Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
05eb5612 by Salvatore Bonaccorso at 2018-03-16T10:28:40+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -19,7 +19,7 @@ CVE-2018-8730
CVE-2018-8729 (Multiple cross-site scripting (XSS) vulnerabilities in the
Activity Log ...)
NOT-FOR-US: Activity Log plugin for WordPress
CVE-2018-8728 (server/app/views/static/code.html in Kontena before 1.5.0
allows XSS in ...)
- TODO: check
+ NOT-FOR-US: Kontena
CVE-2018-8727
RESERVED
CVE-2017-18238 (An issue was discovered in Exempi before 2.4.4. The ...)
@@ -59,7 +59,7 @@ CVE-2018-8722 (Zoho ManageEngine Desktop Central version
9.1.0 build 91099 has .
CVE-2018-8721 (Zoho ManageEngine EventLog Analyzer version 11.0 build 11000
has Stored ...)
NOT-FOR-US: Zoho
CVE-2018-8720 (ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last
Name ...)
- TODO: check
+ NOT-FOR-US: ServiceNow ITSM
CVE-2018-8719
RESERVED
CVE-2018-8718
@@ -8890,7 +8890,7 @@ CVE-2018-5478
CVE-2018-5477 (An Information Exposure issue was discovered in ABB netCADOPS
Web ...)
NOT-FOR-US: ABB netCADOPS Web Application
CVE-2018-5476 (A Stack-based Buffer Overflow issue was discovered in Delta
Electronics ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
CVE-2018-5475 (A Stack-based Buffer Overflow issue was discovered in GE D60
Line ...)
NOT-FOR-US: GE D60 Line Distance Relay devices
CVE-2018-5474
@@ -14178,7 +14178,7 @@ CVE-2017-17775 (Piwigo 2.9.2 has XSS via the name
parameter in an ...)
CVE-2017-17774 (admin/configuration.php in Piwigo 2.9.2 has CSRF. ...)
- piwigo <removed>
CVE-2017-17773 (In Snapdragon Automobile, Snapdragon Wearable and Snapdragon
Mobile ...)
- TODO: check
+ NOT-FOR-US: Snapdragon Automobile, Snapdragon Wearable and Snapdragon
Mobile
CVE-2017-17772
RESERVED
CVE-2017-17771
@@ -24669,19 +24669,19 @@ CVE-2017-16753 (An Improper Input Validation issue
was discovered in Advantech .
CVE-2017-16752
RESERVED
CVE-2017-16751 (A Stack-based Buffer Overflow issue was discovered in Delta
Electronics ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
CVE-2017-16750
RESERVED
CVE-2017-16749 (A Use-after-Free issue was discovered in Delta Electronics
Delta ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
CVE-2017-16748
RESERVED
CVE-2017-16747 (An Out-of-bounds Write issue was discovered in Delta
Electronics Delta ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
CVE-2017-16746
RESERVED
CVE-2017-16745 (A Type Confusion issue was discovered in Delta Electronics
Delta ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
CVE-2017-16744
RESERVED
CVE-2017-16743 (An Improper Authorization issue was discovered in PHOENIX
CONTACT FL ...)
@@ -104971,7 +104971,7 @@ CVE-2016-0225 (IBM WebSphere Commerce 6.x through
6.0.0.11 and 7.x through 7.0.0
CVE-2016-0224 (SQL injection vulnerability in IBM Marketing Platform 8.5.x,
8.6.x, ...)
NOT-FOR-US: IBM
CVE-2016-0223 (Cross-site scripting (XSS) vulnerability in the Webform
Framework API ...)
- TODO: check
+ NOT-FOR-US: IBM Forms Server
CVE-2016-0222 (IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows
remote ...)
NOT-FOR-US: IBM
CVE-2016-0221 (Cross-site scripting (XSS) vulnerability in IBM Cognos TM1, as
used in ...)
@@ -108760,7 +108760,7 @@ CVE-2015-7473 (runmqsc in IBM WebSphere MQ 8.x before
8.0.0.5 allows local users
CVE-2015-7472 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through
6.1.5.3 ...)
NOT-FOR-US: IBM
CVE-2015-7471 (Cross-site scripting (XSS) vulnerability in IBM Rational
Collaborative ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7470 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before
...)
NOT-FOR-US: IBM
CVE-2015-7469 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before
...)
@@ -108776,7 +108776,7 @@ CVE-2015-7465 (Cross-site request forgery (CSRF)
vulnerability in Lifecycle Quer
CVE-2015-7464 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before
...)
NOT-FOR-US: IBM
CVE-2015-7463 (IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and
8.5.6.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7462 (IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users
to ...)
NOT-FOR-US: IBM
CVE-2015-7461
@@ -108796,7 +108796,7 @@ CVE-2015-7455 (IBM WebSphere Portal 7.x through
7.0.0.2 CF29, 8.0.x before 8.0.0
CVE-2015-7454 (Business Space in IBM WebSphere Process Server 6.1.2.0 through
7.0.0.5 ...)
NOT-FOR-US: IBM
CVE-2015-7453 (Cross-site scripting (XSS) vulnerability in IBM Rational
Collaborative ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7452 (IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6
before ...)
NOT-FOR-US: IBM
CVE-2015-7451 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset
...)
@@ -108822,7 +108822,7 @@ CVE-2015-7442 (consoleinst.sh in IBM Installation
Manager before 1.7.4.4 and 1.8
CVE-2015-7441 (Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7
and ...)
NOT-FOR-US: IBM
CVE-2015-7440 (IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1
before ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2015-7439 (Cross-site scripting (XSS) vulnerability in InfoSphere Data
Architect ...)
NOT-FOR-US: IBM
CVE-2015-7438 (IBM Sterling B2B Integrator 5.2 allows local users to obtain
sensitive ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/05eb56122fcbbd50fa24517b4a453c9d29e2b874
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/05eb56122fcbbd50fa24517b4a453c9d29e2b874
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
