[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Fri, 29 Jun 2018 01:08:09 -0700

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8c14aeda by Moritz Muehlenhoff at 2018-06-29T10:07:28+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -20,21 +20,21 @@ CVE-2018-12929 (ntfs_read_locked_inode in the ntfs.ko 
filesystem driver in the L
 CVE-2018-12928 (In the Linux kernel 4.15.0, a NULL pointer dereference was 
discovered ...)
        TODO: check
 CVE-2018-12927 (Northern Electric &amp; Power (NEP) inverter devices allow 
remote attackers ...)
-       TODO: check
+       NOT-FOR-US: Northern Electric
 CVE-2018-12926 (Pharos Controls devices allow remote attackers to obtain 
potentially ...)
-       TODO: check
+       NOT-FOR-US: Pharos Controls
 CVE-2018-12925 (Baseon Lantronix MSS devices do not require a password for 
TELNET ...)
-       TODO: check
+       NOT-FOR-US: Baseon Lantronix
 CVE-2018-12924 (Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server 
devices have ...)
-       TODO: check
+       NOT-FOR-US: Sollae
 CVE-2018-12923 (BWS Systems HA-Bridge devices allow remote attackers to obtain 
...)
-       TODO: check
+       NOT-FOR-US: BWS Systems
 CVE-2018-12922 (Emerson Liebert IntelliSlot Web Card devices allow remote 
attackers to ...)
-       TODO: check
+       NOT-FOR-US: Emerson Liebert
 CVE-2018-12921 (Electro Industries GaugeTech Nexus devices allow remote 
attackers to ...)
-       TODO: check
+       NOT-FOR-US: Electro Industries GaugeTech
 CVE-2018-12920 (Brickstream 2300 devices allow remote attackers to obtain 
potentially ...)
-       TODO: check
+       NOT-FOR-US: Brickstream
 CVE-2018-12919 (In CraftedWeb through 2013-09-24, 
aasp_includes/pages/notice.php allows ...)
        NOT-FOR-US: CraftedWeb
 CVE-2018-12918 (In libpbc.a in PBC through 2017-03-02, there is a Segmentation 
fault in ...)
@@ -963,7 +963,7 @@ CVE-2018-12591 (Ubiquiti Networks EdgeSwitch version 1.7.3 
and prior suffer from
 CVE-2018-12590 (Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer 
from an ...)
        NOT-FOR-US: Ubiquiti Networks EdgeSwitch
 CVE-2018-12589 (Polaris Office 2017 8.1 allows attackers to execute arbitrary 
code via ...)
-       TODO: check
+       NOT-FOR-US: Polaris Office
 CVE-2018-12588 (Cross-site scripting (XSS) vulnerability in ...)
        NOT-FOR-US: Public Knowledge Project (PKP) Open Monograph Press (OMP)
 CVE-2018-12587
@@ -3712,7 +3712,7 @@ CVE-2018-11512 (Stored cross-site scripting (XSS) 
vulnerability in the &quot;Web
 CVE-2018-11511
        RESERVED
 CVE-2018-11510 (ASUSTOR ADM 3.1.2.RHG1 and earlier uses the same default 
root:admin ...)
-       TODO: check
+       NOT-FOR-US: ASUSTOR
 CVE-2018-11509
        RESERVED
 CVE-2018-11508 (The compat_get_timex function in kernel/compat.c in the Linux 
kernel ...)
@@ -12331,6 +12331,7 @@ CVE-2018-8040
        RESERVED
 CVE-2018-8039
        RESERVED
+       NOT-FOR-US: Apache CXF
 CVE-2018-8038
        RESERVED
 CVE-2018-8037
@@ -31255,7 +31256,7 @@ CVE-2018-1353
 CVE-2018-1352
        RESERVED
 CVE-2018-1351 (A Cross-site Scripting (XSS) vulnerability in Fortinet 
FortiManager ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2017-17551 (The Backup and Restore feature in Mobotap Dolphin Browser for 
Android ...)
        NOT-FOR-US: Dolphin Browser for Android
 CVE-2017-17550
@@ -31795,7 +31796,7 @@ CVE-2018-1283 (In Apache httpd 2.4.0 to 2.4.29, when 
mod_session is configured t
 CVE-2018-1282 (This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 
allows ...)
        NOT-FOR-US: Apache Hive
 CVE-2018-1281 (The clustered setup of Apache MXNet allows users to specify 
which IP ...)
-       TODO: check
+       NOT-FOR-US: Apache MXNet
 CVE-2017-17459 (http_transport.c in Fossil before 2.4, when the SSH sync 
protocol is ...)
        - fossil 1:2.4-1
        [stretch] - fossil <no-dsa> (Minor issue)
@@ -33441,7 +33442,7 @@ CVE-2017-17090 (An issue was discovered in 
chan_skinny.c in Asterisk Open Source
        NOTE: http://downloads.digium.com/pub/security/AST-2017-013.html
        NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27452
 CVE-2018-1040 (A denial of service vulnerability exists in the way that the 
Windows ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2018-1039 (A security feature bypass vulnerability exists in .Net 
Framework which ...)
        NOT-FOR-US: Microsoft
 CVE-2018-1038 (The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 
SP1 ...)
@@ -33449,7 +33450,7 @@ CVE-2018-1038 (The Windows kernel in Windows 7 SP1 and 
Windows Server 2008 R2 SP
 CVE-2018-1037 (An information disclosure vulnerability exists when Visual 
Studio ...)
        NOT-FOR-US: Microsoft
 CVE-2018-1036 (An elevation of privilege vulnerability exists when NTFS 
improperly ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2018-1035 (A security feature bypass vulnerability exists in Windows which 
could ...)
        NOT-FOR-US: Microsoft
 CVE-2018-1034 (An elevation of privilege vulnerability exists when Microsoft 
...)
@@ -33557,7 +33558,7 @@ CVE-2018-0984
 CVE-2018-0983 (Windows Storage Services in Windows 10 versions 1511, 1607, 
1703 and ...)
        NOT-FOR-US: Microsoft
 CVE-2018-0982 (An elevation of privilege vulnerability exists in the way that 
the ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2018-0981 (An information disclosure vulnerability exists in the way that 
the ...)
        NOT-FOR-US: Microsoft
 CVE-2018-0980 (A remote code execution vulnerability exists in the way that 
the ...)
@@ -33565,7 +33566,7 @@ CVE-2018-0980 (A remote code execution vulnerability 
exists in the way that the 
 CVE-2018-0979 (A remote code execution vulnerability exists in the way that 
the ...)
        NOT-FOR-US: Microsoft
 CVE-2018-0978 (A remote code execution vulnerability exists when Internet 
Explorer ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2018-0977 (The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 
1703, ...)
        NOT-FOR-US: Microsoft
 CVE-2018-0976 (A denial of service vulnerability exists in Remote Desktop 
Protocol ...)
@@ -33779,7 +33780,7 @@ CVE-2018-0873 (ChakraCore and Microsoft Edge in 
Microsoft Windows 10 1511, 1607,
 CVE-2018-0872 (ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 
1511, ...)
        NOT-FOR-US: Microsoft
 CVE-2018-0871 (An information disclosure vulnerability exists when Edge 
improperly ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2018-0870 (A remote code execution vulnerability exists when Internet 
Explorer ...)
        NOT-FOR-US: Microsoft
 CVE-2018-0869 (SharePoint Server 2016 allows an elevation of privilege 
vulnerability ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8c14aedaf097e230cd6d275b2db5ee5eac51cf3e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8c14aedaf097e230cd6d275b2db5ee5eac51cf3e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to