[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Apr 25 21:22:05 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
55ca3d2f by Salvatore Bonaccorso at 2018-04-25T22:21:57+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -7,9 +7,9 @@ CVE-2018-10377
 CVE-2018-10376 (An integer overflow in the transferProxy function of a smart contract ...)
 	TODO: check
 CVE-2018-10375 (A file uploading vulnerability exists in ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2018-10374 (EasyCMS 1.3 has XSS via the s POST parameter (aka a search box value) ...)
-	TODO: check
+	NOT-FOR-US: EasyCMS
 CVE-2018-10373 (concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library ...)
 	TODO: check
 CVE-2018-10372 (process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote ...)
@@ -29,11 +29,11 @@ CVE-2018-10370
 CVE-2018-10369
 	RESERVED
 CVE-2018-10368 (An issue was discovered in WUZHI CMS 4.1.0. The "Extension Module -> ...)
-	TODO: check
+	NOT-FOR-US: WUZHI CMS
 CVE-2018-10367 (An issue was discovered in WUZHI CMS 4.1.0. The content-management ...)
-	TODO: check
+	NOT-FOR-US: WUZHI CMS
 CVE-2018-10366 (An issue was discovered in the Users (aka Front-end user management) ...)
-	TODO: check
+	NOT-FOR-US: Users (aka Front-end user management) plugin for October CMS
 CVE-2018-10365
 	RESERVED
 CVE-2018-10364
@@ -152,7 +152,7 @@ CVE-2018-10312 (index.php?m=member&v=pw_reset in WUZHI CMS 4.1.0 allows CSRF
 CVE-2018-10311 (A vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent ...)
 	NOT-FOR-US: WUZHI CMS
 CVE-2018-10310 (A persistent cross-site scripting vulnerability has been identified in ...)
-	TODO: check
+	NOT-FOR-US: web interface of the Catapult UK Cookie Consent plugin for WordPress
 CVE-2018-10309 (The Responsive Cookie Consent plugin before 1.8 for WordPress ...)
 	NOT-FOR-US: Responsive Cookie Consent plugin for WordPress
 CVE-2018-10308
@@ -364,21 +364,21 @@ CVE-2018-10215
 CVE-2018-10214
 	RESERVED
 CVE-2018-10213 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
-	TODO: check
+	NOT-FOR-US: Vaultize Enterprise File Sharing
 CVE-2018-10212 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
-	TODO: check
+	NOT-FOR-US: Vaultize Enterprise File Sharing
 CVE-2018-10211 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
-	TODO: check
+	NOT-FOR-US: Vaultize Enterprise File Sharing
 CVE-2018-10210 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
-	TODO: check
+	NOT-FOR-US: Vaultize Enterprise File Sharing
 CVE-2018-10209 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
-	TODO: check
+	NOT-FOR-US: Vaultize Enterprise File Sharing
 CVE-2018-10208 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
-	TODO: check
+	NOT-FOR-US: Vaultize Enterprise File Sharing
 CVE-2018-10207 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
-	TODO: check
+	NOT-FOR-US: Vaultize Enterprise File Sharing
 CVE-2018-10206 (An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. ...)
-	TODO: check
+	NOT-FOR-US: Vaultize Enterprise File Sharing
 CVE-2018-10205 (hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the ...)
 	NOT-FOR-US: HyperHQ Hyper
 CVE-2018-10204 (PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation ...)
@@ -23572,7 +23572,7 @@ CVE-2018-1365
 CVE-2018-1364 (IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External ...)
 	NOT-FOR-US: IBM Content Navigator
 CVE-2018-1363 (IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through ...)
-	TODO: check
+	NOT-FOR-US: IBM Jazz Reporting Service
 CVE-2018-1362 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 ...)
 	NOT-FOR-US: IBM Curam Social Program Management
 CVE-2018-1361 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site ...)
@@ -41665,15 +41665,15 @@ CVE-2017-12718 (A Classic Buffer Overflow issue was discovered in Smiths Medical
 CVE-2017-12717 (An Uncontrolled Search Path Element issue was discovered in Advantech ...)
 	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12716 (Abbott Laboratories Accent and Anthem pacemakers manufactured prior to ...)
-	TODO: check
+	NOT-FOR-US: Abbott Laboratories Accent and Anthem pacemakers
 CVE-2017-12715
 	RESERVED
 CVE-2017-12714 (Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do ...)
-	TODO: check
+	NOT-FOR-US: Abbott Laboratories pacemakers
 CVE-2017-12713 (An Incorrect Permission Assignment for Critical Resource issue was ...)
 	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12712 (The authentication algorithm in Abbott Laboratories pacemakers ...)
-	TODO: check
+	NOT-FOR-US: Abbott Laboratories pacemakers
 CVE-2017-12711 (An Incorrect Privilege Assignment issue was discovered in Advantech ...)
 	NOT-FOR-US: Advantech WebAccess
 CVE-2017-12710 (A SQL Injection issue was discovered in Advantech WebAccess versions ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/55ca3d2f5a88ab13566469489d563e600e50fada

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/55ca3d2f5a88ab13566469489d563e600e50fada
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180425/02c90599/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list