Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b6be3bdf by Moritz Muehlenhoff at 2018-10-29T08:20:45Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,29 +27,29 @@ CVE-2018-18794
CVE-2018-18793
RESERVED
CVE-2018-18792 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
- TODO: check
+ NOT-FOR-US: zzcms
CVE-2018-18791 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
- TODO: check
+ NOT-FOR-US: zzcms
CVE-2018-18790 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
- TODO: check
+ NOT-FOR-US: zzcms
CVE-2018-18789 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
- TODO: check
+ NOT-FOR-US: zzcms
CVE-2018-18788 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
- TODO: check
+ NOT-FOR-US: zzcms
CVE-2018-18787 (An issue was discovered in zzcms 8.3. SQL Injection exists in
zs/zs.php ...)
- TODO: check
+ NOT-FOR-US: zzcms
CVE-2018-18786 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
- TODO: check
+ NOT-FOR-US: zzcms
CVE-2018-18785 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
- TODO: check
+ NOT-FOR-US: zzcms
CVE-2018-18784 (An issue was discovered in zzcms 8.3. SQL Injection exists in
...)
- TODO: check
+ NOT-FOR-US: zzcms
CVE-2018-18783 (XSS was discovered in SEMCMS V3.4 via the
semcms_remail.php?type=ok ...)
- TODO: check
+ NOT-FOR-US: SEMCMS
CVE-2018-18782 (Reflected XSS exists in DedeCMS 5.7 SP2 via the
/member/myfriend.php ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2018-18781 (DedeCMS 5.7 SP2 allows XSS via the /member/uploads_select.php
f or ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2018-18780
RESERVED
CVE-2018-18779
@@ -69,7 +69,7 @@ CVE-2018-18773
CVE-2018-18772
RESERVED
CVE-2018-18771 (An issue was discovered in LuLu CMS through 2015-05-14. ...)
- TODO: check
+ NOT-FOR-US: Lulu CMS
CVE-2018-18770
RESERVED
CVE-2018-18769
@@ -81,9 +81,15 @@ CVE-2018-18767
CVE-2018-18766
RESERVED
CVE-2018-18765 (An exploitable arbitrary memory read vulnerability exists in
the MQTT ...)
- TODO: check
+ - smplayer 18.5.0~ds1-1
+ [stretch] - smplayer <not-affected> (Vulnerable code not present)
+ [jessie] - smplayer <not-affected> (Vulnerable code not present)
+ NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer
builds the Chromecast support
CVE-2018-18764 (An exploitable arbitrary memory read vulnerability exists in
the MQTT ...)
- TODO: check
+ - smplayer 18.5.0~ds1-1
+ [stretch] - smplayer <not-affected> (Vulnerable code not present)
+ [jessie] - smplayer <not-affected> (Vulnerable code not present)
+ NOTE: 18.5.0~ds1-1 isn't fixed on the source level, but no longer
builds the Chromecast support
CVE-2018-18763
RESERVED
CVE-2018-18762
@@ -105,7 +111,7 @@ CVE-2018-18755
CVE-2018-18754 (ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root
account ...)
NOT-FOR-US: ZyXEL
CVE-2018-18753 (Typecho V1.1 allows remote attackers to send shell commands
via ...)
- TODO: check
+ NOT-FOR-US: Typecho
CVE-2018-18752 (Webiness Inventory 2.3 suffers from an Arbitrary File upload
...)
NOT-FOR-US: Webiness Inventory
CVE-2018-18751 (An issue was discovered in GNU gettext 0.19.8. There is a
double free ...)
@@ -113,9 +119,9 @@ CVE-2018-18751 (An issue was discovered in GNU gettext
0.19.8. There is a double
CVE-2018-18750
RESERVED
CVE-2018-18749 (data-tools through 2017-07-26 has an Integer Overflow leading
to an ...)
- TODO: check
+ NOT-FOR-US: data-tools
CVE-2018-18748 (Sandboxie 5.26 allows a Sandbox Escape via an "import
os" statement, ...)
- TODO: check
+ NOT-FOR-US: Sandboxie
CVE-2018-18747
RESERVED
CVE-2018-18746
@@ -17312,17 +17318,17 @@ CVE-2018-11855
RESERVED
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11854 (Lack of check of valid length of input parameter may cause
buffer ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-11853 (Lack of check on out of range for channels When processing
channel ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-11852 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11851 (In all android releases (Android for MSM, Firefox OS for MSM,
QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11850 (Lack of check on remaining length parameter When processing
scan start ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-11849 (Lack of check on out of range of bssid parameter When
processing scan ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-11848
RESERVED
CVE-2018-11847
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b6be3bdfea28444a507c0241eee0ca180f53c806
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b6be3bdfea28444a507c0241eee0ca180f53c806
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
