[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Dec 7 08:24:10 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
78806a41 by Salvatore Bonaccorso at 2018-12-07T08:23:54Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -817,19 +817,19 @@ CVE-2018-19929
 CVE-2018-19928
 	RESERVED
 CVE-2018-19927 (Zenitel Norway IP-StationWeb before 4.2.3.9 allows stored XSS via the ...)
-	TODO: check
+	NOT-FOR-US: Zenitel Norway IP-StationWeb
 CVE-2018-19926 (Zenitel Norway IP-StationWeb before 4.2.3.9 allows reflected XSS via ...)
-	TODO: check
+	NOT-FOR-US: Zenitel Norway IP-StationWeb
 CVE-2018-19925 (An issue was discovered in Sales & Company Management System (SCMS) ...)
-	TODO: check
+	NOT-FOR-US: Sales & Company Management System (SCMS)
 CVE-2018-19924 (An issue was discovered in Sales & Company Management System (SCMS) ...)
-	TODO: check
+	NOT-FOR-US: Sales & Company Management System (SCMS)
 CVE-2018-19923 (An issue was discovered in Sales & Company Management System (SCMS) ...)
-	TODO: check
+	NOT-FOR-US: Sales & Company Management System (SCMS)
 CVE-2018-19922 (Persistent Cross-Site Scripting (XSS) in the ...)
-	TODO: check
+	NOT-FOR-US: Actiontec C1000A router
 CVE-2018-19921 (Zoho ManageEngine OpManager 12.3 before 123237 has XSS in the domain ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2018-19920
 	RESERVED
 CVE-2018-19919 (Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php ...)
@@ -1499,7 +1499,7 @@ CVE-2018-19661 (An issue was discovered in libsndfile 1.0.28. There is a buffer
 CVE-2018-19660 (An exploitable authenticated command-injection vulnerability exists in ...)
 	TODO: check
 CVE-2018-19659 (An exploitable authenticated command-injection vulnerability exists in ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2018-19658
 	RESERVED
 CVE-2018-19657
@@ -38337,11 +38337,11 @@ CVE-2018-6759 (The bfd_get_debug_link_info_1 function in opncls.c in the Binary
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22794
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=64e234d417d5685a4aec0edc618114d9991c031b
 CVE-2018-6757 (Privilege Escalation vulnerability in Microsoft Windows client in ...)
-	TODO: check
+	NOT-FOR-US: McAfee True Key
 CVE-2018-6756 (Authentication Abuse vulnerability in Microsoft Windows client in ...)
-	TODO: check
+	NOT-FOR-US: McAfee True Key
 CVE-2018-6755 (Weak Directory Permission Vulnerability in Microsoft Windows ...)
-	TODO: check
+	NOT-FOR-US: McAfee True Key
 CVE-2018-6754
 	RESERVED
 CVE-2018-6753
@@ -52410,7 +52410,7 @@ CVE-2018-1937
 CVE-2018-1936
 	RESERVED
 CVE-2018-1935 (IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated user to ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1934
 	RESERVED
 CVE-2018-1933
@@ -52538,7 +52538,7 @@ CVE-2018-1873
 CVE-2018-1872 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
 	NOT-FOR-US: IBM
 CVE-2018-1871 (IBM Financial Transaction Manager for Digital Payments for ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1870
 	RESERVED
 CVE-2018-1869
@@ -53230,7 +53230,7 @@ CVE-2018-1527
 CVE-2018-1526
 	RESERVED
 CVE-2018-1525 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1524 (IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default ...)
 	NOT-FOR-US: IBM
 CVE-2018-1523 (IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 ...)
@@ -53270,9 +53270,9 @@ CVE-2018-1507 (IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-
 CVE-2018-1506
 	RESERVED
 CVE-2018-1505 (IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1504 (IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1503 (IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely ...)
 	NOT-FOR-US: IBM
 CVE-2018-1502 (IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/78806a41f0b12136cb2ebb92ceff13027ee82312

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/78806a41f0b12136cb2ebb92ceff13027ee82312
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181207/be94b76d/attachment.html>

More information about the debian-security-tracker-commits mailing list