Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: c29eb453 by Salvatore Bonaccorso at 2019-08-14T12:31:39Z Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -9,7 +9,7 @@ CVE-2019-15030 CVE-2019-15029 RESERVED CVE-2019-15028 (In Joomla! before 3.9.11, inadequate checks in com_contact could allow ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2019-15027 RESERVED CVE-2019-15026 @@ -153,11 +153,11 @@ CVE-2019-14988 CVE-2019-14987 (Adive Framework through 2.0.7 is affected by XSS in the Create New Tab ...) NOT-FOR-US: Adive Framework CVE-2019-14986 (eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn before 2.3.0 installe ...) - TODO: check + NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3 CVE-2019-14985 (eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remot ...) - TODO: check + NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3 CVE-2019-14984 (eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn inst ...) - TODO: check + NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3 CVE-2019-14983 RESERVED CVE-2019-14982 (In Exiv2 before v0.27.2, there is an integer overflow vulnerability in ...) @@ -1294,7 +1294,7 @@ CVE-2019-14531 (An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is NOTE: https://github.com/sleuthkit/sleuthkit/issues/1576 NOTE: Negligible security impact CVE-2019-14530 (An issue was discovered in custom/ajax_download.php in OpenEMR before ...) - TODO: check + NOT-FOR-US: OpenEMR CVE-2019-14529 (OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/s ...) NOT-FOR-US: OpenEMR CVE-2019-14528 (GnuCOBOL 2.2 has a heap-based buffer overflow in read_literal in cobc/ ...) @@ -1335,7 +1335,7 @@ CVE-2019-14518 CVE-2019-14517 (pandao Editor.md 1.5.0 allows XSS via the Javascript: string. ...) NOT-FOR-US: pandao Editor.md CVE-2019-14516 (The mAadhaar application 1.2.7 for Android lacks SSL Certificate Valid ...) - TODO: check + NOT-FOR-US: mAadhaar application for Android CVE-2019-14515 RESERVED CVE-2019-14514 @@ -2325,7 +2325,7 @@ CVE-2019-14361 CVE-2019-14360 RESERVED CVE-2019-14359 (** DISPUTED ** On BC Vault devices, a side channel for the row-based S ...) - TODO: check + NOT-FOR-US: BC Vault devices CVE-2019-14358 RESERVED CVE-2019-14357 (** DISPUTED ** On Mooltipass Mini devices, a side channel for the row- ...) @@ -5425,7 +5425,7 @@ CVE-2019-13464 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) CVE-2019-13463 RESERVED CVE-2019-13462 (Lansweeper before 7.1.117.4 allows unauthenticated SQL injection. ...) - TODO: check + NOT-FOR-US: Lansweeper CVE-2019-13461 (In PrestaShop before 1.7.6.0 RC2, the id_address_delivery and id_addre ...) NOT-FOR-US: PrestaShop CVE-2019-13460 @@ -5543,17 +5543,17 @@ CVE-2019-13422 CVE-2019-13421 RESERVED CVE-2019-13420 (Search Guard versions before 21.0 had an timing side channel issue whe ...) - TODO: check + NOT-FOR-US: Search Guard CVE-2019-13419 (Search Guard versions before 23.1 had an issue that for aggregations c ...) - TODO: check + NOT-FOR-US: Search Guard CVE-2019-13418 (Search Guard versions before 24.0 had an issue that values of string a ...) - TODO: check + NOT-FOR-US: Search Guard CVE-2019-13417 (Search Guard versions before 24.0 had an issue that field caps and map ...) - TODO: check + NOT-FOR-US: Search Guard CVE-2019-13416 (Search Guard versions before 24.3 had an issue when Cross Cluster Sear ...) - TODO: check + NOT-FOR-US: Search Guard CVE-2019-13415 (Search Guard versions before 24.3 had an issue when Cross Cluster Sear ...) - TODO: check + NOT-FOR-US: Search Guard CVE-2019-13414 (The Rencontre plugin before 3.1.3 for WordPress allows XSS via inc/ren ...) NOT-FOR-US: Wordpress plugin CVE-2019-13413 (The Rencontre plugin before 3.1.3 for WordPress allows SQL Injection v ...) @@ -7195,7 +7195,7 @@ CVE-2019-12810 