[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Tue, 13 Mar 2018 14:45:00 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e739be85 by Salvatore Bonaccorso at 2018-03-13T22:44:07+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1921,7 +1921,7 @@ CVE-2018-7407
 CVE-2018-7406
        RESERVED
 CVE-2018-7405 (Cross-site scripting (XSS) in Zoho ManageEngine EventLog 
Analyzer ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine EventLog Analyzer
 CVE-2018-7404
        RESERVED
 CVE-2018-7403
@@ -2309,7 +2309,7 @@ CVE-2018-7280 (The Ninja Forms plugin before 3.2.14 for 
WordPress has XSS. ...)
 CVE-2018-1000093 (CryptoNote version version 0.8.9 and possibly later contain 
a local ...)
        TODO: check
 CVE-2018-1000092 (CMS Made Simple version versions 2.2.5 contains a Cross ite 
Request ...)
-       TODO: check
+       NOT-FOR-US: CMS Made Simple
 CVE-2018-1000091 (KadNode version version 2.2.0 contains a Buffer Overflow 
vulnerability ...)
        TODO: check
 CVE-2018-1000090 (textpattern version version 4.6.2 contains a XML Injection 
...)
@@ -2323,7 +2323,7 @@ CVE-2018-1000088 (Doorkeeper version 2.1.0 through 4.2.5 
contains a Cross Site S
        NOTE: https://github.com/doorkeeper-gem/doorkeeper/issues/969
        NOTE: https://github.com/doorkeeper-gem/doorkeeper/pull/970
 CVE-2018-1000087 (WolfCMS version version 0.8.3.1 contains a Reflected Cross 
Site ...)
-       TODO: check
+       NOT-FOR-US: WolfCMS
 CVE-2018-1000086 (NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 
contains a ...)
        TODO: check
 CVE-2018-1000085 (ClamAV version version 0.99.3 contains a Out of bounds heap 
memory ...)
@@ -2333,7 +2333,7 @@ CVE-2018-1000085 (ClamAV version version 0.99.3 contains 
a Out of bounds heap me
        NOTE: 
https://github.com/Cisco-Talos/clamav-devel/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6
        NOTE: http://www.openwall.com/lists/oss-security/2017/09/29/4
 CVE-2018-1000084 (WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored 
Cross-Site ...)
-       TODO: check
+       NOT-FOR-US: WolfCMS
 CVE-2018-1000083 (Ajenti version version 2 contains a Improper Error Handling 
...)
        TODO: check
 CVE-2018-1000082 (Ajenti version version 2 contains a Cross ite Request 
Forgery (CSRF) ...)
@@ -5241,25 +5241,25 @@ CVE-2018-6305 (Denial of service in Gemalto's Sentinel 
LDK RTE version before 7.
 CVE-2018-6304 (Stack overflow in custom XML-parser in Gemalto's Sentinel LDK 
RTE ...)
        TODO: check
 CVE-2018-6303 (Denial of service by uploading malformed firmware in Hanwha 
Techwin ...)
-       TODO: check
+       NOT-FOR-US: Hanwha Techwin Smartcams
 CVE-2018-6302 (Denial of service by blocking of new camera registration on the 
cloud ...)
-       TODO: check
+       NOT-FOR-US: Hanwha Techwin Smartcams
 CVE-2018-6301 (Arbitrary camera access and monitoring via cloud in Hanwha 
Techwin ...)
-       TODO: check
+       NOT-FOR-US: Hanwha Techwin Smartcams
 CVE-2018-6300 (Remote password change in Hanwha Techwin Smartcams ...)
-       TODO: check
+       NOT-FOR-US: Hanwha Techwin Smartcams
 CVE-2018-6299 (Authentication bypass in Hanwha Techwin Smartcams ...)
-       TODO: check
+       NOT-FOR-US: Hanwha Techwin Smartcams
 CVE-2018-6298 (Remote code execution in Hanwha Techwin Smartcams ...)
-       TODO: check
+       NOT-FOR-US: Hanwha Techwin Smartcams
 CVE-2018-6297 (Buffer overflow in Hanwha Techwin Smartcams ...)
-       TODO: check
+       NOT-FOR-US: Hanwha Techwin Smartcams
 CVE-2018-6296 (An undocumented (hidden) capability for switching the web 
interface in ...)
-       TODO: check
+       NOT-FOR-US: Hanwha Techwin Smartcams
 CVE-2018-6295 (Unencrypted way of remote control and communications in Hanwha 
Techwin ...)
-       TODO: check
+       NOT-FOR-US: Hanwha Techwin Smartcams
 CVE-2018-6294 (Unsecured way of firmware update in Hanwha Techwin Smartcams 
...)
-       TODO: check
+       NOT-FOR-US: Hanwha Techwin Smartcams
 CVE-2018-6293 (Arbitrary File Read in Saperion Web Client version 7.5.2 83166. 
...)
        NOT-FOR-US: Saperion Web Client
 CVE-2018-6292 (Remote Code Execution in Saperion Web Client version 7.5.2 
83166. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e739be85be87317c256bdafe5462afc351e2e94a

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e739be85be87317c256bdafe5462afc351e2e94a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to