Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bc572485 by Salvatore Bonaccorso at 2019-09-17T20:34:56Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,43 +29,43 @@ CVE-2016-10994
CVE-2016-10993 (The ScoreMe theme through 2016-04-01 for WordPress has XSS via
the s p ...)
TODO: check
CVE-2016-10992 (The music-store plugin before 1.0.43 for WordPress has XSS via
the wp- ...)
- TODO: check
+ NOT-FOR-US: music-store plugin for WordPress
CVE-2016-10991 (The imdb-widget plugin before 1.0.9 for WordPress has Local
File Inclu ...)
- TODO: check
+ NOT-FOR-US: imdb-widget plugin for WordPress
CVE-2016-10990 (The wp-cerber plugin before 2.7 for WordPress has XSS via the
X-Forwar ...)
- TODO: check
+ NOT-FOR-US: wp-cerber plugin for WordPress
CVE-2016-10989 (The leenkme plugin before 2.6.0 for WordPress has
wp-admin/admin.php?p ...)
- TODO: check
+ NOT-FOR-US: leenkme plugin for WordPress
CVE-2016-10988 (The leenkme plugin before 2.6.0 for WordPress has stored XSS
via faceb ...)
- TODO: check
+ NOT-FOR-US: leenkme plugin for WordPress
CVE-2016-10987 (The persian-woocommerce-sms plugin before 3.3.4 for WordPress
has ps_s ...)
- TODO: check
+ NOT-FOR-US: persian-woocommerce-sms plugin for WordPress
CVE-2016-10986 (The tweet-wheel plugin before 1.0.3.3 for WordPress has XSS
via consum ...)
- TODO: check
+ NOT-FOR-US: tweet-wheel plugin for WordPress
CVE-2016-10985 (The echosign plugin before 1.2 for WordPress has XSS via the
templates ...)
- TODO: check
+ NOT-FOR-US: echosign plugin for WordPress
CVE-2016-10984 (The echosign plugin before 1.2 for WordPress has XSS via the
inc.php p ...)
- TODO: check
+ NOT-FOR-US: echosign plugin for WordPress
CVE-2016-10983 (The ghost plugin before 0.5.6 for WordPress has no access
control for ...)
- TODO: check
+ NOT-FOR-US: ghost plugin for WordPress
CVE-2016-10982 (The kento-post-view-counter plugin through 2.8 for WordPress
has wp-ad ...)
- TODO: check
+ NOT-FOR-US: kento-post-view-counter plugin for WordPress
CVE-2016-10981 (The kento-post-view-counter plugin through 2.8 for WordPress
has store ...)
- TODO: check
+ NOT-FOR-US: kento-post-view-counter plugin for WordPress
CVE-2016-10980 (The kento-post-view-counter plugin through 2.8 for WordPress
has XSS v ...)
- TODO: check
+ NOT-FOR-US: kento-post-view-counter plugin for WordPress
CVE-2016-10979 (The fossura-tag-miner plugin before 1.1.5 for WordPress has
XSS. ...)
- TODO: check
+ NOT-FOR-US: fossura-tag-miner plugin for WordPress
CVE-2016-10978 (The fossura-tag-miner plugin before 1.1.5 for WordPress has
CSRF. ...)
- TODO: check
+ NOT-FOR-US: fossura-tag-miner plugin for WordPress
CVE-2016-10977 (The nelio-ab-testing plugin before 4.5.0 for WordPress has
filename=.. ...)
- TODO: check
+ NOT-FOR-US: nelio-ab-testing plugin for WordPress
CVE-2016-10976 (The safe-editor plugin before 1.2 for WordPress has no se_save
authent ...)
- TODO: check
+ NOT-FOR-US: safe-editor plugin for WordPress
CVE-2016-10975 (The fluid-responsive-slideshow plugin before 2.2.7 for
WordPress has r ...)
- TODO: check
+ NOT-FOR-US: fluid-responsive-slideshow plugin for WordPress
CVE-2016-10974 (The fluid-responsive-slideshow plugin before 2.2.7 for
WordPress has f ...)