CVE-2019-12809 RESERVED CVE-2019-12808 (ALTOOLS update service 18.1 and earlier versions contains a local priv ...) - TODO: check + NOT-FOR-US: ALTOOLS update service CVE-2019-12807 (Alzip 10.83 and earlier version contains a stack-based buffer overflow ...) TODO: check CVE-2019-12806 (UniSign 2.0.4.0 and earlier version contains a stack-based buffer over ...) @@ -8003,7 +8003,7 @@ CVE-2019-12481 (An issue was discovered in GPAC 0.7.1. There is a NULL pointer d CVE-2019-12480 (BACnet Protocol Stack through 0.8.6 has a segmentation fault leading t ...) NOT-FOR-US: BACnet Protocol Stack CVE-2019-12479 (An issue was discovered in 20|20 Storage 2.11.0. A Path Traversal vuln ...) - TODO: check + NOT-FOR-US: 20|20 Storage CVE-2019-12478 RESERVED CVE-2019-12477 (Supra Smart Cloud TV allows remote file inclusion in the openLiveURL f ...) @@ -11399,7 +11399,7 @@ CVE-2019-11209 CVE-2019-11208 (The authorization component of TIBCO Software Inc.'s TIBCO API Exchang ...) NOT-FOR-US: TIBCO CVE-2019-11207 (The web server component of TIBCO Software Inc.'s TIBCO LogLogic Enter ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2019-11206 (The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire ...) NOT-FOR-US: TIBCO CVE-2019-11205 (The web server component of TIBCO Software Inc.'s TIBCO Spotfire Analy ...) @@ -12077,9 +12077,9 @@ CVE-2019-10945 (An issue was discovered in Joomla! before 3.9.5. The Media Manag CVE-2019-10944 RESERVED CVE-2019-10943 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...) - TODO: check + NOT-FOR-US: Siemens CVE-2019-10942 (A vulnerability has been identified in SCALANCE X-200 (All versions), ...) - TODO: check + NOT-FOR-US: Siemens CVE-2019-10941 RESERVED CVE-2019-10940 @@ -12105,11 +12105,11 @@ CVE-2019-10931 (A vulnerability has been identified in SIPROTEC 5 device types 6 CVE-2019-10930 (A vulnerability has been identified in SIPROTEC 5 device types 6MD85, ...) NOT-FOR-US: Siemens CVE-2019-10929 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...) - TODO: check + NOT-FOR-US: Siemens CVE-2019-10928 (A vulnerability has been identified in SCALANCE SC-600 (V2.0). An auth ...) - TODO: check + NOT-FOR-US: Siemens CVE-2019-10927 (A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANC ...) - TODO: check + NOT-FOR-US: Siemens CVE-2019-10926 (A vulnerability has been identified in SIMATIC Ident MV420 family (All ...) NOT-FOR-US: Siemens CVE-2019-10925 (A vulnerability has been identified in SIMATIC Ident MV420 family (All ...) @@ -19512,7 +19512,7 @@ CVE-2019-8450 CVE-2019-8449 RESERVED CVE-2019-8448 (The login.jsp resource in Jira before version 7.13.4, and from version ...) - TODO: check + NOT-FOR-US: Atlassian Jira CVE-2019-8447 RESERVED CVE-2019-8446 @@ -27425,7 +27425,7 @@ CVE-2019-5301 (Huawei smart phones Honor V20 with the versions before 9.0.1.161( CVE-2019-5300 (There is a digital signature verification bypass vulnerability in AR12 ...) NOT-FOR-US: Huawei CVE-2019-5299 (Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL0 ...) - TODO: check + NOT-FOR-US: Huawei CVE-2019-5298 (There is an improper authentication vulnerability in some Huawei AP pr ...) NOT-FOR-US: Huawei CVE-2019-5297 (Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T ...) @@ -27463,7 +27463,7 @@ CVE-2019-5282 CVE-2019-5281 (There is an information leak vulnerability in some Huawei phones, vers ...) NOT-FOR-US: Huawei CVE-2019-5280 (The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has ...) - TODO: check + NOT-FOR-US: Huawei CVE-2019-5279 RESERVED CVE-2019-5278 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c29eb453a56b69b349f94af36419e47495e52385 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c29eb453a56b69b349f94af36419e47495e52385 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits