Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
09b6f80a by Salvatore Bonaccorso at 2019-08-26T20:29:47Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2019-15639
CVE-2019-15638
RESERVED
CVE-2019-15637 (Numerous Tableau products are vulnerable to XXE via a
malicious workbo ...)
- TODO: check
+ NOT-FOR-US: Tableau
CVE-2019-15636
RESERVED
CVE-2019-15635
@@ -141,7 +141,7 @@ CVE-2019-15573 (Gesior-AAC before 2019-05-01 allows SQL
injection in tankyou.php
CVE-2019-15572 (Gesior-AAC before 2019-05-01 allows ServiceCategoryID SQL
injection in ...)
TODO: check
CVE-2019-15571 (The WEB control panel before 2019-04-30 for ClonOS allows SQL
injectio ...)
- TODO: check
+ NOT-FOR-US: WEB control panel for ClonOS
CVE-2019-15570 (BEdita through 4.0.0-RC2 allows SQL injection during a save
operation ...)
TODO: check
CVE-2019-15569 (HM Courts & Tribunals ccd-data-store-api before 2019-06-10
allows ...)
@@ -151,11 +151,11 @@ CVE-2019-15568 (idseq-web before 2019-07-01 in Infectious
Disease Sequencing Pla
CVE-2019-15567 (OpenForis Arena before 2019-05-07 allows SQL injection in the
sorting ...)
TODO: check
CVE-2019-15566 (The Alfresco application before 1.8.7 for Android allows SQL
injection ...)
- TODO: check
+ NOT-FOR-US: Alfresco application for Android
CVE-2019-15565 (The ICOMMKT connector before 1.0.7 for PrestaShop allows SQL
injection ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2019-15564 (The Compassion Switzerland addons 10.01.4 for Odoo allow SQL
injection ...)
- TODO: check
+ NOT-FOR-US: Compassion Switzerland addons for Odoo
CVE-2019-15563 (Observational Health Data Sciences and Informatics (OHDSI)
WebAPI befo ...)
TODO: check
CVE-2019-15562 (GORM before 1.9.10 allows SQL injection via incomplete
parentheses. ...)
@@ -275,7 +275,7 @@ CVE-2019-15526 (An issue was discovered on D-Link DIR-823G
devices with firmware
CVE-2019-15525 (There is Missing SSL Certificate Validation in the pw3270
terminal emu ...)
TODO: check
CVE-2019-15524 (CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by
a .php ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2019-15523
RESERVED
CVE-2019-15522
@@ -309,15 +309,15 @@ CVE-2019-15509
CVE-2019-15508 (In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web
request proxy ...)
TODO: check
CVE-2019-15507 (In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web
request pr ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2019-15506 (An issue was discovered in Kaseya Virtual System Administrator
(VSA) t ...)
- TODO: check
+ NOT-FOR-US: Kaseya Virtual System Administrator (VSA)
CVE-2019-15505 (drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel
through ...)
- linux <unfixed>
CVE-2019-15504 (drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel
through 5.2 ...)
- linux <unfixed>
CVE-2019-15503 (cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka
ProntusCM ...)
- TODO: check
+ NOT-FOR-US: AltaVoz Prontus
CVE-2019-15502
RESERVED
CVE-2019-15501 (Reflected cross site scripting (XSS) in L-Soft LISTSERV before
16.5-20 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/09b6f80af4ff2e3888b6fb8461ca031f51be780d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/09b6f80af4ff2e3888b6fb8461ca031f51be780d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
