Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ef75b531 by Salvatore Bonaccorso at 2018-02-19T23:01:20+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -71,7 +71,7 @@ CVE-2018-7221
 CVE-2018-7220
        RESERVED
 CVE-2018-7219 (application/admin/controller/Admin.php in NoneCms 1.3.0 has 
CSRF, as ...)
-       TODO: check
+       NOT-FOR-US: NoneCms
 CVE-2018-7218
        RESERVED
 CVE-2018-7217 (In Bravo Tejari Procurement Portal, uploaded files are not 
properly ...)
@@ -120,7 +120,7 @@ CVE-2018-7199
 CVE-2018-7198 (October CMS through 1.0.431 allows XSS by entering HTML on the 
Add ...)
        NOT-FOR-US: October CMS
 CVE-2018-7197 (An issue was discovered in Pluck through 4.7.4. A stored 
cross-site ...)
-       TODO: check
+       NOT-FOR-US: Pluck CMS
 CVE-2018-7196
        RESERVED
 CVE-2018-7195
@@ -1716,7 +1716,7 @@ CVE-2018-6594 (lib/Crypto/PublicKey/ElGamal.py in 
PyCrypto through 2.6.1 generat
 CVE-2018-6593 (An issue was discovered in MalwareFox AntiMalware 2.74.0.150. 
Improper ...)
        NOT-FOR-US: MalwareFox AntiMalware
 CVE-2018-6592 (Unisys Stealth Windows endpoints before 3.3.016.1 allow local 
users to ...)
-       TODO: check
+       NOT-FOR-US: Unisys Stealth Windows endpoints
 CVE-2018-6591 (Converse.js and Inverse.js through 3.3 allow remote attackers 
to obtain ...)
        TODO: check
 CVE-2018-6590
@@ -2099,13 +2099,13 @@ CVE-2017-18097
 CVE-2017-18096
        RESERVED
 CVE-2017-18095 (The SnippetRPCServiceImpl class in Atlassian Crucible before 
version ...)
-       TODO: check
+       NOT-FOR-US: Atlassian Crucible
 CVE-2017-18094
        RESERVED
 CVE-2017-18093 (Various resources in Atlassian Fisheye and Crucible before 
version ...)
-       TODO: check
+       NOT-FOR-US: Atlassian Fisheye and Crucible
 CVE-2017-18092 (The print snippet resource in Atlassian Crucible before 
version 4.4.3 ...)
-       TODO: check
+       NOT-FOR-US: Atlassian Crucible
 CVE-2017-18091 (The admin backupprogress action in Atlassian Fisheye and 
Crucible ...)
        NOT-FOR-US: Atlassian Fisheye and Crucible
 CVE-2017-18090 (Various resources in Atlassian Fisheye before version 4.5.1 
(the fixed ...)
@@ -3515,7 +3515,7 @@ CVE-2018-5989 (SQL Injection exists in the ccNewsletter 
2.x component for Joomla
 CVE-2018-5988 (SQL Injection exists in Flexible Poll 1.2 via the id parameter 
to ...)
        NOT-FOR-US: Flexible Poll
 CVE-2018-5987 (SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 
...)
-       TODO: check
+       NOT-FOR-US: Pinterest Clone Social Pinboard component for Joomla!
 CVE-2018-5986 (SQL Injection exists in Easy Car Script 2014 via the s_order or 
s_row ...)
        NOT-FOR-US: Easy Car Script
 CVE-2018-5985 (SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component 
for ...)
@@ -3523,13 +3523,13 @@ CVE-2018-5985 (SQL Injection exists in the LiveCRM SaaS 
Cloud 1.0 component for 
 CVE-2018-5984 (SQL Injection exists in the Tumder (An Arcade Games Platform) 
2.1 ...)
        NOT-FOR-US: Tumder
 CVE-2018-5983 (SQL Injection exists in the JquickContact 1.3.2.2.1 component 
for ...)
-       TODO: check
+       NOT-FOR-US: JquickContact component for Joomla!
 CVE-2018-5982 (SQL Injection exists in the Advertisement Board 3.1.0 component 
for ...)
-       TODO: check
+       NOT-FOR-US: Advertisement Board component for Joomla!
 CVE-2018-5981 (SQL Injection exists in the Gallery WD 1.3.6 component for 
Joomla! via ...)
-       TODO: check
+       NOT-FOR-US: Gallery WD component for Joomla!
 CVE-2018-5980 (SQL Injection exists in the Solidres 2.5.1 component for 
Joomla! via ...)
-       TODO: check
+       NOT-FOR-US: Solidres component for Joomla!
 CVE-2018-5979 (SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat 
Script 1.5 ...)
        NOT-FOR-US: Wchat Fully Responsive PHP AJAX Chat Script
 CVE-2018-5978 (SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 
via the ...)
@@ -3539,17 +3539,17 @@ CVE-2018-5977 (SQL Injection exists in Affiligator 
Affiliate Webshop Management 
 CVE-2018-5976 (Cross Site Request Forgery (CSRF) exists in RSVP Invitation 
Online 1.0 ...)
        NOT-FOR-US: RSVP Invitation Online
 CVE-2018-5975 (SQL Injection exists in the Smart Shoutbox 3.0.0 component for 
Joomla! ...)
-       TODO: check
+       NOT-FOR-US: Smart Shoutbox component for Joomla!
 CVE-2018-5974 (SQL Injection exists in the SimpleCalendar 3.1.9 component for 
Joomla! ...)
-       TODO: check
+       NOT-FOR-US: SimpleCalendar component for Joomla!
 CVE-2018-5973 (SQL Injection exists in Professional Local Directory Script 1.0 
via ...)
        NOT-FOR-US: Professional Local Directory Script
 CVE-2018-5972 (SQL Injection exists in Classified Ads CMS Quickad 4.0 via the 
...)
        NOT-FOR-US: Classified Ads CMS Quickad
 CVE-2018-5971 (SQL Injection exists in the MediaLibrary Free 4.0.12 component 
for ...)
-       TODO: check
+       NOT-FOR-US: MediaLibrary Free component for Joomla!
 CVE-2018-5970 (SQL Injection exists in the JGive 2.0.9 component for Joomla! 
via the ...)
-       TODO: check
+       NOT-FOR-US: JGive component for Joomla!
 CVE-2018-5969 (Cross Site Request Forgery (CSRF) exists in Photography CMS 1.0 
via ...)
        NOT-FOR-US: Photography CMS
 CVE-2018-5968 (FasterXML jackson-databind through 2.8.11 and 2.9.x through 
2.9.3 ...)
@@ -4753,11 +4753,11 @@ CVE-2018-5477
 CVE-2018-5476
        RESERVED
 CVE-2018-5475 (A Stack-based Buffer Overflow issue was discovered in GE D60 
Line ...)
-       TODO: check
+       NOT-FOR-US: GE D60 Line Distance Relay devices
 CVE-2018-5474
        RESERVED
 CVE-2018-5473 (An Improper Restriction of Operations within the Bounds of a 
Memory ...)
-       TODO: check
+       NOT-FOR-US: GE D60 Line Distance Relay devices
 CVE-2018-5472
        RESERVED
 CVE-2018-5471
@@ -4825,7 +4825,7 @@ CVE-2018-5441 (An Improper Validation of Integrity Check 
Value issue was discove
 CVE-2018-5440 (A Stack-based Buffer Overflow issue was discovered in 3S-Smart 
CODESYS ...)
        NOT-FOR-US: 3S-Smart
 CVE-2018-5439 (A Command Injection issue was discovered in Nortek Linear 
eMerge E3 ...)
-       TODO: check
+       NOT-FOR-US: Nortek Linear eMerge E3 series
 CVE-2018-5438
        RESERVED
 CVE-2018-5437



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef75b5317bae607f9fd9f392d49e038610ff098b

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef75b5317bae607f9fd9f392d49e038610ff098b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to