[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Tue, 25 Sep 2018 13:40:14 -0700

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
73f6c9a3 by Moritz Muehlenhoff at 2018-09-25T20:38:53Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -913,7 +913,7 @@ CVE-2018-17109
 CVE-2018-17108 (The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 
for Android ...)
        NOT-FOR-US: SBIbuddy
 CVE-2018-17107 (In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed 
in ...)
-       TODO: check
+       NOT-FOR-US: Tgstation tgstation-server
 CVE-2018-17106 (In Tinyftp Tinyftpd 1.1, a buffer overflow exists in the text 
variable ...)
        NOT-FOR-US: Tinyftpd
 CVE-2018-17105
@@ -1067,7 +1067,7 @@ CVE-2018-17052
 CVE-2018-17051 (K-Net Cisco Configuration Manager through 2014-11-19 has XSS 
via ...)
        NOT-FOR-US: K-Net Cisco Configuration Manager
 CVE-2018-17050 (The mintToken function of a smart contract implementation for 
PolyAi ...)
-       TODO: check
+       NOT-FOR-US: smart contract
 CVE-2018-17049 (CQU-LANKERS through 2017-11-02 has XSS via the public/api.php 
callback ...)
        NOT-FOR-US: CQU-LANKERS
 CVE-2018-17048
@@ -1163,11 +1163,11 @@ CVE-2018-17005 (An issue was discovered on TP-Link 
TL-WR886N 6.0 2.3.4 and TL-WR
 CVE-2018-17004 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and 
TL-WR886N ...)
        NOT-FOR-US: TP-Link
 CVE-2018-17003 (In LimeSurvey 3.14.7, HTML Injection and Stored XSS have been 
...)
-       TODO: check
+       - limesurvey <itp> (bug #472802)
 CVE-2018-17002 (On the RICOH MP 2001 printer, HTML Injection and Stored XSS 
...)
-       TODO: check
+       NOT-FOR-US: RICOH
 CVE-2018-17001 (On the RICOH SP 4510SF printer, HTML Injection and Stored XSS 
...)
-       TODO: check
+       NOT-FOR-US: RICOH
 CVE-2018-17000 (A NULL pointer dereference in the function _TIFFmemcmp at 
tif_unix.c ...)
        - tiff <unfixed> (bug #908778)
        - tiff3 <removed>
@@ -1245,7 +1245,7 @@ CVE-2018-16967
 CVE-2018-16966
        RESERVED
 CVE-2018-16965 (In Zoho ManageEngine SupportCenter Plus 8.1.0, there is HTML 
Injection ...)
-       TODO: check
+       NOT-FOR-US: Zoho
 CVE-2018-16964
        RESERVED
 CVE-2018-16963
@@ -1512,7 +1512,7 @@ CVE-2018-16835
 CVE-2018-16834
        RESERVED
 CVE-2018-16833 (Zoho ManageEngine Desktop Central 10.0.271 has XSS via the 
&quot;Features &amp; ...)
-       TODO: check
+       NOT-FOR-US: Zoho
 CVE-2018-16832 (CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an 
attacker to ...)
        NOT-FOR-US: xunfeng
 CVE-2018-16949 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x 
before ...)
@@ -1580,9 +1580,9 @@ CVE-2018-16824
 CVE-2018-16823
        RESERVED
 CVE-2018-16822 (SeaCMS 6.64 allows SQL Injection via the 
upload/admin/admin_video.php ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2018-16821 (SeaCMS 6.64 allows arbitrary directory listing via ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2018-16820 (admin/index.php in Monstra CMS 3.0.4 allows arbitrary 
directory ...)
        NOT-FOR-US: Monstra CMS
 CVE-2018-16819 (admin/index.php in Monstra CMS 3.0.4 allows arbitrary file 
deletion ...)
@@ -1638,7 +1638,7 @@ CVE-2018-16795
 CVE-2018-16794 (Microsoft ADFS 4.0 Windows Server 2016 and previous (Active 
Directory ...)
        NOT-FOR-US: Microsoft ADFS 4.0 Windows Server
 CVE-2018-16793 (Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous 
versions ...)
-       TODO: check
+       NOT-FOR-US: Rollup 18 for Microsoft Exchange Server
 CVE-2018-16802 (An issue was discovered in Artifex Ghostscript before 9.25. 
Incorrect ...)
        {DSA-4294-1 DLA-1504-1}
        [experimental] - ghostscript 9.25~dfsg-1~exp1
@@ -1660,11 +1660,11 @@ CVE-2018-16788
 CVE-2018-16787
        RESERVED
 CVE-2018-16786 (DedeCMS 5.7 SP2 allows XSS via an onhashchange attribute in 
the msg ...)
-       TODO: check
+       NOT-FOR-US: DedeCMS
 CVE-2018-16785 (XML injection vulnerability exists in the file of DedeCMS V5.7 
SP2 ...)
-       TODO: check
+       NOT-FOR-US: DedeCMS
 CVE-2018-16784 (DedeCMS 5.7 SP2 allows XML injection, and resultant remote 
code ...)
-       TODO: check
+       NOT-FOR-US: DedeCMS
 CVE-2018-16783
        RESERVED
 CVE-2018-16782 (libimageworsener.a in ImageWorsener 1.3.2 has a buffer 
overflow in the ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/73f6c9a3547fd6e9356a3f59f9d7b51f68cb92f6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/73f6c9a3547fd6e9356a3f59f9d7b51f68cb92f6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to