Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
80cfa868 by Salvatore Bonaccorso at 2018-04-19T22:28:15+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,7 +1,7 @@
CVE-2018-10236 (POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP
code via ...)
- TODO: check
+ NOT-FOR-US: POSCMS
CVE-2018-10235 (POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP
code via ...)
- TODO: check
+ NOT-FOR-US: POSCMS
CVE-2018-10234
RESERVED
CVE-2018-10233
@@ -17,23 +17,23 @@ CVE-2018-10229
CVE-2018-10228
RESERVED
CVE-2018-10227 (MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link
parameter. ...)
- TODO: check
+ NOT-FOR-US: MiniCMS
CVE-2018-10226
RESERVED
CVE-2018-10225 (thinkphp 3.1.3 has SQL Injection via the index.php s
parameter. ...)
TODO: check
CVE-2018-10224 (An issue was discovered in YzmCMS 3.8. There is a CSRF
vulnerability ...)
- TODO: check
+ NOT-FOR-US: YzmCMS
CVE-2018-10223 (An issue was discovered in YzmCMS 3.8. There is a CSRF
vulnerability ...)
- TODO: check
+ NOT-FOR-US: YzmCMS
CVE-2018-10222 (An issue was discovered in idreamsoft iCMS V7.0. There is a
CSRF ...)
- TODO: check
+ NOT-FOR-US: idreamsoft iCMS
CVE-2018-10221 (An issue was discovered in WUZHI CMS V4.1.0. There is a
persistent XSS ...)
- TODO: check
+ NOT-FOR-US: WUZHI CMS
CVE-2018-10220 (** DISPUTED ** Glastopf 3.1.3-dev has SSRF, as demonstrated by
the ...)
TODO: check
CVE-2018-10219 (baijiacms V3 has physical path leakage via an ...)
- TODO: check
+ NOT-FOR-US: baijiacms
CVE-2018-10218
RESERVED
CVE-2018-10217
@@ -2552,7 +2552,7 @@ CVE-2018-9138 (An issue was discovered in cplus-dem.c in
GNU libiberty, as ...)
[wheezy] - binutils <ignored> (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23008
CVE-2018-9137 (Open-AudIT before 2.2 has CSV Injection. ...)
- TODO: check
+ NOT-FOR-US: Open-AudIT
CVE-2018-9136 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows
attackers ...)
NOT-FOR-US: Jungo
CVE-2018-9135 (In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer
over-read in ...)
@@ -5444,7 +5444,7 @@ CVE-2018-7922
CVE-2018-7921
RESERVED
CVE-2018-7920 (Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200
...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2018-7919
RESERVED
CVE-2018-7918
@@ -5486,7 +5486,7 @@ CVE-2018-7901
CVE-2018-7900
RESERVED
CVE-2018-7899 (The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart
phones ...)
- TODO: check
+ NOT-FOR-US: Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart
phones
CVE-2018-7898
RESERVED
CVE-2018-7897
@@ -10489,7 +10489,7 @@ CVE-2018-6308 (Multiple SQL injections exist in
SugarCRM Community Edition 6.5.2
CVE-2018-6307
RESERVED
CVE-2018-6306 (Unauthorized code execution from specific DLL and is known as
DLL ...)
- TODO: check
+ NOT-FOR-US: Kaspersky Password Manager
CVE-2018-6305 (Denial of service in Gemalto's Sentinel LDK RTE version before
7.65 ...)
NOT-FOR-US: Gemalto
CVE-2018-6304 (Stack overflow in custom XML-parser in Gemalto's Sentinel LDK
RTE ...)
@@ -16719,9 +16719,9 @@ CVE-2018-3845
CVE-2018-3844
RESERVED
CVE-2018-3843 (An exploitable type confusion vulnerability exists in the way
Foxit ...)
- TODO: check
+ NOT-FOR-US: Foxit PDF Reader
CVE-2018-3842 (An exploitable use of an uninitialized pointer vulnerability
exists in ...)
- TODO: check
+ NOT-FOR-US: Foxit PDF Reader
CVE-2018-3841
RESERVED
CVE-2018-3840
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/80cfa8683da8a6fe170ea71a73fc9973252aa426
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/80cfa8683da8a6fe170ea71a73fc9973252aa426
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
