Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5de1f871 by Salvatore Bonaccorso at 2018-08-03T08:22:31Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,7 +1,7 @@ CVE-2018-14878 RESERVED CVE-2018-14877 (An issue was discovered in WeaselCMS v0.3.5. XSS exists via Site ...) - TODO: check + NOT-FOR-US: WeaselCMS CVE-2018-14876 (An issue was discovered in image_save_png in image/image-png.cpp in ...) - flif <unfixed> NOTE: https://github.com/FLIF-hub/FLIF/issues/520 @@ -40,7 +40,7 @@ CVE-2018-14860 CVE-2018-14859 RESERVED CVE-2018-14858 (An SSRF vulnerability was discovered in idreamsoft iCMS before V7.0.11 ...) - TODO: check + NOT-FOR-US: idreamsoft iCMS CVE-2018-14857 RESERVED CVE-2018-14856 @@ -5951,7 +5951,7 @@ CVE-2018-12450 CVE-2018-12449 RESERVED CVE-2018-12448 (Whale Browser before 1.3.48.4 displays no URL information but only a ...) - TODO: check + NOT-FOR-US: Whale Browser CVE-2018-12447 (The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used ...) NOT-FOR-US: libbpg CVE-2018-12446 (** DISPUTED ** An issue was discovered in the com.dropbox.android ...) @@ -10838,7 +10838,7 @@ CVE-2018-10620 (AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine CVE-2018-10619 (An unquoted search path or element in RSLinx Classic Versions 3.90.01 ...) NOT-FOR-US: RSLinx CVE-2018-10618 (Davolink DVW-3200N all version prior to Version 1.00.06. The device ...) - TODO: check + NOT-FOR-US: Davolink DVW-3200N CVE-2018-10617 (Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 ...) NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft CVE-2018-10616 (ABB Panel Builder 800 all versions has an improper input validation ...) @@ -18334,7 +18334,7 @@ CVE-2018-1000115 (Memcached version 1.5.5 contains an Insufficient Control of Ne CVE-2018-7650 (PHP Scripts Mall Hot Scripts Clone:Script Classified Version 3.1 ...) NOT-FOR-US: PHP Scripts Mall Hot Scripts Clone:Script Classified Application CVE-2018-7649 (Monitorix before 3.10.1 allows XSS via CGI variables. ...) - TODO: check + NOT-FOR-US: Monitorix CVE-2018-7648 (An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The ...) - openjpeg2 <unfixed> (unimportant) NOTE: https://github.com/kbabioch/openjpeg/commit/6d8c0c06ee32dc03ba80acd48334e98728e56cf5 @@ -29232,11 +29232,11 @@ CVE-2018-3925 CVE-2018-3924 (An exploitable use-after-free vulnerability exists in the JavaScript ...) TODO: check CVE-2018-3923 (A memory corruption vulnerability exists in the PCX-parsing ...) - TODO: check + NOT-FOR-US: Computerinsel Photoline CVE-2018-3922 (A memory corruption vulnerability exists in the ANI-parsing ...) - TODO: check + NOT-FOR-US: Computerinsel Photoline CVE-2018-3921 (A memory corruption vulnerability exists in the PSD-parsing ...) - TODO: check + NOT-FOR-US: Computerinsel Photoline CVE-2018-3920 RESERVED CVE-2018-3919 @@ -35679,7 +35679,7 @@ CVE-2018-1556 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to ...) CVE-2018-1555 (IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to ...) NOT-FOR-US: IBM FileNet Content Manager CVE-2018-1554 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...) - TODO: check + NOT-FOR-US: IBM CVE-2018-1553 (IBM WebSphere Application Server Liberty prior to 18.0.0.2 could allow ...) NOT-FOR-US: IBM CVE-2018-1552 @@ -43239,7 +43239,7 @@ CVE-2017-16351 CVE-2017-16350 RESERVED CVE-2017-16349 (An exploitable XML external entity vulnerability exists in the ...) - TODO: check + NOT-FOR-US: SAP CVE-2017-16348 RESERVED CVE-2017-16347 (An attacker could send an authenticated HTTP request to trigger this ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5de1f8711cb5cb00880f8aa3d3e431f7a34f8a2d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5de1f8711cb5cb00880f8aa3d3e431f7a34f8a2d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits