[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Thu, 15 Aug 2019 11:14:02 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
09f269d8 by Salvatore Bonaccorso at 2019-08-15T18:13:05Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -20,21 +20,21 @@ CVE-2019-15055
 CVE-2019-15054
        RESERVED
 CVE-2019-15053 (The "HTML Include and replace macro" plugin before 1.5.0 for 
Confluenc ...)
-       TODO: check
+       NOT-FOR-US: "HTML Include and replace macro" plugin for Confluence 
Server
 CVE-2019-15052 (The HTTP client in the Build tool in Gradle before 5.6 sends 
authentic ...)
        TODO: check
 CVE-2019-15051
        RESERVED
 CVE-2019-15050 (An issue was discovered in Bento4 1.5.1.0. There is a 
heap-based buffe ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2019-15049 (An issue was discovered in Bento4 1.5.1.0. There is a 
heap-based buffe ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2019-15048 (An issue was discovered in Bento4 1.5.1.0. There is a 
heap-based buffe ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2019-15047 (An issue was discovered in Bento4 1.5.1.0. There is a 
heap-based buffe ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2019-15046 (Zoho ManageEngine ServiceDesk Plus 10 before 10509 allows 
unauthentica ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
 CVE-2019-15045
        RESERVED
 CVE-2019-15044
@@ -244,7 +244,7 @@ CVE-2019-14976 (iCMS 7.0.15 allows admincp.php?app=apps XSS 
via the keywords par
 CVE-2019-14975 (Artifex MuPDF before 1.16.0 has a heap-based buffer over-read 
in fz_ch ...)
        TODO: check
 CVE-2019-14974 (SugarCRM Enterprise 9.0.0 allows 
mobile/error-not-supported-platform.h ...)
-       TODO: check
+       NOT-FOR-US: SugarCRM
 CVE-2019-14973 (_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF 
through ...)
        - tiff 4.0.10+git190814-1 (bug #934780)
        - tiff3 <removed>
@@ -1380,9 +1380,9 @@ CVE-2019-14528 (GnuCOBOL 2.2 has a heap-based buffer 
overflow in read_literal in
        [jessie] - open-cobol <no-dsa> (Minor issue)
        NOTE: https://sourceforge.net/p/open-cobol/bugs/583/
 CVE-2019-14527 (An issue was discovered on NETGEAR Nighthawk M1 (MR1100) 
devices befor ...)
-       TODO: check
+       NOT-FOR-US: NETGEAR
 CVE-2019-14526 (An issue was discovered on NETGEAR Nighthawk M1 (MR1100) 
devices befor ...)
-       TODO: check
+       NOT-FOR-US: NETGEAR
 CVE-2019-14525 (In Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, 
and 2019. ...)
        NOT-FOR-US: Octopus Deploy
 CVE-2019-14524 (An issue was discovered in Schism Tracker through 20190722. 
There is a ...)
@@ -2208,7 +2208,7 @@ CVE-2019-14429
 CVE-2019-14428
        RESERVED
 CVE-2019-14427 (XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a 
branch  ...)
-       TODO: check
+       NOT-FOR-US: WEB STUDIO Ultimate Loan Manager
 CVE-2019-14426
        RESERVED
 CVE-2019-14425
@@ -6667,7 +6667,7 @@ CVE-2019-13032 (An issue was discovered in FlightCrew 
v0.9.2 and earlier. A NULL
        NOTE: 
https://github.com/Sigil-Ebook/flightcrew/commit/b4f4a70f604ddcb4e8e343aa0e690764fc46d780
        NOTE: Negligible security impact
 CVE-2019-13030 (eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic 
CCU3' prio ...)
-       TODO: check
+       NOT-FOR-US: eQ-3 Homematic CCU3
 CVE-2019-13029 (Multiple stored Cross-site scripting (XSS) issues in the admin 
panel a ...)
        NOT-FOR-US: REDCap
 CVE-2019-13028 (An incorrect implementation of a local web server in eID 
client (Windo ...)
@@ -8684,7 +8684,7 @@ CVE-2019-12264 (Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 
6.9.4, and Vx7 has Inco
 CVE-2019-12263 (Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the 
TCP comp ...)
        NOT-FOR-US: Wind River VxWorks
 CVE-2019-12262 (Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect 
Access Contr ...)
-       TODO: check
+       NOT-FOR-US: Wind River VxWorks
 CVE-2019-12261 (Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer 
Overflow in the ...)
        NOT-FOR-US: Wind River VxWorks
 CVE-2019-12260 (Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the 
TCP compon ...)
@@ -9132,9 +9132,9 @@ CVE-2019-12106 (The updateDevice function in minissdpd.c 
in MiniUPnP MiniSSDPd 1
 CVE-2019-12105
        RESERVED
 CVE-2019-12104 (The web-based configuration interface of the TP-Link M7350 V3 
with fir ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2019-12103 (The web-based configuration interface of the TP-Link M7350 V3 
with fir ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2019-12102 (** DISPUTED ** Kentico 11 through 12 lets attackers upload and 
explore ...)
        NOT-FOR-US: Kentico
 CVE-2019-12101 (coap_decode_option in coap.c in LibNyoci 0.07.00rc1 mishandles 
certain ...)
@@ -16718,13 +16718,13 @@ CVE-2019-9587 (There is a stack consumption issue in 
md5Round1() located in Decr
 CVE-2019-9586
        RESERVED
 CVE-2019-9585 (eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 
JSON AP ...)
-       TODO: check
+       NOT-FOR-US: eQ-3 Homematic
 CVE-2019-9584 (eQ-3 Homematic AddOn 'CloudMatic' on CCU2 and CCU3 allows 
uncontrolled ...)
-       TODO: check
+       NOT-FOR-US: eQ-3 Homematic
 CVE-2019-9583 (eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. 
This al ...)
-       TODO: check
+       NOT-FOR-US: eQ-3 Homematic
 CVE-2019-9582 (eQ-3 Homematic CCU2 outdated base software packages allows 
Denial of S ...)
-       TODO: check
+       NOT-FOR-US: eQ-3 Homematic
 CVE-2019-9581 (phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file 
upload via  ...)
        NOT-FOR-US: phpscheduleit Booked Scheduler
 CVE-2019-9580 (In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 
2.10.3,  ...)
@@ -20513,7 +20513,7 @@ CVE-2019-8064
 CVE-2019-8063
        RESERVED
 CVE-2019-8062 (Adobe After Effects versions 16 and earlier have an insecure 
library l ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2019-8061
        RESERVED
 CVE-2019-8060
@@ -20715,7 +20715,7 @@ CVE-2019-7963 (Adobe Bridge CC version 9.0.2 and 
earlier versions have an out of
 CVE-2019-7962
        RESERVED
 CVE-2019-7961 (Adobe Prelude CC versions 8.1 and earlier have an insecure 
library loa ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2019-7960
        RESERVED
 CVE-2019-7959
@@ -20775,7 +20775,7 @@ CVE-2019-7933
 CVE-2019-7932 (A remote code execution vulnerability exists in Magento Open 
Source pr ...)
        NOT-FOR-US: Magento
 CVE-2019-7931 (Adobe Premiere Pro CC versions 13.1.2 and earlier have an 
insecure lib ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2019-7930 (A file upload restriction bypass exists in Magento 2.1 prior to 
2.1.18 ...)
        NOT-FOR-US: Magento
 CVE-2019-7929 (An information leakage vulnerability exists in Magento 2.1 
prior to 2. ...)
@@ -20897,7 +20897,7 @@ CVE-2019-7872 (An insecure direct object reference 
(IDOR) vulnerability exists i
 CVE-2019-7871 (A security bypass exists in Magento 2.1 prior to 2.1.18, 
Magento 2.2 p ...)
        NOT-FOR-US: Magento
 CVE-2019-7870 (Adobe Character Animator versions 2.1 and earlier have an 
insecure lib ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2019-7869 (A stored cross-site scripting vulnerability exists in the admin 
panel  ...)
        NOT-FOR-US: Magento
 CVE-2019-7868 (A stored cross-site scripting vulnerability exists in the admin 
panel  ...)
@@ -31232,15 +31232,15 @@ CVE-2019-3641
 CVE-2019-3640
        RESERVED
 CVE-2019-3639 (Clickjack vulnerability in Adminstrator web console in McAfee 
Web Gate ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2019-3638
        RESERVED
 CVE-2019-3637 (Privilege Escalation vulnerability in McAfee FRP 5.x prior to 
5.1.0.20 ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2019-3636
        RESERVED
 CVE-2019-3635 (Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior 
to 7.8. ...)
-       TODO: check
+       NOT-FOR-US: McAfee
 CVE-2019-3634
        RESERVED
 CVE-2019-3633
@@ -39535,9 +39535,9 @@ CVE-2019-1230
 CVE-2019-1229 (An elevation of privilege vulnerability exists in Dynamics 
On-Premise  ...)
        TODO: check
 CVE-2019-1228 (An information disclosure vulnerability exists when the Windows 
kernel ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1227 (An information disclosure vulnerability exists when the Windows 
kernel ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1226 (A remote code execution vulnerability exists in Remote Desktop 
Service ...)
        TODO: check
 CVE-2019-1225 (An information disclosure vulnerability exists when the Windows 
RDP se ...)
@@ -39555,7 +39555,7 @@ CVE-2019-1220
 CVE-2019-1219
        RESERVED
 CVE-2019-1218 (A spoofing vulnerability exists in the way Microsoft Outlook 
iOS softw ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1217
        RESERVED
 CVE-2019-1216
@@ -39565,9 +39565,9 @@ CVE-2019-1215
 CVE-2019-1214
        RESERVED
 CVE-2019-1213 (A memory corruption vulnerability exists in the Windows Server 
DHCP se ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1212 (A memory corruption vulnerability exists in the Windows Server 
DHCP se ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1211 (An elevation of privilege vulnerability exists in Git for 
Visual Studi ...)
        TODO: check
 CVE-2019-1210
@@ -39579,51 +39579,51 @@ CVE-2019-1208
 CVE-2019-1207
        RESERVED
 CVE-2019-1206 (A memory corruption vulnerability exists in the Windows Server 
DHCP se ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1205 (A remote code execution vulnerability exists in Microsoft Word 
softwar ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1204 (An elevation of privilege vulnerability exists when Microsoft 
Outlook  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1203 (A cross-site-scripting (XSS) vulnerability exists when 
Microsoft Share ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1202 (An information disclosure vulnerability exists in the way 
Microsoft Sh ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1201 (A remote code execution vulnerability exists in Microsoft Word 
softwar ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1200 (A remote code execution vulnerability exists in Microsoft 
Outlook soft ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1199 (A remote code execution vulnerability exists in Microsoft 
Outlook when ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1198 (An elevation of privilege exists in SyncController.dll, aka 
'Microsoft ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1197 (A remote code execution vulnerability exists in the way that 
the Chakr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1196 (A remote code execution vulnerability exists in the way that 
the Chakr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1195 (A remote code execution vulnerability exists in the way that 
the Chakr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1194 (A remote code execution vulnerability exists in the way that 
the scrip ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1193 (A remote code execution vulnerability exists in the way that 
Microsoft ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1192 (A security feature bypass vulnerability exists when Microsoft 
browsers ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1191
        RESERVED
 CVE-2019-1190 (An elevation of privilege vulnerability exists in the way that 
the Win ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1189
        RESERVED
 CVE-2019-1188 (A remote code execution vulnerability exists in Microsoft 
Windows that ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1187 (A denial of service vulnerability exists when the XmlLite 
runtime (Xml ...)
        TODO: check
 CVE-2019-1186 (An elevation of privilege vulnerability exists in the way that 
the wcm ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1185 (An elevation of privilege vulnerability exists due to a stack 
corrupti ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1184 (An elevation of privilege vulnerability exists when Windows 
Core Shell ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1183 (A remote code execution vulnerability exists in the way that 
the VBScr ...)
        TODO: check
 CVE-2019-1182 (A remote code execution vulnerability exists in Remote Desktop 
Service ...)
@@ -39631,31 +39631,31 @@ CVE-2019-1182 (A remote code execution vulnerability 
exists in Remote Desktop Se
 CVE-2019-1181 (A remote code execution vulnerability exists in Remote Desktop 
Service ...)
        TODO: check
 CVE-2019-1180 (An elevation of privilege vulnerability exists in the way that 
the wcm ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1179 (An elevation of privilege vulnerability exists in the way that 
the uni ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1178 (An elevation of privilege vulnerability exists in the way that 
the ssd ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1177 (An elevation of privilege vulnerability exists in the way that 
the rpc ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1176 (An elevation of privilege vulnerability exists when DirectX 
improperly ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1175 (An elevation of privilege vulnerability exists in the way that 
the psm ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1174 (An elevation of privilege vulnerability exists in the way that 
the Psm ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1173 (An elevation of privilege vulnerability exists in the way that 
the Psm ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1172 (An information disclosure vulnerability exists in Azure Active 
Directo ...)
