[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Aug 30 21:27:48 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5d4a1c03 by Salvatore Bonaccorso at 2018-08-30T20:27:19Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -141,7 +141,7 @@ CVE-2018-16161
 CVE-2018-16160
 	RESERVED
 CVE-2018-16159 (The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL ...)
-	TODO: check
+	NOT-FOR-US: Gift Vouchers plugin for WordPress
 CVE-2018-XXXX [gitlab: Missing Authorization Control API Repository Storage]
 	- gitlab <not-affected> (Only affects Enterprise edition)
 	NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
@@ -165,7 +165,7 @@ CVE-2018-XXXX [gitlab: Persistent XSS in Pipeline Tooltip]
 CVE-2018-16158 (Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 ...)
 	NOT-FOR-US: Eaton Power Xpert Meter
 CVE-2018-16157 (waimai Super Cms 20150505 has a logic flaw allowing attackers to modify ...)
-	TODO: check
+	NOT-FOR-US: waimai Super Cms
 CVE-2018-16156
 	RESERVED
 CVE-2018-16155
@@ -1099,7 +1099,7 @@ CVE-2018-15746 (qemu-seccomp.c in QEMU might allow local OS guest users to cause
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-08/msg02289.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-08/msg04892.html
 CVE-2018-15745 (Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory ...)
-	TODO: check
+	NOT-FOR-US: Argus Surveillance DVR
 CVE-2018-15744
 	RESERVED
 CVE-2018-15743
@@ -1220,7 +1220,7 @@ CVE-2018-15693
 CVE-2018-15692
 	RESERVED
 CVE-2018-15691 (Insecure deserialization of a specially crafted serialized object, in ...)
-	TODO: check
+	NOT-FOR-US: CA Release Automation
 CVE-2018-15690
 	RESERVED
 CVE-2018-15689
@@ -1777,15 +1777,15 @@ CVE-2018-15482 (Certain LG devices based on Android 6.0 through 8.1 have incorre
 CVE-2018-15481 (Improper input sanitization within the restricted administration shell ...)
 	NOT-FOR-US: UCOPIA
 CVE-2018-15480 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi ...)
-	TODO: check
+	NOT-FOR-US: myStrom
 CVE-2018-15479 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi ...)
-	TODO: check
+	NOT-FOR-US: myStrom
 CVE-2018-15478 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi ...)
-	TODO: check
+	NOT-FOR-US: myStrom
 CVE-2018-15477 (myStrom WiFi Switch V1 devices before 2.66 did not sanitize a ...)
-	TODO: check
+	NOT-FOR-US: myStrom
 CVE-2018-15476 (An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi ...)
-	TODO: check
+	NOT-FOR-US: myStrom
 CVE-2018-15475
 	RESERVED
 CVE-2018-15474
@@ -1999,9 +1999,9 @@ CVE-2018-15366
 CVE-2018-15365
 	RESERVED
 CVE-2018-15364 (A Named Pipe Request Processing Out-of-Bounds Read Information ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2018-15363 (An Out-of-Bounds Read Privilege Escalation vulnerability in Trend ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2018-15362
 	RESERVED
 CVE-2018-15361
@@ -2979,15 +2979,15 @@ CVE-2018-14905 (The Web server in 3CX version 15.5.8801.3 is vulnerable to Refle
 CVE-2018-14904 (Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple ...)
 	NOT-FOR-US: Samsung Syncthru Web Service
 CVE-2018-14903 (EPSON WF-2750 printers with firmware JP02I2 do not properly validate ...)
-	TODO: check
+	NOT-FOR-US: EPSON WF-2750 printers
 CVE-2018-14902 (The ContentProvider in the EPSON iPrint application 6.6.3 for Android ...)
-	TODO: check
+	NOT-FOR-US: EPSON iPrint application for Android
 CVE-2018-14901 (The EPSON iPrint application 6.6.3 for Android contains hard-coded API ...)
-	TODO: check
+	NOT-FOR-US: EPSON iPrint application for Android
 CVE-2018-14900 (On EPSON WF-2750 printers with firmware JP02I2, there is no filtering ...)
-	TODO: check
+	NOT-FOR-US: EPSON WF-2750 printers
 CVE-2018-14899 (On the EPSON WF-2750 printer with firmware JP02I2, the Web interface ...)
-	TODO: check
+	NOT-FOR-US: EPSON WF-2750 printer
 CVE-2018-14898
 	RESERVED
 CVE-2018-14897
@@ -4682,7 +4682,7 @@ CVE-2018-14319
 CVE-2018-14318
 	RESERVED
 CVE-2018-14317 (This vulnerability allows remote attackers to execute arbitrary code ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-14316 (This vulnerability allows remote attackers to disclose sensitive ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2018-14315 (This vulnerability allows remote attackers to execute arbitrary code ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5d4a1c036ad123edbe76b42d1477a7f47b639af0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5d4a1c036ad123edbe76b42d1477a7f47b639af0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180830/6cf64308/attachment.html>

More information about the debian-security-tracker-commits mailing list