Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c63baef7 by Moritz Muehlenhoff at 2018-08-22T15:46:59Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -29,13 +29,13 @@ CVE-2018-15672 (An issue was discovered in the HDF HDF5
1.10.2 library. A SIGFPE
CVE-2018-15671 (An issue was discovered in the HDF HDF5 1.10.2 library.
Excessive stack ...)
TODO: check
CVE-2018-15670 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS.
Its primary ...)
- TODO: check
+ NOT-FOR-US: Bloop Airmail
CVE-2018-15669 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS.
Its primary ...)
- TODO: check
+ NOT-FOR-US: Bloop Airmail
CVE-2018-15668 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS.
The "send" ...)
- TODO: check
+ NOT-FOR-US: Bloop Airmail
CVE-2018-15667 (An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It
...)
- TODO: check
+ NOT-FOR-US: Bloop Airmail
CVE-2018-15666
RESERVED
CVE-2018-15665
@@ -250,7 +250,7 @@ CVE-2018-1000656 (The Pallets Project flask version Before
0.12.3 contains a CWE
- flask 1.0.2-1
NOTE: https://github.com/pallets/flask/pull/2691
CVE-2018-1000655 (Jsish version 2.4.65 contains a CWE-476: NULL Pointer
Dereference ...)
- TODO: check
+ NOT-FOR-US: Jsish
CVE-2018-1000654 (GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13,
libtasn1-4.12 ...)
- libtasn1-6 <unfixed> (bug #906768)
- libtasn1-3 <removed>
@@ -262,41 +262,41 @@ CVE-2018-1000652 (JabRef version <=4.3.1 contains a
XML External Entity (XXE)
NOTE: https://github.com/JabRef/jabref/issues/4229
NOTE:
https://github.com/JabRef/jabref/commit/89f855d76713b4cd25ac0830c719cd61c511851e
CVE-2018-1000651 (Stroom version <5.4.5 contains a XML External Entity
(XXE) ...)
- TODO: check
+ NOT-FOR-US: Stroom
CVE-2018-1000650 (LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL
Injection ...)
- TODO: check
+ NOT-FOR-US: LibreHealthIO
CVE-2018-1000649 (LibreHealthIO lh-ehr version REL-2.0.0 contains a
Authenticated ...)
- TODO: check
+ NOT-FOR-US: LibreHealthIO
CVE-2018-1000648 (LibreHealthIO lh-ehr version REL-2.0.0 contains a
Authenticated ...)
- TODO: check
+ NOT-FOR-US: LibreHealthIO
CVE-2018-1000647 (LibreHealthIO lh-ehr version REL-2.0.0 contains a
Authenticated ...)
- TODO: check
+ NOT-FOR-US: LibreHealthIO
CVE-2018-1000646 (LibreHealthIO LH-EHR version REL-2.0.0 contains an
Authenticated ...)
- TODO: check
+ NOT-FOR-US: LibreHealthIO
CVE-2018-1000645 (LibreHealthIO lh-ehr version <REL-2.0.0 contains an
Authenticated ...)
- TODO: check
+ NOT-FOR-US: LibreHealthIO
CVE-2018-1000644 (Eclipse RDF4j version < 2.4.0 Milestone 2 contains a XML
External ...)
- TODO: check
+ NOT-FOR-US: Eclipse RDF4j
CVE-2018-1000643 (OWASP OWASP ANTISAMY version 1.5.7 and earlier contains a
Cross Site ...)
- TODO: check
+ NOT-FOR-US: OWASP OWASP ANTISAMY
CVE-2018-1000642 (FlightAirMap version <=v1.0-beta.21 contains a Cross Site
Scripting ...)
- TODO: check
+ NOT-FOR-US: FlightAirMap
CVE-2018-1000641 (YesWiki version <= cercopitheque beta 1 contains a PHP
Object ...)
- TODO: check
+ NOT-FOR-US: YesWiki
CVE-2018-1000640 (OpenCart-Overclocked version <=1.11.1 contains a Cross
Site Scripting ...)
- TODO: check
+ NOT-FOR-US: OpenCart-Overclocked
CVE-2018-1000639 (LatexDraw version <=4.0 contains a XML External Entity
(XXE) ...)
- TODO: check
+ NOT-FOR-US: LatexDraw
CVE-2018-1000638 (MiniCMS version 1.1 contains a Cross Site Scripting (XSS)
...)