        TODO: check
 CVE-2019-1171 (An information disclosure vulnerability exists in SymCrypt 
during the  ...)
        TODO: check
 CVE-2019-1170 (An elevation of privilege vulnerability exists when reparse 
points are ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1169 (An elevation of privilege vulnerability exists in Windows when 
the Win ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1168 (An elevation of privilege exists in the p2pimsvc service where 
an atta ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1167 (A security feature bypass vulnerability exists in Windows 
Defender App ...)
        NOT-FOR-US: Microsoft
 CVE-2019-1166
@@ -39663,19 +39663,19 @@ CVE-2019-1166
 CVE-2019-1165
        RESERVED
 CVE-2019-1164 (An elevation of privilege vulnerability exists when the Windows 
kernel ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1163 (A security feature bypass exists when Windows incorrectly 
validates CA ...)
        TODO: check
 CVE-2019-1162 (An elevation of privilege vulnerability exists when Windows 
improperly ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1161 (An elevation of privilege vulnerability exists when the 
MpSigStub.exe  ...)
        TODO: check
 CVE-2019-1160
        RESERVED
 CVE-2019-1159 (An elevation of privilege vulnerability exists when the Windows 
kernel ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1158 (An information disclosure vulnerability exists when the Windows 
GDI co ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1157 (A remote code execution vulnerability exists when the Windows 
Jet Data ...)
        TODO: check
 CVE-2019-1156 (A remote code execution vulnerability exists when the Windows 
Jet Data ...)
@@ -39683,37 +39683,37 @@ CVE-2019-1156 (A remote code execution vulnerability 
exists when the Windows Jet
 CVE-2019-1155 (A remote code execution vulnerability exists when the Windows 
Jet Data ...)
        TODO: check
 CVE-2019-1154 (An information disclosure vulnerability exists when the Windows 
GDI co ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1153 (An information disclosure vulnerability exists when the 
Microsoft Wind ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1152 (A remote code execution vulnerability exists when the Windows 
font lib ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1151 (A remote code execution vulnerability exists when the Windows 
font lib ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1150 (A remote code execution vulnerability exists when the Windows 
font lib ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1149 (A remote code execution vulnerability exists when the Windows 
font lib ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1148 (An information disclosure vulnerability exists when the 
Microsoft Wind ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1147 (A remote code execution vulnerability exists when the Windows 
Jet Data ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1146 (A remote code execution vulnerability exists when the Windows 
Jet Data ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1145 (A remote code execution vulnerability exists when the Windows 
font lib ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1144 (A remote code execution vulnerability exists when the Windows 
font lib ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1143 (An information disclosure vulnerability exists when the Windows 
GDI co ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1142
        RESERVED
 CVE-2019-1141 (A remote code execution vulnerability exists in the way that 
the Chakr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1140 (A remote code execution vulnerability exists in the way that 
the Chakr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1139 (A remote code execution vulnerability exists in the way that 
the Chakr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1138
        RESERVED
 CVE-2019-1137 (A cross-site-scripting (XSS) vulnerability exists when 
Microsoft Excha ...)
@@ -39725,11 +39725,11 @@ CVE-2019-1135
 CVE-2019-1134 (A cross-site-scripting (XSS) vulnerability exists when 
Microsoft Share ...)
        NOT-FOR-US: Microsoft
 CVE-2019-1133 (A remote code execution vulnerability exists in the way that 
the scrip ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1132 (An elevation of privilege vulnerability exists in Windows when 
the Win ...)
        NOT-FOR-US: Microsoft
 CVE-2019-1131 (A remote code execution vulnerability exists in the way that 
the Chakr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1130 (An elevation of privilege vulnerability exists when Windows 
AppX Deplo ...)
        NOT-FOR-US: Microsoft
 CVE-2019-1129 (An elevation of privilege vulnerability exists when Windows 
AppX Deplo ...)
@@ -39838,7 +39838,7 @@ CVE-2019-1080 (A remote code execution vulnerability 
exists in the way the scrip
 CVE-2019-1079 (An information disclosure vulnerability exists when Visual 
Studio impr ...)
        NOT-FOR-US: Microsoft
 CVE-2019-1078 (An information disclosure vulnerability exists when the Windows 
Graphi ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1077 (An elevation of privilege vulnerability exists when the Visual 
Studio  ...)
        NOT-FOR-US: Microsoft
 CVE-2019-1076 (A Cross-site Scripting (XSS) vulnerability exists when Team 
Foundation ...)
@@ -39880,7 +39880,7 @@ CVE-2019-1059 (A remote code execution vulnerability 
exists in the way that the
 CVE-2019-1058
        RESERVED
 CVE-2019-1057 (A remote code execution vulnerability exists when the Microsoft 
XML Co ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1056 (A remote code execution vulnerability exists in the way that 
the scrip ...)
        NOT-FOR-US: Microsoft
 CVE-2019-1055 (A remote code execution vulnerability exists in the way the 
scripting  ...)
@@ -39934,7 +39934,7 @@ CVE-2019-1032 (A cross-site-scripting (XSS) 
vulnerability exists when Microsoft
 CVE-2019-1031 (A cross-site-scripting (XSS) vulnerability exists when 
Microsoft Share ...)
        NOT-FOR-US: Microsoft
 CVE-2019-1030 (An information disclosure vulnerability exists when Microsoft 
Edge imp ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-1029 (A denial of service vulnerability exists in Skype for Business, 
aka 'S ...)
        NOT-FOR-US: Skype
 CVE-2019-1028 (An elevation of privilege exists in Windows Audio Service, aka 
'Window ...)
@@ -40067,7 +40067,7 @@ CVE-2019-0967
 CVE-2019-0966 (A denial of service vulnerability exists when Microsoft Hyper-V 
on a h ...)
        NOT-FOR-US: Microsoft
 CVE-2019-0965 (A remote code execution vulnerability exists when Windows 
Hyper-V on a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0964
        RESERVED
 CVE-2019-0963 (A cross-site-scripting (XSS) vulnerability exists when 
Microsoft Share ...)
@@ -40534,7 +40534,7 @@ CVE-2019-0738
 CVE-2019-0737
        RESERVED
 CVE-2019-0736 (A memory corruption vulnerability exists in the Windows DHCP 
client wh ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0735 (An elevation of privilege vulnerability exists when the Windows 
Client ...)
        NOT-FOR-US: Microsoft
 CVE-2019-0734 (An elevation of privilege vulnerability exists in Microsoft 
Windows wh ...)
@@ -40560,25 +40560,25 @@ CVE-2019-0725 (A memory corruption vulnerability 
exists in the Windows Server DH
 CVE-2019-0724 (An elevation of privilege vulnerability exists in Microsoft 
Exchange S ...)
        NOT-FOR-US: Microsoft
 CVE-2019-0723 (A denial of service vulnerability exists when Microsoft Hyper-V 
Networ ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0722 (A remote code execution vulnerability exists when Windows 
Hyper-V on a ...)
        NOT-FOR-US: Microsoft
 CVE-2019-0721
        RESERVED
 CVE-2019-0720 (A remote code execution vulnerability exists when Windows 
Hyper-V Netw ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0719
        RESERVED
 CVE-2019-0718 (A denial of service vulnerability exists when Microsoft Hyper-V 
Networ ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0717 (A denial of service vulnerability exists when Microsoft Hyper-V 
Networ ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0716 (A denial of service vulnerability exists when Windows 
improperly handl ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0715 (A denial of service vulnerability exists when Microsoft Hyper-V 
Networ ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0714 (A denial of service vulnerability exists when Microsoft Hyper-V 
Networ ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0713 (A denial of service vulnerability exists when Microsoft Hyper-V 
on a h ...)
        NOT-FOR-US: Microsoft
 CVE-2019-0712
@@ -42153,7 +42153,7 @@ CVE-2018-19388 (FoxitReader.exe in Foxit Reader 
9.3.0.10826 allows remote attack
 CVE-2018-19387
        REJECTED
 CVE-2018-19386 (SolarWinds Database Performance Analyzer 11.1.457 contains an 
instance ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds Database Performance Analyzer
 CVE-2018-19385
        RESERVED
 CVE-2018-19384



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/09f269d85a0c1f1c8ad33df9c489ddf3facdac61

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/09f269d85a0c1f1c8ad33df9c489ddf3facdac61
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to