Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 219a624f by Salvatore Bonaccorso at 2019-11-23T08:23:47Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -727,9 +727,9 @@ CVE-2019-18912 CVE-2019-18911 RESERVED CVE-2019-18910 (The Citrix Receiver wrapper function does not safely handle user suppl ...) - TODO: check + NOT-FOR-US: Citrix CVE-2019-18909 (The VPN software within HP ThinPro does not safely handle user supplie ...) - TODO: check + NOT-FOR-US: HP ThinPro CVE-2019-18908 RESERVED CVE-2019-18907 @@ -10432,9 +10432,9 @@ CVE-2019-16288 (On Tenda N301 wireless routers, a long string in the wifiSSID pa CVE-2019-16287 (An attacker may be able to leverage the application filter bypass vuln ...) TODO: check CVE-2019-16286 (An attacker may be able to bypass the OS application filter meant to r ...) - TODO: check + NOT-FOR-US: HP CVE-2019-16285 (If a local user has been configured and logged in, an unauthenticated ...) - TODO: check + NOT-FOR-US: HP CVE-2019-16284 (A potential security vulnerability has been identified in multiple HP ...) NOT-FOR-US: HP CVE-2019-16283 @@ -32142,7 +32142,7 @@ CVE-2019-9538 CVE-2019-9537 RESERVED CVE-2019-9536 (Apple iPhone 3GS bootrom malloc implementation returns a non-NULL poin ...) - TODO: check + NOT-FOR-US: Apple iPhone 3GS CVE-2019-9535 (A vulnerability exists in the way that iTerm2 integrates with tmux's c ...) NOT-FOR-US: iTerm2 CVE-2019-9534 (The Cobham EXPLORER 710, firmware version 1.07, does not validate its ...) @@ -42755,7 +42755,7 @@ CVE-2019-5511 (VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) runni CVE-2019-5510 RESERVED CVE-2019-5509 (ONTAP Select Deploy administration utility versions 2.11.2 through 2.1 ...) - TODO: check + NOT-FOR-US: ONTAP Select Deploy administration utility CVE-2019-5508 (Clustered Data ONTAP versions 9.2 through 9.6 are susceptible to a vul ...) NOT-FOR-US: Clustered Data ONTAP CVE-2019-5507 (SnapManager for Oracle prior to version 3.4.2P1 are susceptible to a v ...) @@ -43732,9 +43732,9 @@ CVE-2019-5074 CVE-2019-5073 RESERVED CVE-2019-5072 (An exploitable command injection vulnerability exists in the /goform/W ...) - TODO: check + NOT-FOR-US: Tenda CVE-2019-5071 (An exploitable command injection vulnerability exists in the /goform/W ...) - TODO: check + NOT-FOR-US: Tenda CVE-2019-5070 (An exploitable SQL injection vulnerability exists in the unauthenticat ...) NOT-FOR-US: eFront LMS CVE-2019-5069 (A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. ...) @@ -46963,7 +46963,7 @@ CVE-2019-3656 CVE-2019-3655 RESERVED CVE-2019-3654 (Authentication Bypass vulnerability in the Microsoft Windows client in ...) - TODO: check + NOT-FOR-US: McAfee CVE-2019-3653 (Improper access control vulnerability in Configuration tool in McAfee ...) NOT-FOR-US: McAfee Endpoint Security (ENS) CVE-2019-3652 (Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Securit ...) @@ -47551,9 +47551,9 @@ CVE-2019-3430 CVE-2019-3429 RESERVED CVE-2019-3428 (The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a c ...) - TODO: check + NOT-FOR-US: ZTE CVE-2019-3427 (The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a c ...) - TODO: check + NOT-FOR-US: ZTE CVE-2019-3426 (The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZX ...) NOT-FOR-US: ZTE CVE-2019-3425 (The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZX ...) @@ -210095,7 +210095,7 @@ CVE-2015-3142 (The kernel-invoked coredump processor in Automatic Bug Reporting CVE-2015-3141 (Multiple cross-site request forgery (CSRF) vulnerabilities in Synametr ...) NOT-FOR-US: Synametrics Technologies Xeams CVE-2015-3140 (Multiple cross-site request forgery (CSRF) vulnerabilities in Synametr ...) - TODO: check + NOT-FOR-US: Synametrics CVE-2015-3139 RESERVED CVE-2015-3138 (print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a ...) @@ -247849,7 +247849,7 @@ CVE-2013-6241 (The Birthday widget in the backend in Open-Xchange (OX) AppSuite CVE-2013-6240 RESERVED CVE-2013-6239 (Cross-site scripting (XSS) vulnerability in the photo gallery model in ...) - TODO: check + NOT-FOR-US: Exis Contexis CVE-2013-6238 RESERVED CVE-2013-6237 (The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 an ...) @@ -279148,7 +279148,7 @@ CVE-2002-2483 CVE-2012-1002 (SQL injection vulnerability in author/edit.php in OpenConf 4.x before ...) NOT-FOR-US: OpenConf CVE-2012-1001 (Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2. ...) - TODO: check + NOT-FOR-US: Chyrp CVE-2012-1000 (Multiple cross-site scripting (XSS) vulnerabilities in LEPTON 1.1.3 an ...) NOT-FOR-US: LEPTON CVE-2012-0999 (SQL injection vulnerability in modules/news/rss.php in LEPTON before 1 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/219a624fbae582a71f7048f6007b1a7eddcac7b3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/219a624fbae582a71f7048f6007b1a7eddcac7b3 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits