[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Fri, 07 Dec 2018 00:24:39 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
78806a41 by Salvatore Bonaccorso at 2018-12-07T08:23:54Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -817,19 +817,19 @@ CVE-2018-19929
 CVE-2018-19928
        RESERVED
 CVE-2018-19927 (Zenitel Norway IP-StationWeb before 4.2.3.9 allows stored XSS 
via the ...)
-       TODO: check
+       NOT-FOR-US: Zenitel Norway IP-StationWeb
 CVE-2018-19926 (Zenitel Norway IP-StationWeb before 4.2.3.9 allows reflected 
XSS via ...)
-       TODO: check
+       NOT-FOR-US: Zenitel Norway IP-StationWeb
 CVE-2018-19925 (An issue was discovered in Sales &amp; Company Management 
System (SCMS) ...)
-       TODO: check
+       NOT-FOR-US: Sales & Company Management System (SCMS)
 CVE-2018-19924 (An issue was discovered in Sales &amp; Company Management 
System (SCMS) ...)
-       TODO: check
+       NOT-FOR-US: Sales & Company Management System (SCMS)
 CVE-2018-19923 (An issue was discovered in Sales &amp; Company Management 
System (SCMS) ...)
-       TODO: check
+       NOT-FOR-US: Sales & Company Management System (SCMS)
 CVE-2018-19922 (Persistent Cross-Site Scripting (XSS) in the ...)
-       TODO: check
+       NOT-FOR-US: Actiontec C1000A router
 CVE-2018-19921 (Zoho ManageEngine OpManager 12.3 before 123237 has XSS in the 
domain ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2018-19920
        RESERVED
 CVE-2018-19919 (Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php 
...)
@@ -1499,7 +1499,7 @@ CVE-2018-19661 (An issue was discovered in libsndfile 
1.0.28. There is a buffer
 CVE-2018-19660 (An exploitable authenticated command-injection vulnerability 
exists in ...)
        TODO: check
 CVE-2018-19659 (An exploitable authenticated command-injection vulnerability 
exists in ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2018-19658
        RESERVED
 CVE-2018-19657
@@ -38337,11 +38337,11 @@ CVE-2018-6759 (The bfd_get_debug_link_info_1 function 
in opncls.c in the Binary
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22794
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=64e234d417d5685a4aec0edc618114d9991c031b
 CVE-2018-6757 (Privilege Escalation vulnerability in Microsoft Windows client 
in ...)
-       TODO: check
+       NOT-FOR-US: McAfee True Key
 CVE-2018-6756 (Authentication Abuse vulnerability in Microsoft Windows client 
in ...)
-       TODO: check
+       NOT-FOR-US: McAfee True Key
 CVE-2018-6755 (Weak Directory Permission&amp;#194;&amp;#32;Vulnerability in 
Microsoft Windows ...)
-       TODO: check
+       NOT-FOR-US: McAfee True Key
 CVE-2018-6754
        RESERVED
 CVE-2018-6753
@@ -52410,7 +52410,7 @@ CVE-2018-1937
 CVE-2018-1936
        RESERVED
 CVE-2018-1935 (IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated 
user to ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2018-1934
        RESERVED
 CVE-2018-1933
@@ -52538,7 +52538,7 @@ CVE-2018-1873
 CVE-2018-1872 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site 
scripting. ...)
        NOT-FOR-US: IBM
 CVE-2018-1871 (IBM Financial Transaction Manager for Digital Payments for ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2018-1870
        RESERVED
 CVE-2018-1869
@@ -53230,7 +53230,7 @@ CVE-2018-1527
 CVE-2018-1526
        RESERVED
 CVE-2018-1525 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote 
attacker ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2018-1524 (IBM Maximo Asset Management 7.6 through 7.6.3 installs with a 
default ...)
        NOT-FOR-US: IBM
 CVE-2018-1523 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 
6.0.5 ...)
@@ -53270,9 +53270,9 @@ CVE-2018-1507 (IBM DOORS Next Generation (DNG/RRC) 
6.0.5 is vulnerable to cross-
 CVE-2018-1506
        RESERVED
 CVE-2018-1505 (IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be 
stored ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2018-1504 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote 
attacker ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2018-1503 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely ...)
        NOT-FOR-US: IBM
 CVE-2018-1502 (IBM Content Manager Enterprise Edition Resource Manager 8.4.3 
and 9.5 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/78806a41f0b12136cb2ebb92ceff13027ee82312

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/78806a41f0b12136cb2ebb92ceff13027ee82312
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to