Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
afce47ed by Salvatore Bonaccorso at 2018-11-01T20:42:41Z
Add reference for CVE-2018-14651
- - - - -
a16934ea by Salvatore Bonaccorso at 2018-11-01T20:42:42Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -251,11 +251,11 @@ CVE-2018-18779
CVE-2018-18778 (ACME mini_httpd before 1.30 lets remote users read arbitrary
files. ...)
- mini-httpd <unfixed>
CVE-2018-18777 (Directory traversal vulnerability in Microstrategy Web,
version 7, in ...)
- TODO: check
+ NOT-FOR-US: Microstrategy Web
CVE-2018-18776 (Microstrategy Web, version 7, does not sufficiently encode ...)
- TODO: check
+ NOT-FOR-US: Microstrategy Web
CVE-2018-18775 (Microstrategy Web, version 7, does not sufficiently encode ...)
- TODO: check
+ NOT-FOR-US: Microstrategy Web
CVE-2018-18774
RESERVED
CVE-2018-18773
@@ -385,7 +385,7 @@ CVE-2018-18716
CVE-2018-18715
RESERVED
CVE-2018-18714 (RegFilter.sys in IOBit Malware Fighter 6.2 and earlier is
susceptible ...)
- TODO: check
+ NOT-FOR-US: IOBit Malware Fighter
CVE-2018-18713 (The function down_sql_action() in
/admin/model/database.class.php in ...)
NOT-FOR-US: PHPYun
CVE-2018-18712 (An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF
...)
@@ -438,7 +438,7 @@ CVE-2018-18697
CVE-2018-18696
RESERVED
CVE-2018-18695 (M2SOFT Report Designer Viewer 5.0 allows a Buffer Overflow
with ...)
- TODO: check
+ NOT-FOR-US: M2SOFT Report Designer Viewer
CVE-2018-18694 (admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows
remote ...)
NOT-FOR-US: Monstra CMS
CVE-2018-18693
@@ -8513,7 +8513,7 @@ CVE-2018-15456
CVE-2018-15455
RESERVED
CVE-2018-15454 (A vulnerability in the Session Initiation Protocol (SIP)
inspection ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15453
RESERVED
CVE-2018-15452
@@ -10362,6 +10362,7 @@ CVE-2018-14651 (It was found that the fix for
CVE-2018-10927, CVE-2018-10928, ..
NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632557
NOTE: https://review.gluster.org/#/c/glusterfs/+/21527/
+ NOTE:
http://git.gluster.org/cgit/glusterfs.git/commit/?id=5fdb7ae37f602894f81a2cadc5a4c609a4c85427
CVE-2018-14650 (It was discovered that sos-collector does not properly set the
default ...)
NOT-FOR-US: sos-collector (not same as sosreport itself, additional
tool to sosreport)
CVE-2018-14649 (It was found that ceph-isci-cli package as shipped by Red Hat
Ceph ...)
@@ -21244,9 +21245,9 @@ CVE-2018-10589 (In Advantech WebAccess versions
V8.2_20170817 and prior, WebAcce
CVE-2018-10588
RESERVED
CVE-2018-10587 (NetGain Enterprise Manager (EM) is affected by OS Command
Injection ...)
- TODO: check
+ NOT-FOR-US: NetGain Enterprise Manager
CVE-2018-10586 (NetGain Enterprise Manager (EM) is affected by multiple Stored
...)
- TODO: check
+ NOT-FOR-US: NetGain Enterprise Manager
CVE-2018-10585
RESERVED
CVE-2018-10584
@@ -29740,7 +29741,7 @@ CVE-2018-7358
CVE-2018-7357
RESERVED
CVE-2018-7356 (All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product
are ...)
- TODO: check
+ NOT-FOR-US: ZTE ZXR10 8905E
CVE-2018-7355 (All versions up to V1.0.0B05 of ZTE MF65 and all versions up to
...)
NOT-FOR-US: ZTE
CVE-2018-7354
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/12cce1993f931e71fc20c708553883cee7920650...a16934ea83ff06d66c4e3fd410b2d268c6953457
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/12cce1993f931e71fc20c708553883cee7920650...a16934ea83ff06d66c4e3fd410b2d268c6953457
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
