[Git][security-tracker-team/security-tracker][master] NFUs

Tue, 20 Nov 2018 01:21:22 -0800 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9a3193be by Moritz Muehlenhoff at 2018-11-20T09:20:20Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -81,7 +81,7 @@ CVE-2018-19335
 CVE-2018-19334
        RESERVED
 CVE-2018-19333 (pkg/sentry/kernel/shm/shm.go in Google gVisor before 
2018-11-01 allows ...)
-       TODO: check
+       NOT-FOR-US: gVisor
 CVE-2018-19332 (An issue was discovered in S-CMS v1.5. There is a CSRF 
vulnerability ...)
        NOT-FOR-US: S-CMS
 CVE-2018-19331 (An issue was discovered in S-CMS v1.5. There is a SQL 
injection ...)
@@ -1711,9 +1711,9 @@ CVE-2018-18758
 CVE-2018-18757
        RESERVED
 CVE-2018-18756 (Local Server 1.0.9 has a Buffer Overflow via crafted data on 
Port ...)
-       TODO: check
+       NOT-FOR-US: Local Server
 CVE-2018-18755 (K-iwi Framework 1775 has SQL Injection via the 
admin/user/group/update ...)
-       TODO: check
+       NOT-FOR-US: K-iwi Framework
 CVE-2018-18754 (ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root 
account ...)
        NOT-FOR-US: ZyXEL
 CVE-2018-18753 (Typecho V1.1 allows remote attackers to send shell commands 
via ...)
@@ -2311,7 +2311,7 @@ CVE-2018-18520 (An Invalid Memory Address Dereference 
exists in the function elf
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23787
        NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html
 CVE-2018-18519 (BestXsoftware Best Free Keylogger 5.2.9 allows local users to 
gain ...)
-       TODO: check
+       NOT-FOR-US: BestXsoftware Best Free Keylogger
 CVE-2018-18518
        RESERVED
 CVE-2018-18517 (Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x 
before ...)
@@ -3950,7 +3950,7 @@ CVE-2018-17908 (WebAccess Versions 8.3.2 and prior. 
During installation, the ...
 CVE-2018-17907 (When processing project files in Omron CX-Supervisor Versions 
3.4.1.0 ...)
        NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-17906 (Philips iSite and IntelliSpace PACS, iSite PACS, all versions, 
and ...)
-       TODO: check
+       NOT-FOR-US: Philips
 CVE-2018-17905 (When processing project files in Omron CX-Supervisor Versions 
3.4.1.0 ...)
        NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-17904 (Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This 
...)
@@ -9239,11 +9239,11 @@ CVE-2018-15763 (Pivotal Container Service, versions 
prior to 1.2.0, contains an
 CVE-2018-15762 (Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, 
versions ...)
        NOT-FOR-US: Pivotal
 CVE-2018-15761 (Cloud Foundry UAA release, versions prior to v64.0, and UAA, 
versions ...)
-       TODO: check
+       NOT-FOR-US: Cloud Foundry
 CVE-2018-15760
        RESERVED
 CVE-2018-15759 (Pivotal Cloud Foundry On Demand Services SDK, versions prior 
to 0.24 ...)
-       TODO: check
+       NOT-FOR-US: Cloud Foundry
 CVE-2018-15758 (Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 
prior to ...)
        NOT-FOR-US: Spring Security OAuth
 CVE-2018-15757
@@ -26323,7 +26323,7 @@ CVE-2018-9211
 CVE-2018-9210
        RESERVED
 CVE-2018-9209 (Unauthenticated arbitrary file upload vulnerability in 
FineUploader ...)
-       TODO: check
+       NOT-FOR-US: FineUploader
 CVE-2018-9208 (Unauthenticated arbitrary file upload vulnerability in jQuery 
Picture ...)
        NOT-FOR-US: jQuery Picture
 CVE-2018-9207 (Arbitrary file upload in jQuery Upload File <= 4.0.2 ...)
@@ -26610,7 +26610,7 @@ CVE-2018-9088
 CVE-2018-9087
        RESERVED
 CVE-2018-9086 (In some Lenovo ThinkServer-branded servers, a command injection 
...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2018-9085 (A write protection lock bit was left unset after boot on an 
older ...)
        NOT-FOR-US: IBM
 CVE-2018-9084
@@ -47456,7 +47456,7 @@ CVE-2018-1843
 CVE-2018-1842 (IBM Cognos Analytics 11 Configuration tool, under certain ...)
        NOT-FOR-US: IBM
 CVE-2018-1841 (IBM Cloud Private 2.1.0 could allow a local user to obtain the 
CA ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2018-1840
        RESERVED
 CVE-2018-1839



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9a3193be292027053eba19fbda6bde1755677e42

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9a3193be292027053eba19fbda6bde1755677e42
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to