Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
18652c1a by Moritz Muehlenhoff at 2018-07-18T14:30:22+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1182,17 +1182,17 @@ CVE-2018-13866 (An issue was discovered in the HDF HDF5
1.8.20 library. There is
CVE-2018-13865 (An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists
via the ...)
NOT-FOR-US: idreamsoft iCMS
CVE-2018-13864 (A directory traversal vulnerability has been found in the
Assets ...)
- TODO: check
+ NOT-FOR-US: Play Framework
CVE-2018-13862 (Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6
2018 ...)
- TODO: check
+ NOT-FOR-US: Touchpad / Trivum WebTouch Setup
CVE-2018-13861 (Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6
2018 ...)
- TODO: check
+ NOT-FOR-US: Touchpad / Trivum WebTouch Setup
CVE-2018-13860 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26
- C4 ...)
- TODO: check
+ NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
CVE-2018-13859 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26
- C4 ...)
- TODO: check
+ NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
CVE-2018-13858 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26
- C4 ...)
- TODO: check
+ NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
CVE-2018-13863 (The MongoDB bson JavaScript module (also known as js-bson)
versions ...)
- node-bson <itp> (bug #897282)
NOTE:
https://github.com/mongodb/js-bson/commit/bd61c45157c53a1698ff23770160cf4783e9ea4a
@@ -19878,7 +19878,7 @@ CVE-2018-6683
CVE-2018-6682
RESERVED
CVE-2018-6681 (Abuse of Functionality vulnerability in the web interface in
McAfee ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2018-6680
RESERVED
CVE-2018-6679
@@ -33996,7 +33996,7 @@ CVE-2018-1614 (IBM WebSphere Application Server 7.0,
8.0, 8.5, and 9.0 using ...
CVE-2018-1613
RESERVED
CVE-2018-1612 (IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3)
could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1611
RESERVED
CVE-2018-1610
@@ -99584,11 +99584,11 @@ CVE-2016-6566 (The valueAsString parameter inside the
JSON payload contained by
CVE-2016-6565 (The Imagely NextGen Gallery plugin for Wordpress prior to
version ...)
NOT-FOR-US: Wordpress plugin
CVE-2016-6564 (Android devices with code from Ragentek contain a privileged
binary ...)
- TODO: check
+ NOT-FOR-US: Ragentek
CVE-2016-6563 (Processing malformed SOAP messages when performing the HNAP
Login ...)
- TODO: check
+ NOT-FOR-US: HNAP
CVE-2016-6562 (On iOS and Android devices, the ShoreTel Mobility Client app
version ...)
- TODO: check
+ NOT-FOR-US: ShoreTel Mobility Client
CVE-2016-6561 (illumos smbsrv NULL pointer dereference allows system crash.
...)
NOT-FOR-US: illumos
CVE-2016-6560 (illumos osnet-incorporation bcopy() and bzero() implementations
make ...)
@@ -99596,7 +99596,7 @@ CVE-2016-6560 (illumos osnet-incorporation bcopy() and
bzero() implementations m
CVE-2016-6559 (Improper bounds checking of the obuf variable in the
link_ntoa() ...)
TODO: check
CVE-2016-6558 (A command injection vulnerability exists in apply.cgi on the
ASUS ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2016-6557 (In ASUS RP-AC52 access points with firmware version 1.0.1.1s
and ...)
NOT-FOR-US: ASUS RP-AC52 access points
CVE-2016-6556
@@ -99610,7 +99610,7 @@ CVE-2016-6553 (Nuuo NT-4040 Titan, firmware
NT-4040_01.07.0000.0015_1120, uses .
CVE-2016-6552 (Green Packet DX-350 uses non-random default credentials of: ...)
NOT-FOR-US: Green Packet DX-350
CVE-2016-6551 (Intellian Satellite TV antennas t-Series and v-Series, firmware
...)
- TODO: check
+ NOT-FOR-US: Intellian
CVE-2016-6550 (The U by BB&T app 1.5.4 and earlier for iOS does not
properly verify ...)
NOT-FOR-US: BB&T
CVE-2016-6549 (The Zizai Tech Nut device allows unauthenticated Bluetooth
pairing, ...)
@@ -99618,17 +99618,17 @@ CVE-2016-6549 (The Zizai Tech Nut device allows
unauthenticated Bluetooth pairin
CVE-2016-6548 (The Zizai Tech Nut mobile app makes requests via HTTP instead
of ...)
NOT-FOR-US: Zizai Tech Nut mobile app
CVE-2016-6547 (The Zizai Tech Nut mobile app stores the account password used
to ...)
- TODO: check
+ NOT-FOR-US: Zizai Tech Nut mobile app
CVE-2016-6546 (The iTrack Easy mobile application stores the account password
used to ...)
- TODO: check
+ NOT-FOR-US: iTrack
CVE-2016-6545 (Session cookies are not used for maintaining valid sessions in
iTrack ...)
- TODO: check
+ NOT-FOR-US: iTrack
CVE-2016-6544 (getgps data in iTrack Easy can be modified without
authentication by ...)
- TODO: check
+ NOT-FOR-US: iTrack
CVE-2016-6543 (A captured MAC/device ID of an iTrack Easy can be registered
under ...)
- TODO: check
+ NOT-FOR-US: iTrack
CVE-2016-6542 (The iTrack device tracking ID number, also called
"LosserID" in the ...)
- TODO: check
+ NOT-FOR-US: iTrack
CVE-2016-6541 (TrackR Bravo device allows unauthenticated pairing, which
enables ...)
NOT-FOR-US: TrackR
CVE-2016-6540 (Unauthenticated access to the cloud-based service maintained by
TrackR ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/18652c1a2baf2bff1eeb9fc0140c75e348b91180
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/18652c1a2baf2bff1eeb9fc0140c75e348b91180
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
