Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: abf6e23d by Salvatore Bonaccorso at 2018-07-11T21:55:42+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -27,7 +27,7 @@ CVE-2018-13867 (An issue was discovered in the HDF HDF5 1.8.20 library. There is CVE-2018-13866 (An issue was discovered in the HDF HDF5 1.8.20 library. There is a ...) TODO: check CVE-2018-13865 (An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the ...) - TODO: check + NOT-FOR-US: idreamsoft iCMS CVE-2018-13864 RESERVED CVE-2018-13862 @@ -1047,9 +1047,9 @@ CVE-2018-13391 CVE-2018-13390 RESERVED CVE-2018-13389 (The attachment resource in Atlassian Confluence before version 6.6.1 ...) - TODO: check + NOT-FOR-US: Atlassian Confluence CVE-2018-13388 (The review attachment resource in Atlassian Fisheye and Crucible ...) - TODO: check + NOT-FOR-US: Atlassian Fisheye and Crucible CVE-2018-13387 RESERVED CVE-2018-13386 @@ -3314,9 +3314,9 @@ CVE-2018-12464 (A SQL injection vulnerability in the web administration and quar CVE-2018-12463 RESERVED CVE-2018-12462 (NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities. ...) - TODO: check + NOT-FOR-US: NetIQ iManager CVE-2018-12461 (Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking ...) - TODO: check + NOT-FOR-US: NetIQ eDirectory CVE-2018-12460 (libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the ...) [experimental] - ffmpeg 7:4.0.1-1 (low) - ffmpeg <not-affected> (Introduced after 3.4) @@ -4018,7 +4018,7 @@ CVE-2018-12234 CVE-2018-12231 RESERVED CVE-2018-12230 (An wrong logical check identified in the transferFrom function of a ...) - TODO: check + NOT-FOR-US: smart contract implementation for RemiCoin (RMC) CVE-2018-12229 (Cross-site scripting (XSS) vulnerability in Public Knowledge Project ...) NOT-FOR-US: Public Knowledge Project (PKP) Open Journal System (OJS) CVE-2017-18291 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ...) @@ -5964,7 +5964,7 @@ CVE-2018-11452 CVE-2018-11451 RESERVED CVE-2018-11450 (A reflected Cross-Site-Scripting (XSS) vulnerability has been ...) - TODO: check + NOT-FOR-US: Siemens PLM Software TEAMCENTER CVE-2018-11449 (A vulnerability has been identified in SCALANCE M875 (All versions). ...) NOT-FOR-US: SCALANCE CVE-2018-11448 (A vulnerability has been identified in SCALANCE M875 (All versions). ...) @@ -7312,7 +7312,7 @@ CVE-2018-10945 (The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows CVE-2018-10944 (The request_dividend function of a smart contract implementation for ...) NOT-FOR-US: Rasputin Online Coin CVE-2018-10943 (An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base ...) - TODO: check + NOT-FOR-US: Barco ClickShare CSE-200 and CS-100 Base Units CVE-2018-10942 (modules/attributewizardpro/file_upload.php in the Attribute Wizard ...) NOT-FOR-US: Attribute Wizard addon for PrestaShop CVE-2018-10941 @@ -10085,7 +10085,7 @@ CVE-2018-9855 CVE-2018-9854 RESERVED CVE-2018-9853 (Insecure access control in freeSSHd version 1.3.1 allows attackers to ...) - TODO: check + NOT-FOR-US: freeSSHd CVE-2018-9852 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows ...) NOT-FOR-US: Gxlcms QY CVE-2018-9851 (In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/abf6e23d180ecd3118526a00bdbfa1967c5e2d96 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/abf6e23d180ecd3118526a00bdbfa1967c5e2d96 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits