Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0db8dfcf by Salvatore Bonaccorso at 2018-02-21T22:28:00+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,13 +1,13 @@ CVE-2018-7306 RESERVED CVE-2018-7305 (MyBB 1.8.14 is not checking for a valid CSRF token, leading to ...) - TODO: check + NOT-FOR-US: MyBB CVE-2018-7304 (Tiki 17.1 does not validate user input for special characters; ...) - TODO: check + NOT-FOR-US: Tiki CVE-2018-7303 (The Calendar component in Tiki 17.1 allows HTML injection. ...) - TODO: check + NOT-FOR-US: Tiki CVE-2018-7302 (Tiki 17.1 allows upload of a .PNG file that actually has SVG content, ...) - TODO: check + NOT-FOR-US: Tiki CVE-2018-7301 RESERVED CVE-2018-7300 @@ -33,7 +33,7 @@ CVE-2018-7291 CVE-2018-7290 RESERVED CVE-2018-7289 (An issue was discovered in armadito-windows-driver/src/communication.c ...) - TODO: check + NOT-FOR-US: Armadito CVE-2018-7288 RESERVED CVE-2018-7287 @@ -51,7 +51,7 @@ CVE-2018-7282 CVE-2018-7281 RESERVED CVE-2018-7280 (The Ninja Forms plugin before 3.2.14 for WordPress has XSS. ...) - TODO: check + NOT-FOR-US: Ninja Forms plugin for WordPress CVE-2018-1000093 RESERVED CVE-2018-1000092 @@ -148,7 +148,7 @@ CVE-2018-7263 (The mad_decoder_run() function in decoder.c in Underbit libmad th CVE-2018-7262 RESERVED CVE-2018-7261 (There are multiple Persistent XSS vulnerabilities in Radiant CMS ...) - TODO: check + NOT-FOR-US: Radiant CMS CVE-2018-7260 (Cross-site scripting (XSS) vulnerability in db_central_columns.php in ...) TODO: check CVE-2018-7259 (The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a ...) @@ -4393,7 +4393,7 @@ CVE-2018-5718 CVE-2018-5717 RESERVED CVE-2018-5716 (An issue was discovered in Reprise License Manager 11.0. This ...) - TODO: check + NOT-FOR-US: Reprise License Manager CVE-2018-5715 (phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query ...) NOT-FOR-US: SugarCRM CVE-2018-5714 (In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows ...) @@ -16138,15 +16138,15 @@ CVE-2018-1170 CVE-2018-1169 RESERVED CVE-2018-1168 (This vulnerability allows local attackers to escalate privileges on ...) - TODO: check + NOT-FOR-US: ABB MicroSCADA CVE-2018-1167 RESERVED CVE-2018-1166 (This vulnerability allows local attackers to escalate privileges on ...) - TODO: check + NOT-FOR-US: Joyent SmartOS CVE-2018-1165 (This vulnerability allows local attackers to escalate privileges on ...) - TODO: check + NOT-FOR-US: Joyent SmartOS CVE-2018-1164 (This vulnerability allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: ZyXEL CVE-2018-1163 (This vulnerability allows remote attackers to bypass authentication on ...) NOT-FOR-US: Quest NetVault Backup CVE-2018-1162 (This vulnerability allows remote attackers to create a ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0db8dfcf192e192dabe0537a5804ffbe017b795d --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0db8dfcf192e192dabe0537a5804ffbe017b795d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits