[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Thu, 29 Nov 2018 03:15:02 -0800

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
fe622d1c by Moritz Muehlenhoff at 2018-11-29T11:13:48Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2018-19666 (The agent in OSSEC through 3.1.0 on Windows allows local users 
to gain ...)
-       TODO: check
+       - ossec-hids <itp> (bug #361954)
 CVE-2018-19665
        RESERVED
 CVE-2018-19664 (libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the 
...)
@@ -23,13 +23,13 @@ CVE-2018-19656
 CVE-2018-19655 (A stack-based buffer overflow in the find_green() function of 
dcraw ...)
        TODO: check
 CVE-2018-19654 (An issue was discovered in Sales &amp; Company Management 
System (SCMS) ...)
-       TODO: check
+       NOT-FOR-US: Sales & Company Management System (SCMS) 
 CVE-2018-19653
        RESERVED
 CVE-2018-19652
        RESERVED
 CVE-2018-19651 (admin/functions/remote.php in Interspire Email Marketer 
through 6.1.6 ...)
-       TODO: check
+       NOT-FOR-US: Interspire Email Marketer
 CVE-2018-19650
        RESERVED
 CVE-2019-1564
@@ -2997,9 +2997,9 @@ CVE-2018-19532 (A NULL pointer dereference vulnerability 
exists in the function
        [stretch] - libpodofo <no-dsa> (Minor issue)
        NOTE: https://sourceforge.net/p/podofo/tickets/32/
 CVE-2018-19531 (HTTL (aka Hyper-Text Template Language) through 1.0.11 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: HTTL
 CVE-2018-19530 (HTTL (aka Hyper-Text Template Language) through 1.0.11 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: HTTL
 CVE-2018-19529
        RESERVED
 CVE-2018-19528 (TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to 
cause a ...)
@@ -3406,7 +3406,7 @@ CVE-2018-19372
 CVE-2018-19371
        RESERVED
 CVE-2018-19370 (A Race condition vulnerability in unzip_file in ...)
-       TODO: check
+       NOT-FOR-US: Wordpress plugin
 CVE-2018-19369
        RESERVED
 CVE-2018-19368
@@ -6686,7 +6686,7 @@ CVE-2018-18205
 CVE-2018-18204
        RESERVED
 CVE-2018-18203 (A vulnerability in the update mechanism of Subaru StarLink 
Harman head ...)
-       TODO: check
+       NOT-FOR-US: Subaru
 CVE-2018-18202 (The QLogic 4Gb Fibre Channel 5.5.2.6.0 and 4/8Gb SAN 
7.10.1.20.0 ...)
        NOT-FOR-US: IBM
 CVE-2018-18201 (qibosoft V7.0 allows CSRF via ...)
@@ -7370,7 +7370,7 @@ CVE-2018-17932
 CVE-2018-17931 (If an attacker has physical access to the VGo Robot (Versions 
...)
        NOT-FOR-US: VGo Robot
 CVE-2018-17930 (A stack-based buffer overflow vulnerability has been 
identified in ...)
-       TODO: check
+       NOT-FOR-US: Teledyne DALSA Sherlock
 CVE-2018-17929 (In Delta Industrial Automation TPEditor, TPEditor Versions 
1.90 and ...)
        NOT-FOR-US: TPEditor
 CVE-2018-17928
@@ -13555,7 +13555,7 @@ CVE-2018-15443 (A vulnerability in the detection engine 
of Cisco Firepower Syste
 CVE-2018-15442 (A vulnerability in the update service of Cisco Webex Meetings 
Desktop ...)
        NOT-FOR-US: Cisco
 CVE-2018-15441 (A vulnerability in the web framework code of Cisco Prime 
License ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-15440
        RESERVED
 CVE-2018-15439 (A vulnerability in the Cisco Small Business Switches software 
could ...)
@@ -15115,13 +15115,13 @@ CVE-2018-14751
 CVE-2018-14750
        RESERVED
 CVE-2018-14749 (Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 
4.3.4 ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2018-14748 (Improper Authorization vulnerability in QTS 4.3.5 build 
20181013, QTS ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2018-14747 (NULL Pointer Dereference vulnerability in QTS 4.3.5 build 
20181013, ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2018-14746 (Command Injection vulnerability in QTS 4.3.5 build 20181013, 
QTS 4.3.4 ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2018-14955 (The mail message display page in SquirrelMail through 1.4.22 
has XSS ...)
        {DLA-1484-1}
        - squirrelmail <removed> (bug #905023)
@@ -21085,13 +21085,13 @@ CVE-2017-18320
 CVE-2017-18319
        RESERVED
 CVE-2017-18318 (Missing validation check on CRL issuer name in Snapdragon 
Automobile, ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2017-18317 (Restrictions related to the modem (sim lock, sim kill) can be 
bypassed ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2017-18316 (Secure application can access QSEE kernel memory through 
Ontario ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2017-18315 (Buffer over-read vulnerabilities in an older version of ASN.1 
parser ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2017-18314 (In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, 
MDM9607, ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18313 (Under certain mode of operations, HLOS may be able get direct 
or ...)
@@ -22396,7 +22396,7 @@ CVE-2018-11998
 CVE-2018-11997
        RESERVED
 CVE-2018-11996 (When a malformed command is sent to the device programmer, an 
...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2018-11995 (In all android releases(Android for MSM, Firefox OS for MSM, 
QRD ...)
        TODO: check
 CVE-2018-11994 (SMMU secure camera logic allows secure camera controllers to 
access ...)
@@ -27502,7 +27502,7 @@ CVE-2018-10144
 CVE-2018-10143
        RESERVED
 CVE-2018-10142 (The Expedition Migration tool 1.0.106 and earlier may allow an 
...)
-       TODO: check
+       NOT-FOR-US: Expedition Migration
 CVE-2018-10141 (GlobalProtect Portal Login page in Palo Alto Networks PAN-OS 
before ...)
        NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2018-10140 (The PAN-OS Management Web Interface in Palo Alto Networks 
PAN-OS 8.1.2 ...)
@@ -36062,7 +36062,7 @@ CVE-2018-6985
 CVE-2018-6984
        RESERVED
 CVE-2018-6983 (VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) 
and ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2018-6982
        RESERVED
        NOT-FOR-US: VMware
@@ -38365,13 +38365,13 @@ CVE-2018-6268
 CVE-2018-6267
        RESERVED
 CVE-2018-6266 (NVIDIA GeForce Experience contains a vulnerability in all 
versions ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2018-6265 (NVIDIA GeForce Experience contains a vulnerability in all 
versions ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2018-6264
        RESERVED
 CVE-2018-6263 (NVIDIA GeForce Experience contains a vulnerability in all 
versions ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2018-6262 (NVIDIA GeForce Experience prior to 3.15 contains a 
vulnerability when ...)
        NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2018-6261 (NVIDIA GeForce Experience prior to 3.15 contains a 
vulnerability when ...)
@@ -40789,7 +40789,7 @@ CVE-2018-5561
 CVE-2018-5560
        RESERVED
 CVE-2018-5559 (In Rapid7 Komand version 0.41.0 and prior, certain endpoints 
that are ...)
-       TODO: check
+       NOT-FOR-US: Rapid7 Komand
 CVE-2018-5558
        RESERVED
 CVE-2018-5557



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe622d1c044bc8976381aea187d65f4b01c7f753

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe622d1c044bc8976381aea187d65f4b01c7f753
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to