- TODO: check
+ NOT-FOR-US: fluid-responsive-slideshow plugin for WordPress
CVE-2019-16377
RESERVED
CVE-2019-16376
@@ -14446,11 +14446,11 @@ CVE-2019-11669 (Modifiable read only check box In
Micro Focus Service Manager, v
CVE-2019-11668 (HTTP cookie in Micro Focus Service manager, Versions 9.30,
9.31, 9.32, ...)
NOT-FOR-US: Micro Focus
CVE-2019-11667 (Unauthorized access to contact information in Micro Focus
Service Mana ...)
- TODO: check
+ NOT-FOR-US: Micro Focus
CVE-2019-11666 (Insecure deserialization of untrusted data in Micro Focus
Service Mana ...)
- TODO: check
+ NOT-FOR-US: Micro Focus
CVE-2019-11665 (Data exposure in Micro Focus Service Manager product versions
9.30, 9. ...)
- TODO: check
+ NOT-FOR-US: Micro Focus
CVE-2019-11664
RESERVED
CVE-2019-11663
@@ -33798,7 +33798,7 @@ CVE-2019-4479
CVE-2019-4478
RESERVED
CVE-2019-4477 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could
allow a ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4476
RESERVED
CVE-2019-4475
@@ -33868,7 +33868,7 @@ CVE-2019-4444
CVE-2019-4443
RESERVED
CVE-2019-4442 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could
allow a ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4441
RESERVED
CVE-2019-4440
@@ -34068,7 +34068,7 @@ CVE-2019-4344
CVE-2019-4343
RESERVED
CVE-2019-4342 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site
scripti ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4341
RESERVED
CVE-2019-4340 (IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is
vulnerable ...)
@@ -34210,13 +34210,13 @@ CVE-2019-4273
CVE-2019-4272
RESERVED
CVE-2019-4271 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin
console ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4270 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin
Console ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4269 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin
Console ...)
NOT-FOR-US: IBM
CVE-2019-4268 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could
allow a ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4267 (The IBM Spectrum Protect 7.1 and 8.1 Backup-Archive Client is
vulnerab ...)
NOT-FOR-US: IBM
CVE-2019-4266
@@ -34386,7 +34386,7 @@ CVE-2019-4185 (IBM InfoSphere Information Server 11.7.1
containers are vulnerabl
CVE-2019-4184 (IBM Jazz Reporting Service 6.0 through 6.0.6.1 is vulnerable to
cross- ...)
NOT-FOR-US: IBM
CVE-2019-4183 (IBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial
of servi ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4182
RESERVED
CVE-2019-4181
@@ -34402,7 +34402,7 @@ CVE-2019-4177 (IBM Cognos Controller 10.2.0, 10.2.1,
10.3.0, 10.3.1, and 10.4.0
CVE-2019-4176 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and
10.4.0 could ...)
NOT-FOR-US: IBM
CVE-2019-4175 (IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses
weaker t ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4174 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and
10.4.0 allow ...)
NOT-FOR-US: IBM
CVE-2019-4173 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and
10.4.0 could ...)
@@ -34410,7 +34410,7 @@ CVE-2019-4173 (IBM Cognos Controller 10.2.0, 10.2.1,
10.3.0, 10.3.1, and 10.4.0
CVE-2019-4172
RESERVED
CVE-2019-4171 (IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does
not set ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4170
RESERVED
CVE-2019-4169 (IBM Open Power Firmware OP910 and OP920 could allow access to
BMC via ...)
@@ -34580,7 +34580,7 @@ CVE-2019-4088 (IBM Spectrum Protect Servers 7.1 and 8.1
and Storage Agents could
CVE-2019-4087 (IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are
vulner ...)
NOT-FOR-US: IBM
CVE-2019-4086 (IBM Cloud Application Performance Management 8.1.4 could allow
a remot ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-4085
RESERVED
CVE-2019-4084 (IBM Jazz Foundation products (IBM Rational Collaborative
Lifecycle Man ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bc572485be3a7e5a5d3ae991bb5dac306006b005
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bc572485be3a7e5a5d3ae991bb5dac306006b005
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
