[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Fri, 16 Nov 2018 06:30:02 -0800

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b3ed02d2 by Moritz Muehlenhoff at 2018-11-16T14:28:56Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2018-19303
 CVE-2018-19302
        RESERVED
 CVE-2018-19301 (tp4a TELEPORT 3.1.0 allows XSS via the login page because a 
crafted ...)
-       TODO: check
+       NOT-FOR-US: tp4a TELEPORT
 CVE-2018-19300
        RESERVED
 CVE-2018-19299
@@ -37,7 +37,7 @@ CVE-2018-19288 (Zoho ManageEngine OpManager 12.3 before Build 
123223 has XSS via
 CVE-2018-19287 (XSS in the Ninja Forms plugin before 3.3.18 for WordPress 
allows Remote ...)
        NOT-FOR-US: Ninja Forms plugin for WordPress
 CVE-2018-19286 (The server in mubu note 2018-11-11 has XSS by configuring an 
account ...)
-       TODO: check
+       NOT-FOR-US: mubu note
 CVE-2018-19285
        RESERVED
 CVE-2018-19284
@@ -6864,11 +6864,11 @@ CVE-2018-16623
 CVE-2018-16622 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
        NOT-FOR-US: DoraCMS
 CVE-2018-16621 (Sonatype Nexus Repository Manager before 3.14 allows Java 
Expression ...)
-       TODO: check
+       NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2018-16620 (Sonatype Nexus Repository Manager before 3.14 has Incorrect 
Access ...)
-       TODO: check
+       NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2018-16619 (Sonatype Nexus Repository Manager before 3.14 allows XSS. ...)
-       TODO: check
+       NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2018-16618
        RESERVED
 CVE-2018-1000670 (KOHA Library System version 16.11.x (up until 16.11.13) and 
17.05.x ...)
@@ -9205,7 +9205,7 @@ CVE-2018-15710 (Nagios XI 5.5.6 allows local 
authenticated attackers to escalate
 CVE-2018-15709 (Nagios XI 5.5.6 allows remote authenticated attackers to 
execute ...)
        NOT-FOR-US: Nagios XI
 CVE-2018-15708 (Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated 
attackers ...)
-       TODO: check
+       NOT-FOR-US: Nagios XI
 CVE-2018-15707 (Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to 
cross-site ...)
        NOT-FOR-US: Advantech WebAccess
 CVE-2018-15706 (WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows 
remote ...)
@@ -10961,9 +10961,9 @@ CVE-2018-14937 (The Add page option in my little forum 
2.4.12 allows XSS via the
 CVE-2018-14936 (The Add page option in my little forum 2.4.12 allows XSS via 
the Title ...)
        NOT-FOR-US: My Little Forum
 CVE-2018-14935 (The Web administration console on Polycom Trio devices with 
software ...)
-       TODO: check
+       NOT-FOR-US: Polycom Trio
 CVE-2018-14934 (The Bluetooth subsystem on Polycom Trio devices with software 
before ...)
-       TODO: check
+       NOT-FOR-US: Polycom Trio
 CVE-2018-14933 (upgrade_handle.php on NUUO NVRmini devices allows Remote 
Command ...)
        NOT-FOR-US: NUUO NVRmini devices
 CVE-2018-14932
@@ -25124,7 +25124,7 @@ CVE-2018-9582
 CVE-2018-9581
        RESERVED
 CVE-2018-9580 (A Elevation of privilege vulnerability in the HTC bootloader. 
Product: ...)
-       TODO: check
+       NOT-FOR-US: HTC
 CVE-2018-9579
        RESERVED
 CVE-2018-9578
@@ -25194,25 +25194,25 @@ CVE-2018-9547
 CVE-2018-9546
        RESERVED
 CVE-2018-9545 (In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2018-9544 (In register_app of btif_hd.cc, there is a possible 
out-of-bounds read ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2018-9543 (In f2fs_format_utils.c WITH_BLKDISCARD is not defined, which 
may cause ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2018-9542 (In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible 
out of ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2018-9541 (In avrc_pars_vendor_rsp of avcr_pars_ct.cc, there is a possible 
...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2018-9540 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a 
possible ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2018-9539 (In the ClearKey CAS descrambler, there is a possible use after 
free ...)
-       TODO: check
+       NOT-FOR-US: Android Media Framework
 CVE-2018-9538
        RESERVED
 CVE-2018-9537 (In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a 
possible ...)
-       TODO: check
+       NOT-FOR-US: Android Media Framework
 CVE-2018-9536 (In numerous functions of libFDK, there are possible out of 
bounds ...)
-       TODO: check
+       NOT-FOR-US: Android Media Framework
 CVE-2018-9535 (In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a 
possible ...)
        TODO: check
 CVE-2018-9534 (In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a 
...)
@@ -25222,7 +25222,7 @@ CVE-2018-9533 (In ixheaacd_dec_data_init of 
ixheaacd_create.c there is a possibl
 CVE-2018-9532 (In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there 
is a ...)
        TODO: check
 CVE-2018-9531 (In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a 
possible ...)
-       TODO: check
+       NOT-FOR-US: Android Media Framework
 CVE-2018-9530 (In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a 
...)
        TODO: check
 CVE-2018-9529 (In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is 
a ...)
@@ -25230,19 +25230,19 @@ CVE-2018-9529 (In ixheaacd_individual_ch_stream of 
ixheaacd_channel.c there is a
 CVE-2018-9528 (In ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s 
there is a ...)
        TODO: check
 CVE-2018-9527 (In vorbis_book_decodev_set of codebook.c there is a possible 
out of ...)
-       TODO: check
+       NOT-FOR-US: Android Media Framework
 CVE-2018-9526 (In device configuration data, there is an improperly configured 
...)
        TODO: check
 CVE-2018-9525 (In the AndroidManifest.xml file defining the 
SliceBroadcastReceiver ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2018-9524 (In functionality implemented in System UI, there are 
insufficient ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2018-9523 (In Parcel.writeMapInternal of Parcel.java, there is a possible 
parcel ...)
        TODO: check
 CVE-2018-9522 (In the serialization functions of StatsLogEventWrapper.java, 
there is ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2018-9521 (In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a 
possible out ...)
-       TODO: check
+       NOT-FOR-US: Android Media Framework
 CVE-2018-9520
        RESERVED
 CVE-2018-9519



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3ed02d2cd89cfbe9a8f8f3fea1eafd815cf5604

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3ed02d2cd89cfbe9a8f8f3fea1eafd815cf5604
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to