Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
abf6e23d by Salvatore Bonaccorso at 2018-07-11T21:55:42+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -27,7 +27,7 @@ CVE-2018-13867 (An issue was discovered in the HDF HDF5
1.8.20 library. There is
CVE-2018-13866 (An issue was discovered in the HDF HDF5 1.8.20 library. There
is a ...)
TODO: check
CVE-2018-13865 (An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists
via the ...)
- TODO: check
+ NOT-FOR-US: idreamsoft iCMS
CVE-2018-13864
RESERVED
CVE-2018-13862
@@ -1047,9 +1047,9 @@ CVE-2018-13391
CVE-2018-13390
RESERVED
CVE-2018-13389 (The attachment resource in Atlassian Confluence before version
6.6.1 ...)
- TODO: check
+ NOT-FOR-US: Atlassian Confluence
CVE-2018-13388 (The review attachment resource in Atlassian Fisheye and
Crucible ...)
- TODO: check
+ NOT-FOR-US: Atlassian Fisheye and Crucible
CVE-2018-13387
RESERVED
CVE-2018-13386
@@ -3314,9 +3314,9 @@ CVE-2018-12464 (A SQL injection vulnerability in the web
administration and quar
CVE-2018-12463
RESERVED
CVE-2018-12462 (NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.
...)
- TODO: check
+ NOT-FOR-US: NetIQ iManager
CVE-2018-12461 (Fixed issues with NetIQ eDirectory prior to 9.1.1 when
checking ...)
- TODO: check
+ NOT-FOR-US: NetIQ eDirectory
CVE-2018-12460 (libavcodec in FFmpeg 4.0 may trigger a NULL pointer
dereference if the ...)
[experimental] - ffmpeg 7:4.0.1-1 (low)
- ffmpeg <not-affected> (Introduced after 3.4)
@@ -4018,7 +4018,7 @@ CVE-2018-12234
CVE-2018-12231
RESERVED
CVE-2018-12230 (An wrong logical check identified in the transferFrom function
of a ...)
- TODO: check
+ NOT-FOR-US: smart contract implementation for RemiCoin (RMC)
CVE-2018-12229 (Cross-site scripting (XSS) vulnerability in Public Knowledge
Project ...)
NOT-FOR-US: Public Knowledge Project (PKP) Open Journal System (OJS)
CVE-2017-18291 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection
exists in ...)
@@ -5964,7 +5964,7 @@ CVE-2018-11452
CVE-2018-11451
RESERVED
CVE-2018-11450 (A reflected Cross-Site-Scripting (XSS) vulnerability has been
...)
- TODO: check
+ NOT-FOR-US: Siemens PLM Software TEAMCENTER
CVE-2018-11449 (A vulnerability has been identified in SCALANCE M875 (All
versions). ...)
NOT-FOR-US: SCALANCE
CVE-2018-11448 (A vulnerability has been identified in SCALANCE M875 (All
versions). ...)
@@ -7312,7 +7312,7 @@ CVE-2018-10945 (The mg_handle_cgi function in mongoose.c
in Mongoose 6.11 allows
CVE-2018-10944 (The request_dividend function of a smart contract
implementation for ...)
NOT-FOR-US: Rasputin Online Coin
CVE-2018-10943 (An issue was discovered on Barco ClickShare CSE-200 and CS-100
Base ...)
- TODO: check
+ NOT-FOR-US: Barco ClickShare CSE-200 and CS-100 Base Units
CVE-2018-10942 (modules/attributewizardpro/file_upload.php in the Attribute
Wizard ...)
NOT-FOR-US: Attribute Wizard addon for PrestaShop
CVE-2018-10941
@@ -10085,7 +10085,7 @@ CVE-2018-9855
CVE-2018-9854
RESERVED
CVE-2018-9853 (Insecure access control in freeSSHd version 1.3.1 allows
attackers to ...)
- TODO: check
+ NOT-FOR-US: freeSSHd
CVE-2018-9852 (In Gxlcms QY v1.0.0713,
Lib\Lib\Action\Home\HitsAction.class.php allows ...)
NOT-FOR-US: Gxlcms QY
CVE-2018-9851 (In Gxlcms QY v1.0.0713,
Lib\Lib\Action\Admin\TplAction.class.php allows ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/abf6e23d180ecd3118526a00bdbfa1967c5e2d96
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/abf6e23d180ecd3118526a00bdbfa1967c5e2d96
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
