Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
219a624f by Salvatore Bonaccorso at 2019-11-23T08:23:47Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -727,9 +727,9 @@ CVE-2019-18912
CVE-2019-18911
RESERVED
CVE-2019-18910 (The Citrix Receiver wrapper function does not safely handle
user suppl ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2019-18909 (The VPN software within HP ThinPro does not safely handle user
supplie ...)
- TODO: check
+ NOT-FOR-US: HP ThinPro
CVE-2019-18908
RESERVED
CVE-2019-18907
@@ -10432,9 +10432,9 @@ CVE-2019-16288 (On Tenda N301 wireless routers, a long
string in the wifiSSID pa
CVE-2019-16287 (An attacker may be able to leverage the application filter
bypass vuln ...)
TODO: check
CVE-2019-16286 (An attacker may be able to bypass the OS application filter
meant to r ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2019-16285 (If a local user has been configured and logged in, an
unauthenticated ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2019-16284 (A potential security vulnerability has been identified in
multiple HP ...)
NOT-FOR-US: HP
CVE-2019-16283
@@ -32142,7 +32142,7 @@ CVE-2019-9538
CVE-2019-9537
RESERVED
CVE-2019-9536 (Apple iPhone 3GS bootrom malloc implementation returns a
non-NULL poin ...)
- TODO: check
+ NOT-FOR-US: Apple iPhone 3GS
CVE-2019-9535 (A vulnerability exists in the way that iTerm2 integrates with
tmux's c ...)
NOT-FOR-US: iTerm2
CVE-2019-9534 (The Cobham EXPLORER 710, firmware version 1.07, does not
validate its ...)
@@ -42755,7 +42755,7 @@ CVE-2019-5511 (VMware Workstation (15.x before 15.0.3,
14.x before 14.1.6) runni
CVE-2019-5510
RESERVED
CVE-2019-5509 (ONTAP Select Deploy administration utility versions 2.11.2
through 2.1 ...)
- TODO: check
+ NOT-FOR-US: ONTAP Select Deploy administration utility
CVE-2019-5508 (Clustered Data ONTAP versions 9.2 through 9.6 are susceptible
to a vul ...)
NOT-FOR-US: Clustered Data ONTAP
CVE-2019-5507 (SnapManager for Oracle prior to version 3.4.2P1 are susceptible
to a v ...)
@@ -43732,9 +43732,9 @@ CVE-2019-5074
CVE-2019-5073
RESERVED
CVE-2019-5072 (An exploitable command injection vulnerability exists in the
/goform/W ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2019-5071 (An exploitable command injection vulnerability exists in the
/goform/W ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2019-5070 (An exploitable SQL injection vulnerability exists in the
unauthenticat ...)
NOT-FOR-US: eFront LMS
CVE-2019-5069 (A code execution vulnerability exists in Epignosis eFront LMS
v5.2.12. ...)
@@ -46963,7 +46963,7 @@ CVE-2019-3656
CVE-2019-3655
RESERVED
CVE-2019-3654 (Authentication Bypass vulnerability in the Microsoft Windows
client in ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2019-3653 (Improper access control vulnerability in Configuration tool in
McAfee ...)
NOT-FOR-US: McAfee Endpoint Security (ENS)
CVE-2019-3652 (Code Injection vulnerability in EPSetup.exe in McAfee Endpoint
Securit ...)
@@ -47551,9 +47551,9 @@ CVE-2019-3430
CVE-2019-3429
RESERVED
CVE-2019-3428 (The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted
by a c ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2019-3427 (The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted
by a c ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2019-3426 (The 9000EV5.0R1B12 version, and all earlier versions of ZTE
product ZX ...)
NOT-FOR-US: ZTE
CVE-2019-3425 (The 9000EV5.0R1B12 version, and all earlier versions of ZTE
product ZX ...)
@@ -210095,7 +210095,7 @@ CVE-2015-3142 (The kernel-invoked coredump processor
in Automatic Bug Reporting
CVE-2015-3141 (Multiple cross-site request forgery (CSRF) vulnerabilities in
Synametr ...)
NOT-FOR-US: Synametrics Technologies Xeams
CVE-2015-3140 (Multiple cross-site request forgery (CSRF) vulnerabilities in
Synametr ...)
- TODO: check
+ NOT-FOR-US: Synametrics
CVE-2015-3139
RESERVED
CVE-2015-3138 (print-wb.c in tcpdump before 4.7.4 allows remote attackers to
cause a ...)
@@ -247849,7 +247849,7 @@ CVE-2013-6241 (The Birthday widget in the backend in
Open-Xchange (OX) AppSuite
CVE-2013-6240
RESERVED
CVE-2013-6239 (Cross-site scripting (XSS) vulnerability in the photo gallery
model in ...)
- TODO: check
+ NOT-FOR-US: Exis Contexis
CVE-2013-6238
RESERVED
CVE-2013-6237 (The ISL Desktop plugin for Windows before 1.4.7 for ISL Light
3.5.4 an ...)
@@ -279148,7 +279148,7 @@ CVE-2002-2483
CVE-2012-1002 (SQL injection vulnerability in author/edit.php in OpenConf 4.x
before ...)
NOT-FOR-US: OpenConf
CVE-2012-1001 (Multiple cross-site scripting (XSS) vulnerabilities in Chyrp
before 2. ...)
- TODO: check
+ NOT-FOR-US: Chyrp
CVE-2012-1000 (Multiple cross-site scripting (XSS) vulnerabilities in LEPTON
1.1.3 an ...)
NOT-FOR-US: LEPTON
CVE-2012-0999 (SQL injection vulnerability in modules/news/rss.php in LEPTON
before 1 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/219a624fbae582a71f7048f6007b1a7eddcac7b3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/219a624fbae582a71f7048f6007b1a7eddcac7b3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
