Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7bfdbac0 by Salvatore Bonaccorso at 2018-01-30T22:28:33+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -11,13 +11,13 @@ CVE-2018-6400 CVE-2018-6399 RESERVED CVE-2018-6398 (SQL Injection exists in the CP Event Calendar 3.0.1 component for ...) - TODO: check + NOT-FOR-US: CP Event Calendar component for Joomla! CVE-2018-6397 (Directory Traversal exists in the Picture Calendar 3.1.4 component for ...) - TODO: check + NOT-FOR-US: Picture Calendar component for Joomla! CVE-2018-6396 RESERVED CVE-2018-6395 (SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! ...) - TODO: check + NOT-FOR-US: Visual Calendar component for Joomla! CVE-2018-6394 RESERVED CVE-2018-6393 (FreePBX 10.13.66-32bit allows post-authentication SQL injection via the ...) @@ -51,15 +51,15 @@ CVE-2018-6381 (In ZZIPlib 0.13.67, there is a segmentation fault caused by inval [wheezy] - zziplib <ignored> (Minor issue) NOTE: https://github.com/gdraheim/zziplib/issues/12 CVE-2018-6380 (In Joomla! before 3.8.4, lack of escaping in the module chromes leads ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2018-6379 (In Joomla! before 3.8.4, inadequate input filtering in the Uri class ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2018-6378 RESERVED CVE-2018-6377 (In Joomla! before 3.8.4, inadequate input filtering in com_fields leads ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2018-6376 (In Joomla! before 3.8.4, the lack of type casting of a variable in a ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2018-1000029 RESERVED CVE-2018-1000026 @@ -145,7 +145,7 @@ CVE-2018-6357 (The acx_asmw_saveorder_callback function in function.php in the . CVE-2018-6356 RESERVED CVE-2018-6355 (/goform/setLang on iBall 300M devices with "iB-WRB302N_1.0.1-Sep 8 ...) - TODO: check + NOT-FOR-US: iBall 300M devices CVE-2018-6354 (templates/forms/thanks.html in Formspree before 2018-01-23 allows XSS ...) NOT-FOR-US: Formspree CVE-2018-6353 (The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 ...) @@ -2414,7 +2414,7 @@ CVE-2018-5443 (A SQL Injection issue was discovered in Advantech WebAccess/SCADA CVE-2018-5442 RESERVED CVE-2018-5441 (An Improper Validation of Integrity Check Value issue was discovered in ...) - TODO: check + NOT-FOR-US: PHOENIX CONTACT mGuard firmware CVE-2018-5440 RESERVED CVE-2018-5439 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7bfdbac054b99b302a60acd2f2884e0e818ee61f --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7bfdbac054b99b302a60acd2f2884e0e818ee61f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits