[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Sun, 18 Nov 2018 00:30:02 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
fba12d6c by Salvatore Bonaccorso at 2018-11-18T08:28:35Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2018-19350 (In SeaCMS v6.6.4, there is stored XSS via the ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2018-19349 (In SeaCMS v6.64, there is SQL injection via the 
admin_makehtml.php ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2018-19348 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2018-19347 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2018-19346 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2018-19345 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2018-19344 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2018-19343 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2018-19342 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2018-19341 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2018-19340 (Guriddo Form PHP 5.3 has XSS via the ...)
        NOT-FOR-US: Guriddo Form PHP
 CVE-2018-19339
@@ -9336,9 +9336,9 @@ CVE-2018-15695 (ASUSTOR Data Master 3.1.5 and below 
allows authenticated remote
 CVE-2018-15694 (ASUSTOR Data Master 3.1.5 and below allows authenticated 
remote ...)
        NOT-FOR-US: ASUSTOR Data Master
 CVE-2018-15693 (Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier 
allows ...)
-       TODO: check
+       NOT-FOR-US: Inova Partner
 CVE-2018-15692 (Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier 
allows ...)
-       TODO: check
+       NOT-FOR-US: Inova Partner
 CVE-2018-15691 (Insecure deserialization of a specially crafted serialized 
object, in ...)
        NOT-FOR-US: CA Release Automation
 CVE-2018-15690
@@ -26544,7 +26544,7 @@ CVE-2018-9087
 CVE-2018-9086 (In some Lenovo ThinkServer-branded servers, a command injection 
...)
        TODO: check
 CVE-2018-9085 (A write protection lock bit was left unset after boot on an 
older ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2018-9084
        RESERVED
 CVE-2018-9083
@@ -26568,11 +26568,11 @@ CVE-2018-9075 (For some Iomega, Lenovo, LenovoEMC NAS 
devices versions 4.1.402.3
 CVE-2018-9074 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 
4.1.402.34662 ...)
        NOT-FOR-US: Lenovo
 CVE-2018-9073 (Lenovo Chassis Management Module (CMM) prior to version 2.0.0 
utilizes ...)
-       TODO: check
+       NOT-FOR-US: Lenovo Chassis Management Module
 CVE-2018-9072
        RESERVED
 CVE-2018-9071 (Lenovo Chassis Management Module (CMM) prior to version 2.0.0 
allows ...)
-       TODO: check
+       NOT-FOR-US: Lenovo Chassis Management Module
 CVE-2018-9070 (For the Lenovo Smart Assistant Android app versions earlier 
than ...)
        NOT-FOR-US: Lenovo
 CVE-2018-9069 (In some Lenovo IdeaPad consumer notebook models, a race 
condition in ...)
@@ -31227,15 +31227,15 @@ CVE-2018-7365
 CVE-2018-7364
        RESERVED
 CVE-2018-7363 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are 
impacted ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2018-7362 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are 
impacted ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2018-7361 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are 
impacted ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2018-7360 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are 
impacted ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2018-7359 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are 
impacted ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2018-7358 (ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, 
V2.2.0_PK1.2T2, ...)
        NOT-FOR-US: ZTE ZXHN H168N product
 CVE-2018-7357 (ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, 
V2.2.0_PK1.2T2, ...)
@@ -47470,7 +47470,7 @@ CVE-2018-1799 (IBM DB2 for Linux, UNIX and Windows 
(includes DB2 Connect Server)
 CVE-2018-1798 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is 
vulnerable ...)
        NOT-FOR-US: IBM WebSphere Application Server
 CVE-2018-1797 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using 
...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2018-1796
        RESERVED
 CVE-2018-1795 (IBM Robotic Process Automation with Automation Anywhere 
Enterprise 10 ...)
@@ -47786,7 +47786,7 @@ CVE-2018-1641
 CVE-2018-1640
        RESERVED
 CVE-2018-1639 (The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 
and 6.0 ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2018-1638 (IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not 
enforce Two ...)
        NOT-FOR-US: IBM
 CVE-2018-1637



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fba12d6cdd0ed26bc797315bfeb1cf9ffd615eff

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fba12d6cdd0ed26bc797315bfeb1cf9ffd615eff
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to