Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 396ab576 by Salvatore Bonaccorso at 2018-03-29T23:37:35+02:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -201,7 +201,7 @@ CVE-2018-9033 CVE-2018-9032 (An authentication bypass vulnerability on D-Link DIR-850L Wireless ...) NOT-FOR-US: D-Link CVE-2018-9031 (The login interface on TNLSoftSolutions Sentry Vision 3.x devices ...) - TODO: check + NOT-FOR-US: TNLSoftSolutions Sentry Vision 3.x devices CVE-2018-9030 RESERVED CVE-2018-9029 @@ -595,7 +595,7 @@ CVE-2018-8887 CVE-2018-8886 RESERVED CVE-2018-8885 (screenresolution-mechanism in screen-resolution-extra 0.17.2 does not ...) - TODO: check + NOT-FOR-US: screen-resolution-extra CVE-2018-1000136 (Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to ...) - electron <itp> (bug #842420) CVE-2017-18241 (fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to ...) @@ -3425,11 +3425,11 @@ CVE-2018-7678 (A cross site scripting vulnerability exist in the Administration CVE-2018-7677 (A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity ...) NOT-FOR-US: NetIQ Access Manager CVE-2018-7676 (The NetIQ Identity Manager, in versions prior to 4.7, userapp with log ...) - TODO: check + NOT-FOR-US: NetIQ Identity Manager CVE-2018-7675 (In NetIQ Sentinel before 8.1.x, a Sentinel user is logged into the ...) NOT-FOR-US: NetIQ Sentinel CVE-2018-7674 (The NetIQ Identity Manager user console, in versions prior to 4.7, is ...) - TODO: check + NOT-FOR-US: NetIQ Identity Manager CVE-2018-7673 (The NetIQ Identity Manager communication channel, in versions prior to ...) NOT-FOR-US: NetIQ Identity Manager CVE-2017-18218 (In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel ...) @@ -6716,7 +6716,7 @@ CVE-2018-6610 (Information Leakage exists in the jLike 1.0 component for Joomla! CVE-2018-6609 (SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via ...) NOT-FOR-US: JSP Tickets component for Joomla! CVE-2018-6608 (In the WebRTC component in Opera 51.0.2830.55, after visiting a web ...) - TODO: check + NOT-FOR-US: WebRTC component in Opera CVE-2018-6607 RESERVED CVE-2018-6606 (An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper ...) @@ -6768,11 +6768,11 @@ CVE-2018-6590 CVE-2018-6589 RESERVED CVE-2018-6588 (CA API Developer Portal 3.5 up to and including 3.5 CR5 has a ...) - TODO: check + NOT-FOR-US: CA API Developer Portal CVE-2018-6587 (CA API Developer Portal 3.5 up to and including 3.5 CR6 has a ...) - TODO: check + NOT-FOR-US: CA API Developer Portal CVE-2018-6586 (CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored ...) - TODO: check + NOT-FOR-US: CA API Developer Portal CVE-2018-1000040 RESERVED CVE-2018-1000039 @@ -58864,7 +58864,7 @@ CVE-2017-5949 (JavaScriptCore in WebKit, as distributed in Safari Technology Pre CVE-2017-5948 (An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. ...) NOT-FOR-US: OnePlus One CVE-2017-5947 (An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices ...) - TODO: check + NOT-FOR-US: OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS CVE-2017-5946 (The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a ...) {DSA-3801-1 DLA-846-1} - ruby-zip 1.2.0-1.1 (bug #856269) @@ -116749,9 +116749,9 @@ CVE-2015-4955 (Cross-site scripting (XSS) vulnerability in IBM Business Process CVE-2015-4954 (IBM BigFix Remote Control before Interim Fix pack ...) NOT-FOR-US: IBM CVE-2015-4953 (IBM BigFix Remote Control before Interim Fix pack ...) - TODO: check + NOT-FOR-US: IBM CVE-2015-4952 (The on-demand plugin in IBM Endpoint Manager for Remote Control 9.0.1 ...) - TODO: check + NOT-FOR-US: IBM CVE-2015-4951 (Client Acceptor Daemon (CAD) in the client in IBM Spectrum Protect ...) NOT-FOR-US: IBM Spectrum Protect CVE-2015-4950 (The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: ...) @@ -125535,7 +125535,7 @@ CVE-2015-2011 (The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Pa CVE-2015-2010 REJECTED CVE-2015-2009 (Cross-site request forgery (CSRF) vulnerability in the xmlrpc.cgi ...) - TODO: check + NOT-FOR-US: IBM CVE-2015-2008 (IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x ...) NOT-FOR-US: IBM Security QRadar SIEM CVE-2015-2007 (Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x ...) @@ -139641,7 +139641,7 @@ CVE-2014-6606 CVE-2014-6605 RESERVED CVE-2014-6604 (Cross-site scripting (XSS) vulnerability in class-s2-list-table.php in ...) - TODO: check + NOT-FOR-US: Subscribe2 plugin for WordPress CVE-2014-6603 (The SSHParseBanner function in SSH parser (app-layer-ssh.c) in ...) [squeeze] - suricata <not-affected> (Vulnerable code not yet present) [wheezy] - suricata <not-affected> (Vulnerable code not yet present) @@ -143154,7 +143154,7 @@ CVE-2014-5177 (libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained acces [squeeze] - libvirt <not-affected> (Not exploitable in that version) NOTE: http://security.libvirt.org/2014/0003.html CVE-2014-5170 (The Storage API module 7.x before 7.x-1.6 for Drupal might allow ...) - TODO: check + NOT-FOR-US: Storage API module for Drupal CVE-2014-5169 (Cross-site scripting (XSS) vulnerability in the Date module before ...) NOT-FOR-US: Drupal module Date CVE-2014-5168 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/396ab5762d557945a4f2a8bc211a0203f909ebdf --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/396ab5762d557945a4f2a8bc211a0203f909ebdf You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits