Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cc0f0c15 by Salvatore Bonaccorso at 2018-08-17T21:19:39Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -231,27 +231,27 @@ CVE-2018-15362
CVE-2018-15361
RESERVED
CVE-2018-15360 (An attacker without authentication can login with default
credentials ...)
- TODO: check
+ NOT-FOR-US: Eltex ESP-200 firmware
CVE-2018-15359 (An authenticated attacker with low privileges can use insecure
sudo ...)
- TODO: check
+ NOT-FOR-US: Eltex ESP-200 firmware
CVE-2018-15358 (An authenticated attacker with low privileges can activate
high ...)
- TODO: check
+ NOT-FOR-US: Eltex ESP-200 firmware
CVE-2018-15357 (An authenticated attacker with low privileges can extract
password ...)
- TODO: check
+ NOT-FOR-US: Eltex ESP-200 firmware
CVE-2018-15356 (An authenticated attacker can execute arbitrary code using
command ...)
- TODO: check
+ NOT-FOR-US: Eltex ESP-200 firmware
CVE-2018-15355 (Usage of SSLv2 and SSLv3 leads to transmitted data decryption
in ...)
- TODO: check
+ NOT-FOR-US: Kraftway 24F2XG Router firmware
CVE-2018-15354 (A Buffer Overflow exploited through web interface by remote
attacker ...)
- TODO: check
+ NOT-FOR-US: Kraftway 24F2XG Router firmware
CVE-2018-15353 (A Buffer Overflow exploited through web interface by remote
attacker ...)
- TODO: check
+ NOT-FOR-US: Kraftway 24F2XG Router firmware
CVE-2018-15352 (An attacker with low privileges can cause denial of service in
...)
- TODO: check
+ NOT-FOR-US: Kraftway 24F2XG Router firmware
CVE-2018-15351 (Denial of service via crafting malicious link and sending it
to a ...)
- TODO: check
+ NOT-FOR-US: Kraftway 24F2XG Router firmware
CVE-2018-15350 (Router Default Credentials in Kraftway 24F2XG Router firmware
version ...)
- TODO: check
+ NOT-FOR-US: Kraftway 24F2XG Router firmware
CVE-2018-15473 (OpenSSH through 7.7 is prone to a user enumeration
vulnerability due to ...)
- openssh 1:7.7p1-4 (bug #906236)
NOTE: http://www.openwall.com/lists/oss-security/2018/08/15/5
@@ -3387,10 +3387,11 @@ CVE-2018-14060 (OS command injection in the AP mode
settings feature in /cgi-bin
NOT-FOR-US: Xiaomi R3D
CVE-2018-14059
RESERVED
+ NOT-FOR-US: Pimcore
CVE-2018-14058 (Pimcore before 5.3.0 allows SQL Injection via the REST web
service ...)
- TODO: check
+ NOT-FOR-US: Pimcore
CVE-2018-14057 (Pimcore before 5.3.0 allows remote attackers to conduct
cross-site ...)
- TODO: check
+ NOT-FOR-US: Pimcore
CVE-2018-14055 (ZNC before 1.7.1-rc1 does not properly validate untrusted
lines coming ...)
{DSA-4252-1 DLA-1427-1}
- znc 1.7.1-1 (bug #903787)
@@ -26736,9 +26737,9 @@ CVE-2018-5549
CVE-2018-5548
RESERVED
CVE-2018-5547 (Windows Logon Integration feature of F5 BIG-IP APM client prior
to ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5546 (The svpn and policyserver components of the F5 BIG-IP APM
client prior ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5545
RESERVED
CVE-2018-5544 (When the F5 BIG-IP APM 13.0.0-13.1.1 or 12.1.0-12.1.3 renders
certain ...)
@@ -89011,7 +89012,7 @@ CVE-2017-1734 (IBM Jazz Team Server affecting the
following IBM Rational Product
CVE-2017-1733 (IBM QRadar 7.3 stores potentially sensitive information in log
files ...)
NOT-FOR-US: IBM
CVE-2017-1732 (IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
does ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1731 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could
provide ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2017-1730
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc0f0c1507b6cb0ff0f6c6a3317b02b8425e8dfb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc0f0c1507b6cb0ff0f6c6a3317b02b8425e8dfb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
