[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Wed, 31 Jan 2018 13:20:23 -0800

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
23db7d7a by Salvatore Bonaccorso at 2018-01-31T22:19:43+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,23 +1,23 @@
 CVE-2018-6480 (A type confusion issue was discovered in CCN-lite 2, leading to 
a ...)
-       TODO: check
+       NOT-FOR-US: CCN-lite 2
 CVE-2018-6479 (An issue was discovered on Netwave IP Camera devices. An ...)
-       TODO: check
+       NOT-FOR-US: Netwave IP Camera devices
 CVE-2018-6478
        RESERVED
 CVE-2018-6477
        RESERVED
 CVE-2018-6476 (In SUPERAntiSpyware Professional Trial 6.0.1254, the 
SASKUTIL.SYS ...)
-       TODO: check
+       NOT-FOR-US: SUPERAntiSpyware Professional Trial
 CVE-2018-6475 (In SUPERAntiSpyware Professional Trial 6.0.1254, 
SUPERAntiSpyware.exe ...)
-       TODO: check
+       NOT-FOR-US: SUPERAntiSpyware Professional Trial
 CVE-2018-6474 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver 
file ...)
-       TODO: check
+       NOT-FOR-US: SUPERAntiSpyware Professional Trial
 CVE-2018-6473 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver 
file ...)
-       TODO: check
+       NOT-FOR-US: SUPERAntiSpyware Professional Trial
 CVE-2018-6472 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver 
file ...)
-       TODO: check
+       NOT-FOR-US: SUPERAntiSpyware Professional Trial
 CVE-2018-6471 (In SUPERAntiSpyware Professional Trial 6.0.1254, the driver 
file ...)
-       TODO: check
+       NOT-FOR-US: SUPERAntiSpyware Professional Trial
 CVE-2018-6470
        RESERVED
 CVE-2018-6469
@@ -29,7 +29,7 @@ CVE-2018-6467
 CVE-2018-6466
        RESERVED
 CVE-2018-6465 (The PropertyHive plugin before 1.4.15 for WordPress has XSS via 
the ...)
-       TODO: check
+       NOT-FOR-US: PropertyHive plugin for WordPress
 CVE-2018-6464 (Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert 
in a ...)
        TODO: check
 CVE-2018-6463
@@ -199,7 +199,7 @@ CVE-2018-6386
 CVE-2018-6385
        RESERVED
 CVE-2018-6384 (Unquoted Windows search path vulnerability in NSClient++ before 
...)
-       TODO: check
+       NOT-FOR-US: NSClient++
 CVE-2018-6383 (Monstra CMS through 3.0.4 has an incomplete &quot;forbidden 
types&quot; list that ...)
        NOT-FOR-US: Monstra CMS
 CVE-2018-6382 (MantisBT 2.10.0 allows local users to conduct SQL Injection 
attacks via ...)
@@ -2010,7 +2010,7 @@ CVE-2018-5703 (The tcp_v6_syn_recv_sock function in 
net/ipv6/tcp_ipv6.c in the L
 CVE-2017-18032 (The download-manager plugin before 2.9.52 for WordPress has 
XSS via the ...)
        NOT-FOR-US: download-manager plugin for WordPress
 CVE-2018-5701 (In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the 
amp.sys ...)
-       TODO: check
+       NOT-FOR-US: Iolo System Shield AntiVirus and AntiSpyware
 CVE-2018-5700 (Winmail Server through 6.2 allows remote code execution by ...)
        NOT-FOR-US: Winmail Server
 CVE-2018-5699
@@ -16739,7 +16739,7 @@ CVE-2018-0138
 CVE-2018-0137
        RESERVED
 CVE-2018-0136 (A vulnerability in the IPv6 subsystem of Cisco IOS XR Software 
Release ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0135
        RESERVED
 CVE-2018-0134
@@ -16809,7 +16809,7 @@ CVE-2018-0103 (A Buffer Overflow vulnerability in Cisco 
WebEx Network Recording 
 CVE-2018-0102 (A vulnerability in the Pong tool of Cisco NX-OS Software could 
allow an ...)
        NOT-FOR-US: Cisco
 CVE-2018-0101 (A vulnerability in the Secure Sockets Layer (SSL) VPN 
functionality of ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2018-0100 (A vulnerability in the Profile Editor of the Cisco AnyConnect 
