Commit c29eb453 authored by Salvatore Bonaccorso's avatar Salvatore Bonaccorso

Process some NFUs

parent daf1747c
......@@ -9,7 +9,7 @@ CVE-2019-15030
CVE-2019-15029
RESERVED
CVE-2019-15028 (In Joomla! before 3.9.11, inadequate checks in com_contact could allow ...)
TODO: check
NOT-FOR-US: Joomla!
CVE-2019-15027
RESERVED
CVE-2019-15026
......@@ -153,11 +153,11 @@ CVE-2019-14988
CVE-2019-14987 (Adive Framework through 2.0.7 is affected by XSS in the Create New Tab ...)
NOT-FOR-US: Adive Framework
CVE-2019-14986 (eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn before 2.3.0 installe ...)
TODO: check
NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14985 (eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remot ...)
TODO: check
NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14984 (eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn inst ...)
TODO: check
NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14983
RESERVED
CVE-2019-14982 (In Exiv2 before v0.27.2, there is an integer overflow vulnerability in ...)
......@@ -1294,7 +1294,7 @@ CVE-2019-14531 (An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is
NOTE: https://github.com/sleuthkit/sleuthkit/issues/1576
NOTE: Negligible security impact
CVE-2019-14530 (An issue was discovered in custom/ajax_download.php in OpenEMR before ...)
TODO: check
NOT-FOR-US: OpenEMR
CVE-2019-14529 (OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/s ...)
NOT-FOR-US: OpenEMR
CVE-2019-14528 (GnuCOBOL 2.2 has a heap-based buffer overflow in read_literal in cobc/ ...)
......@@ -1335,7 +1335,7 @@ CVE-2019-14518
CVE-2019-14517 (pandao Editor.md 1.5.0 allows XSS via the Javascript: string. ...)
NOT-FOR-US: pandao Editor.md
CVE-2019-14516 (The mAadhaar application 1.2.7 for Android lacks SSL Certificate Valid ...)
TODO: check
NOT-FOR-US: mAadhaar application for Android
CVE-2019-14515
RESERVED
CVE-2019-14514
......@@ -2325,7 +2325,7 @@ CVE-2019-14361
CVE-2019-14360
RESERVED
CVE-2019-14359 (** DISPUTED ** On BC Vault devices, a side channel for the row-based S ...)
TODO: check
NOT-FOR-US: BC Vault devices
CVE-2019-14358
RESERVED
CVE-2019-14357 (** DISPUTED ** On Mooltipass Mini devices, a side channel for the row- ...)
......@@ -5425,7 +5425,7 @@ CVE-2019-13464 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS)
CVE-2019-13463
RESERVED
CVE-2019-13462 (Lansweeper before 7.1.117.4 allows unauthenticated SQL injection. ...)
TODO: check
NOT-FOR-US: Lansweeper
CVE-2019-13461 (In PrestaShop before 1.7.6.0 RC2, the id_address_delivery and id_addre ...)
NOT-FOR-US: PrestaShop
CVE-2019-13460
......@@ -5543,17 +5543,17 @@ CVE-2019-13422
CVE-2019-13421
RESERVED
CVE-2019-13420 (Search Guard versions before 21.0 had an timing side channel issue whe ...)
TODO: check
NOT-FOR-US: Search Guard
CVE-2019-13419 (Search Guard versions before 23.1 had an issue that for aggregations c ...)
TODO: check
NOT-FOR-US: Search Guard
CVE-2019-13418 (Search Guard versions before 24.0 had an issue that values of string a ...)
TODO: check
NOT-FOR-US: Search Guard
CVE-2019-13417 (Search Guard versions before 24.0 had an issue that field caps and map ...)
TODO: check
NOT-FOR-US: Search Guard
CVE-2019-13416 (Search Guard versions before 24.3 had an issue when Cross Cluster Sear ...)
TODO: check
NOT-FOR-US: Search Guard
CVE-2019-13415 (Search Guard versions before 24.3 had an issue when Cross Cluster Sear ...)
TODO: check
NOT-FOR-US: Search Guard
CVE-2019-13414 (The Rencontre plugin before 3.1.3 for WordPress allows XSS via inc/ren ...)
NOT-FOR-US: Wordpress plugin
CVE-2019-13413 (The Rencontre plugin before 3.1.3 for WordPress allows SQL Injection v ...)
......@@ -7195,7 +7195,7 @@ CVE-2019-12810
CVE-2019-12809
RESERVED
CVE-2019-12808 (ALTOOLS update service 18.1 and earlier versions contains a local priv ...)
TODO: check
NOT-FOR-US: ALTOOLS update service
CVE-2019-12807 (Alzip 10.83 and earlier version contains a stack-based buffer overflow ...)
TODO: check
CVE-2019-12806 (UniSign 2.0.4.0 and earlier version contains a stack-based buffer over ...)
......@@ -8003,7 +8003,7 @@ CVE-2019-12481 (An issue was discovered in GPAC 0.7.1. There is a NULL pointer d
CVE-2019-12480 (BACnet Protocol Stack through 0.8.6 has a segmentation fault leading t ...)
NOT-FOR-US: BACnet Protocol Stack
CVE-2019-12479 (An issue was discovered in 20|20 Storage 2.11.0. A Path Traversal vuln ...)
TODO: check
NOT-FOR-US: 20|20 Storage
CVE-2019-12478
RESERVED
CVE-2019-12477 (Supra Smart Cloud TV allows remote file inclusion in the openLiveURL f ...)
......@@ -11399,7 +11399,7 @@ CVE-2019-11209
CVE-2019-11208 (The authorization component of TIBCO Software Inc.'s TIBCO API Exchang ...)
NOT-FOR-US: TIBCO
CVE-2019-11207 (The web server component of TIBCO Software Inc.'s TIBCO LogLogic Enter ...)
TODO: check
NOT-FOR-US: TIBCO
CVE-2019-11206 (The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire ...)
NOT-FOR-US: TIBCO
CVE-2019-11205 (The web server component of TIBCO Software Inc.'s TIBCO Spotfire Analy ...)
......@@ -12077,9 +12077,9 @@ CVE-2019-10945 (An issue was discovered in Joomla! before 3.9.5. The Media Manag
CVE-2019-10944
RESERVED
CVE-2019-10943 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...)
TODO: check
NOT-FOR-US: Siemens
CVE-2019-10942 (A vulnerability has been identified in SCALANCE X-200 (All versions), ...)
TODO: check
NOT-FOR-US: Siemens
CVE-2019-10941
RESERVED
CVE-2019-10940
......@@ -12105,11 +12105,11 @@ CVE-2019-10931 (A vulnerability has been identified in SIPROTEC 5 device types 6
CVE-2019-10930 (A vulnerability has been identified in SIPROTEC 5 device types 6MD85, ...)
NOT-FOR-US: Siemens
CVE-2019-10929 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...)
TODO: check
NOT-FOR-US: Siemens
CVE-2019-10928 (A vulnerability has been identified in SCALANCE SC-600 (V2.0). An auth ...)
TODO: check
NOT-FOR-US: Siemens
CVE-2019-10927 (A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANC ...)
TODO: check
NOT-FOR-US: Siemens
CVE-2019-10926 (A vulnerability has been identified in SIMATIC Ident MV420 family (All ...)
NOT-FOR-US: Siemens
CVE-2019-10925 (A vulnerability has been identified in SIMATIC Ident MV420 family (All ...)
......@@ -19512,7 +19512,7 @@ CVE-2019-8450
CVE-2019-8449
RESERVED
CVE-2019-8448 (The login.jsp resource in Jira before version 7.13.4, and from version ...)
TODO: check
NOT-FOR-US: Atlassian Jira
CVE-2019-8447
RESERVED
CVE-2019-8446
......@@ -27425,7 +27425,7 @@ CVE-2019-5301 (Huawei smart phones Honor V20 with the versions before 9.0.1.161(
CVE-2019-5300 (There is a digital signature verification bypass vulnerability in AR12 ...)
NOT-FOR-US: Huawei
CVE-2019-5299 (Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL0 ...)
TODO: check
NOT-FOR-US: Huawei
CVE-2019-5298 (There is an improper authentication vulnerability in some Huawei AP pr ...)
NOT-FOR-US: Huawei
CVE-2019-5297 (Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T ...)
......@@ -27463,7 +27463,7 @@ CVE-2019-5282
CVE-2019-5281 (There is an information leak vulnerability in some Huawei phones, vers ...)
NOT-FOR-US: Huawei
CVE-2019-5280 (The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has ...)
TODO: check
NOT-FOR-US: Huawei
CVE-2019-5279
RESERVED
CVE-2019-5278
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment