Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
620dab8e by Salvatore Bonaccorso at 2018-11-06T21:26:20Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2828,7 +2828,7 @@ CVE-2018-17915 (All versions of Hangzhou Xiongmai
Technology Co., Ltd XMeye P2P
CVE-2018-17914 (InduSoft Web Studio versions prior to 8.1 SP2, and InTouch
Edge HMI ...)
NOT-FOR-US: InduSoft Web Studio
CVE-2018-17913 (A type confusion vulnerability exists when processing project
files in ...)
- TODO: check
+ NOT-FOR-US: Omron CX-Supervisor
CVE-2018-17912 (An XXE vulnerability exists in CASE Suite Versions 3.10 and
prior when ...)
NOT-FOR-US: CASE Suite
CVE-2018-17911 (LAquis SCADA Versions 4.1.0.3870 and prior has several
stack-based ...)
@@ -2836,15 +2836,15 @@ CVE-2018-17911 (LAquis SCADA Versions 4.1.0.3870 and
prior has several stack-bas
CVE-2018-17910 (WebAccess Versions 8.3.2 and prior. The application fails to
properly ...)
NOT-FOR-US: Advantech WebAccess
CVE-2018-17909 (When processing project files in Omron CX-Supervisor Versions
3.4.1.0 ...)
- TODO: check
+ NOT-FOR-US: Omron CX-Supervisor
CVE-2018-17908 (WebAccess Versions 8.3.2 and prior. During installation, the
...)
NOT-FOR-US: Advantech WebAccess
CVE-2018-17907 (When processing project files in Omron CX-Supervisor Versions
3.4.1.0 ...)
- TODO: check
+ NOT-FOR-US: Omron CX-Supervisor
CVE-2018-17906
RESERVED
CVE-2018-17905 (When processing project files in Omron CX-Supervisor Versions
3.4.1.0 ...)
- TODO: check
+ NOT-FOR-US: Omron CX-Supervisor
CVE-2018-17904 (Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This
...)
NOT-FOR-US: Reliance 4 SCADA/HMI
CVE-2018-17903 (SAGA1-L8B with any firmware versions prior to A0.10 are
vulnerable to ...)
@@ -4991,7 +4991,7 @@ CVE-2018-16988
CVE-2018-16987 (Squash TM through 1.18.0 presents the cleartext passwords of
external ...)
NOT-FOR-US: Squash TM
CVE-2018-16986 (Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and
CC2650 ...)
- TODO: check
+ NOT-FOR-US: Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640
and CC2650 devices
CVE-2018-16985 (In Lizard (formerly LZ5) 2.0, use of an invalid memory address
was ...)
NOT-FOR-US: Lizard
CVE-2018-16984 (An issue was discovered in Django 2.1 before 2.1.2, in which
...)
@@ -13951,9 +13951,9 @@ CVE-2018-13399 (The Microsoft Windows Installer for
Atlassian Fisheye and Crucib
CVE-2018-13398 (The administrative smart-commits resource in Atlassian Fisheye
and ...)
NOT-FOR-US: Atlassian Fisheye and Crucible
CVE-2018-13397 (There was an argument injection vulnerability in Sourcetree
for ...)
- TODO: check
+ NOT-FOR-US: Sourcetree for Windows
CVE-2018-13396 (There was an argument injection vulnerability in Sourcetree
for macOS ...)
- TODO: check
+ NOT-FOR-US: Sourcetree for macOS
CVE-2018-13395 (Various resources in Atlassian Jira before version 7.6.8, from
version ...)
NOT-FOR-US: Atlassian Jira
CVE-2018-13394 (The acceptAnswer resource in Atlassian Confluence Questions
before ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/620dab8e73db591d17d36829b231ddedc1e6cc2e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/620dab8e73db591d17d36829b231ddedc1e6cc2e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