- TODO: check
+ NOT-FOR-US: MiniCMS
CVE-2018-1000636 (JerryScript version Tested on commit ...)
- TODO: check
+ NOT-FOR-US: JerryScript
CVE-2018-1000635 (The Open Microscopy Environment OMERO.server version 5.4.0
to 5.4.6 ...)
- TODO: check
+ NOT-FOR-US: Open Microscopy Environment
CVE-2018-1000634 (The Open Microscopy Environment OMERO.server version 5.4.0
to 5.4.6 ...)
- TODO: check
+ NOT-FOR-US: Open Microscopy Environment
CVE-2018-1000633 (The Open Microscopy Environment OMERO.web version prior to
5.4.7 ...)
- TODO: check
+ NOT-FOR-US: Open Microscopy Environment
CVE-2018-1000632 (dom4j version prior to version 2.1.1 contains a CWE-91: XML
Injection ...)
TODO: check
CVE-2003-1605
@@ -409,9 +409,9 @@ CVE-2018-15536
CVE-2018-15535
RESERVED
CVE-2018-15534 (Geutebrueck re_porter 16 before 7.8.974.20 has a possibility
of ...)
- TODO: check
+ NOT-FOR-US: Geutebrueck
CVE-2018-15533 (A reflected cross-site scripting vulnerability exists in
Geutebrueck ...)
- TODO: check
+ NOT-FOR-US: Geutebrueck
CVE-2018-15532
RESERVED
CVE-2018-15531
@@ -421,7 +421,7 @@ CVE-2018-15530
CVE-2018-15529
RESERVED
CVE-2018-15528 (Reflected Cross-Site Scripting exists in the Java System
Solutions SSO ...)
- TODO: check
+ NOT-FOR-US: Java System Solutions SSO plugin
CVE-2018-15527
RESERVED
CVE-2018-15526
@@ -519,7 +519,7 @@ CVE-2018-15483
CVE-2018-15482 (Certain LG devices based on Android 6.0 through 8.1 have
incorrect ...)
NOT-FOR-US: LG devices specific issue
CVE-2018-15481 (Improper input sanitization within the restricted
administration shell ...)
- TODO: check
+ NOT-FOR-US: UCOPIA
CVE-2018-15480
RESERVED
CVE-2018-15479
@@ -1965,11 +1965,11 @@ CVE-2018-14797
CVE-2018-14796
RESERVED
CVE-2018-14795 (DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: DeltaV
CVE-2018-14794
RESERVED
CVE-2018-14793 (DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: DeltaV
CVE-2018-14792
RESERVED
CVE-2018-14791
@@ -3882,11 +3882,11 @@ CVE-2018-14081
CVE-2018-14080
RESERVED
CVE-2018-14079 (Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized
remote ...)
- TODO: check
+ NOT-FOR-US: Wi2be SMART HP WMT
CVE-2018-14078 (Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized
remote ...)
- TODO: check
+ NOT-FOR-US: Wi2be SMART HP WMT
CVE-2018-14077 (Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized
remote ...)
- TODO: check
+ NOT-FOR-US: Wi2be SMART HP WMT
CVE-2018-14076
RESERVED
CVE-2018-14075
@@ -4082,7 +4082,7 @@ CVE-2018-14022
CVE-2018-14021
RESERVED
CVE-2018-14020 (An issue was discovered in the Paymorrow module 1.0.0 before
1.0.2 and ...)
- TODO: check
+ NOT-FOR-US: Paymorrow module for OXID shop
CVE-2018-14019
RESERVED
CVE-2018-14018
@@ -7488,7 +7488,7 @@ CVE-2018-12581 (An issue was discovered in
js/designer/move.js in phpMyAdmin bef
CVE-2018-12580 (library/DBTech/Security/Action/Sessions.php in DragonByte
vBSecurity ...)
NOT-FOR-US: DragonByte vBSecurity for vBulletin
CVE-2018-12579 (An issue was discovered in OXID eShop Enterprise Edition
before 5.3.8, ...)
- TODO: check
+ NOT-FOR-US: OXID eShop
CVE-2018-12578 (There is a heap-based buffer overflow in bmp_compress1_row in
...)
{DLA-1463-1}
- sam2p <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c63baef7e28f08dff4d7888581e269121654ace0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c63baef7e28f08dff4d7888581e269121654ace0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
