Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
328db790 by Salvatore Bonaccorso at 2018-06-03T07:50:40+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,11 +1,11 @@
CVE-2018-11682 (Default and unremovable support credentials allow attackers to
gain ...)
- TODO: check
+ NOT-FOR-US: products using the Stanza Lutron integration protocol
CVE-2018-11681 (Default and unremovable support credentials (user:nwk
password:nwk2) ...)
- TODO: check
+ NOT-FOR-US: products using the RadioRA 2 Lutron integration protocol
CVE-2018-11680 (An issue was discovered in CmsEasy 6.1_20180508. There is a
CSRF ...)
- TODO: check
+ NOT-FOR-US: CmsEasy
CVE-2018-11679 (An issue was discovered in CmsEasy 6.1_20180508. There is a
CSRF ...)
- TODO: check
+ NOT-FOR-US: CmsEasy
CVE-2018-11678
RESERVED
CVE-2018-11677
@@ -121,7 +121,7 @@ CVE-2018-11631 (Rondaful M1 Wristband Smart Band 1 devices
allow remote attacker
CVE-2018-11630
RESERVED
CVE-2018-11629 (Default and unremovable support credentials (user:lutron ...)
- TODO: check
+ NOT-FOR-US: products using the HomeWorks QS Lutron integration protocol
CVE-2018-11628 (Data input into EMS Master Calendar before 8.0.0.201805210 via
URL ...)
NOT-FOR-US: EMS Master Calendar
CVE-2018-11627 (Sinatra before 2.0.2 has XSS via the 400 Bad Request page that
occurs ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/328db790ee6b6c4cc55d89341d596d342ff74e0b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/328db790ee6b6c4cc55d89341d596d342ff74e0b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
