[Git][security-tracker-team/security-tracker][master] NFUs

Wed, 04 Jul 2018 13:15:40 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
689eaf54 by Moritz Muehlenhoff at 2018-07-04T22:15:13+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15,11 +15,11 @@ CVE-2018-13148
 CVE-2018-13147
        RESERVED
 CVE-2018-13146 (The mintToken, buy, and sell functions of a smart contract ...)
-       TODO: check
+       NOT-FOR-US: smart contract
 CVE-2018-13145 (The mintToken function of a smart contract implementation for 
...)
-       TODO: check
+       NOT-FOR-US: smart contract
 CVE-2018-13144 (The transfer and transferFrom functions of a smart contract 
...)
-       TODO: check
+       NOT-FOR-US: smart contract
 CVE-2018-13143
        RESERVED
 CVE-2018-13142
@@ -35,13 +35,13 @@ CVE-2018-13138
 CVE-2018-13137
        RESERVED
 CVE-2018-13136 (The Ultimate Member (aka ultimatemember) plugin before 2.0.18 
for ...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2018-13135
        RESERVED
 CVE-2018-13134 (TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU 
devices have ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2018-13133 (Golden Frog VyprVPN before 2018-06-21 has a vulnerability 
associated ...)
-       TODO: check
+       NOT-FOR-US: Golden Frog VyprVPN
 CVE-2015-9260
        RESERVED
 CVE-2018-13132 (Spadeico is a smart contract running on Ethereum. The mint 
function has ...)
@@ -67,7 +67,7 @@ CVE-2018-13123 (onefilecms.php in OneFileCMS through 
2017-10-08 might allow atta
 CVE-2018-13122 (onefilecms.php in OneFileCMS through 2017-10-08 might allow 
attackers ...)
        NOT-FOR-US: OneFileCMS
 CVE-2018-13121 (RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to 
cause a ...)
-       TODO: check
+       NOT-FOR-US: RealOne Player
 CVE-2018-13120
        RESERVED
 CVE-2018-13119
@@ -2409,7 +2409,7 @@ CVE-2018-12257 (An issue was discovered on Momentum Axel 
720P 5.1.8 devices. The
 CVE-2018-12256
        RESERVED
 CVE-2018-12255 (An XSS issue was discovered in InvoicePlane 1.5.10 via the 
"Quote PDF ...)
-       TODO: check
+       NOT-FOR-US: InvoicePlane
 CVE-2018-12254 (router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 
component for ...)
        NOT-FOR-US: Harmis Ek rishta component for Joomla!
 CVE-2018-12253
@@ -3917,25 +3917,25 @@ CVE-2018-11645 (psi/zfile.c in Artifex Ghostscript 
before 9.21rc1 permits the st
 CVE-2018-11644
        RESERVED
 CVE-2018-11643 (SQL injection vulnerability in the administrative console in 
Dialogic ...)
-       TODO: check
+       NOT-FOR-US: Dialogic
 CVE-2018-11642 (Incorrect Permission Assignment on the 
/var/www/xms/cleanzip.sh shell ...)
-       TODO: check
+       NOT-FOR-US: Dialogic
 CVE-2018-11641 (Use of Hard-coded Credentials in ...)
-       TODO: check
+       NOT-FOR-US: Dialogic
 CVE-2018-11640 (XML External Entity (XXE) vulnerability in the web service in 
Dialogic ...)
-       TODO: check
+       NOT-FOR-US: Dialogic
 CVE-2018-11639 (Plaintext Storage of Passwords within Cookies in ...)
-       TODO: check
+       NOT-FOR-US: Dialogic
 CVE-2018-11638 (Unrestricted Upload of a File with a Dangerous Type in the ...)
-       TODO: check
+       NOT-FOR-US: Dialogic
 CVE-2018-11637 (Information leakage vulnerability in the administrative 
console in ...)
-       TODO: check
+       NOT-FOR-US: Dialogic
 CVE-2018-11636 (Cross-site request forgery (CSRF) vulnerability in the 
administrative ...)
-       TODO: check
+       NOT-FOR-US: Dialogic
 CVE-2018-11635 (Use of a Hard-coded Cryptographic Key used to protect cookie 
session ...)
-       TODO: check
+       NOT-FOR-US: Dialogic
 CVE-2018-11634 (Plaintext Storage of Passwords in the administrative console 
in ...)
-       TODO: check
+       NOT-FOR-US: Dialogic
 CVE-2018-11633 (An issue was discovered in the MULTIDOTS Woo Checkout for 
Digital Goods ...)
        NOT-FOR-US: MULTIDOTS Woo Checkout for Digital Goods plugin for 
WordPress
 CVE-2018-11632 (An issue was discovered in the MULTIDOTS Add Social Share 
Messenger ...)
@@ -4441,7 +4441,7 @@ CVE-2018-11431
 CVE-2018-11430 (An issue was discovered in the Moderator Log Notes plugin 1.1 
for MyBB. ...)
        NOT-FOR-US: Moderator Log Notes plugin for MyBB
 CVE-2018-11429 (ATLANT (ATL) is a smart contract running on Ethereum. The mint 
function ...)
-       TODO: check
+       NOT-FOR-US: smart contract
 CVE-2018-11428
        RESERVED
 CVE-2018-11427



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/689eaf5478427469c6a88ed031050c8ef83d25da

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/689eaf5478427469c6a88ed031050c8ef83d25da
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to