Skip to content
Commits on Source (2)
Show whitespace changes
Inline Side-by-side
data/CVE/list
View file @ 2800ddfb
......@@ -3,11 +3,11 @@ CVE-2019-12743
CVE-2019-12742 (Bludit prior to 3.9.1 allows a non-privileged user to change the passw ...)
NOT-FOR-US: bludit
CVE-2019-12741 (XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR l ...)
TODO: check
NOT-FOR-US: HAPI FHIR library
CVE-2019-12740
RESERVED
CVE-2019-12739 (lib/Controller/ExtractionController.php in the Extract add-on before 1 ...)
TODO: check
- nextcloud <itp> (bug #835086)
CVE-2019-12738
RESERVED
CVE-2019-12737
......@@ -313,7 +313,7 @@ CVE-2019-12595
CVE-2019-12594
RESERVED
CVE-2019-12593 (IceWarp Mail Server through 10.4.4 is prone to a local file inclusion ...)
TODO: check
NOT-FOR-US: IceWarp Mail Server
CVE-2019-12592
RESERVED
CVE-2019-12591 (NETGEAR Insight Cloud with firmware before Insight 5.6 allows remote a ...)
......@@ -387,11 +387,11 @@ CVE-2019-12557
CVE-2019-12556
RESERVED
CVE-2019-12555 (In SweetScape 010 Editor 9.0.1, improper validation of arguments in th ...)
TODO: check
NOT-FOR-US: SweetScape 010 Editor
CVE-2019-12554 (In SweetScape 010 Editor 9.0.1, improper validation of arguments in th ...)
TODO: check
NOT-FOR-US: SweetScape 010 Editor
CVE-2019-12553 (In SweetScape 010 Editor 9.0.1, improper validation of arguments in th ...)
TODO: check
NOT-FOR-US: SweetScape 010 Editor
CVE-2019-12552
RESERVED
CVE-2019-12551
......@@ -987,7 +987,7 @@ CVE-2016-10751 (osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal vi
CVE-2019-12311
RESERVED
CVE-2019-12310 (ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monit ...)
TODO: check
NOT-FOR-US: ExaGrid appliances
CVE-2019-12309 (dotCMS before 5.1.0 has a path traversal vulnerability exploitable by ...)
NOT-FOR-US: dotCMS
CVE-2019-12308 (An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1. ...)
......@@ -1150,7 +1150,7 @@ CVE-2019-12245
CVE-2019-12244
RESERVED
CVE-2019-12243 (Istio 1.1.x through 1.1.6 has Incorrect Access Control. ...)
TODO: check
NOT-FOR-US: Istio
CVE-2019-12242
RESERVED
CVE-2019-12241 (The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserializat ...)
......@@ -1527,7 +1527,7 @@ CVE-2019-12098 (In the client side of Heimdal before 7.6.0, failure to verify an
NOTE: Fixed by: https://github.com/heimdal/heimdal/commit/2f7f3d9960aa6ea21358bdf3687cee5149aa35cf (7.6.0)
NOTE: Introduced by: https://github.com/heimdal/heimdal/commit/a1ef548600c5bb51cf52a9a9ea12676506ede19f (1.4.0)
CVE-2019-12097 (Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoop ...)
TODO: check
NOT-FOR-US: Telerik Fiddler
CVE-2019-12096
RESERVED
CVE-2019-12095
......@@ -2904,7 +2904,7 @@ CVE-2019-11511 (Zoho ManageEngine ADSelfService Plus before build 5708 has XSS v
CVE-2019-11510 (In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before ...)
NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11509 (In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before ...)
TODO: check
NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11508 (In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before ...)
NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11507 (In Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9. ...)
......@@ -3308,13 +3308,13 @@ CVE-2019-11371 (BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overf
NOTE: https://github.com/lh3/bwa/issues/239
NOTE: Neutralised by toolchain hardening
CVE-2019-11370 (Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstr ...)
TODO: check
NOT-FOR-US: Carel pCOWeb
CVE-2019-11369 (An issue was discovered in Carel pCOWeb prior to B1.2.4. In /config/pw ...)
TODO: check
NOT-FOR-US: Carel pCOWeb
CVE-2019-11368 (Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via ...)
TODO: check
NOT-FOR-US: AUO Solar Data Recorder
CVE-2019-11367 (An issue was discovered in AUO Solar Data Recorder before 1.3.0. The w ...)
TODO: check
NOT-FOR-US: AUO Solar Data Recorder
CVE-2019-11364
RESERVED
CVE-2019-11363