Skip to content
Commits on Source (2)
Show whitespace changes
Inline Side-by-side
data/CVE/list
View file @ 05e344fe
......@@ -1506,15 +1506,15 @@ CVE-2019-9923 (pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL p
NOTE: https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
NOTE: Crash in CLI tool, no security impact
CVE-2019-9922 (An issue was discovered in the Harmis JE Messenger component 1.2.2 for ...)
TODO: check
NOT-FOR-US: Harmis JE Messenger component for Joomla!
CVE-2019-9921 (An issue was discovered in the Harmis JE Messenger component 1.2.2 for ...)
TODO: check
NOT-FOR-US: Harmis JE Messenger component for Joomla!
CVE-2019-9920 (An issue was discovered in the Harmis JE Messenger component 1.2.2 for ...)
TODO: check
NOT-FOR-US: Harmis JE Messenger component for Joomla!
CVE-2019-9919 (An issue was discovered in the Harmis JE Messenger component 1.2.2 for ...)
TODO: check
NOT-FOR-US: Harmis JE Messenger component for Joomla!
CVE-2019-9918 (An issue was discovered in the Harmis JE Messenger component 1.2.2 for ...)
TODO: check
NOT-FOR-US: Harmis JE Messenger component for Joomla!
CVE-2019-9917 (ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial ...)
- znc 1.7.2-2 (bug #925285)
[jessie] - znc <not-affected> (The vulnerable code is not present)
......@@ -2823,7 +2823,7 @@ CVE-2019-9697
CVE-2019-9696
RESERVED
CVE-2019-9695 (Norton Core prior to v278 may be susceptible to an arbitrary code exec ...)
TODO: check
NOT-FOR-US: Norton Core
CVE-2019-9694
RESERVED
CVE-2019-9693 (In CMS Made Simple (CMSMS) before 2.2.10, an authenticated user can ac ...)
......@@ -3095,9 +3095,9 @@ CVE-2019-9607 (PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal
CVE-2019-9606 (PHP Scripts Mall Personal Video Collection Script 4.0.4 has Stored XSS ...)
NOT-FOR-US: PHP Scripts Mall Personal Video Collection Script
CVE-2019-9605 (PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Reflect ...)
TODO: check
NOT-FOR-US: PHP Scripts Mall Online Lottery PHP Readymade Script
CVE-2019-9604 (PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-S ...)
TODO: check
NOT-FOR-US: PHP Scripts Mall Online Lottery PHP Readymade Script
CVE-2019-9603 (MiniCMS 1.10 allows mc-admin/post.php?state=publish&amp;delete= CSRF t ...)
NOT-FOR-US: MiniCMS
CVE-2019-9602
......@@ -10265,19 +10265,19 @@ CVE-2019-6610
CVE-2019-6609
RESERVED
CVE-2019-6608 (On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14 ...)
TODO: check
NOT-FOR-US: F5 BIG-IP
CVE-2019-6607 (On BIG-IP ASM 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1 ...)
TODO: check
NOT-FOR-US: F5 BIG-IP
CVE-2019-6606 (On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0. ...)
TODO: check
NOT-FOR-US: F5 BIG-IP
CVE-2019-6605 (On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed seq ...)
TODO: check
NOT-FOR-US: F5 BIG-IP
CVE-2019-6604 (On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1 ...)
TODO: check
NOT-FOR-US: F5 BIG-IP
CVE-2019-6603 (In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0 ...)
TODO: check
NOT-FOR-US: F5 BIG-IP
CVE-2019-6602 (In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility l ...)
TODO: check
NOT-FOR-US: F5 BIG-IP
CVE-2019-6601 (In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, ...)
NOT-FOR-US: F5 BIG-IP
CVE-2019-6600 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11 ...)
......@@ -24391,13 +24391,13 @@ CVE-2018-19646 (The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 1
CVE-2018-19645 (An Authentication Bypass issue exists in Solutions Business Manager (S ...)
NOT-FOR-US: Solutions Business Manager (SBM)
CVE-2018-19644 (Reflected cross site script issue in Micro Focus Solutions Business Ma ...)
TODO: check
NOT-FOR-US: Micro Focus Solutions Business Manager
CVE-2018-19643 (Information leakage issue in Micro Focus Solutions Business Manager (S ...)
TODO: check
NOT-FOR-US: Micro Focus Solutions Business Manager
CVE-2018-19642 (Denial of service issue in Micro Focus Solutions Business Manager (SBM ...)
TODO: check
NOT-FOR-US: Micro Focus Solutions Business Manager
CVE-2018-19641 (Unauthenticated remote code execution issue in Micro Focus Solutions B ...)
TODO: check
NOT-FOR-US: Micro Focus Solutions Business Manager
CVE-2018-19640 (If the attacker manages to create files in the directory used to colle ...)
NOT-FOR-US: SLES support scripts
CVE-2018-19639 (If supportutils before version 3.1-5.7.1 is run with -v to perform rpm ...)
......@@ -28213,7 +28213,6 @@ CVE-2019-0161 (Stack overflow in XHCI for EDK II may allow an unauthenticated us
[jessie] - edk2 <end-of-life> (non-free, not used by any sponsor)
NOTE: https://github.com/tianocore/edk2/commit/acebdf14c985c5c9f50b37ece0b15ada87767359
NOTE: https://github.com/tianocore/edk2/commit/72750e3bf9174f15c17e78f0f117b5e7311bb49f
TODO: check
CVE-2019-0160 (Buffer overflow in system firmware for EDK II may allow unauthenticate ...)
- edk2 0~20181115.85588389-1
[jessie] - edk2 <end-of-life> (non-free, not used by any sponsor)
......@@ -37351,7 +37350,7 @@ CVE-2018-15842 (WolfCMS 0.8.3.1 has XSS via the /?/admin/page/add slug parameter
CVE-2018-15841
RESERVED
CVE-2018-15840 (TP-Link TL-WR840N devices allow remote attackers to cause a denial of ...)
TODO: check
NOT-FOR-US: TP-Link
CVE-2018-15839 (D-Link DIR-615 devices have a buffer overflow via a long Authorization ...)
NOT-FOR-US: D-Link DIR-615 devices
CVE-2018-15838
......@@ -62755,17 +62754,17 @@ CVE-2017-18112
CVE-2017-18111 (The OAuthHelper in Atlassian Application Links before version 5.0.10, ...)
TODO: check
CVE-2017-18110 (The administration backup restore resource in Atlassian Crowd before v ...)
TODO: check
NOT-FOR-US: Atlassian Crowd
CVE-2017-18109 (The login resource of CrowdId in Atlassian Crowd before version 3.0.2 ...)
TODO: check
NOT-FOR-US: Atlassian Crowd
CVE-2017-18108 (The administration SMTP configuration resource in Atlassian Crowd befo ...)
TODO: check
NOT-FOR-US: Atlassian Crowd
CVE-2017-18107
RESERVED
CVE-2017-18106 (The identifier_hash for a session token in Atlassian Crowd before vers ...)
TODO: check
NOT-FOR-US: Atlassian Crowd
CVE-2017-18105 (The console login resource in Atlassian Crowd before version 3.0.2 and ...)
TODO: check
NOT-FOR-US: Atlassian Crowd
CVE-2017-18104 (The Webhooks component of Atlassian Jira before version 7.6.7 and from ...)
NOT-FOR-US: Atlassian Jira
CVE-2017-18103 (The atlassian-http library, as used in various Atlassian products, bef ...)