[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Thu, 21 Jun 2018 12:44:09 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c53143d2 by Salvatore Bonaccorso at 2018-06-21T21:43:31+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -38,9 +38,9 @@ CVE-2018-12593
 CVE-2018-12592 (Polycom RealPresence Web Suite before 2.2.0 does not block a 
user's ...)
        NOT-FOR-US: Polycom RealPresence Web Suite
 CVE-2018-12591 (Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer 
from an ...)
-       TODO: check
+       NOT-FOR-US: Ubiquiti Networks EdgeSwitch
 CVE-2018-12590 (Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer 
from an ...)
-       TODO: check
+       NOT-FOR-US: Ubiquiti Networks EdgeSwitch
 CVE-2018-12589
        RESERVED
 CVE-2018-12588 (Cross-site scripting (XSS) vulnerability in ...)
@@ -2671,9 +2671,9 @@ CVE-2018-11528 (WUZHI CMS 4.1.0 has SQL Injection via an 
api/sms_check.php?param
 CVE-2018-11527 (An issue was discovered in CScms v4.1. A Cross-site request 
forgery ...)
        NOT-FOR-US: CScms
 CVE-2018-11526 (The plugin &quot;WordPress Comments Import &amp; Export&quot; 
for WordPress (v2.0.4 ...)
-       TODO: check
+       NOT-FOR-US: "WordPress Comments Import & Export" plugin for WordPress
 CVE-2018-11525 (The plugin &quot;Advanced Order Export For WooCommerce&quot; 
for WordPress ...)
-       TODO: check
+       NOT-FOR-US: "Advanced Order Export For WooCommerce" plugin for WordPress
 CVE-2018-11524
        RESERVED
 CVE-2018-11523 (upload.php on NUUO NVRmini 2 devices allows Arbitrary File 
Upload, such ...)
@@ -3771,7 +3771,7 @@ CVE-2018-11118 (The RSS subsystem in ILIAS 5.1.x, 5.2.x, 
and 5.3.x before 5.3.5 
 CVE-2018-11117 (Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 
5.1.x, ...)
        NOT-FOR-US: ILIAS
 CVE-2018-11116 (OpenWrt mishandles access control in /etc/config/rpcd and the 
...)
-       TODO: check
+       NOT-FOR-US: OpenWrt
 CVE-2018-11115
        RESERVED
 CVE-2018-11114
@@ -8848,7 +8848,7 @@ CVE-2018-9038 (Monstra CMS 3.0.4 allows remote attackers 
to delete files via an 
 CVE-2018-9037 (Monstra CMS 3.0.4 allows remote code execution via an 
upload_file ...)
        NOT-FOR-US: Monstra CMS
 CVE-2018-9036 (CheckSec Canopy 3.x before 3.0.7 has stored XSS via the Login 
Page ...)
-       TODO: check
+       NOT-FOR-US: CheckSec Canopy
 CVE-2018-9035 (CSV Injection vulnerability in ExportToCsvUtf8.php of the 
Contact Form ...)
        NOT-FOR-US: Wordpress plugin
 CVE-2018-9034 (Cross-site scripting (XSS) vulnerability in lib/interface.php 
of the ...)
@@ -9756,7 +9756,7 @@ CVE-2018-8729 (Multiple cross-site scripting (XSS) 
vulnerabilities in the Activi
 CVE-2018-8728 (server/app/views/static/code.html in Kontena before 1.5.0 
allows XSS in ...)
        NOT-FOR-US: Kontena
 CVE-2018-8727 (Path Traversal in Gateway in Mirasys DVMS Workstation 5.12.6 
and ...)
-       TODO: check
+       NOT-FOR-US: Path Traversal in Gateway in Mirasys DVMS Workstation
 CVE-2017-18238 (An issue was discovered in Exempi before 2.4.4. The ...)
