[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Tue, 09 Oct 2018 07:03:13 -0700

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
71e372d7 by Moritz Muehlenhoff at 2018-10-09T14:02:20Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2018-18069 (process_forms in the WPML (aka sitepress-multilingual-cms) 
plugin ...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2018-18068
        RESERVED
 CVE-2018-18067
@@ -39,7 +39,7 @@ CVE-2018-1000810 (The Rust Programming Language Standard 
Library version 1.29.0,
        NOTE: 
https://groups.google.com/forum/#!topic/rustlang-security-announcements/CmSuTm-SaU0
        NOTE: Fixed upstream in 1.29.1
 CVE-2018-1000809 (privacyIDEA version 2.23.1 and earlier contains a Improper 
Input ...)
-       TODO: check
+       NOT-FOR-US: privacyIDEA
 CVE-2018-1000808 (Python Cryptographic Authority pyopenssl version Before 
17.5.0 ...)
        TODO: check
 CVE-2018-1000807 (Python Cryptographic Authority pyopenssl version prior to 
version ...)
@@ -47,7 +47,7 @@ CVE-2018-1000807 (Python Cryptographic Authority pyopenssl 
version prior to vers
 CVE-2018-1000805 (Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 
1.17.6 ...)
        TODO: check
 CVE-2018-1000804 (contiki-ng version 4 contains a Buffer Overflow 
vulnerability in AQL ...)
-       TODO: check
+       NOT-FOR-US: contiki-ng
 CVE-2018-1000803 (Gitea version prior to version 1.5.1 contains a CWE-200 
vulnerability ...)
        - gitea <removed>
        NOTE: https://github.com/go-gitea/gitea/pull/4664
@@ -429,7 +429,7 @@ CVE-2018-17891 (Carestream Vue RIS, RIS Client Builds: 
Version 11.2 and prior ru
 CVE-2018-17890
        RESERVED
 CVE-2018-17889 (In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and 
prior ...)
-       TODO: check
+       NOT-FOR-US: PI Studio HMI
 CVE-2018-17888
        RESERVED
 CVE-2018-17887
@@ -695,7 +695,7 @@ CVE-2018-17777
 CVE-2018-17776 (PCProtect Anti-Virus v4.8.35 has &quot;Everyone: (F)&quot; 
permission for ...)
        NOT-FOR-US: PCProtect Anti-Virus
 CVE-2018-17775 (Seqrite End Point Security v7.4 has &quot;Everyone: (F)&quot; 
permission for ...)
-       TODO: check
+       NOT-FOR-US: Seqrite End Point Security
 CVE-2018-17774
        RESERVED
 CVE-2018-17773
@@ -1398,13 +1398,13 @@ CVE-2018-17445
 CVE-2018-17444
        RESERVED
 CVE-2018-17443 (An issue was discovered on D-Link Central WiFi Manager before 
v ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-17442 (An issue was discovered on D-Link Central WiFi Manager before 
v ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-17441 (An issue was discovered on D-Link Central WiFi Manager before 
v ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-17440 (An issue was discovered on D-Link Central WiFi Manager before 
v ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-17439 (An issue was discovered in the HDF HDF5 1.10.3 library. There 
is a ...)
        - hdf5 <undetermined>
        NOTE: 
https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#stack-overflow-in-h5s_extent_get_dims
@@ -2295,7 +2295,7 @@ CVE-2018-17062 (An issue was discovered in SeaCMS 6.64. 
XSS exists in admin_vide
 CVE-2018-17061 (BullGuard Safe Browsing before 18.1.355.9 allows XSS on 
Google, Bing, ...)
        NOT-FOR-US: BullGuard Safe Browsing
 CVE-2018-17060 (Telerik Extensions for ASP.NET MVC (all versions) does not 
whitelist ...)
-       TODO: check
+       NOT-FOR-US: Telerik Extensions for ASP.NET MVC
 CVE-2018-17059
        RESERVED
 CVE-2018-17058
@@ -4158,19 +4158,19 @@ CVE-2018-16299 (The Localize My Post plugin 1.0 for 
WordPress allows Directory .
 CVE-2018-16298 (An issue was discovered in MiniCMS 1.10. There is an ...)
        NOT-FOR-US: MiniCMS
 CVE-2018-16297 (An exploitable use-after-free vulnerability exists in the 
JavaScript ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2018-16296 (An exploitable use-after-free vulnerability exists in the 
JavaScript ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2018-16295 (An exploitable use-after-free vulnerability exists in the 
JavaScript ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2018-16294 (An exploitable use-after-free vulnerability exists in the 
JavaScript ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2018-16293 (An exploitable use-after-free vulnerability exists in the 
JavaScript ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2018-16292 (An exploitable use-after-free vulnerability exists in the 
JavaScript ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2018-16291 (An exploitable use-after-free vulnerability exists in the 
JavaScript ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2018-16290
        RESERVED
 CVE-2018-16289
@@ -5084,7 +5084,7 @@ CVE-2018-15905
 CVE-2018-15904 (A10 ACOS Web Application Firewall (WAF) 2.7.1 and 2.7.2 before 
...)
        NOT-FOR-US: A10 ACOS Web Application Firewall
 CVE-2018-15903 (The Discuss v1.2.1 module in Claromentis 8.2.2 is vulnerable 
to stored ...)
-       TODO: check
+       NOT-FOR-US: Claromentis
 CVE-2018-15902
        RESERVED
 CVE-2018-15901 (e107 2.1.8 has CSRF in 'usersettings.php' with an impact of 
changing ...)
@@ -7638,7 +7638,7 @@ CVE-2018-14820
 CVE-2018-14819 (Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds 
read ...)
        NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14818 (WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and 
prior and ...)
-       TODO: check
+       NOT-FOR-US: PI Studio HMI
 CVE-2018-14817 (Fuji Electric V-Server 4.0.3.0 and prior, An integer underflow 
...)
        NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14816
@@ -7654,7 +7654,7 @@ CVE-2018-14812
 CVE-2018-14811 (Fuji Electric V-Server 4.0.3.0 and prior, Multiple untrusted 
pointer ...)
        NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14810 (WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and 
prior and ...)
-       TODO: check
+       NOT-FOR-US: PI Studio HMI
 CVE-2018-14809 (Fuji Electric V-Server 4.0.3.0 and prior, A use after free ...)
        NOT-FOR-US: Fuji Electric V-Server
 CVE-2018-14808 (Emerson AMS Device Manager v12.0 to v13.5.  Non-administrative 
users ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/71e372d7e8e105145c6f6496f7c1c2ffe3b650f7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/71e372d7e8e105145c6f6496f7c1c2ffe3b650f7
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to