Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d2cb81eb by Moritz Muehlenhoff at 2018-10-23T21:09:13Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -90,11 +90,11 @@ CVE-2018-18588
CVE-2018-18587 (BigProf AppGini 5.70 stores the passwords in the database
using the MD5 ...)
NOT-FOR-US: BigProf AppGini
CVE-2018-18583 (An issue has been found in LuPng through 2017-03-10. It is a
heap-based ...)
- TODO: check
+ NOT-FOR-US: LuPng
CVE-2018-18582 (An issue has been found in LuPng through 2017-03-10. It is a
heap-based ...)
- TODO: check
+ NOT-FOR-US: LuPng
CVE-2018-18581 (An issue has been found in LuPng through 2017-03-10. It is a
heap-based ...)
- TODO: check
+ NOT-FOR-US: LuPng
CVE-2018-18580
RESERVED
CVE-2018-18579 (Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php
folder ...)
@@ -709,11 +709,11 @@ CVE-2018-18331
CVE-2018-18330
RESERVED
CVE-2018-18329 (A KERedirect Untrusted Pointer Dereference Privilege
Escalation ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2018-18328 (A KERedirect Untrusted Pointer Dereference Privilege
Escalation ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2018-18327 (A KERedirect Untrusted Pointer Dereference Privilege
Escalation ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2018-18326
RESERVED
CVE-2018-18325
@@ -731,7 +731,7 @@ CVE-2018-18320 (** DISPUTED ** An issue was discovered in
the Merlin.PHP compone
CVE-2018-18319 (** DISPUTED ** An issue was discovered in the Merlin.PHP
component ...)
NOT-FOR-US: Merlin.PHP component for Asuswrt-Merlin devices
CVE-2018-18318 (The /dev/block/mmcblk0rpmb driver kernel module on Qiku 360
Phone N6 ...)
- NOT-FOR-US: Qiku 360 Phone
+ NOT-FOR-US: Qiku 360 Phone
CVE-2018-18317 (DESHANG DSCMS 1.1 has CSRF via the ...)
NOT-FOR-US: DESHANG DSCMS
CVE-2018-18316 (emlog v6.0.0 has CSRF via the admin/user.php?action=new URI.
...)
@@ -1702,7 +1702,6 @@ CVE-2018-17978
RESERVED
CVE-2018-17977 (The Linux kernel 4.14.67 mishandles certain interaction among
XFRM ...)
- linux <undetermined>
- TODO: check
CVE-2018-17976
RESERVED
CVE-2018-17975
@@ -7057,7 +7056,7 @@ CVE-2018-15760
CVE-2018-15759
RESERVED
CVE-2018-15758 (Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2
prior to ...)
- TODO: check
+ NOT-FOR-US: Spring Security OAuth
CVE-2018-15757
RESERVED
CVE-2018-15756 (Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10,
...)
@@ -7992,9 +7991,9 @@ CVE-2018-15369 (A vulnerability in the TACACS+ client
subsystem of Cisco IOS Sof
CVE-2018-15368 (A vulnerability in the CLI parser of Cisco IOS XE Software
could allow ...)
NOT-FOR-US: Cisco
CVE-2018-15367 (A ctl_set KERedirect Untrusted Pointer Dereference Privilege
...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2018-15366 (A UrlfWTPPagePtr KERedirect Use-After-Free Privilege
Escalation ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2018-15365 (A Reflected Cross-Site Scripting (XSS) vulnerability in Trend
Micro ...)
NOT-FOR-US: Trend Micro
CVE-2018-15364 (A Named Pipe Request Processing Out-of-Bounds Read Information
...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d2cb81eb57bd76c2178f654599ea4ff221588627
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d2cb81eb57bd76c2178f654599ea4ff221588627
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
