Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
896b8d4a by Salvatore Bonaccorso at 2018-04-04T22:29:18+02:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -151,9 +151,9 @@ CVE-2018-9251 (The xz_decomp function in xzlib.c in libxml2
2.9.8, if --with-lzm
CVE-2018-9250
RESERVED
CVE-2018-9249 (FiberHome VDSL2 Modem HG 150-UB devices allow authentication
bypass by ...)
- TODO: check
+ NOT-FOR-US: FiberHome VDSL2 Modem HG 150-UB devices
CVE-2018-9248 (FiberHome VDSL2 Modem HG 150-UB devices allow authentication
bypass via ...)
- TODO: check
+ NOT-FOR-US: FiberHome VDSL2 Modem HG 150-UB devices
CVE-2018-9247 (The upsql function in
\Lib\Lib\Action\Admin\DataAction.class.php in ...)
NOT-FOR-US: Gxlcms QY
CVE-2018-9246
@@ -921,7 +921,7 @@ CVE-2017-18242 (The apply_dependent_coupling function in
libavcodec/aacdec.c in
[jessie] - libav <no-dsa> (Minor issue)
NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1093
CVE-2018-8941 (Diagnostics functionality on D-Link DSL-3782 devices with
firmware EU ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2018-8940
RESERVED
CVE-2018-8939
@@ -1210,9 +1210,9 @@ CVE-2018-8816
CVE-2018-8815 (Cross-site scripting (XSS) vulnerability in the gallery
function in ...)
NOT-FOR-US: Alkacon OpenCMS
CVE-2018-8814 (Cross-site request forgery (CSRF) vulnerability in WolfCMS
0.8.3.1 ...)
- TODO: check
+ NOT-FOR-US: WolfCMS
CVE-2018-8813 (Open redirect vulnerability in the login[redirect] parameter
login ...)
- TODO: check
+ NOT-FOR-US: WolfCMS
CVE-2018-8812
RESERVED
CVE-2018-8811 (Cross-site request forgery (CSRF) vulnerability in ...)
@@ -1530,7 +1530,7 @@ CVE-2018-8721 (Zoho ManageEngine EventLog Analyzer
version 11.0 build 11000 has
CVE-2018-8720 (ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last
Name ...)
NOT-FOR-US: ServiceNow ITSM
CVE-2018-8719 (An issue was discovered in the WP Security Audit Log plugin
3.1.1 for ...)
- TODO: check
+ NOT-FOR-US: WP Security Audit Log plugin for WordPress
CVE-2018-8718 (Cross-site request forgery (CSRF) vulnerability in the Mailer
Plugin ...)
- jenkins-mailer-plugin <removed>
CVE-2017-18232 (The Serial Attached SCSI (SAS) implementation in the Linux
kernel ...)
@@ -20439,7 +20439,7 @@ CVE-2018-1471
CVE-2018-1470
RESERVED
CVE-2018-1469 (IBM API Connect Developer Portal 5.0.0.0 through 5.0.8.2 could
allow ...)
- TODO: check
+ NOT-FOR-US: IBM API Connect Developer Portal
CVE-2018-1468
RESERVED
CVE-2018-1467
@@ -20483,7 +20483,7 @@ CVE-2018-1449
CVE-2018-1448 (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1
...)
NOT-FOR-US: IBM
CVE-2018-1447 (The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum
Protect ...)
- TODO: check
+ NOT-FOR-US: IBM Spectrum Protect
CVE-2018-1446
RESERVED
CVE-2018-1445
@@ -20535,7 +20535,7 @@ CVE-2018-1423
CVE-2018-1422
RESERVED
CVE-2018-1421 (IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2,
and ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere DataPower Appliances
CVE-2018-1420
RESERVED
CVE-2018-1419
@@ -23133,7 +23133,7 @@ CVE-2018-0988
CVE-2018-0987
RESERVED
CVE-2018-0986 (The Microsoft Malware Protection Engine running on Microsoft
Forefront ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-0985
RESERVED
CVE-2018-0984
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/896b8d4aa59a57c068f3262b1357455f361332d5
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/896b8d4aa59a57c068f3262b1357455f361332d5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
