[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Thu, 03 May 2018 14:10:03 -0700

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7179c6c7 by Moritz Muehlenhoff at 2018-05-03T23:08:35+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,9 +3,9 @@ CVE-2018-10720
 CVE-2018-10719
        RESERVED
 CVE-2018-10718 (Stack-based buffer overflow in Activision Infinity Ward Call 
of Duty ...)
-       TODO: check
+       NOT-FOR-US: Activision
 CVE-2018-10717 (The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 
does not ...)
-       TODO: check
+       NOT-FOR-US: ngiflib
 CVE-2018-10716 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 
...)
        NOT-FOR-US: Shanghai 2345 Security Guard
 CVE-2018-10715
@@ -98,7 +98,7 @@ CVE-2018-10679
 CVE-2018-10678
        RESERVED
 CVE-2018-10677 (The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 
lacks ...)
-       TODO: check
+       NOT-FOR-US: ngiflib
 CVE-2018-10676 (CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision 
DVR ...)
        NOT-FOR-US: CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK 
Vision DVR devices
 CVE-2018-10674
@@ -118,7 +118,7 @@ CVE-2018-10668
 CVE-2018-10667
        RESERVED
 CVE-2018-10666 (The Owned smart contract implementation for Aurora IDEX 
Membership ...)
-       TODO: check
+       NOT-FOR-US: Aurora IDEX
 CVE-2018-10665 (ILIAS 5.3.4 has XSS through unsanitized output of PHP_SELF, 
related to ...)
        NOT-FOR-US: ILIAS
 CVE-2018-10664
@@ -1927,7 +1927,7 @@ CVE-2018-9921 (In CMS Made Simple 2.2.7, a Directory 
Traversal issue makes it po
 CVE-2018-9920
        RESERVED
 CVE-2018-9919 (A web-accessible backdoor, with resultant SSRF, exists in 
Tp-shop ...)
-       TODO: check
+       NOT-FOR-US: Tp-shop
 CVE-2018-9918 (libqpdf.a in QPDF through 8.0.2 mishandles certain 
&quot;expected dictionary ...)
        - qpdf 8.0.2-3 (bug #895443)
        [stretch] - qpdf <no-dsa> (Minor issue)
@@ -4340,7 +4340,7 @@ CVE-2018-8902
 CVE-2018-8901
        RESERVED
 CVE-2018-8900 (The License Manager service of HASP SRM, Sentinel HASP and 
Sentinel ...)
-       TODO: check
+       NOT-FOR-US: HASP SRM
 CVE-2018-8899 (IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 
2.1.3 ...)
        NOT-FOR-US: IdentityServer
 CVE-2018-8898
@@ -6115,7 +6115,7 @@ CVE-2018-8117 (A security feature bypass vulnerability 
exists in the Microsoft .
 CVE-2018-8116 (A denial of service vulnerability exists in the way that 
Windows ...)
        NOT-FOR-US: Microsoft
 CVE-2018-8115 (A remote code execution vulnerability exists when the Windows 
Host ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2018-8114
        RESERVED
 CVE-2018-8113
@@ -6704,7 +6704,7 @@ CVE-2018-7893 (CMS Made Simple (CMSMS) 2.2.6 has stored 
XSS in ...)
 CVE-2018-7892
        RESERVED
 CVE-2018-7891 (The Milestone XProtect Video Management Software (Corporate, 
Expert, ...)
-       TODO: check
+       NOT-FOR-US: Milestone XProtect Video Management Software
 CVE-2018-7995 (** DISPUTED ** Race condition in the store_int_with_restart() 
function ...)
        {DSA-4188-1 DSA-4187-1 DLA-1369-1}
        - linux 4.15.11-1
@@ -10770,7 +10770,7 @@ CVE-2018-6591 (Converse.js and Inverse.js through 3.3 
allow remote attackers to 
 CVE-2018-6590
        RESERVED
 CVE-2018-6589 (CA Spectrum 10.1 prior to 10.01.02.PTF_10.1.239 and 10.2.x 
prior to ...)
-       TODO: check
+       NOT-FOR-US: CA Spectrum
 CVE-2018-6588 (CA API Developer Portal 3.5 up to and including 3.5 CR5 has a 
...)
        NOT-FOR-US: CA API Developer Portal
 CVE-2018-6587 (CA API Developer Portal 3.5 up to and including 3.5 CR6 has a 
...)
@@ -11399,7 +11399,7 @@ CVE-2018-6403
 CVE-2018-6402
        RESERVED
 CVE-2018-6401 (Meross MSS110 devices before 1.1.24 contain a TELNET listener 
providing ...)
-       TODO: check
+       NOT-FOR-US: Meross
 CVE-2018-6400 (Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain 
...)
