[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Aug 28 22:30:19 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
18bc98f2 by Salvatore Bonaccorso at 2018-08-28T21:30:01Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6315,7 +6315,7 @@ CVE-2018-13397
 CVE-2018-13396
 	RESERVED
 CVE-2018-13395 (Various resources in Atlassian Jira before version 7.6.8, from version ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Jira
 CVE-2018-13394 (The acceptAnswer resource in Atlassian Confluence Questions before ...)
 	NOT-FOR-US: Atlassian Confluence Questions
 CVE-2018-13393 (The convertCommentToAnswer resource in Atlassian Confluence Questions ...)
@@ -6323,7 +6323,7 @@ CVE-2018-13393 (The convertCommentToAnswer resource in Atlassian Confluence Ques
 CVE-2018-13392 (Several resources in Atlassian Fisheye and Crucible before version ...)
 	NOT-FOR-US: Atlassian
 CVE-2018-13391 (The ProfileLinkUserFormat component of Jira Server before version ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Jira Server
 CVE-2018-13390 (Unauthenticated access to cloudtoken daemon on Linux via network from ...)
 	NOT-FOR-US: Atlassian
 CVE-2018-13389 (The attachment resource in Atlassian Confluence before version 6.6.1 ...)
@@ -32224,7 +32224,7 @@ CVE-2018-3910
 CVE-2018-3909 (An exploitable vulnerability exists in the REST parser of video-core's ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
 CVE-2018-3908 (An exploitable vulnerability exists in the REST parser of video-core's ...)
-	TODO: check
+	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250-Firmware
 CVE-2018-3907 (An exploitable vulnerability exists in the REST parser of video-core's ...)
 	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 devices
 CVE-2018-3906
@@ -32250,7 +32250,7 @@ CVE-2018-3897
 CVE-2018-3896
 	RESERVED
 CVE-2018-3895 (An exploitable buffer overflow vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: Samsung SmartThings Hub STH-ETH-250 Firmware
 CVE-2018-3894
 	RESERVED
 CVE-2018-3893 (An exploitable buffer overflow vulnerability exists in the ...)
@@ -42492,7 +42492,7 @@ CVE-2018-0717
 CVE-2018-0716
 	RESERVED
 CVE-2018-0715 (Cross-site scripting vulnerability in QNAP Photo Station versions ...)
-	TODO: check
+	NOT-FOR-US: QNAP Photo Station
 CVE-2018-0714 (Command injection vulnerability in Helpdesk versions 1.1.21 and ...)
 	NOT-FOR-US: Helpdesk
 CVE-2018-0713
@@ -160354,17 +160354,17 @@ CVE-2014-6051 (Integer overflow in the MallocFrameBuffer function in vncviewer.c
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	NOTE: https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273
 CVE-2014-6050 (phpMyFAQ before 2.8.13 allows remote attackers to bypass the CAPTCHA ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2014-6049 (phpMyFAQ before 2.8.13 allows remote authenticated users with admin ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2014-6048 (phpMyFAQ before 2.8.13 allows remote attackers to read arbitrary ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2014-6047 (phpMyFAQ before 2.8.13 allows remote authenticated users with certain ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2014-6046 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyFAQ ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2014-6045 (SQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2014-6044
 	RESERVED
 CVE-2014-6043 (ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18bc98f20bf079a67df55e72a03a968a995704d1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18bc98f20bf079a67df55e72a03a968a995704d1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180828/622a613b/attachment.html>

More information about the debian-security-tracker-commits mailing list