Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
314fee8a by Salvatore Bonaccorso at 2018-09-11T20:32:06Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -217,7 +217,7 @@ CVE-2018-16838
CVE-2018-16837
RESERVED
CVE-2018-16836 (Rubedo through 3.4.0 contains a Directory Traversal
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Rubedo CMS
CVE-2018-16835
RESERVED
CVE-2018-16834
@@ -225,7 +225,7 @@ CVE-2018-16834
CVE-2018-16833
RESERVED
CVE-2018-16832 (CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an
attacker to ...)
- TODO: check
+ NOT-FOR-US: xunfeng
CVE-2018-XXXX [OpenAFS Security Advisory-2018-003]
- openafs <unfixed> (bug #908616)
NOTE: http://openafs.org/pages/security/OPENAFS-SA-2018-003.txt
@@ -14736,7 +14736,7 @@ CVE-2018-11080
CVE-2018-11079
RESERVED
CVE-2018-11078 (Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains
an ...)
- TODO: check
+ NOT-FOR-US: EMC VPlex GeoSynchrony
CVE-2018-11077
RESERVED
CVE-2018-11076
@@ -14752,11 +14752,11 @@ CVE-2018-11072
CVE-2018-11071
RESERVED
CVE-2018-11070 (RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J
...)
- TODO: check
+ NOT-FOR-US: RSA BSAFE Crypto-J
CVE-2018-11069 (RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert
Timing ...)
- TODO: check
+ NOT-FOR-US: RSA BSAFE SSL-J
CVE-2018-11068 (RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap
Inspection ...)
- TODO: check
+ NOT-FOR-US: RSA BSAFE SSL-J
CVE-2018-11067
RESERVED
CVE-2018-11066
@@ -25873,9 +25873,9 @@ CVE-2018-6978
CVE-2018-6977
RESERVED
CVE-2018-6976 (The VMware Content Locker for iOS prior to 4.14 contains a data
...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2018-6975 (The AirWatch Agent for iOS prior to 5.8.1 contains a data
protection ...)
- TODO: check
+ NOT-FOR-US: AirWatch Agent for iOS
CVE-2018-6974
RESERVED
CVE-2018-6973 (VMware Workstation (14.x before 14.1.3) and Fusion (10.x before
...)
@@ -39283,33 +39283,33 @@ CVE-2018-2467
CVE-2018-2466
RESERVED
CVE-2018-2465 (SAP HANA (versions 1.0 and 2.0) Extended Application Services
classic ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2464 (SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does
not ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2463 (The Omni Commerce Connect API (OCC) of SAP Hybris Commerce,
versions ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2462 (In certain cases, BEx Web Java Runtime Export Web Service in
SAP ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2461 (Missing authorization check in SAP HCM Fiori "People
Profile" (GBX01 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2460 (SAP Business One Android application, version 1.2, does not
verify the ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2459 (Users of an SAP Mobile Platform (version 3.0) Offline OData ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2458 (Under certain conditions, Crystal Report using SAP Business
One, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2457 (Under certain conditions SAP Adaptive Server Enterprise,
version 16.0, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2456
RESERVED
CVE-2018-2455 (SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16,
6.17, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2454 (SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16,
6.17, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2453
RESERVED
CVE-2018-2452 (The logon application of SAP NetWeaver AS Java 7.10 to 7.11,
7.20, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2451 (XS Command-Line Interface (CLI) user sessions with the SAP HANA
...)
NOT-FOR-US: SAP HANA Extended Application Services
CVE-2018-2450 (SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker
who ...)
@@ -41121,7 +41121,7 @@ CVE-2018-1573
CVE-2018-1572
RESERVED
CVE-2018-1571 (IBM QRadar 7.2 and 7.3 could allow a remote authenticated
attacker to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1570
RESERVED
CVE-2018-1569
@@ -45138,9 +45138,9 @@ CVE-2018-0650 (The LINE MUSIC for Android version 3.1.0
to versions prior to 3.6
CVE-2018-0649 (Untrusted search path vulnerability in the installers of
multiple ...)
TODO: check
CVE-2018-0648 (Untrusted search path vulnerability in installer of ChatWork
Desktop ...)
- TODO: check
+ NOT-FOR-US: installer of ChatWork Desktop App for Windows
CVE-2018-0647 (Cross-site request forgery (CSRF) vulnerability in WL-330NUL
Firmware ...)
- TODO: check
+ NOT-FOR-US: WL-330NUL Firmware
CVE-2018-0646 (Directory traversal vulnerability in Explzh v.7.58 and earlier
allows ...)
NOT-FOR-US: Explzh
CVE-2018-0645 (MTAppjQuery 1.8.1 and earlier allows remote PHP code execution
via ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/314fee8a707ccb648180c163094059d6d2aa1155
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/314fee8a707ccb648180c163094059d6d2aa1155
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
