[Git][security-tracker-team/security-tracker][master] NFUs

Mon, 10 Sep 2018 09:17:06 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
89c22d5a by Moritz Muehlenhoff at 2018-09-10T16:16:19Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -40,29 +40,29 @@ CVE-2018-16774 (HongCMS 3.0.0 allows arbitrary file 
deletion via a ../ in the fi
 CVE-2018-16773 (EasyCMS 1.5 allows XSS via the ...)
        NOT-FOR-US: EasyCMS
 CVE-2018-16772 (Hoosk v1.7.0 allows XSS via the Navigation Title of a new page 
entered ...)
-       TODO: check
+       NOT-FOR-US: Hoosk
 CVE-2018-16771 (Hoosk v1.7.0 allows PHP code execution via a SiteUrl that is 
provided ...)
-       TODO: check
+       NOT-FOR-US: Hoosk
 CVE-2018-16770 (In WAVM through 2018-07-26, a crafted file sent to the 
WebAssembly ...)
-       TODO: check
+       NOT-FOR-US: WAVM
 CVE-2018-16769 (In WAVM through 2018-07-26, a crafted file sent to the 
WebAssembly ...)
-       TODO: check
+       NOT-FOR-US: WAVM
 CVE-2018-16768 (In WAVM through 2018-07-26, a crafted file sent to the 
WebAssembly ...)
-       TODO: check
+       NOT-FOR-US: WAVM
 CVE-2018-16767 (In WAVM through 2018-07-26, a crafted file sent to the 
WebAssembly ...)
-       TODO: check
+       NOT-FOR-US: WAVM
 CVE-2018-16766 (In WAVM through 2018-07-26, a crafted file sent to the 
WebAssembly ...)
-       TODO: check
+       NOT-FOR-US: WAVM
 CVE-2018-16765 (In WAVM through 2018-07-26, a crafted file sent to the 
WebAssembly ...)
-       TODO: check
+       NOT-FOR-US: WAVM
 CVE-2018-16764 (In WAVM through 2018-07-26, a crafted file sent to the 
WebAssembly ...)
-       TODO: check
+       NOT-FOR-US: WAVM
 CVE-2018-16763 (FUEL CMS 1.4.1 allows PHP Code Evaluation via the 
pages/select/ filter ...)
        NOT-FOR-US: FUEL CMS
 CVE-2018-16762 (FUEL CMS 1.4.1 allows SQL Injection via the layout, published, 
or ...)
        NOT-FOR-US: FUEL CMS
 CVE-2018-16761 (Eventum before 3.4.0 has an open redirect vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Eventum
 CVE-2018-16760
        RESERVED
 CVE-2018-16759 (The removeXSS function in App/Common/common.php (called from 
...)
@@ -117,13 +117,13 @@ CVE-2018-16738
 CVE-2018-16737
        RESERVED
 CVE-2018-16736 (In the rcfilters plugin 2.1.6 for Roundcube, XSS exists via 
the ...)
-       TODO: check
+       NOT-FOR-US: rcfilters plugin for Roundcube
 CVE-2018-16735
        RESERVED
 CVE-2018-16734
        RESERVED
 CVE-2018-16733 (In Go Ethereum (aka geth) before 1.8.14, TraceChain in ...)
-       TODO: check
+       NOT-FOR-US: Go Ethereum
 CVE-2018-16732 (\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF 
via ...)
        NOT-FOR-US: CScms
 CVE-2018-16731 (CScms 4.1 allows arbitrary file upload by (for example) adding 
the php ...)
@@ -734,7 +734,7 @@ CVE-2018-16462
 CVE-2018-16461
        RESERVED
 CVE-2018-16460 (A command Injection in ps package versions <1.0.0 for 
Node.js allowed ...)
-       TODO: check
+       NOT-FOR-US: ps node module
 CVE-2018-16459 (An unescaped payload in exceljs <v1.6 allows a possible XSS 
via cell ...)
        NOT-FOR-US: exceljs
 CVE-2018-1000672
@@ -13839,7 +13839,7 @@ CVE-2018-11265
 CVE-2018-11264
        RESERVED
 CVE-2018-11263 (In all Android releases (Android for MSM, Firefox OS for MSM, 
QRD ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11262 (In Android for MSM, Firefox OS for MSM, and QRD Android with 
all ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11261
@@ -34101,7 +34101,7 @@ CVE-2018-4012
 CVE-2018-4011
        RESERVED
 CVE-2018-4010 (An exploitable code execution vulnerability exists in the 
connect ...)
-       TODO: check
+       NOT-FOR-US: ProtonVPN client
 CVE-2018-4009
        RESERVED
 CVE-2018-4008
@@ -34217,7 +34217,7 @@ CVE-2018-3954
 CVE-2018-3953
        RESERVED
 CVE-2018-3952 (An exploitable code execution vulnerability exists in the 
connect ...)
-       TODO: check
+       NOT-FOR-US: NordVPN
 CVE-2018-3951
        RESERVED
 CVE-2018-3950



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/89c22d5a6688faea6c988615385b3015d1a57987

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/89c22d5a6688faea6c988615385b3015d1a57987
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to