Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
87c17879 by Salvatore Bonaccorso at 2018-12-24T08:36:16Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24,19 +24,19 @@ CVE-2018-20425 (libming 0.4.8 has a NULL pointer
dereference in the pushdup func
- ming <removed>
NOTE: https://github.com/libming/libming/issues/163
CVE-2018-20424 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows
remote ...)
- TODO: check
+ NOT-FOR-US: DiscuzX
CVE-2018-20423 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows
remote ...)
- TODO: check
+ NOT-FOR-US: DiscuzX
CVE-2018-20422 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows
remote ...)
- TODO: check
+ NOT-FOR-US: DiscuzX
CVE-2018-20421 (Go Ethereum (aka geth) 1.8.19 allows attackers to cause a
denial of ...)
TODO: check
CVE-2018-20420 (In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect
Access ...)
- TODO: check
+ NOT-FOR-US: webERP
CVE-2018-20419 (DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF
to add an ...)
- TODO: check
+ NOT-FOR-US: DouCo DouPHP
CVE-2018-20418 (index.php?p=admin/actions/entries/save-entry in Craft CMS
3.0.25 allows ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2018-20417
RESERVED
CVE-2018-20416
@@ -52,69 +52,69 @@ CVE-2018-20412
CVE-2018-20411
RESERVED
CVE-2018-20410 (WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based
buffer ...)
- TODO: check
+ NOT-FOR-US: WellinTech KingSCADA
CVE-2018-20409 (An issue was discovered in Bento4 1.5.1-627. There is a
heap-based ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2018-20408 (An issue was discovered in Bento4 1.5.1-627. There is a memory
leak in ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2018-20407 (An issue was discovered in Bento4 1.5.1-627. There is a memory
leak in ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer
overflow via a ...)
TODO: check
CVE-2018-20405 (BigTree 4.3 allows full path disclosure via authenticated
admin/news/ ...)
- TODO: check
+ NOT-FOR-US: BigTree CMS
CVE-2018-20404
RESERVED
CVE-2018-20403
RESERVED
CVE-2018-20402 (Safe Software FME Server through 2018.1 creates and enables
three ...)
- TODO: check
+ NOT-FOR-US: Safe Software FME Server
CVE-2018-20401 (Zoom 5352 v5.5.8.6Y devices allow remote attackers to discover
...)
- TODO: check
+ NOT-FOR-US: Zoom 5352 v5.5.8.6Y devices
CVE-2018-20400 (Ubee DVW2108 6.28.1017 and DVW2110 6.28.2012 devices allow
remote ...)
- TODO: check
+ NOT-FOR-US: Ubee devices
CVE-2018-20399 (Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2018-20398 (Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511
4.1.0.14, ...)
- TODO: check
+ NOT-FOR-US: Skyworth devices
CVE-2018-20397 (mplus CBC383Z CBC383Z_mplus_MDr026 devices allow remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: mplus devices
CVE-2018-20396 (NET&SYS MNG2120J 5.76.1006c and MNG6300 5.83.6305jrc2
devices allow ...)
- TODO: check
+ NOT-FOR-US: NET&SYS devices
CVE-2018-20395 (NETWAVE MNG6200 C4835805jrc12FU121413.cpr devices allow remote
...)
- TODO: check
+ NOT-FOR-US: NETWAVE devices
CVE-2018-20394 (Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855
ST80.20.26, and ...)
- TODO: check
+ NOT-FOR-US: Thomson devices
CVE-2018-20393 (Technicolor CGA0111
CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, ...)
- TODO: check
+ NOT-FOR-US: Technicolor devices
CVE-2018-20392 (S-A WebSTAR DPC2100 v2.0.2r1256-060303 devices allow remote
attackers ...)
- TODO: check
+ NOT-FOR-US: S-A WebSTAR devices
CVE-2018-20391 (TEKNOTEL CBW700N 81.447.392110.729.024 devices allow remote
attackers ...)
- TODO: check
+ NOT-FOR-US: TEKNOTEL devices
CVE-2018-20390 (Kaonmedia CG2001-AN22A 1.2.1, CG2001-UDBNA 3.0.8, and
CG2001-UN2NA ...)
- TODO: check
+ NOT-FOR-US: Kaonmedia devices
CVE-2018-20389 (D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2018-20388 (Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005
devices ...)
- TODO: check
+ NOT-FOR-US: Comtrend devices
CVE-2018-20387 (Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16
devices ...)
- TODO: check
+ NOT-FOR-US: Bnmux devices
CVE-2018-20386 (ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices
allow remote ...)
- TODO: check
+ NOT-FOR-US: ARRIS devices
CVE-2018-20385 (CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT
...)
- TODO: check
+ NOT-FOR-US: CastleNet devices
CVE-2018-20384 (iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and
IB-8120-W21E1 ...)
- TODO: check
+ NOT-FOR-US: iNovo devices
CVE-2018-20383 (ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow
remote ...)
- TODO: check
+ NOT-FOR-US: ARRIS devices
CVE-2018-20382 (Jiuzhou BCM93383WRG 139.4410mp1.3921132mp1.899.004404.004
devices allow ...)
- TODO: check
+ NOT-FOR-US: Jiuzhou devices
CVE-2018-20381 (Technicolor DPC2320 dpc2300r2-v202r1244101-150420a-v6 devices
allow ...)
- TODO: check
+ NOT-FOR-US: Technicolor devices
CVE-2018-20380 (Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926
4.64.1012, and ...)
- TODO: check
+ NOT-FOR-US: Ambit devices
CVE-2018-20379 (Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a
devices ...)
- TODO: check
+ NOT-FOR-US: Technicolor devices
CVE-2018-20378
RESERVED
CVE-2018-20377 (Orange Livebox 00.96.320S devices allow remote attackers to
discover ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/87c17879f385880f933b064b90d70e8b883c8376
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/87c17879f385880f933b064b90d70e8b883c8376
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
