[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Mon, 18 Mar 2019 09:11:55 -0700

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9435a2f5 by Moritz Muehlenhoff at 2019-03-18T16:11:12Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,9 +3,9 @@ CVE-2019-9846 (RockOA 1.8.7 allows remote attackers to obtain 
sensitive informat
 CVE-2019-9845
        RESERVED
 CVE-2019-9844 (simple-markdown.js in Khan Academy simple-markdown before 0.4.4 
allows ...)
-       TODO: check
+       NOT-FOR-US: Khan Academy simple-markdown
 CVE-2019-9843 (In DiffPlug Spotless before 1.20.0 (library and Maven plugin) 
and ...)
-       TODO: check
+       NOT-FOR-US: DiffPlug Spotless
 CVE-2019-9842
        RESERVED
 CVE-2019-9841
@@ -6281,7 +6281,7 @@ CVE-2019-7225
 CVE-2019-7224
        RESERVED
 CVE-2019-7223 (InvoicePlane 1.5 has stored XSS via the 
index.php/invoices/ajax/save ...)
-       TODO: check
+       NOT-FOR-US: InvoicePlane
 CVE-2019-7222 [KVM: x86: work around leak of uninitialized stack contents]
        RESERVED
        - linux 4.19.20-1
@@ -8917,7 +8917,7 @@ CVE-2019-6151
 CVE-2019-6150
        RESERVED
 CVE-2019-6149 (An unquoted search path vulnerability was identified in Lenovo 
Dynamic ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2019-6148
        RESERVED
 CVE-2019-6147
@@ -10297,7 +10297,7 @@ CVE-2019-5618
 CVE-2019-5617
        RESERVED
 CVE-2019-5616 (CircuitWerkes Sicon-8, a hardware device used for managing 
electrical ...)
-       TODO: check
+       NOT-FOR-US: CircuitWerkes Sicon-8
 CVE-2019-5615
        RESERVED
 CVE-2019-5614
@@ -18784,7 +18784,7 @@ CVE-2018-20108
 CVE-2018-20107
        REJECTED
 CVE-2018-20106 (In yast2-printer up to and including version 4.0.2 the SMB 
printer ...)
-       TODO: check
+       NOT-FOR-US: yast2-printer
 CVE-2018-20105
        RESERVED
 CVE-2018-20104
@@ -23763,7 +23763,7 @@ CVE-2019-0615 (An information disclosure vulnerability 
exists when the Windows G
 CVE-2019-0614
        RESERVED
 CVE-2019-0613 (A remote code execution vulnerability exists in .NET Framework 
and ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2019-0612
        RESERVED
 CVE-2019-0611
@@ -25139,13 +25139,13 @@ CVE-2018-19395 (ext/standard/var.c in PHP 5.x through 
7.1.24 on Windows allows .
        - php5 <not-affected> (Windows-specific)
        NOTE: https://bugs.php.net/bug.php?id=77177
 CVE-2018-19394 (Cobham Satcom Sailor 800 and 900 devices contained persistent 
XSS, ...)
-       TODO: check
+       NOT-FOR-US: Cobham Satcom Sailor
 CVE-2018-19393 (Cobham Satcom Sailor 800 and 900 devices contained a 
vulnerability that ...)
-       TODO: check
+       NOT-FOR-US: Cobham Satcom Sailor
 CVE-2018-19392 (Cobham Satcom Sailor 250 and 500 devices before 1.25 contained 
an ...)
-       TODO: check
+       NOT-FOR-US: Cobham Satcom Sailor
 CVE-2018-19391 (Cobham Satcom Sailor 250 and 500 devices before 1.25 contained 
...)
-       TODO: check
+       NOT-FOR-US: Cobham Satcom Sailor
 CVE-2018-19390 (FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote 
attackers to ...)
        NOT-FOR-US: Foxit
 CVE-2018-19389 (FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote 
attackers to ...)
@@ -25669,7 +25669,7 @@ CVE-2019-0137
 CVE-2019-0136
        RESERVED
 CVE-2019-0135 (Improper permissions in the installer for Intel(R) Accelerated 
Storage ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2019-0134
        RESERVED
 CVE-2019-0133
@@ -25695,9 +25695,9 @@ CVE-2019-0124
 CVE-2019-0123
        RESERVED
 CVE-2019-0122 (Double free in Intel(R) SGX SDK for Linux before version 2.2 
and ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2019-0121 (Improper permissions in Intel(R) Matrix Storage Manager 
8.9.0.1023 and ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2019-0120
        RESERVED
 CVE-2019-0119
@@ -28361,15 +28361,15 @@ CVE-2018-18258 (An issue was discovered in BageCMS 
3.1.3. The attacker can execu
 CVE-2018-18257 (An issue was discovered in BageCMS 3.1.3. An attacker can 
delete any ...)
        NOT-FOR-US: BageCMS
 CVE-2018-18256 (An issue was discovered in CapMon Access Manager 5.4.1.1005. A 
regular ...)
-       TODO: check
+       NOT-FOR-US: CapMon Access Manager
 CVE-2018-18255 (An issue was discovered in CapMon Access Manager 5.4.1.1005. 
The ...)
-       TODO: check
+       NOT-FOR-US: CapMon Access Manager
 CVE-2018-18254 (An issue was discovered in CapMon Access Manager 5.4.1.1005. 
An ...)
-       TODO: check
+       NOT-FOR-US: CapMon Access Manager
 CVE-2018-18253 (An issue was discovered in CapMon Access Manager 5.4.1.1005. 
...)
-       TODO: check
+       NOT-FOR-US: CapMon Access Manager
 CVE-2018-18252 (An issue was discovered in CapMon Access Manager 5.4.1.1005. 
...)
-       TODO: check
+       NOT-FOR-US: CapMon Access Manager
 CVE-2018-18251
        RESERVED
 CVE-2019-0085
@@ -28664,7 +28664,7 @@ CVE-2018-18207 (Virtualmin 6.03 allows Frame Injection 
via the settings-editor_r
 CVE-2018-18206 (In the client in Bytom before 1.0.6, checkTopicRegister in ...)
        NOT-FOR-US: Bytom
 CVE-2018-18205 (Topvision CC8800 CMTS C-E devices allow remote attackers to 
obtain ...)
-       TODO: check
+       NOT-FOR-US: Topvision CC8800 CMTS C-E devices
 CVE-2018-18204
        RESERVED
 CVE-2018-18203 (A vulnerability in the update mechanism of Subaru StarLink 
Harman head ...)
@@ -28898,11 +28898,11 @@ CVE-2018-18093 (Improper file permissions in the 
installer for Intel VTune Ampli
 CVE-2018-18092
        RESERVED
 CVE-2018-18091 (Use after free in Kernel Mode Driver in Intel(R) Graphics 
Driver for ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2018-18090 (Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver 
for ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2018-18089 (Multiple out of bounds read in igdkm64.sys in Intel(R) 
Graphics Driver ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2018-18088 (OpenJPEG 2.3.0 has a NULL pointer dereference for 
&quot;red&quot; in the ...)
        {DSA-4405-1 DLA-1579-1}
        - openjpeg2 2.3.0-2 (low; bug #910763)
@@ -29308,9 +29308,9 @@ CVE-2018-17958 (Qemu has a Buffer Overflow in 
rtl8139_do_receive in hw/net/rtl81
 CVE-2018-17957 (The YaST2 RMT module for configuring the SUSE Repository 
Mirroring ...)
        NOT-FOR-US: YaST2 RMT module
 CVE-2018-17956 (In yast2-samba-provision up to and including version 1.0.1 the 
...)
-       TODO: check
+       NOT-FOR-US: yast2-samba-provision
 CVE-2018-17955 (In yast2-multipath before version 4.1.1 a static temporary 
filename ...)
-       TODO: check
+       NOT-FOR-US: yast2-multipath
 CVE-2018-17954
        RESERVED
 CVE-2018-17953 (A incorrect variable in a SUSE specific patch for pam_access 
rule ...)
@@ -29479,7 +29479,7 @@ CVE-2018-18021 (arch/arm64/kvm/guest.c in KVM in the 
Linux kernel before 4.18.12
 CVE-2018-17884 (XSS exists in admin/gb-dashboard-widget.php in the Gwolle 
Guestbook ...)
        NOT-FOR-US: WordPress plugin gwolle-gb
 CVE-2018-17882 (An Integer overflow vulnerability exists in the batchTransfer 
function ...)
-       TODO: check
+       NOT-FOR-US: CryptoBotsBattle
 CVE-2018-17881 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead 
configuration ...)
        NOT-FOR-US: D-Link DIR-823G 2018-09-19 devices
 CVE-2018-17880 (On D-Link DIR-823G 2018-09-19 devices, the GoAhead 
configuration ...)
@@ -35616,9 +35616,9 @@ CVE-2018-15511
 CVE-2018-15510
        RESERVED
 CVE-2018-15509 (Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control 
(issue 2 ...)
-       TODO: check
+       NOT-FOR-US: Five9 Agent Desktop Plus
 CVE-2018-15508 (Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control 
allowing ...)
-       TODO: check
+       NOT-FOR-US: Five9 Agent Desktop Plus
 CVE-2018-15507
        RESERVED
 CVE-2018-15506
@@ -44182,13 +44182,13 @@ CVE-2018-12225
 CVE-2018-12224 (Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for 
Windows* ...)
        NOT-FOR-US: Intel
 CVE-2018-12223 (Insufficient access control in User Mode Driver in Intel(R) 
Graphics ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2018-12222 (Insufficient input validation in Kernel Mode Driver in 
Intel(R) ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2018-12221 (Insufficient input validation in Kernel Mode Driver in 
Intel(R) ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2018-12220 (Logic bug in Kernel Mode Driver in Intel(R) Graphics Driver 
for ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2018-12219 (Insufficient input validation in Kernel Mode Driver in 
Intel(R) ...)
        TODO: check
 CVE-2018-12218 (Unhandled exception in User Mode Driver in Intel(R) Graphics 
Driver ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9435a2f5daa0368bd9a7d57b69d8f1c537f7e1df

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9435a2f5daa0368bd9a7d57b69d8f1c537f7e1df
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to