Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8909e1c7 by Moritz Muehlenhoff at 2019-02-06T11:30:15Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2225,7 +2225,7 @@ CVE-2019-6506
CVE-2019-6505
RESERVED
CVE-2019-6504 (Insufficient output sanitization in the Automic Web Interface
(AWI), ...)
- TODO: check
+ NOT-FOR-US: CA Automic Workload Automation
CVE-2019-6503 (There is a deserialization vulnerability in Chatopera cosin
v3.10.0. An ...)
NOT-FOR-US: Chatopera cosin
CVE-2019-6502 (sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a
memory ...)
@@ -10381,11 +10381,11 @@ CVE-2018-20254
CVE-2018-20253
RESERVED
CVE-2018-20252 (There is an out-of-bounds writes vulnerability during parsing
of ...)
- TODO: check
+ NOT-FOR-US: WinRAR
CVE-2018-20251 (A validation function (in WinRAR code) is being called before
...)
- TODO: check
+ NOT-FOR-US: WinRAR
CVE-2018-20250 (By crafting the filename field of the ACE format, the
destination ...)
- TODO: check
+ NOT-FOR-US: WinRAR
CVE-2018-20249 (In Foxit Quick PDF Library (all versions prior to 16.12),
issue where ...)
NOT-FOR-US: Foxit Quick PDF Library
CVE-2018-20248 (In Foxit Quick PDF Library (all versions prior to 16.12),
issue where ...)
@@ -22122,9 +22122,9 @@ CVE-2018-18335 (Heap buffer overflow in Skia in Google
Chrome prior to 71.0.3578
{DSA-4352-1}
- chromium 71.0.3578.80-1
CVE-2018-18334 (A vulnerability in the Private Browser of Trend Micro Dr.
Safety for ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2018-18333 (A DLL hijacking vulnerability in Trend Micro Security 2019
(Consumer) ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2018-18332 (A Trend Micro OfficeScan XG weak file permissions
vulnerability may ...)
NOT-FOR-US: Trend Micro
CVE-2018-18331 (A Trend Micro OfficeScan XG weak file permissions
vulnerability on a ...)
@@ -61021,11 +61021,11 @@ CVE-2018-3993 (An exploitable use-after-free
vulnerability exists in the JavaScr
CVE-2018-3992 (An exploitable use-after-free vulnerability exists in the
JavaScript ...)
NOT-FOR-US: Foxit Software's PDF Reader
CVE-2018-3991 (An exploitable heap overflow vulnerability exists in the
WkbProgramLow ...)
- TODO: check
+ NOT-FOR-US: WibuKey
CVE-2018-3990 (An exploitable pool corruption vulnerability exists in the
0x8200E804 ...)
- TODO: check
+ NOT-FOR-US: WibuKey
CVE-2018-3989 (An exploitable kernel memory disclosure vulnerability exists in
the ...)
- TODO: check
+ NOT-FOR-US: WibuKey
CVE-2018-3988 (Signal Messenger for Android 4.24.8 may expose private
information ...)
NOT-FOR-US: Signal Messenger
CVE-2018-3987
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8909e1c74044ade6f42da721635aa1ad2bce911e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8909e1c74044ade6f42da721635aa1ad2bce911e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