        NOT-FOR-US: Kingsoft WPS Office Free
 CVE-2018-6399
@@ -11881,7 +11881,7 @@ CVE-2018-6244
 CVE-2018-6243
        RESERVED
 CVE-2018-6242 (Some NVIDIA Tegra mobile processors released prior to 2016 
contain a ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2018-6241
        RESERVED
 CVE-2018-6240
@@ -14854,7 +14854,7 @@ CVE-2018-5236
 CVE-2018-5235
        RESERVED
 CVE-2018-5234 (The Norton Core router prior to v237 may be susceptible to a 
command ...)
-       TODO: check
+       NOT-FOR-US: Norton Core router
 CVE-2017-18022 (In ImageMagick 7.0.7-12 Q16, there are memory leaks in ...)
        - imagemagick 8:6.9.9.34+dfsg-3 (unimportant)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/904
@@ -15975,7 +15975,7 @@ CVE-2018-4851
 CVE-2018-4850
        RESERVED
 CVE-2018-4849 (A vulnerability has been identified in Siveillance VMS Video 
for ...)
-       TODO: check
+       NOT-FOR-US: Siveillance VMS Video
 CVE-2018-4848
        RESERVED
 CVE-2018-4847 (A vulnerability has been identified in SIMATIC WinCC OA 
Operator iOS ...)
@@ -25499,7 +25499,7 @@ CVE-2018-1279
 CVE-2018-1278
        RESERVED
 CVE-2018-1277 (Cloud Foundry Garden-runC, versions prior to 1.13.0, does not 
...)
-       TODO: check
+       NOT-FOR-US: Cloud Foundry
 CVE-2018-1276
        RESERVED
 CVE-2018-1275 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 
prior ...)
@@ -25696,7 +25696,7 @@ CVE-2018-1185 (An issue was discovered in EMC 
RecoverPoint for Virtual Machines 
 CVE-2018-1184 (An issue was discovered in EMC RecoverPoint for Virtual 
Machines ...)
        NOT-FOR-US: EMC
 CVE-2018-1183 (In Dell EMC Unisphere for VMAX Virtual Appliance versions prior 
to ...)
-       TODO: check
+       NOT-FOR-US: EMC
 CVE-2018-1182 (An issue was discovered in EMC RSA Identity Governance and 
Lifecycle ...)
        NOT-FOR-US: EMC
 CVE-2018-1181
@@ -26527,7 +26527,7 @@ CVE-2017-17320 (Huawei Mate 9 Pro smartphones with 
software of LON-AL00BC00B139D
 CVE-2017-17319 (Huawei P9 smartphones with the versions before 
EVA-AL10C00B399SP02 ...)
        NOT-FOR-US: Huawei
 CVE-2017-17318 (Huawei MBB (Mobile Broadband) products E5771h-937 with the 
versions ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2017-17317
        RESERVED
 CVE-2017-17316
@@ -26535,7 +26535,7 @@ CVE-2017-17316
 CVE-2017-17315
        RESERVED
 CVE-2017-17314 (Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, 
...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2017-17313 (The inputhub driver of HUAWEI P9 Lite mobile phones with 
Versions ...)
        NOT-FOR-US: inputhub driver of HUAWEI P9 Lite mobile phones
 CVE-2017-17312
@@ -27853,7 +27853,7 @@ CVE-2018-0713
 CVE-2018-0712
        RESERVED
 CVE-2018-0711 (Cross-site scripting (XSS) vulnerability in QNAP QTS 4.3.3 
build ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2018-0710
        RESERVED
 CVE-2018-0709
@@ -28409,7 +28409,7 @@ CVE-2017-17022
 CVE-2017-17021
        RESERVED
 CVE-2017-17020 (On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, 
DCS-5010 ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2017-17019
        RESERVED
 CVE-2017-17018
@@ -28891,27 +28891,27 @@ CVE-2018-0290
 CVE-2018-0289
        RESERVED
 CVE-2018-0288 (A vulnerability in Cisco WebEx Recording Format (WRF) Player 
could ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0287 (A vulnerability in the Cisco WebEx Network Recording Player for 
...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0286 (A vulnerability in the netconf interface of Cisco IOS XR 
Software could ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0285 (A vulnerability in service logging for Cisco Prime Service 
Catalog ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0284
        RESERVED
 CVE-2018-0283 (A vulnerability in the detection engine of Cisco Firepower 
System ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0282
        RESERVED
 CVE-2018-0281 (A vulnerability in the detection engine of Cisco Firepower 
System ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0280
        RESERVED
 CVE-2018-0279
        RESERVED
 CVE-2018-0278 (A vulnerability in the management console of Cisco Firepower 
System ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0277
        RESERVED
 CVE-2018-0276 (A vulnerability in Cisco WebEx Connect IM could allow an ...)
@@ -28939,11 +28939,11 @@ CVE-2018-0266 (A vulnerability in the web framework 
of Cisco Unified Communicati
 CVE-2018-0265
        RESERVED
 CVE-2018-0264 (A vulnerability in the Cisco WebEx Network Recording Player for 
...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0263
        RESERVED
 CVE-2018-0262 (A vulnerability in Cisco Meeting Server could allow an 
unauthenticated, ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0261
        RESERVED
 CVE-2018-0260 (A vulnerability in the web interface of Cisco MATE Live could 
allow an ...)
@@ -28951,7 +28951,7 @@ CVE-2018-0260 (A vulnerability in the web interface of 
Cisco MATE Live could all
 CVE-2018-0259 (A vulnerability in the web-based management interface of Cisco 
MATE ...)
        NOT-FOR-US: Cisco
 CVE-2018-0258 (A vulnerability in the Cisco Prime File Upload servlet 
affecting ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0257 (A vulnerability in Cisco IOS XE Software running on Cisco cBR 
Series ...)
        NOT-FOR-US: Cisco
 CVE-2018-0256 (A vulnerability in the peer-to-peer message processing 
functionality of ...)
@@ -28961,23 +28961,23 @@ CVE-2018-0255 (A vulnerability in the device manager 
web interface of Cisco Indu
 CVE-2018-0254 (A vulnerability in the detection engine of Cisco Firepower 
System ...)
        NOT-FOR-US: Cisco
 CVE-2018-0253 (A vulnerability in the ACS Report component of Cisco Secure 
Access ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0252 (A vulnerability in the IP Version 4 (IPv4) fragment reassembly 
function ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0251 (A vulnerability in the Web Server Authentication Required 
screen of the ...)
        NOT-FOR-US: Cisco
 CVE-2018-0250 (A vulnerability in Central Web Authentication (CWA) with 
FlexConnect ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0249 (A vulnerability when handling incoming 802.11 Association 
Requests for ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0248
        RESERVED
 CVE-2018-0247 (A vulnerability in Web Authentication (WebAuth) clients for the 
Cisco ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0246
        RESERVED
 CVE-2018-0245 (A vulnerability in the REST API of Cisco 5500 and 8500 Series 
Wireless ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0244 (A vulnerability in the detection engine of Cisco Firepower 
System ...)
        NOT-FOR-US: Cisco
 CVE-2018-0243 (A vulnerability in the detection engine of Cisco Firepower 
System ...)
@@ -28997,9 +28997,9 @@ CVE-2018-0237 (A vulnerability in the file type 
detection mechanism of the Cisco
 CVE-2018-0236
        RESERVED
 CVE-2018-0235 (A vulnerability in the 802.11 frame validation functionality of 
the ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0234 (A vulnerability in the implementation of Point-to-Point 
Tunneling ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0233 (A vulnerability in the Secure Sockets Layer (SSL) packet 
reassembly ...)
        NOT-FOR-US: Cisco
 CVE-2018-0232
@@ -29015,7 +29015,7 @@ CVE-2018-0228 (A vulnerability in the ingress flow 
creation functionality of Cis
 CVE-2018-0227 (A vulnerability in the Secure Sockets Layer (SSL) Virtual 
Private ...)
        NOT-FOR-US: Cisco
 CVE-2018-0226 (A vulnerability in the assignment and management of default 
user ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0225
        RESERVED
 CVE-2018-0224 (A vulnerability in the CLI of the Cisco StarOS operating system 
for ...)
@@ -38746,11 +38746,11 @@ CVE-2017-14016 (A Stack-based Buffer Overflow issue 
was discovered in Advantech 
 CVE-2017-14015
        RESERVED
 CVE-2017-14014 (Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a 
hard-coded ...)
-       TODO: check
+       NOT-FOR-US: Boston Scientific ZOOM LATITUDE PRM Model 3120
 CVE-2017-14013 (A Client-Side Enforcement of Server-Side Security issue was 
discovered ...)
        NOT-FOR-US: ProMinent MultiFLEX M10a Controller
 CVE-2017-14012 (Boston Scientific ZOOM LATITUDE PRM Model 3120 does not 
encrypt PHI at ...)
-       TODO: check
+       NOT-FOR-US: Boston Scientific ZOOM LATITUDE PRM Model 3120
 CVE-2017-14011 (A Cross-Site Request Forgery issue was discovered in ProMinent 
...)
        NOT-FOR-US: ProMinent MultiFLEX M10a Controller
 CVE-2017-14010 (In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, 
Versions ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7179c6c755ca65291444538089b31ebefb81d6a1

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7179c6c755ca65291444538089b31ebefb81d6a1
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to