Secure ...)
        NOT-FOR-US: Cisco
 CVE-2018-0099 (A vulnerability in the web management GUI of the Cisco D9800 
Network ...)
@@ -16943,7 +16943,7 @@ CVE-2017-16947
 CVE-2017-16946 (The admin_edit function in app/Controller/UsersController.php 
in MISP ...)
        NOT-FOR-US: MISP
 CVE-2017-16945 (The standardrestorer binary in Arq 5.10 and earlier for Mac 
allows ...)
-       TODO: check
+       NOT-FOR-US: standardrestorer binary in Arq
 CVE-2017-16942 (In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error 
exists ...)
        - libsndfile 1.0.27-1
        [jessie] - libsndfile <no-dsa> (Minor issue)
@@ -17024,7 +17024,7 @@ CVE-2017-16930 (The remote management interface on the 
Claymore Dual GPU miner 1
 CVE-2017-16929 (The remote management interface on the Claymore Dual GPU miner 
10.1 is ...)
        NOT-FOR-US: Claymore's Dual Ethereum+Decred AMD+NVIDIA GPU Miner
 CVE-2017-16928 (The arq_updater binary in Arq 5.10 and earlier for Mac allows 
local ...)
-       TODO: check
+       NOT-FOR-US: arq_updater binary in Arq
 CVE-2017-16927 (The scp_v0s_accept function in sesman/libscp/libscp_v0.c in 
the session ...)
        {DLA-1203-1}
        - xrdp 0.9.4-3 (bug #882463)
@@ -17656,7 +17656,7 @@ CVE-2017-16860
 CVE-2017-16859
        RESERVED
 CVE-2017-16858 (The 'crowd-application' plugin module (notably used by the 
Google Apps ...)
-       TODO: check
+       NOT-FOR-US: 'crowd-application' plugin module in Atlassian Crowd
 CVE-2017-16857 (It is possible to bypass the bitbucket auto-unapprove plugin 
via ...)
        NOT-FOR-US: Atlassian
 CVE-2017-16856 (The RSS Feed macro in Atlassian Confluence before version 
6.5.2 allows ...)
@@ -21043,13 +21043,13 @@ CVE-2017-15658
 CVE-2017-15657
        RESERVED
 CVE-2017-15656 (Password are stored in plaintext in nvram in the HTTPd server 
in all ...)
-       TODO: check
+       NOT-FOR-US: HTTPd server in Asus asuswrt
 CVE-2017-15655 (Multiple buffer overflow vulnerabilities exist in the HTTPd 
server in ...)
-       TODO: check
+       NOT-FOR-US: HTTPd server in Asus asuswrt
 CVE-2017-15654 (Highly predictable session tokens in the HTTPd server in all 
current ...)
-       TODO: check
+       NOT-FOR-US: HTTPd server in Asus asuswrt
 CVE-2017-15653 (Improper administrator IP validation after his login in the 
HTTPd ...)
-       TODO: check
+       NOT-FOR-US: HTTPd server in Asus asuswrt
 CVE-2017-15652
        RESERVED
 CVE-2017-15651 (PRTG Network Monitor 17.3.33.2830 allows remote authenticated 
...)
@@ -24053,9 +24053,9 @@ CVE-2017-14701
 CVE-2017-14700
        RESERVED
 CVE-2017-14699 (Multiple XML external entity (XXE) vulnerabilities in the 
AiCloud ...)
-       TODO: check
+       NOT-FOR-US: ASUS routers
 CVE-2017-14698 (ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, 
...)
-       TODO: check
+       NOT-FOR-US: ASUS routers
 CVE-2017-14697
        RESERVED
 CVE-2017-14696 (SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, 
and ...)
@@ -25540,7 +25540,7 @@ CVE-2017-14192 (The checktitle function in 
controllers/member/api.php in dayrui 
 CVE-2017-14191
        RESERVED
 CVE-2017-14190 (A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 
to ...)
-       TODO: check
+       NOT-FOR-US: Fortinet FortiOS
 CVE-2017-14189 (An improper access control vulnerability in Fortinet 
FortiWebManager ...)
        NOT-FOR-US: Fortinet
 CVE-2017-14188



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/23db7d7a8957d31a54eb13c31eed3feee2e36268

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/23db7d7a8957d31a54eb13c31eed3feee2e36268
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to