[Git][security-tracker-team/security-tracker][master] Process NFUs

Sat, 20 Oct 2018 01:55:04 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
172dabaf by Salvatore Bonaccorso at 2018-10-20T08:53:57Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,11 +13,11 @@ CVE-2018-18533
 CVE-2018-18532
        RESERVED
 CVE-2018-18531 (text/impl/DefaultTextCreator.java, 
text/impl/ChineseTextProducer.java, ...)
-       TODO: check
+       NOT-FOR-US: kaptcha
 CVE-2018-18530 (ThinkPHP 5.1.25 has SQL Injection via the count parameter 
because the ...)
-       TODO: check
+       NOT-FOR-US: ThinkPHP
 CVE-2018-18529 (ThinkPHP 3.2.4 has SQL Injection via the count parameter 
because the ...)
-       TODO: check
+       NOT-FOR-US: ThinkPHP
 CVE-2018-18528
        RESERVED
 CVE-2018-18527 (OwnTicket 2018-05-23 allows SQL Injection via the showTicketId 
or ...)
@@ -273,7 +273,7 @@ CVE-2018-18430 (An issue was discovered in DESTOON B2B 7.0. 
admin\setting.inc.ph
 CVE-2018-18429
        RESERVED
 CVE-2018-18428 (TP-Link TL-SC3130 1.6.18P12_121101 devices allow 
unauthenticated RTSP ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2018-18427 (s-cms 3.0 allows SQL Injection via the member/post.php 0_id 
parameter ...)
        NOT-FOR-US: s-cms
 CVE-2018-18426 (s-cms 3.0 allows remote attackers to execute arbitrary PHP 
code by ...)
@@ -289,15 +289,15 @@ CVE-2018-18422 (UsualToolCMS 8.0 allows CSRF for adding a 
user account via the .
 CVE-2018-18421
        RESERVED
 CVE-2018-18420 (Cross-Site Request Forgery (CSRF) vulnerability was discovered 
in the ...)
-       TODO: check
+       NOT-FOR-US: Zenario Content Management System
 CVE-2018-18419 (Stored XSS has been discovered in the upload section of 
ARDAWAN.COM ...)
-       TODO: check
+       NOT-FOR-US: ARDAWAN.COM User Management
 CVE-2018-18418
        RESERVED
 CVE-2018-18417 (In the 3.1 version of Ekushey Project Manager CRM, Stored XSS 
has been ...)
-       TODO: check
+       NOT-FOR-US: Ekushey Project Manager CRM
 CVE-2018-18416 (LANGO Codeigniter Multilingual Script 1.0 has XSS in the input 
and ...)
-       TODO: check
+       NOT-FOR-US: LANGO Codeigniter Multilingual Scrip
 CVE-2018-18415
        RESERVED
 CVE-2018-18414
@@ -385,7 +385,7 @@ CVE-2018-18382 (Advanced HRM 1.6 allows Remote Code 
Execution via PHP code in a
 CVE-2018-18381 (Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in 
...)
        NOT-FOR-US: Z-BlogPHP
 CVE-2018-18380 (A Session Fixation issue was discovered in Bigtree. admin.php 
accepts ...)
-       TODO: check
+       NOT-FOR-US: Bigtree CMS
 CVE-2018-18379
        RESERVED
 CVE-2018-18378



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/172dabaf348fa9cfc08af5ab8029b7857025ea63

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/172dabaf348fa9cfc08af5ab8029b7857025ea63
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to