        {DLA-1310-1}
        - exempi 2.4.4-1 (low)
@@ -16965,13 +16965,13 @@ CVE-2018-6215
 CVE-2018-6214
        RESERVED
 CVE-2018-6213 (In the web server on D-Link DIR-620 devices with a certain 
customized ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-6212 (On D-Link DIR-620 devices with a certain customized (by ISP) 
variant ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-6211 (On D-Link DIR-620 devices with a certain customized (by ISP) 
variant ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-6210 (D-Link DIR-620 devices, with a certain Rostelekom variant of 
firmware ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-6209 (In Max Secure Anti Virus 19.0.3.019,, the driver file 
(MaxCryptMon.sys) ...)
        NOT-FOR-US: Max Secure Anti Virus
 CVE-2018-6208 (In Max Secure Anti Virus 19.0.3.019,, the driver file ...)
@@ -20008,9 +20008,9 @@ CVE-2018-5239
 CVE-2018-5238
        RESERVED
 CVE-2018-5237 (Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 
MP10 ...)
-       TODO: check
+       NOT-FOR-US: Symantec
 CVE-2018-5236 (Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 
MP10 may ...)
-       TODO: check
+       NOT-FOR-US: Symantec
 CVE-2018-5235
        RESERVED
 CVE-2018-5234 (The Norton Core router prior to v237 may be susceptible to a 
command ...)
@@ -31024,7 +31024,7 @@ CVE-2017-17445
 CVE-2017-17444
        RESERVED
 CVE-2017-17443 (OPC Foundation Local Discovery Server (LDS) 1.03.370 required 
a ...)
-       TODO: check
+       NOT-FOR-US: OPC Foundation Local Discovery Server
 CVE-2017-17442 (In BlackBerry UEM Management Console version 12.7.1 and 
earlier, a ...)
        NOT-FOR-US: BlackBerry
 CVE-2017-17441
@@ -31179,7 +31179,7 @@ CVE-2018-1152 (libjpeg-turbo 1.5.90 is vulnerable to a 
denial of service ...)
        - libjpeg-turbo <unfixed>
        NOTE: 
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6
 CVE-2018-1151 (The web server on Western Digital TV Media Player 1.03.07 and 
TV Live ...)
-       TODO: check
+       NOT-FOR-US: web server on Western Digital TV Media Player and TV Live 
Hub
 CVE-2018-1150
        RESERVED
 CVE-2018-1149
@@ -31917,7 +31917,7 @@ CVE-2017-17311
 CVE-2017-17310 (Electronic Numbers to URI Mapping (ENUM) module in some Huawei 
...)
        NOT-FOR-US: Huawei
 CVE-2017-17309 (Huawei HG255s-10 V100R001C163B025SP02 has a path traversal ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2017-17308 (SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, 
...)
        NOT-FOR-US: Huawei
 CVE-2017-17307 (Some Huawei Smartphones with software of VNS-L21AUTC555B141 
have an ...)
@@ -32189,9 +32189,9 @@ CVE-2017-17175
 CVE-2017-17174
        RESERVED
 CVE-2017-17173 (Due to insufficient parameters verification GPU driver of Mate 
9 Pro ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2017-17172 (Huawei smart phones LYO-L21 with software LYO-L21C479B107, ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2017-17171 (Some Huawei smart phones have the denial of service (DoS) ...)
        NOT-FOR-US: Huawei
 CVE-2017-17170 (The CIDAM Protocol on Huawei DP300 V500R002C00; 
V500R002C00B010; ...)
@@ -81853,7 +81853,7 @@ CVE-2017-1407 (IBM Security Identity Manager Virtual 
Appliance 6.0 and 7.0 could
 CVE-2017-1406
        RESERVED
 CVE-2017-1405 (IBM Security Identity Manager Virtual Appliance 7.0 processes 
patches, ...)
-       TODO: check
+       NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
 CVE-2017-1404
        RESERVED
 CVE-2017-1403



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c53143d22f02f2b6f519253be12ca5b7f66c411a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c53143d22f02f2b6f519253be12ca5b7f66c411a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to