[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Aug 8 05:39:53 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ad1d3afc by Salvatore Bonaccorso at 2018-08-08T04:35:46Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -7,7 +7,7 @@ CVE-2018-15132 (An issue was discovered in ext/standard/link_win32.c in PHP befo
CVE-2018-15131
RESERVED
CVE-2018-15130 (ThinkSAAS through 2018-07-25 has XSS via the ...)
- TODO: check
+ NOT-FOR-US: ThinkSAAS
CVE-2013-7464
RESERVED
CVE-2018-15129 (ThinkSAAS through 2018-07-25 has XSS via the ...)
@@ -946,7 +946,7 @@ CVE-2018-14718
CVE-2018-14717
RESERVED
CVE-2018-14716 (A Server Side Template Injection (SSTI) was discovered in the SEOmatic ...)
- TODO: check
+ NOT-FOR-US: SEOmatic plugin for Craft CMS
CVE-2018-14715 (The endCoinFlip function and throwSlammer function of the smart ...)
NOT-FOR-US: smart contract implementations for Cryptogs
CVE-2018-14714
@@ -5310,7 +5310,7 @@ CVE-2018-12887
CVE-2018-12886
RESERVED
CVE-2018-12885 (The randMod() function of the smart contract implementation for ...)
- TODO: check
+ NOT-FOR-US: MyCryptoChamp
CVE-2018-12884 (In Octopus Deploy 3.0 onwards (before 2018.6.7), an authenticated user ...)
NOT-FOR-US: Octopus Deploy
CVE-2018-1000205 (U-Boot contains a CWE-20: Improper Input Validation vulnerability in ...)
@@ -9165,9 +9165,9 @@ CVE-2018-11458
CVE-2018-11457
RESERVED
CVE-2018-11456 (A vulnerability has been identified in Automation License Manager 5 ...)
- TODO: check
+ NOT-FOR-US: Automation License Manager
CVE-2018-11455 (A vulnerability has been identified in Automation License Manager 5 ...)
- TODO: check
+ NOT-FOR-US: Automation License Manager
CVE-2018-11454 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and ...)
TODO: check
CVE-2018-11453 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and ...)
@@ -20910,11 +20910,11 @@ CVE-2018-7094
CVE-2018-7093
RESERVED
CVE-2018-7092 (A potential security vulnerability has been identified in HPE ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7091 (HPE XP P9000 Command View Advanced Edition Software (CVAE) has open ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7090 (HPE XP P9000 Command View Advanced Edition Software (CVAE) has local ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7089
RESERVED
CVE-2018-7088
@@ -20938,27 +20938,27 @@ CVE-2018-7080
CVE-2018-7079
RESERVED
CVE-2018-7078 (A remote code execution was identified in HPE Integrated Lights-Out 4 ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7077
RESERVED
CVE-2018-7076
RESERVED
CVE-2018-7075 (A remote cross-site scripting (XSS) vulnerability was identified in ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7074 (A remote code execution vulnerability was identified in HPE ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7073 (A local arbitrary file modification vulnerability was identified in ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7072 (A remote bypass of security restrictions vulnerability was identified ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7071 (HPE has identified a remote access to sensitive information ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7070 (HPE has identified a remote disclosure of information vulnerability in ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7069 (HPE has identified a remote unauthenticated access to files ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7068 (HPE has identified a remote HOST header attack vulnerability in HPE ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2018-7067
RESERVED
CVE-2018-7066
@@ -36087,7 +36087,7 @@ CVE-2018-1692
CVE-2018-1691
RESERVED
CVE-2018-1690 (IBM Rhapsody Model Manager 6.0.6 is vulnerable to cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM Rhapsody Model Manager
CVE-2018-1689
RESERVED
CVE-2018-1688
@@ -66362,17 +66362,17 @@ CVE-2017-8994 (A input validation vulnerability in HPE Operations Orchestration
CVE-2017-8993 (A Remote Cross-Site Scripting vulnerability in HPE Project and ...)
NOT-FOR-US: HPE Project and Portfolio Management
CVE-2017-8992 (HPE has identified a remote privilege escalation vulnerability in HPE ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2017-8991 (HPE has identified a cross site scripting (XSS) vulnerability in HPE ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2017-8990 (A remote code execution vulnerability was identified in HPE ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2017-8989 (A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2017-8988 (A Remote Bypass of Security Restrictions vulnerability was identified ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2017-8987 (A Unauthenticated Remote Denial of Service vulnerability was ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2017-8986
RESERVED
CVE-2017-8985 (HPE XP Storage using Hitachi Global Link Manager (HGLM) has a local ...)
@@ -66410,7 +66410,7 @@ CVE-2017-8970 (A remote unauthenticated disclosure of information vulnerability
CVE-2017-8969 (An improper input validation vulnerability in HPE Insight Control ...)
NOT-FOR-US: HPE Insight Control
CVE-2017-8968 (A remote execution of arbitrary code vulnerability has been identified ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2017-8967 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard ...)
NOT-FOR-US: HPE Intelligent Management Center
CVE-2017-8966 (A Deserialization of Untrusted Data vulnerability in Hewlett Packard ...)
@@ -109438,13 +109438,13 @@ CVE-2016-4402 (A security vulnerability was identified in the Filter SDK compone
CVE-2016-4401
RESERVED
CVE-2016-4400 (A security vulnerability was identified in HP Network Node Manager i ...)
- TODO: check
+ NOT-FOR-US: HP Network Node Manager i
CVE-2016-4399 (A security vulnerability was identified in HP Network Node Manager i ...)
- TODO: check
+ NOT-FOR-US: HP Network Node Manager i
CVE-2016-4398 (A remote arbitrary code execution vulnerability was identified in HP ...)
- TODO: check
+ NOT-FOR-US: HP Network Node Manager i
CVE-2016-4397 (A local code execution security vulnerability was identified in HP ...)
- TODO: check
+ NOT-FOR-US: HP Network Node Manager i
CVE-2016-4396 (HPE System Management Homepage before v7.6 allows remote attackers to ...)
NOT-FOR-US: HPE System Management Homepage
CVE-2016-4395 (HPE System Management Homepage before v7.6 allows remote attackers to ...)
@@ -109454,9 +109454,9 @@ CVE-2016-4394 (HPE System Management Homepage before v7.6 allows remote attacker
CVE-2016-4393 (HPE System Management Homepage before v7.6 allows "remote ...)
NOT-FOR-US: HPE System Management Homepage
CVE-2016-4392 (A remote cross site scripting vulnerability has been identified in HP ...)
- TODO: check
+ NOT-FOR-US: HP Business Service Management
CVE-2016-4391 (A remote code execution security vulnerability has been identified in ...)
- TODO: check
+ NOT-FOR-US: HP ArcSight WINC Connector
CVE-2016-4390 (The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote ...)
NOT-FOR-US: HPE KeyView
CVE-2016-4389 (The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ad1d3afc84f8668168621db4b7c9fdd45671f4b7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ad1d3afc84f8668168621db4b7c9fdd45671f4b7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180808/55fe5124/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list