Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: bc572485 by Salvatore Bonaccorso at 2019-09-17T20:34:56Z Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -29,43 +29,43 @@ CVE-2016-10994 CVE-2016-10993 (The ScoreMe theme through 2016-04-01 for WordPress has XSS via the s p ...) TODO: check CVE-2016-10992 (The music-store plugin before 1.0.43 for WordPress has XSS via the wp- ...) - TODO: check + NOT-FOR-US: music-store plugin for WordPress CVE-2016-10991 (The imdb-widget plugin before 1.0.9 for WordPress has Local File Inclu ...) - TODO: check + NOT-FOR-US: imdb-widget plugin for WordPress CVE-2016-10990 (The wp-cerber plugin before 2.7 for WordPress has XSS via the X-Forwar ...) - TODO: check + NOT-FOR-US: wp-cerber plugin for WordPress CVE-2016-10989 (The leenkme plugin before 2.6.0 for WordPress has wp-admin/admin.php?p ...) - TODO: check + NOT-FOR-US: leenkme plugin for WordPress CVE-2016-10988 (The leenkme plugin before 2.6.0 for WordPress has stored XSS via faceb ...) - TODO: check + NOT-FOR-US: leenkme plugin for WordPress CVE-2016-10987 (The persian-woocommerce-sms plugin before 3.3.4 for WordPress has ps_s ...) - TODO: check + NOT-FOR-US: persian-woocommerce-sms plugin for WordPress CVE-2016-10986 (The tweet-wheel plugin before 1.0.3.3 for WordPress has XSS via consum ...) - TODO: check + NOT-FOR-US: tweet-wheel plugin for WordPress CVE-2016-10985 (The echosign plugin before 1.2 for WordPress has XSS via the templates ...) - TODO: check + NOT-FOR-US: echosign plugin for WordPress CVE-2016-10984 (The echosign plugin before 1.2 for WordPress has XSS via the inc.php p ...) - TODO: check + NOT-FOR-US: echosign plugin for WordPress CVE-2016-10983 (The ghost plugin before 0.5.6 for WordPress has no access control for ...) - TODO: check + NOT-FOR-US: ghost plugin for WordPress CVE-2016-10982 (The kento-post-view-counter plugin through 2.8 for WordPress has wp-ad ...) - TODO: check + NOT-FOR-US: kento-post-view-counter plugin for WordPress CVE-2016-10981 (The kento-post-view-counter plugin through 2.8 for WordPress has store ...) - TODO: check + NOT-FOR-US: kento-post-view-counter plugin for WordPress CVE-2016-10980 (The kento-post-view-counter plugin through 2.8 for WordPress has XSS v ...) - TODO: check + NOT-FOR-US: kento-post-view-counter plugin for WordPress CVE-2016-10979 (The fossura-tag-miner plugin before 1.1.5 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: fossura-tag-miner plugin for WordPress CVE-2016-10978 (The fossura-tag-miner plugin before 1.1.5 for WordPress has CSRF. ...) - TODO: check + NOT-FOR-US: fossura-tag-miner plugin for WordPress CVE-2016-10977 (The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=.. ...) - TODO: check + NOT-FOR-US: nelio-ab-testing plugin for WordPress CVE-2016-10976 (The safe-editor plugin before 1.2 for WordPress has no se_save authent ...) - TODO: check + NOT-FOR-US: safe-editor plugin for WordPress CVE-2016-10975 (The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has r ...) - TODO: check + NOT-FOR-US: fluid-responsive-slideshow plugin for WordPress CVE-2016-10974 (The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has f ...) - TODO: check + NOT-FOR-US: fluid-responsive-slideshow plugin for WordPress CVE-2019-16377 RESERVED CVE-2019-16376 @@ -14446,11 +14446,11 @@ CVE-2019-11669 (Modifiable read only check box In Micro Focus Service Manager, v CVE-2019-11668 (HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, ...) NOT-FOR-US: Micro Focus CVE-2019-11667 (Unauthorized access to contact information in Micro Focus Service Mana ...) - TODO: check + NOT-FOR-US: Micro Focus CVE-2019-11666 (Insecure deserialization of untrusted data in Micro Focus Service Mana ...) - TODO: check + NOT-FOR-US: Micro Focus CVE-2019-11665 (Data exposure in Micro Focus Service Manager product versions 9.30, 9. ...) - TODO: check + NOT-FOR-US: Micro Focus CVE-2019-11664 RESERVED CVE-2019-11663 @@ -33798,7 +33798,7 @@ CVE-2019-4479 CVE-2019-4478 RESERVED CVE-2019-4477 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...) - TODO: check + NOT-FOR-US: IBM CVE-2019-4476 RESERVED CVE-2019-4475 @@ -33868,7 +33868,7 @@ CVE-2019-4444 CVE-2019-4443 RESERVED CVE-2019-4442 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could allow a ...) - TODO: check + NOT-FOR-US: IBM CVE-2019-4441 RESERVED CVE-2019-4440 @@ -34068,7 +34068,7 @@ CVE-2019-4344 CVE-2019-4343 RESERVED CVE-2019-4342 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripti ...) - TODO: check + NOT-FOR-US: IBM CVE-2019-4341 RESERVED CVE-2019-4340 (IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is vulnerable ...) @@ -34210,13 +34210,13 @@ CVE-2019-4273 CVE-2019-4272 RESERVED CVE-2019-4271 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console ...) - TODO: check + NOT-FOR-US: IBM CVE-2019-4270 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console ...) - TODO: check + NOT-FOR-US: IBM CVE-2019-4269 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console ...) NOT-FOR-US: IBM CVE-2019-4268 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...) - TODO: check + NOT-FOR-US: IBM CVE-2019-4267 (The IBM Spectrum Protect 7.1 and 8.1 Backup-Archive Client is vulnerab ...) NOT-FOR-US: IBM CVE-2019-4266 @@ -34386,7 +34386,7 @@ CVE-2019-4185 (IBM InfoSphere Information Server 11.7.1 containers are vulnerabl CVE-2019-4184 (IBM Jazz Reporting Service 6.0 through 6.0.6.1 is vulnerable to cross- ...) NOT-FOR-US: IBM CVE-2019-4183 (IBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial of servi ...) - TODO: check + NOT-FOR-US: IBM CVE-2019-4182 RESERVED CVE-2019-4181 @@ -34402,7 +34402,7 @@ CVE-2019-4177 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 CVE-2019-4176 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could ...) NOT-FOR-US: IBM CVE-2019-4175 (IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker t ...) - TODO: check + NOT-FOR-US: IBM CVE-2019-4174 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allow ...) NOT-FOR-US: IBM CVE-2019-4173 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could ...) @@ -34410,7 +34410,7 @@ CVE-2019-4173 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 CVE-2019-4172 RESERVED CVE-2019-4171 (IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set ...) - TODO: check + NOT-FOR-US: IBM CVE-2019-4170 RESERVED CVE-2019-4169 (IBM Open Power Firmware OP910 and OP920 could allow access to BMC via ...) @@ -34580,7 +34580,7 @@ CVE-2019-4088 (IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could CVE-2019-4087 (IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulner ...) NOT-FOR-US: IBM CVE-2019-4086 (IBM Cloud Application Performance Management 8.1.4 could allow a remot ...) - TODO: check + NOT-FOR-US: IBM CVE-2019-4085 RESERVED CVE-2019-4084 (IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Man ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bc572485be3a7e5a5d3ae991bb5dac306006b005 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bc572485be3a7e5a5d3ae991bb5dac306006b005 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits