Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
140cba52 by Salvatore Bonaccorso at 2018-02-22T22:37:19+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -153,7 +153,7 @@ CVE-2018-7340
 CVE-2018-7339
        RESERVED
 CVE-2017-18194 (SQL injection vulnerability in users/signup.php in the 
"signup" ...)
-       TODO: check
+       NOT-FOR-US: HamayeshNegar CMS
 CVE-2017-18193 (fs/f2fs/extent_cache.c in the Linux kernel before 4.13 
mishandles ...)
        - linux 4.13.4-1
        NOTE: Fixed by: 
https://git.kernel.org/linus/dad48e73127ba10279ea33e6dbc8d3905c4d31c0
@@ -208,21 +208,21 @@ CVE-2018-7321
 CVE-2018-7320
        RESERVED
 CVE-2018-7319 (SQL Injection exists in the OS Property Real Estate 3.12.7 
component ...)
-       TODO: check
+       NOT-FOR-US: OS Property Real Estate component for Joomla!
 CVE-2018-7318 (SQL Injection exists in the CheckList 1.1.1 component for 
Joomla! via ...)
-       TODO: check
+       NOT-FOR-US: CheckList component for Joomla!
 CVE-2018-7317 (Backup Download exists in the Proclaim 9.1.1 component for 
Joomla! via ...)
-       TODO: check
+       NOT-FOR-US: Proclaim component for Joomla!
 CVE-2018-7316 (Arbitrary File Upload exists in the Proclaim 9.1.1 component 
for ...)
-       TODO: check
+       NOT-FOR-US: Proclaim component for Joomla!
 CVE-2018-7315 (SQL Injection exists in the Ek Rishta 2.9 component for Joomla! 
via the ...)
-       TODO: check
+       NOT-FOR-US: Ek Rishta component for Joomla!
 CVE-2018-7314 (SQL Injection exists in the PrayerCenter 3.0.2 component for 
Joomla! ...)
-       TODO: check
+       NOT-FOR-US: PrayerCenter component for Joomla!
 CVE-2018-7313 (SQL Injection exists in the CW Tags 2.0.6 component for Joomla! 
via the ...)
-       TODO: check
+       NOT-FOR-US: CW Tags component for Joomla!
 CVE-2018-7312 (SQL Injection exists in the Alexandria Book Library 3.1.2 
component for ...)
-       TODO: check
+       NOT-FOR-US: Alexandria Book Library component for Joomla!
 CVE-2018-7311 (** DISPUTED ** PrivateVPN 2.0.31 for macOS suffers from a root 
...)
        NOT-FOR-US: PrivateVPN for macOS
 CVE-2018-7310
@@ -244,17 +244,17 @@ CVE-2018-7303 (The Calendar component in Tiki 17.1 allows 
HTML injection. ...)
 CVE-2018-7302 (Tiki 17.1 allows upload of a .PNG file that actually has SVG 
content, ...)
        NOT-FOR-US: Tiki
 CVE-2018-7301 (eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC 
port ...)
-       TODO: check
+       NOT-FOR-US: eQ-3 AG HomeMatic CCU2 2.29.22 devices
 CVE-2018-7300 (Directory Traversal / Arbitrary File Write / Remote Code 
Execution in ...)
-       TODO: check
+       NOT-FOR-US: eQ-3 AG Homematic CCU2
 CVE-2018-7299 (Remote Code Execution in the addon installation process in eQ-3 
AG ...)
-       TODO: check
+       NOT-FOR-US: eQ-3 AG Homematic CCU2
 CVE-2018-7298 (In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG 
HomeMatic ...)
-       TODO: check
+       NOT-FOR-US: eQ-3 AG Homematic CCU2
 CVE-2018-7297 (Remote Code Execution in the TCL script interpreter in eQ-3 AG 
...)
-       TODO: check
+       NOT-FOR-US: eQ-3 AG Homematic CCU2
 CVE-2018-7296 (Directory Traversal / Arbitrary File Read in User.getLanguage 
method ...)
-       TODO: check
+       NOT-FOR-US: eQ-3 AG Homematic CCU2
 CVE-2018-7295
        RESERVED
 CVE-2018-7294
@@ -1386,7 +1386,7 @@ CVE-2018-6892 (An issue was discovered in CloudMe before 
1.11.0. An unauthentica
 CVE-2018-6891 (Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via 
a ...)
        NOT-FOR-US: Bookly #1 WordPress Booking Plugin Lite
 CVE-2018-6890 (Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 
via the ...)
-       TODO: check
+       NOT-FOR-US: Wolf CMS
 CVE-2018-6889 (An issue was discovered in Typesetter 5.1. It suffers from a 
Host ...)
        NOT-FOR-US: Typesetter CMS
 CVE-2018-6888 (An issue was discovered in Typesetter 5.1. The User Permissions 
page ...)
@@ -15139,13 +15139,13 @@ CVE-2018-1419
 CVE-2018-1418
        RESERVED
 CVE-2018-1417 (Under certain circumstances, a flaw in the J9 JVM (IBM Runtimes 
for ...)
-       TODO: check
+       NOT-FOR-US: IBM Runtimes for Java Technology
 CVE-2018-1416
        RESERVED
 CVE-2018-1415 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site 
scripting. ...)
-       TODO: check
+       NOT-FOR-US: IBM Maximo Asset Management
 CVE-2018-1414 (IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to SQL 
...)
-       TODO: check
+       NOT-FOR-US: IBM Maximo Asset Management
 CVE-2018-1413
        RESERVED
 CVE-2018-1412
@@ -15189,9 +15189,9 @@ CVE-2018-1394
 CVE-2018-1393
        RESERVED
 CVE-2018-1392 (IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH 
Services for ...)
-       TODO: check
+       NOT-FOR-US: IBM Financial Transaction Manager
 CVE-2018-1391 (IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH 
Services for ...)
-       TODO: check
+       NOT-FOR-US: IBM Financial Transaction Manager
 CVE-2018-1390
        RESERVED
 CVE-2018-1389
@@ -100753,13 +100753,13 @@ CVE-2016-0371 (The Tivoli Storage Manager (TSM) 
password may be displayed in pla
 CVE-2016-0370 (Cross-site scripting (XSS) vulnerability in IBM Forms 
Experience ...)
        NOT-FOR-US: IBM
 CVE-2016-0369 (XML external entity (XXE) vulnerability in IBM Forms Experience 
...)
-       TODO: check
+       NOT-FOR-US: IBM Forms Experience Builder
 CVE-2016-0368
        RESERVED
 CVE-2016-0367 (IBM Security Identity Manager Virtual Appliance 7.0.x before 
...)
-       TODO: check
+       NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
 CVE-2016-0366 (IBM Security Identity Manager Virtual Appliance 7.0.x before 
...)
-       TODO: check
+       NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
 CVE-2016-0365 (IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 
6.1.3.3, and ...)
        NOT-FOR-US: IBM
 CVE-2016-0364 (IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 
6.1.3.3, and ...)
@@ -100789,23 +100789,23 @@ CVE-2016-0353 (IBM Security Privileged Identity 
Manager 2.0 before 2.0.2 FP8, wh
 CVE-2016-0352
        RESERVED
 CVE-2016-0351 (IBM Security Identity Manager Virtual Appliance 7.0.x before 
...)
-       TODO: check
+       NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
 CVE-2016-0350 (Cross-site scripting (XSS) vulnerability in the Report Builder 
and ...)
        NOT-FOR-US: IBM
 CVE-2016-0349 (IBM Business Process Manager 8.5.6 through 8.5.6.2 and 8.5.7 
before ...)
        NOT-FOR-US: IBM
 CVE-2016-0348 (Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA 
...)
-       TODO: check
+       NOT-FOR-US: IBM TRIRIGA Application Platform
 CVE-2016-0347
        RESERVED
 CVE-2016-0346 (Cross-site scripting (XSS) vulnerability in IBM Cognos Business 
...)
        NOT-FOR-US: IBM
 CVE-2016-0345 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 
...)
-       TODO: check
+       NOT-FOR-US: IBM TRIRIGA Application Platform
 CVE-2016-0344 (Cross-site scripting (XSS) vulnerability in the My Reports 
component ...)
-       TODO: check
+       NOT-FOR-US: IBM TRIRIGA Application Platform
 CVE-2016-0343 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 
...)
-       TODO: check
+       NOT-FOR-US: IBM TRIRIGA Application Platform
 CVE-2016-0342 (IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 
...)
        NOT-FOR-US: IBM TRIRIGA Application Platform
 CVE-2016-0341 (IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 
and B2B ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/140cba52289f3852c421f3ac692ef37264b53269

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/140cba52289f3852c421f3ac692ef37264b53269
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to