[Git][security-tracker-team/security-tracker][master] Process NFUs

Sat, 21 Apr 2018 02:05:11 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c7a73540 by Salvatore Bonaccorso at 2018-04-21T11:04:20+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,5 +1,5 @@
 CVE-2018-10253 (Paessler PRTG Network Monitor before 18.1.39.1648 mishandles 
stack ...)
-       TODO: check
+       NOT-FOR-US: Paessler PRTG Network Monitor
 CVE-2018-10252
        RESERVED
 CVE-2018-10251
@@ -201,13 +201,13 @@ CVE-2018-10177 (In ImageMagick 7.0.7-28, there is an 
infinite loop in the ...)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/1095
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/9fdda6391e38aaad3bfd6a30bd6a72bd31aeee02
 CVE-2018-10176 (Digital Guardian Management Console 7.1.2.0015 has a Directory 
...)
-       TODO: check
+       NOT-FOR-US: Digital Guardian Management Console
 CVE-2018-10175 (Digital Guardian Management Console 7.1.2.0015 has an XXE 
issue. ...)
-       TODO: check
+       NOT-FOR-US: Digital Guardian Management Console
 CVE-2018-10174 (Digital Guardian Management Console 7.1.2.0015 has an SSRF 
issue that ...)
-       TODO: check
+       NOT-FOR-US: Digital Guardian Management Console
 CVE-2018-10173 (Digital Guardian Management Console 7.1.2.0015 allows 
authenticated ...)
-       TODO: check
+       NOT-FOR-US: Digital Guardian Management Console
 CVE-2018-10172 (7-Zip through 18.01 on Windows implements the "Large 
memory pages" ...)
        NOT-FOR-US: 7-Zip
 CVE-2018-10171
@@ -432,11 +432,11 @@ CVE-2018-10081 (CMS Made Simple (CMSMS) through 2.2.6 
contains an admin password
 CVE-2018-10080 (Secutech RiS-11, RiS-22, and RiS-33 devices with firmware ...)
        NOT-FOR-US: Secutech RiS-11, RiS-22, and RiS-33 devices
 CVE-2018-10079 (Geist WatchDog Console 3.2.2 uses a weak ACL for the ...)
-       TODO: check
+       NOT-FOR-US: Geist WatchDog Console
 CVE-2018-10078 (Cross-site scripting (XSS) vulnerability in Geist WatchDog 
Console ...)
-       TODO: check
+       NOT-FOR-US: Geist WatchDog Console
 CVE-2018-10077 (XML external entity (XXE) vulnerability in Geist WatchDog 
Console ...)
-       TODO: check
+       NOT-FOR-US: Geist WatchDog Console
 CVE-2018-10076
        RESERVED
 CVE-2018-10075
@@ -2761,7 +2761,7 @@ CVE-2018-9061
 CVE-2018-9060
        RESERVED
 CVE-2018-9059 (Stack-based buffer overflow in Easy File Sharing (EFS) Web 
Server 7.2 ...)
-       TODO: check
+       NOT-FOR-US: Easy File Sharing (EFS)
 CVE-2018-9058 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop 
in the ...)
        - lrzip <unfixed> (unimportant)
        NOTE: https://github.com/ckolivas/lrzip/issues/93
@@ -3374,7 +3374,7 @@ CVE-2018-8828 (A Buffer Overflow issue was discovered in 
Kamailio before 4.4.7, 
 CVE-2018-8827
        RESERVED
 CVE-2018-8826 (ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and 
RT-N12 D1 ...)
-       TODO: check
+       NOT-FOR-US: ASUS routers
 CVE-2018-8825
        RESERVED
 CVE-2018-8824
@@ -5888,7 +5888,7 @@ CVE-2018-7749 (The SSH server implementation of AsyncSSH 
before 1.12.1 does not 
 CVE-2018-7748
        RESERVED
 CVE-2018-7747 (Multiple cross-site scripting (XSS) vulnerabilities in the 
Caldera ...)
-       TODO: check
+       NOT-FOR-US: Caldera Forms plugin for WordPress
 CVE-2018-7746 (An issue was discovered in Western Bridge Cobub Razor 0.7.2. 
...)
        NOT-FOR-US: Western Bridge Cobub Razor
 CVE-2018-7745 (An issue was discovered in Western Bridge Cobub Razor 0.7.2. 
...)
@@ -26860,7 +26860,7 @@ CVE-2018-0566
 CVE-2018-0565
        RESERVED
 CVE-2018-0564 (Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, 
EC-CUBE ...)
-       TODO: check
+       NOT-FOR-US: EC-CUBE
 CVE-2018-0563
        RESERVED
 CVE-2018-0562 (Untrusted search path vulnerability in Installer of SoundEngine 
Free ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c7a735401d7830f201cc68edd518906f8f9e8a95

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c7a735401d7830f201cc68edd518906f8f9e8a95
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to