Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 80e516f8 by Moritz Muehlenhoff at 2018-04-02T22:40:18+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,7 +1,7 @@ CVE-2018-9231 RESERVED CVE-2018-9230 (In OpenResty before 1.13.6.1, URI parameters were obtained using the ...) - TODO: check + NOT-FOR-US: OpenResty CVE-2018-9229 RESERVED CVE-2018-9228 @@ -95,7 +95,7 @@ CVE-2018-9185 CVE-2018-9184 RESERVED CVE-2018-9183 (The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. ...) - TODO: check + NOT-FOR-US: Joomla addon CVE-2018-9182 RESERVED CVE-2018-9181 @@ -136,7 +136,7 @@ CVE-2018-9165 (The pushdup function in util/decompile.c in libming through 0.4.8 CVE-2018-9164 RESERVED CVE-2018-9163 (A stored Cross-site scripting (XSS) vulnerability in Zoho ManageEngine ...) - TODO: check + NOT-FOR-US: Zoho CVE-2018-9162 (Contec Smart Home 4.15 devices do not require authentication for ...) NOT-FOR-US: Contec Smart Home CVE-2018-9161 (Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers ...) @@ -6741,11 +6741,11 @@ CVE-2018-6663 CVE-2018-6662 RESERVED CVE-2018-6661 (DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee ...) - TODO: check + NOT-FOR-US: McAfee CVE-2018-6660 (Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) ...) - TODO: check + NOT-FOR-US: McAfee CVE-2018-6659 (Reflected Cross-Site Scripting vulnerability in McAfee ePolicy ...) - TODO: check + NOT-FOR-US: McAfee CVE-2018-6658 RESERVED CVE-2018-6758 (The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through ...) @@ -8131,11 +8131,11 @@ CVE-2018-6253 (NVIDIA GPU Display Driver contains a vulnerability in DirectX and [jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported) NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4649 CVE-2018-6252 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...) - TODO: check + NOT-FOR-US: NVIDIA Windows driver CVE-2018-6251 (NVIDIA Windows GPU Display Driver contains a vulnerability in DirectX ...) - TODO: check + NOT-FOR-US: NVIDIA Windows driver CVE-2018-6250 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...) - TODO: check + NOT-FOR-US: NVIDIA Windows driver CVE-2018-6249 (NVIDIA GPU Display Driver contains a vulnerability in kernel mode ...) - nvidia-graphics-drivers <unfixed> (bug #894338) [stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported) @@ -8148,9 +8148,9 @@ CVE-2018-6249 (NVIDIA GPU Display Driver contains a vulnerability in kernel mode [jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported) NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4649 CVE-2018-6248 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...) - TODO: check + NOT-FOR-US: NVIDIA Windows driver CVE-2018-6247 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...) - TODO: check + NOT-FOR-US: NVIDIA Windows driver CVE-2018-6246 RESERVED CVE-2018-6245 @@ -21222,7 +21222,7 @@ CVE-2018-1297 (When using Distributed Test only (RMI based), Apache JMeter 2.x a CVE-2018-1296 RESERVED CVE-2018-1295 (In Apache Ignite 2.3 or earlier, the serialization mechanism does not ...) - TODO: check + NOT-FOR-US: Apache Ignite CVE-2018-1294 (If a user of Commons-Email (typically an application programmer) ...) - commons-email <not-affected> (Fixed with first upload to Debian) NOTE: https://marc.info/?i=CAF8HOZ+J3NkaywfbHuQpHxK9ZXeT4=4vs9rowcdiudnt1qa...@mail.gmail.com @@ -22724,7 +22724,7 @@ CVE-2018-1040 CVE-2018-1039 RESERVED CVE-2018-1038 (The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2018-1037 RESERVED CVE-2018-1036 @@ -24771,7 +24771,7 @@ CVE-2018-0196 (A vulnerability in the web-based user interface (web UI) of Cisco CVE-2018-0195 (A vulnerability in the Cisco IOS XE Software REST API could allow an ...) NOT-FOR-US: Cisco CVE-2018-0194 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...) - TODO: check + NOT-FOR-US: Cisco CVE-2018-0193 (Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software ...) NOT-FOR-US: Cisco CVE-2018-0192 @@ -77977,7 +77977,7 @@ CVE-2016-8719 (An exploitable reflected Cross-Site Scripting vulnerability exist CVE-2016-8718 (An exploitable Cross-Site Request Forgery vulnerability exists in the ...) NOT-FOR-US: Moxa CVE-2016-8717 (An exploitable Use of Hard-coded Credentials vulnerability exists in ...) - TODO: check + NOT-FOR-US: Moxa CVE-2016-8716 (An exploitable Cleartext Transmission of Password vulnerability exists ...) NOT-FOR-US: Moxa CVE-2016-8715 (An exploitable heap corruption vulnerability exists in the loadTrailer ...) @@ -125831,15 +125831,15 @@ CVE-2015-2006 CVE-2015-2005 (IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x ...) NOT-FOR-US: IBM Security QRadar SIEM CVE-2015-2004 (The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might ...) - TODO: check + NOT-FOR-US: GraceNote GNSDK SDK CVE-2015-2003 (The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might ...) - TODO: check + NOT-FOR-US: PJSIP PJSUA2 SDK CVE-2015-2002 (The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow ...) - TODO: check + NOT-FOR-US: ESRI ArcGis Runtime SDK CVE-2015-2001 (The MetaIO SDK before 6.0.2.1 for Android might allow attackers to ...) - TODO: check + NOT-FOR-US: MetaIO SDK CVE-2015-2000 (The Jumio SDK before 1.5.0 for Android might allow attackers to ...) - TODO: check + NOT-FOR-US: Jumio SDK CVE-2015-1999 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 ...) NOT-FOR-US: IBM QRadar CVE-2015-1998 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/80e516f8cf413749522ab9ce6b9853f0538ae286 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/80e516f8cf413749522ab9ce6b9853f0538ae286 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits