[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
06cb5872 by Moritz Muehlenhoff at 2018-04-19T11:07:23+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -39,7 +39,7 @@ CVE-2018-10206
 CVE-2018-10205
        RESERVED
 CVE-2018-10204 (PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege 
escalation ...)
-       TODO: check
+       NOT-FOR-US: PureVPN
 CVE-2018-10203
        RESERVED
 CVE-2018-10202
@@ -131,7 +131,7 @@ CVE-2018-10174
 CVE-2018-10173
        RESERVED
 CVE-2018-10172 (7-Zip through 18.01 on Windows implements the "Large 
memory pages" ...)
-       TODO: check
+       NOT-FOR-US: 7-Zip
 CVE-2018-10171
        RESERVED
 CVE-2018-10170 (NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege 
escalation ...)
@@ -277,7 +277,7 @@ CVE-2018-10111 (An issue was discovered in GEGL through 
0.3.32. The render_recta
        [jessie] - gegl <no-dsa> (Minor issue)
        NOTE: POC https://github.com/xiaoqx/pocs/tree/master/gegl#2-gegl-dos-1
 CVE-2018-10110 (D-Link DIR-615 T1 devices allow XSS via the Add User feature. 
...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-10109 (Monstra CMS 3.0.4 has a stored XSS vulnerability when an 
attacker has ...)
        NOT-FOR-US: Monstra CMS
 CVE-2018-10108 (D-Link DIR-815 REV. B (with firmware through ...)
@@ -3262,7 +3262,7 @@ CVE-2018-8842
 CVE-2018-8841
        RESERVED
 CVE-2018-8840 (A remote attacker could send a carefully crafted packet in 
InduSoft ...)
-       TODO: check
+       NOT-FOR-US: InduSoft
 CVE-2018-8839
        RESERVED
 CVE-2018-8838 (A weakness in access controls in CENTUM CS 1000 all versions, 
CENTUM ...)
@@ -5769,15 +5769,15 @@ CVE-2018-7764
 CVE-2018-7763
        RESERVED
 CVE-2018-7762 (A vulnerability exists in the web services to process SOAP 
requests in ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7761 (A vulnerability exists in the HTTP request parser in Schneider 
...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7760 (An authorization bypass vulnerability exists in Schneider 
Electric's ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7759 (A buffer overflow vulnerability exists in Schneider Electric's 
Modicon ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7758 (A denial of service vulnerability exists in Schneider 
Electric's MiCOM ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7757 (Memory leak in the sas_smp_get_phy_events function in ...)
        - linux <unfixed>
        NOTE: Fixed by: 
https://git.kernel.org/linus/4a491b1ab11ca0556d2fda1ff1301e862a2d44c4 (4.16-rc1)
@@ -7659,19 +7659,19 @@ CVE-2018-7247 (An issue was discovered in pixHtmlViewer 
in prog/htmlviewer.c in 
        - leptonlib <unfixed> (unimportant)
        NOTE: 
https://github.com/DanBloomberg/leptonica/commit/c1079bb8e77cdd426759e466729917ca37a3ed9f
 CVE-2018-7246 (A cleartext transmission of sensitive information vulnerability 
exists ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7245 (An improper authorization vulnerability exists In Schneider 
Electric's ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7244 (An information disclosure vulnerability exists In Schneider 
Electric's ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7243 (An authorization bypass vulnerability exists In Schneider 
Electric's ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7242 (Vulnerable hash algorithms exists in Schneider Electric's 
Modicon ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7241 (Hard coded accounts exist in Schneider Electric's Modicon 
Premium, ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7240 (A vulnerability exists in Schneider Electric's Modicon Quantum 
in all ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2018-7239 (A DLL hijacking vulnerability exists in Schneider Electric's 
SoMove ...)
        NOT-FOR-US: Schneider Electric
 CVE-2018-7238 (A buffer overflow vulnerability exist in the web-based GUI of 
...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/06cb587207f4aeaca1ca895f60d09eef7e26e2c3

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/06cb587207f4aeaca1ca895f60d09eef7e26e2c3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits