Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
26095d58 by Salvatore Bonaccorso at 2018-11-08T20:32:29Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
CVE-2018-19114 (An issue was discovered in MinDoc through v1.0.2. It allows
attackers ...)
- TODO: check
+ NOT-FOR-US: MinDoc
CVE-2018-19113
RESERVED
CVE-2018-19112
RESERVED
CVE-2018-19111 (The Google Cardboard application 1.8 for Android and 1.2 for
iOS sends ...)
- TODO: check
+ NOT-FOR-US: Google Cardboard application for Android and iOS
CVE-2018-19110 (The skin-management feature in tianti 2.3 allows remote
authenticated ...)
- TODO: check
+ NOT-FOR-US: tianti
CVE-2018-19109 (tianti 2.3 allows remote authenticated users to bypass
intended ...)
- TODO: check
+ NOT-FOR-US: tianti
CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp
in the PSD ...)
TODO: check
CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called
from ...)
@@ -19,7 +19,7 @@ CVE-2018-19106
CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of
service ...)
TODO: check
CVE-2018-19104 (In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability
that can be ...)
- TODO: check
+ NOT-FOR-US: BageCMS
CVE-2018-19103
RESERVED
CVE-2018-19102
@@ -9083,19 +9083,19 @@ CVE-2018-15451
CVE-2018-15450
RESERVED
CVE-2018-15449 (A vulnerability in the web-based management interface of Cisco
Video ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15448 (A vulnerability in the user management functions of Cisco
Registered ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15447 (A vulnerability in the web framework code of Cisco Integrated
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15446 (A vulnerability in Cisco Meeting Server could allow an ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15445 (A vulnerability in the web-based management interface of Cisco
Energy ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15444 (A vulnerability in the web-based user interface of Cisco
Energy ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15443 (A vulnerability in the detection engine of Cisco Firepower
System ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15442 (A vulnerability in the update service of Cisco Webex Meetings
Desktop ...)
NOT-FOR-US: Cisco
CVE-2018-15441
@@ -9103,11 +9103,11 @@ CVE-2018-15441
CVE-2018-15440
RESERVED
CVE-2018-15439 (A vulnerability in the Cisco Small Business Switches software
could ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15438 (A vulnerability in the web-based management interface of Cisco
Prime ...)
NOT-FOR-US: Cisco
CVE-2018-15437 (A vulnerability in the system scanning component of Cisco
Immunet and ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15436 (A vulnerability in the web-based management interface of Cisco
Webex ...)
NOT-FOR-US: Cisco
CVE-2018-15435 (A vulnerability in the web-based management interface of Cisco
...)
@@ -9193,9 +9193,9 @@ CVE-2018-15396 (A vulnerability in the Bulk
Administration Tool (BAT) for Cisco
CVE-2018-15395 (A vulnerability in the authentication and authorization
checking ...)
NOT-FOR-US: Cisco
CVE-2018-15394 (A vulnerability in the Stealthwatch Management Console (SMC)
of Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15393 (A vulnerability in the web-based management interface of Cisco
Content ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15392 (A vulnerability in the DHCP service of Cisco Industrial
Network ...)
NOT-FOR-US: Cisco
CVE-2018-15391 (A vulnerability in certain IPv4 fragment-processing functions
of Cisco ...)
@@ -9219,7 +9219,7 @@ CVE-2018-15383 (A vulnerability in the cryptographic
hardware accelerator driver
CVE-2018-15382 (A vulnerability in Cisco HyperFlex Software could allow an ...)
NOT-FOR-US: Cisco
CVE-2018-15381 (A Java deserialization vulnerability in Cisco Unity Express
(CUE) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-15380
RESERVED
CVE-2018-15379 (A vulnerability in which the HTTP web server for Cisco Prime
...)
@@ -18452,7 +18452,7 @@ CVE-2018-11779
CVE-2018-11778 (UnixAuthenticationService in Apache Ranger 1.2.0 was updated
to ...)
NOT-FOR-US: Apache Ranger
CVE-2018-11777 (In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on
...)
- TODO: check
+ NOT-FOR-US: Apache Hive
CVE-2018-11776 (Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer
from ...)
- libstruts1.2-java <not-affected> (Specific to 2.x)
NOTE: https://cwiki.apache.org/confluence/display/WW/S2-057
@@ -48244,7 +48244,7 @@ CVE-2018-1316 (The ODE process deployment web service
was sensible to deployment
CVE-2018-1315 (In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement
is run ...)
NOT-FOR-US: Apache Hive
CVE-2018-1314 (In Apache Hive 2.3.3, 3.1.0 and earlier, Hive
"EXPLAIN" operation does ...)
- TODO: check
+ NOT-FOR-US: Apache Hive
CVE-2018-1313 (In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted
network ...)
- derby 10.14.2.0-1
[jessie] - derby <no-dsa> (Minor issue)
@@ -52001,7 +52001,7 @@ CVE-2018-0286 (A vulnerability in the netconf interface
of Cisco IOS XR Software
CVE-2018-0285 (A vulnerability in service logging for Cisco Prime Service
Catalog ...)
NOT-FOR-US: Cisco
CVE-2018-0284 (A vulnerability in the local status page functionality of the
Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2018-0283 (A vulnerability in the detection engine of Cisco Firepower
System ...)
NOT-FOR-US: Cisco
CVE-2018-0282
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/26095d5818b6d54c00e784edf972e271c2b9baf1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/26095d5818b6d54c00e784edf972e271c2b9baf1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
