Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
742717ab by Moritz Muehlenhoff at 2018-05-18T22:22:28+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -20,15 +20,15 @@ CVE-2018-11250
CVE-2018-11249
RESERVED
CVE-2018-11248 (util/FileDownloadUtils.java in FileDownloader 1.7.3 does not
check an ...)
- TODO: check
+ NOT-FOR-US: FileDownloader
CVE-2018-11247
RESERVED
CVE-2018-11246
RESERVED
CVE-2018-11245 (app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with
cortex ...)
- TODO: check
+ NOT-FOR-US: MISP
CVE-2018-11244 (The BBE theme before 1.53 for WordPress allows a direct launch
of an ...)
- TODO: check
+ NOT-FOR-US: Wordpress thrme
CVE-2018-11243 (PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows
remote ...)
TODO: check
CVE-2018-11242
@@ -57,7 +57,7 @@ CVE-2018-11234
CVE-2018-11233
RESERVED
CVE-2018-1000400 (Kubernetes CRI-O version prior to 1.9 contains a Privilege
Context ...)
- TODO: check
+ NOT-FOR-US: Kubernetes CRI-O
CVE-2017-18273 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite
loop ...)
TODO: check
CVE-2017-18272 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a ...)
@@ -662,9 +662,9 @@ CVE-2018-10970
CVE-2018-10969
RESERVED
CVE-2018-10968 (On D-Link DIR-550A and DIR-604M devices through v2.10KR, a
malicious ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2018-10967 (On D-Link DIR-550A and DIR-604M devices through v2.10KR, a
malicious ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2018-10966
RESERVED
CVE-2018-10965
@@ -2258,9 +2258,9 @@ CVE-2018-10309 (The Responsive Cookie Consent plugin
before 1.8 for WordPress ..
CVE-2018-10308
RESERVED
CVE-2018-10307 (error.php in ILIAS 5.2.x through 5.3.x before 5.3.4 allows XSS
via the ...)
- TODO: check
+ NOT-FOR-US: ILIAS
CVE-2018-10306 (Services/Form/classes/class.ilDateDurationInputGUI.php and ...)
- TODO: check
+ NOT-FOR-US: ILIAS
CVE-2018-10305 (The MessageSearch2 function in PersonalMessage.php in Simple
Machines ...)
NOT-FOR-US: Simple Machines Forum
CVE-2018-10304
@@ -4793,7 +4793,7 @@ CVE-2017-18258 (The xz_head function in xzlib.c in
libxml2 before 2.9.6 allows r
NOTE: When fixing this issue make sure to not open CVE-2018-9251 and
apply
NOTE: the fix for CVE-2018-9251 /
https://bugzilla.gnome.org/show_bug.cgi?id=794914
CVE-2018-9250 (interface\super\edit_list.php in OpenEMR before v5_0_1_1 allows
remote ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2018-9249 (FiberHome VDSL2 Modem HG 150-UB devices allow authentication
bypass by ...)
NOT-FOR-US: FiberHome VDSL2 Modem HG 150-UB devices
CVE-2018-9248 (FiberHome VDSL2 Modem HG 150-UB devices allow authentication
bypass via ...)
@@ -5791,7 +5791,7 @@ CVE-2018-8851
CVE-2018-8850
RESERVED
CVE-2018-8849 (Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician
...)
- TODO: check
+ NOT-FOR-US: Medtronic
CVE-2018-8848
RESERVED
CVE-2018-8847
@@ -16178,7 +16178,7 @@ CVE-2018-5258 (The Neon app 1.6.14 iOS does not verify
X.509 certificates from S
CVE-2018-5257
RESERVED
CVE-2018-5256 (CoreOS Tectonic 1.7.x before 1.7.9-tectonic.4 and 1.8.x before
...)
- TODO: check
+ NOT-FOR-US: CoreOS Tectonic
CVE-2014-10069 (Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that
is shared ...)
NOT-FOR-US: Hitron CVE-30360 devices
CVE-2018-5255 (The Mlag agent in Arista EOS 4.19 before 4.19.4M and 4.20
before ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/742717ab0136940f792535bd849960e6bf203f7a
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/742717ab0136940f792535bd849960e6bf203f7a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
