Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
07967eb6 by Salvatore Bonaccorso at 2018-12-13T20:15:42Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36723,9 +36723,9 @@ CVE-2018-7693
CVE-2018-7692 (Unvalidated redirect vulnerability in in NetIQ eDirectory
before 9.1.1 ...)
NOT-FOR-US: NetIQ eDirectory
CVE-2018-7691 (A potential Remote Unauthorized Access in Micro Focus Fortify
Software ...)
- TODO: check
+ NOT-FOR-US: Micro Focus
CVE-2018-7690 (A potential Remote Unauthorized Access in Micro Focus Fortify
Software ...)
- TODO: check
+ NOT-FOR-US: Micro Focus
CVE-2018-7689 (Lack of permission checks in the InitializeDevelPackage
function in ...)
- open-build-service <unfixed> (low; bug #903797)
[stretch] - open-build-service <no-dsa> (Minor issue)
@@ -53837,7 +53837,7 @@ CVE-2018-1928 (IBM StoredIQ 7.6.0 does not implement
proper authorization of use
CVE-2018-1927 (IBM StoredIQ 7.6 is vulnerable to cross-site request forgery
which ...)
NOT-FOR-US: IBM
CVE-2018-1926 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin
Console ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1925
RESERVED
CVE-2018-1924
@@ -53887,7 +53887,7 @@ CVE-2018-1903
CVE-2018-1902
RESERVED
CVE-2018-1901 (IBM WebSphere Application Server 8.5 and 9.0 could allow a
remote ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1900 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1,
and ...)
NOT-FOR-US: IBM
CVE-2018-1899
@@ -53915,9 +53915,9 @@ CVE-2018-1889
CVE-2018-1888
RESERVED
CVE-2018-1887 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0,
9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1886 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0,
9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1885
RESERVED
CVE-2018-1884 (IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0,
and ...)
@@ -54047,23 +54047,23 @@ CVE-2018-1823
CVE-2018-1822 (IBM FlashSystem 900 product GUI allows a specially crafted
attack to ...)
NOT-FOR-US: IBM
CVE-2018-1821 (IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9
is ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1820 (IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to
cross-site ...)
NOT-FOR-US: IBM
CVE-2018-1819 (IBM Financial Transaction Manager for Digital Payments for ...)
NOT-FOR-US: IBM
CVE-2018-1818 (IBM Security Guardium 10 and 10.5 contains hard-coded
credentials, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1817 (IBM Security Guardium 10 and 10.5 is vulnerable to cross-site
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1816
RESERVED
CVE-2018-1815 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0,
9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1814 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0,
9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1813 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0,
9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1812 (IBM Robotic Process Automation with Automation Anywhere
Enterprise 10 ...)
NOT-FOR-US: IBM
CVE-2018-1811
@@ -54079,11 +54079,11 @@ CVE-2018-1807
CVE-2018-1806
RESERVED
CVE-2018-1805 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0,
9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1804 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0,
9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1803 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0,
9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1802 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 9.7, ...)
NOT-FOR-US: IBM
CVE-2018-1801
@@ -54209,7 +54209,7 @@ CVE-2018-1742 (IBM Tivoli Key Lifecycle Manager 2.6,
2.7, and 3.0 contains hard-
CVE-2018-1741 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 does not
properly ...)
NOT-FOR-US: IBM
CVE-2018-1740 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0,
9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1739
RESERVED
CVE-2018-1738 (IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0 could allow an
...)
@@ -54355,11 +54355,11 @@ CVE-2018-1669 (IBM DataPower Gateway 7.1.0.0 -
7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5
CVE-2018-1668
RESERVED
CVE-2018-1667 (IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1666
RESERVED
CVE-2018-1665 (IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1664 (IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21,
7.5.0.0 ...)
NOT-FOR-US: IBM
CVE-2018-1663 (IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, 7.6, and 2018.4 could
allow ...)
@@ -54383,7 +54383,7 @@ CVE-2018-1655 (IBM AIX 5.3, 6.1, 7.1, and 7.2 contains
a vulnerability in the rm
CVE-2018-1654 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1,
and ...)
NOT-FOR-US: IBM
CVE-2018-1653 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0,
9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1652 (IBM DataPower Gateway 7.1.0.0 through 7.1.0.19, 7.2.0.0 through
...)
NOT-FOR-US: IBM
CVE-2018-1651
@@ -54719,29 +54719,29 @@ CVE-2018-1487 (IBM DB2 for Linux, UNIX and Windows
(includes DB2 Connect Server)
CVE-2018-1486
RESERVED
CVE-2018-1485 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9
does ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1484 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9
does ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1483 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site
...)
NOT-FOR-US: IBM WebSphere Portal
CVE-2018-1482
RESERVED
CVE-2018-1481 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9
stores ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1480 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9
does ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1479 (IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site
request ...)
NOT-FOR-US: IBM
CVE-2018-1478 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9
could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1477
RESERVED
CVE-2018-1476 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9
...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1475 (IBM BigFix Platform 9.2 and 9.5 uses an inadequate account
lockout ...)
NOT-FOR-US: IBM
CVE-2018-1474 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9
is ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1473 (IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site
scripting. ...)
NOT-FOR-US: IBM
CVE-2018-1472
@@ -107434,7 +107434,7 @@ CVE-2017-1270 (IBM Security Guardium 10.0 does not
renew a session variable afte
CVE-2017-1269 (IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL
injection. A ...)
NOT-FOR-US: IBM
CVE-2017-1268 (IBM Security Guardium 10 and 10.5 uses a one-way cryptographic
hash ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1267 (IBM Security Guardium 10.0 and 10.1 processes patches, image
backups ...)
NOT-FOR-US: IBM
CVE-2017-1266 (IBM Security Guardium 10.0 specifies permissions for a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/07967eb69a22e71523a1e7f781d46940de758475
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/07967eb69a22e71523a1e7f781d46940de758475
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
