[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Fri, 21 Dec 2018 08:12:00 -0800

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0dbf1bc0 by Moritz Muehlenhoff at 2018-12-21T16:11:20Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -232,9 +232,9 @@ CVE-2018-20304 (wbook_addworksheet in workbook.c in 
libexcel.a in libexcel 0.01
 CVE-2018-20303 (In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory 
traversal ...)
        NOT-FOR-US: Go Git Service
 CVE-2018-20302 (An XSS issue was discovered in Steve Pallen Xain before 0.6.2 
via the ...)
-       TODO: check
+       NOT-FOR-US: Steve Pallen Xain
 CVE-2018-20301 (An issue was discovered in Steve Pallen Coherence before 0.5.2 
that is ...)
-       TODO: check
+       NOT-FOR-US: Steve Pallen Coherence
 CVE-2018-20300 (Empire CMS 7.5 allows remote attackers to execute arbitrary 
PHP code ...)
        NOT-FOR-US: Empire CMS
 CVE-2018-20299 (An issue was discovered in several Bosch Smart Home cameras 
(360 degree ...)
@@ -7762,11 +7762,11 @@ CVE-2018-19600
 CVE-2018-19599
        RESERVED
 CVE-2018-19598 (Statamic 2.10.3 allows XSS via First Name or Last Name to the 
/users ...)
-       TODO: check
+       NOT-FOR-US: Statamic
 CVE-2018-19597 (CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, 
a ...)
-       TODO: check
+       NOT-FOR-US: CMS Made Simple
 CVE-2018-19596 (Zurmo 3.2.4 allows HTML Injection via an admin's use of HTML 
in the ...)
-       TODO: check
+       NOT-FOR-US: Zurmo
 CVE-2018-19595 (PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to 
execute ...)
        NOT-FOR-US: PbootCMS
 CVE-2018-19594
@@ -8603,11 +8603,11 @@ CVE-2018-19510
 CVE-2018-19509
        RESERVED
 CVE-2018-19508 (CMSimple 4.7.5 has XSS via an admin's upload of an SVG file at 
a ...)
-       TODO: check
+       NOT-FOR-US: CMSimple 
 CVE-2018-19507 (CMSimple 4.7.5 has XSS via an admin's use of a ...)
-       TODO: check
+       NOT-FOR-US: CMSimple 
 CVE-2018-19506 (Zurmo 3.2.4 has XSS via an admin's use of the name parameter 
in the ...)
-       TODO: check
+       NOT-FOR-US: Zurmo
 CVE-2018-19505
        RESERVED
 CVE-2018-19504 (An issue was discovered in Freeware Advanced Audio Decoder 2 
(FAAD2) ...)
@@ -9597,13 +9597,13 @@ CVE-2018-19244 (An XML External Entity (XXE) 
vulnerability exists in the Charles
 CVE-2018-19243
        RESERVED
 CVE-2018-19242 (Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 
and ...)
-       TODO: check
+       NOT-FOR-US: TRENDnet
 CVE-2018-19241 (Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 
build 68, ...)
-       TODO: check
+       NOT-FOR-US: TRENDnet
 CVE-2018-19240 (Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 
build 68, ...)
-       TODO: check
+       NOT-FOR-US: TRENDnet
 CVE-2018-19239 (TRENDnet TEW-673GRU v1.00b40 devices have an OS command 
injection ...)
-       TODO: check
+       NOT-FOR-US: TRENDnet
 CVE-2018-19238
        RESERVED
 CVE-2018-19237
@@ -9613,9 +9613,9 @@ CVE-2018-19236
 CVE-2018-19235
        RESERVED
 CVE-2018-19234 (The Miss Marple Updater Service in COMPAREX Miss Marple 
Enterprise ...)
-       TODO: check
+       NOT-FOR-US: Miss Marple Enterprise
 CVE-2018-19233 (COMPAREX Miss Marple Enterprise Edition before 2.0 allows 
local users ...)
-       TODO: check
+       NOT-FOR-US: Miss Marple Enterprise
 CVE-2018-19232
        RESERVED
 CVE-2018-19231
@@ -10491,7 +10491,7 @@ CVE-2018-18873 (An issue was discovered in JasPer 
2.0.14. There is a NULL pointe
 CVE-2018-18872
        RESERVED
 CVE-2018-18871 (Missing password verification in the web interface on Gigaset 
Maxwell ...)
-       TODO: check
+       NOT-FOR-US: Gigaset
 CVE-2018-18870
        RESERVED
 CVE-2018-18869 (EmpireCMS V7.5 allows remote attackers to upload and execute 
arbitrary ...)
@@ -10633,7 +10633,7 @@ CVE-2018-18812
 CVE-2018-18811
        RESERVED
 CVE-2018-18810 (The Administrator Service component of TIBCO Software Inc.'s 
TIBCO ...)
-       TODO: check
+       NOT-FOR-US: TIBCO
 CVE-2018-18809
        RESERVED
 CVE-2018-18808
@@ -10733,7 +10733,7 @@ CVE-2018-18769
 CVE-2018-18768
        RESERVED
 CVE-2018-18767 (An issue was discovered in D-Link 'myDlink Baby App' version 
2.04.06. ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2018-18766
        RESERVED
 CVE-2018-18765 (An exploitable arbitrary memory read vulnerability exists in 
the MQTT ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0dbf1bc0fe61c4d8c5636370b5f1b47beff79014

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0dbf1bc0fe61c4d8c5636370b5f1b47beff79014
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to