Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0db8dfcf by Salvatore Bonaccorso at 2018-02-21T22:28:00+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,13 +1,13 @@
CVE-2018-7306
RESERVED
CVE-2018-7305 (MyBB 1.8.14 is not checking for a valid CSRF token, leading to
...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2018-7304 (Tiki 17.1 does not validate user input for special characters;
...)
- TODO: check
+ NOT-FOR-US: Tiki
CVE-2018-7303 (The Calendar component in Tiki 17.1 allows HTML injection. ...)
- TODO: check
+ NOT-FOR-US: Tiki
CVE-2018-7302 (Tiki 17.1 allows upload of a .PNG file that actually has SVG
content, ...)
- TODO: check
+ NOT-FOR-US: Tiki
CVE-2018-7301
RESERVED
CVE-2018-7300
@@ -33,7 +33,7 @@ CVE-2018-7291
CVE-2018-7290
RESERVED
CVE-2018-7289 (An issue was discovered in
armadito-windows-driver/src/communication.c ...)
- TODO: check
+ NOT-FOR-US: Armadito
CVE-2018-7288
RESERVED
CVE-2018-7287
@@ -51,7 +51,7 @@ CVE-2018-7282
CVE-2018-7281
RESERVED
CVE-2018-7280 (The Ninja Forms plugin before 3.2.14 for WordPress has XSS. ...)
- TODO: check
+ NOT-FOR-US: Ninja Forms plugin for WordPress
CVE-2018-1000093
RESERVED
CVE-2018-1000092
@@ -148,7 +148,7 @@ CVE-2018-7263 (The mad_decoder_run() function in decoder.c
in Underbit libmad th
CVE-2018-7262
RESERVED
CVE-2018-7261 (There are multiple Persistent XSS vulnerabilities in Radiant
CMS ...)
- TODO: check
+ NOT-FOR-US: Radiant CMS
CVE-2018-7260 (Cross-site scripting (XSS) vulnerability in
db_central_columns.php in ...)
TODO: check
CVE-2018-7259 (The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X
sends a ...)
@@ -4393,7 +4393,7 @@ CVE-2018-5718
CVE-2018-5717
RESERVED
CVE-2018-5716 (An issue was discovered in Reprise License Manager 11.0. This
...)
- TODO: check
+ NOT-FOR-US: Reprise License Manager
CVE-2018-5715 (phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in
the query ...)
NOT-FOR-US: SugarCRM
CVE-2018-5714 (In Malwarefox Anti-Malware 2.72.169, the driver file
(zam64.sys) allows ...)
@@ -16138,15 +16138,15 @@ CVE-2018-1170
CVE-2018-1169
RESERVED
CVE-2018-1168 (This vulnerability allows local attackers to escalate
privileges on ...)
- TODO: check
+ NOT-FOR-US: ABB MicroSCADA
CVE-2018-1167
RESERVED
CVE-2018-1166 (This vulnerability allows local attackers to escalate
privileges on ...)
- TODO: check
+ NOT-FOR-US: Joyent SmartOS
CVE-2018-1165 (This vulnerability allows local attackers to escalate
privileges on ...)
- TODO: check
+ NOT-FOR-US: Joyent SmartOS
CVE-2018-1164 (This vulnerability allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: ZyXEL
CVE-2018-1163 (This vulnerability allows remote attackers to bypass
authentication on ...)
NOT-FOR-US: Quest NetVault Backup
CVE-2018-1162 (This vulnerability allows remote attackers to create a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0db8dfcf192e192dabe0537a5804ffbe017b795d
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0db8dfcf192e192dabe0537a5804ffbe017b795d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
