Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cf36d301 by Salvatore Bonaccorso at 2018-09-27T09:07:53Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2018-17570 (utils/ut_ws_svr.c in ViaBTC Exchange Server before 2018-08-21
has an ...)
- TODO: check
+ NOT-FOR-US: ViaBTC Exchange Server
CVE-2018-17569 (network/nw_buf.c in ViaBTC Exchange Server before 2018-08-21
has an ...)
- TODO: check
+ NOT-FOR-US: ViaBTC Exchange Server
CVE-2018-17568 (utils/ut_rpc.c in ViaBTC Exchange Server before 2018-08-21 has
an ...)
- TODO: check
+ NOT-FOR-US: ViaBTC Exchange Server
CVE-2018-17567
RESERVED
CVE-2018-17566 (In ThinkPHP 5.1.24, the inner function delete can be used for
SQL ...)
@@ -27,9 +27,9 @@ CVE-2018-17558
CVE-2018-17557
RESERVED
CVE-2018-17556 (MODX Revolution v2.6.5-pl allows stored XSS via a Create New
Media ...)
- TODO: check
+ NOT-FOR-US: MODX Revolution
CVE-2018-17555 (The web component on ARRIS TG2492LG-NA 061213 devices allows
remote ...)
- TODO: check
+ NOT-FOR-US: ARRIS TG2492LG-NA 061213 devices
CVE-2018-17554
RESERVED
CVE-2018-17553
@@ -323,7 +323,7 @@ CVE-2018-17412
CVE-2018-17411 (An XML External Entity (XXE) vulnerability exists in iWay Data
Quality ...)
TODO: check
CVE-2018-17410 (Horus CMS allows SQL Injection, as demonstrated by a request
to the ...)
- TODO: check
+ NOT-FOR-US: Horus CMS
CVE-2018-17409
RESERVED
CVE-2018-17408
@@ -411,7 +411,7 @@ CVE-2018-17367
CVE-2018-17366 (An issue was discovered in MCMS 4.6.5. There is a CSRF
vulnerability ...)
NOT-FOR-US: MCMS
CVE-2018-17365 (SeaCMS 6.64 allows remote attackers to delete arbitrary files
via the ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2018-17364 (OTCMS 3.61 allows remote attackers to execute arbitrary PHP
code via ...)
NOT-FOR-US: OTCMS
CVE-2018-17363
@@ -523,21 +523,21 @@ CVE-2018-17318
CVE-2018-17317 (FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote
attackers ...)
NOT-FOR-US: FruityWifi
CVE-2018-17316 (On the RICOH MP C6003 printer, HTML Injection and Stored XSS
...)
- TODO: check
+ NOT-FOR-US: RICOH MP C6003 printer
CVE-2018-17315 (On the RICOH MP C2003 printer, HTML Injection and Stored XSS
...)
- TODO: check
+ NOT-FOR-US: RICOH MP C2003 printer
CVE-2018-17314 (On the RICOH Aficio MP 305+ printer, HTML Injection and Stored
XSS ...)
- TODO: check
+ NOT-FOR-US: RICOH Aficio MP 305+ printer
CVE-2018-17313 (On the RICOH MP C307 printer, HTML Injection and Stored XSS
...)
- TODO: check
+ NOT-FOR-US: RICOH MP C307 printer
CVE-2018-17312 (On the RICOH Aficio MP 301 printer, HTML Injection and Stored
XSS ...)
- TODO: check
+ NOT-FOR-US: RICOH Aficio MP 301 printer
CVE-2018-17311 (On the RICOH MP C6503 Plus printer, HTML Injection and Stored
XSS ...)
- TODO: check
+ NOT-FOR-US: RICOH MP C6503 Plus printer
CVE-2018-17310 (On the RICOH MP C1803 JPN printer, HTML Injection and Stored
XSS ...)
- TODO: check
+ NOT-FOR-US: RICOH MP C1803 JPN printer
CVE-2018-17309 (On the RICOH MP C406Z printer, HTML Injection and Stored XSS
...)
- TODO: check
+ NOT-FOR-US: RICOH MP C406Z printer
CVE-2018-17308
RESERVED
CVE-2018-17307
@@ -1080,7 +1080,7 @@ CVE-2018-17082 (The Apache2 component in PHP before
5.6.38, 7.0.x before 7.0.32,
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76582
NOTE:
https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e
CVE-2018-17081 (e107 2.1.9 allows CSRF via ...)
- TODO: check
+ NOT-FOR-US: e107
CVE-2018-17080
RESERVED
CVE-2018-17079
@@ -1320,9 +1320,9 @@ CVE-2018-16971 (Wisetail Learning Ecosystem (LE) through
v4.11.6 allows insecure
CVE-2018-16970 (Wisetail Learning Ecosystem (LE) through v4.11.6 allows
insecure direct ...)
NOT-FOR-US: Wisetail Learning Ecosystem
CVE-2018-16969 (Citrix ShareFile StorageZones Controller before 5.4.2 has
Information ...)
- TODO: check
+ NOT-FOR-US: Citrix ShareFile StorageZones Controller
CVE-2018-16968 (Citrix ShareFile StorageZones Controller before 5.4.2 allows
Directory ...)
- TODO: check
+ NOT-FOR-US: Citrix ShareFile StorageZones Controller
CVE-2018-16967
RESERVED
CVE-2018-16966
@@ -1911,11 +1911,11 @@ CVE-2018-16715 (An issue was discovered in Absolute
Software CTES Windows Agent
CVE-2018-16714
RESERVED
CVE-2018-16713 (IObit Advanced SystemCare, which includes
Monitor_win10_x64.sys or ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare
CVE-2018-16712 (IObit Advanced SystemCare, which includes
Monitor_win10_x64.sys or ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare
CVE-2018-16711 (IObit Advanced SystemCare, which includes
Monitor_win10_x64.sys or ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare
CVE-2018-16710 (** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers
to ...)
- octoprint <itp> (bug #718591)
NOTE: https://github.com/foosel/OctoPrint/issues/2814
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf36d3010eaa722aa6116f05c00bd66142edadd8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf36d3010eaa722aa6116f05c00bd66142edadd8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
