Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 55b2e766 by Salvatore Bonaccorso at 2018-04-26T10:24:11+02:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -3,13 +3,13 @@ CVE-2018-10427 CVE-2018-10426 RESERVED CVE-2018-10425 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. ...) - TODO: check + NOT-FOR-US: Shanghai 2345 Security Guard CVE-2018-10424 (mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via ...) - TODO: check + NOT-FOR-US: MiniCMS CVE-2018-10423 (mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a ...) - TODO: check + NOT-FOR-US: MiniCMS CVE-2018-10422 (An issue was discovered in HongCMS 3.0.0. The post news feature has ...) - TODO: check + NOT-FOR-US: HongCMS CVE-2018-10421 RESERVED CVE-2018-10420 @@ -73,7 +73,7 @@ CVE-2018-10392 (mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does - libvorbis <unfixed> NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2335 CVE-2018-10391 (An issue was discovered in WUZHI CMS 4.1.0. There is XSS via the email ...) - TODO: check + NOT-FOR-US: WUZHI CMS CVE-2018-10390 RESERVED CVE-2018-10389 @@ -93,7 +93,7 @@ CVE-2018-10383 CVE-2018-10382 RESERVED CVE-2018-10381 (TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege ...) - TODO: check + NOT-FOR-US: TunnelBear for Windows CVE-2018-10380 RESERVED CVE-2018-10379 @@ -3057,7 +3057,7 @@ CVE-2018-9115 (Systematic SitaWare 6.4 SP2 does not validate input from other so CVE-2018-9114 RESERVED CVE-2018-9113 (Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows ...) - TODO: check + NOT-FOR-US: Centers for Disease Control and Prevention MicrobeTRACE CVE-2018-9112 RESERVED CVE-2018-9111 @@ -3075,13 +3075,13 @@ CVE-2018-9106 (CSV Injection (aka Excel Macro Injection or Formula Injection) ex CVE-2018-9105 (NordVPN 3.3.10 for macOS suffers from a root privilege escalation ...) NOT-FOR-US: NordVPN CVE-2018-9104 (A vulnerability in the conferencing component of Mitel MiVoice ...) - TODO: check + NOT-FOR-US: Mitel CVE-2018-9103 (A vulnerability in the conferencing component of Mitel MiVoice ...) - TODO: check + NOT-FOR-US: Mitel CVE-2018-9102 (A vulnerability in the conferencing component of Mitel MiVoice ...) - TODO: check + NOT-FOR-US: Mitel CVE-2018-9101 (A vulnerability in the conferencing component of Mitel MiVoice ...) - TODO: check + NOT-FOR-US: Mitel CVE-2018-9100 RESERVED CVE-2018-9099 @@ -3393,7 +3393,7 @@ CVE-2018-8975 (The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm th - netpbm-free <not-affected> (Vulnerable code not present) NOTE: Debian uses an unaffected fork CVE-2018-8974 (Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows ...) - TODO: check + NOT-FOR-US: Centers for Disease Control and Prevention MicrobeTRACE CVE-2018-8973 (OTCMS 3.20 allows XSS by adding a keyword or link to an article, as ...) NOT-FOR-US: OTCMS CVE-2018-8972 (Creditwest Bank CMS Project (aka CWCMS) through 2017-07-28 has CSRF in ...) @@ -4173,7 +4173,7 @@ CVE-2017-18232 (The Serial Attached SCSI (SAS) implementation in the Linux kerne CVE-2018-8717 (joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an administrator ...) NOT-FOR-US: joyplus-cms CVE-2018-8716 (WSO2 Identity Server before 5.5.0 has XSS via the dashboard, allowing ...) - TODO: check + NOT-FOR-US: WSO2 Identity Server CVE-2018-8715 (The Embedthis HTTP library, and Appweb versions before 7.0.3, have a ...) NOT-FOR-US: Embedthis HTTP library / Appweb CVE-2018-8714 @@ -13293,7 +13293,7 @@ CVE-2018-5488 CVE-2018-5487 RESERVED CVE-2018-5486 (NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ...) - TODO: check + NOT-FOR-US: NetApp OnCommand Unified Manager for Linux CVE-2018-5485 RESERVED CVE-2018-5484 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/55b2e766a15836d748431521c50484a37a7627e0 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/55b2e766a15836d748431521c50484a37a7627e0 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits