[Git][security-tracker-team/security-tracker][master] NFUs

Tue, 15 May 2018 03:35:47 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f0685441 by Moritz Muehlenhoff at 2018-05-15T12:33:38+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -12,9 +12,9 @@ CVE-2018-11100 (The decompileSETTARGET function in 
decompile.c in libming throug
 CVE-2018-11099
        RESERVED
 CVE-2018-11098 (An issue was discovered in Frog CMS 0.9.5. There is a file 
upload ...)
-       TODO: check
+       NOT-FOR-US: Frog CMS
 CVE-2018-11097 (An issue was discovered in cloudwu/cstring through 2016-11-09. 
There is ...)
-       TODO: check
+       NOT-FOR-US: cloudwu
 CVE-2018-11096
        RESERVED
 CVE-2018-11095 (The decompileJUMP function in decompile.c in libming through 
0.4.8 ...)
@@ -26,9 +26,9 @@ CVE-2018-11093
 CVE-2018-11092
        RESERVED
 CVE-2018-11091 (An issue was discovered in MyBiz MyProcureNet 5.0.0. A 
malicious file ...)
-       TODO: check
+       NOT-FOR-US: MyBiz MyProcureNet
 CVE-2018-11090 (An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This 
...)
-       TODO: check
+       NOT-FOR-US: MyBiz MyProcureNet
 CVE-2018-11089
        RESERVED
 CVE-2018-11088
@@ -231,9 +231,9 @@ CVE-2018-10993
 CVE-2018-10991
        REJECTED
 CVE-2018-10990 (On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 
devices, a ...)
-       TODO: check
+       NOT-FOR-US: Arris Touchstone Telephony Gateway
 CVE-2018-10989 (Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices 
are ...)
-       TODO: check
+       NOT-FOR-US: Arris Touchstone Telephony Gateway
 CVE-2018-10988
        RESERVED
 CVE-2018-10987
@@ -592,7 +592,7 @@ CVE-2018-10827 (LiteCart before 2.1.2 allows remote 
attackers to cause a denial 
 CVE-2018-10826
        RESERVED
 CVE-2018-10825 (Mimo Baby 2 devices do not use authentication or encryption 
for the ...)
-       TODO: check
+       NOT-FOR-US: Mimo Baby 2
 CVE-2018-10824
        RESERVED
 CVE-2018-10823
@@ -1988,7 +1988,7 @@ CVE-2018-10254 (Netwide Assembler (NASM) 2.13 has a 
stack-based buffer over-read
 CVE-2018-10253 (Paessler PRTG Network Monitor before 18.1.39.1648 mishandles 
stack ...)
        NOT-FOR-US: Paessler PRTG Network Monitor
 CVE-2018-10252 (An issue was discovered on Actiontec WCB6200Q before 
1.1.10.20a ...)
-       TODO: check
+       NOT-FOR-US: Actiontec WCB6200Q
 CVE-2018-10251 (A vulnerability in Sierra Wireless AirLink GX400, GX440, 
ES440, and ...)
        NOT-FOR-US: Sierra Wireless AirLink routers
 CVE-2018-10250 (iCMS V7.0.8 has XSS via the admincp.php keywords parameter in 
a ...)
@@ -5405,7 +5405,7 @@ CVE-2018-8845
 CVE-2018-8844
        RESERVED
 CVE-2018-8843 (Rockwell Automation Arena versions 16.10.00 and prior contains 
a use ...)
-       TODO: check
+       NOT-FOR-US: Rockwell
 CVE-2018-8842
        RESERVED
 CVE-2018-8841
@@ -15830,7 +15830,7 @@ CVE-2018-5232
 CVE-2018-5231
        RESERVED
 CVE-2018-5230 (The issue collector in Atlassian Jira before version 7.6.6, 
from ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2018-5229
        RESERVED
 CVE-2018-5228 (The /browse/~raw resource in Atlassian Fisheye and Crucible 
before ...)
@@ -29288,7 +29288,7 @@ CVE-2018-0593
 CVE-2018-0592
        RESERVED
 CVE-2018-0591 (The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS 
Ver ...)
-       TODO: check
+       NOT-FOR-US: KINEPASS
 CVE-2018-0590 (Ultimate Member plugin prior to version 2.0.4 for WordPress 
allows ...)
        NOT-FOR-US: WordPress plugin ultimate-member
 CVE-2018-0589 (Ultimate Member plugin prior to version 2.0.4 for WordPress 
allows ...)
@@ -29310,7 +29310,7 @@ CVE-2018-0582 (Cross-site scripting vulnerability in 
ASUS RT-AC68U Firmware vers
 CVE-2018-0581 (Cross-site scripting vulnerability in ASUS RT-AC87U Firmware 
version ...)
        NOT-FOR-US: ASUS
 CVE-2018-0580 (Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO 
series ...)
-       TODO: check
+       NOT-FOR-US: CELSYS
 CVE-2018-0579 (Cross-site scripting vulnerability in Open Graph for Facebook, 
Google+ ...)
        NOT-FOR-US: WordPress plugin wonderm00ns-simple-facebook-open-graph-tags
 CVE-2018-0578 (Cross-site scripting vulnerability in PixelYourSite plugin 
prior to ...)
@@ -31288,7 +31288,7 @@ CVE-2017-16862 (The IncomingMailServers resource in 
Atlassian Jira before versio
 CVE-2017-16861 (It was possible for double OGNL evaluation in certain redirect 
action ...)
        NOT-FOR-US: Atlassian Fisheye and Crucible
 CVE-2017-16860 (The invalidRedirectUrl template in Atlassian Application Links 
before ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2017-16859
        RESERVED
 CVE-2017-16858 (The 'crowd-application' plugin module (notably used by the 
Google Apps ...)
@@ -38624,21 +38624,21 @@ CVE-2017-14440 (An exploitable code execution 
vulnerability exists in the ILBM i
        NOTE: 
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0489
        NOTE: https://hg.libsdl.org/SDL_image/rev/bfa08dc02b3c
 CVE-2017-14439 (Exploitable denial of service vulnerabilities exists in the 
Service ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2017-14438 (Exploitable denial of service vulnerabilities exists in the 
Service ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2017-14437 (An exploitable denial of service vulnerability exists in the 
web ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2017-14436 (An exploitable denial of service vulnerability exists in the 
web ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2017-14435 (An exploitable denial of service vulnerability exists in the 
web ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2017-14434 (An exploitable command injection vulnerability exists in the 
web ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2017-14433 (An exploitable command injection vulnerability exists in the 
web ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2017-14432 (An exploitable command injection vulnerability exists in the 
web ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2017-14430 (D-Link DIR-850L REV. A (with firmware through 
FW114WWb07_h2ab_beta1) ...)
        NOT-FOR-US: D-Link
 CVE-2017-14429 (The DHCP client on D-Link DIR-850L REV. A (with firmware 
through ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0685441c8059f7255a3ca03efa9c650ce8f7d25

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0685441c8059f7255a3ca03efa9c650ce8f7d25
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to