195,7 +7195,7 @@ CVE-2019-12810
CVE-2019-12809
RESERVED
CVE-2019-12808 (ALTOOLS update service 18.1 and earlier versions contains a
local priv ...)
- TODO: check
+ NOT-FOR-US: ALTOOLS update service
CVE-2019-12807 (Alzip 10.83 and earlier version contains a stack-based buffer
overflow ...)
TODO: check
CVE-2019-12806 (UniSign 2.0.4.0 and earlier version contains a stack-based
buffer over ...)
@@ -8003,7 +8003,7 @@ CVE-2019-12481 (An issue was discovered in GPAC 0.7.1.
There is a NULL pointer d
CVE-2019-12480 (BACnet Protocol Stack through 0.8.6 has a segmentation fault
leading t ...)
NOT-FOR-US: BACnet Protocol Stack
CVE-2019-12479 (An issue was discovered in 20|20 Storage 2.11.0. A Path
Traversal vuln ...)
- TODO: check
+ NOT-FOR-US: 20|20 Storage
CVE-2019-12478
RESERVED
CVE-2019-12477 (Supra Smart Cloud TV allows remote file inclusion in the
openLiveURL f ...)
@@ -11399,7 +11399,7 @@ CVE-2019-11209
CVE-2019-11208 (The authorization component of TIBCO Software Inc.'s TIBCO API
Exchang ...)
NOT-FOR-US: TIBCO
CVE-2019-11207 (The web server component of TIBCO Software Inc.'s TIBCO
LogLogic Enter ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2019-11206 (The Spotfire library component of TIBCO Software Inc.'s TIBCO
Spotfire ...)
NOT-FOR-US: TIBCO
CVE-2019-11205 (The web server component of TIBCO Software Inc.'s TIBCO
Spotfire Analy ...)
@@ -12077,9 +12077,9 @@ CVE-2019-10945 (An issue was discovered in Joomla!
before 3.9.5. The Media Manag
CVE-2019-10944
RESERVED
CVE-2019-10943 (A vulnerability has been identified in SIMATIC ET 200SP Open
Controlle ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-10942 (A vulnerability has been identified in SCALANCE X-200 (All
versions), ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-10941
RESERVED
CVE-2019-10940
@@ -12105,11 +12105,11 @@ CVE-2019-10931 (A vulnerability has been identified
in SIPROTEC 5 device types 6
CVE-2019-10930 (A vulnerability has been identified in SIPROTEC 5 device types
6MD85, ...)
NOT-FOR-US: Siemens
CVE-2019-10929 (A vulnerability has been identified in SIMATIC ET 200SP Open
Controlle ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-10928 (A vulnerability has been identified in SCALANCE SC-600 (V2.0).
An auth ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-10927 (A vulnerability has been identified in SCALANCE SC-600 (V2.0),
SCALANC ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2019-10926 (A vulnerability has been identified in SIMATIC Ident MV420
family (All ...)
NOT-FOR-US: Siemens
CVE-2019-10925 (A vulnerability has been identified in SIMATIC Ident MV420
family (All ...)
@@ -19512,7 +19512,7 @@ CVE-2019-8450
CVE-2019-8449
RESERVED
CVE-2019-8448 (The login.jsp resource in Jira before version 7.13.4, and from
version ...)
- TODO: check
+ NOT-FOR-US: Atlassian Jira
CVE-2019-8447
RESERVED
CVE-2019-8446
@@ -27425,7 +27425,7 @@ CVE-2019-5301 (Huawei smart phones Honor V20 with the
versions before 9.0.1.161(
CVE-2019-5300 (There is a digital signature verification bypass vulnerability
in AR12 ...)
NOT-FOR-US: Huawei
CVE-2019-5299 (Huawei mobile phones Hima-AL00Bhave with Versions earlier than
HMA-AL0 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2019-5298 (There is an improper authentication vulnerability in some
Huawei AP pr ...)
NOT-FOR-US: Huawei
CVE-2019-5297 (Emily-L29C Huawei phones versions earlier than 9.0.0.159
(C185E2R1P12T ...)
@@ -27463,7 +27463,7 @@ CVE-2019-5282
CVE-2019-5281 (There is an information leak vulnerability in some Huawei
phones, vers ...)
NOT-FOR-US: Huawei
CVE-2019-5280 (The SIP TLS module of Huawei CloudLink Phone 7900 with
V600R019C10 has ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2019-5279
RESERVED
CVE-2019-5278
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c29eb453a56b69b349f94af36419e47495e52385
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c29eb453a56b69b349f94af36419e47495e52385
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
