[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Fri Dec 7 10:41:34 GMT 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ea69d420 by Moritz Muehlenhoff at 2018-12-07T10:41:03Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -833,7 +833,7 @@ CVE-2018-19921 (Zoho ManageEngine OpManager 12.3 before 123237 has XSS in the do
CVE-2018-19920
RESERVED
CVE-2018-19919 (Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php ...)
- TODO: check
+ NOT-FOR-US: Pixelimity
CVE-2018-19918
RESERVED
CVE-2019-1584
@@ -994,7 +994,7 @@ CVE-2018-19876 (cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c,
CVE-2018-1002104
RESERVED
CVE-2018-1002103 (In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes ...)
- TODO: check
+ NOT-FOR-US: minikube
CVE-2018-1002102
RESERVED
CVE-2018-19875
@@ -1517,7 +1517,7 @@ CVE-2018-19661 (An issue was discovered in libsndfile 1.0.28. There is a buffer
NOTE: https://github.com/erikd/libsndfile/issues/429
NOTE: Probably a dupe of CVE-2017-17456/CVE-2017-17457
CVE-2018-19660 (An exploitable authenticated command-injection vulnerability exists in ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2018-19659 (An exploitable authenticated command-injection vulnerability exists in ...)
NOT-FOR-US: Moxa
CVE-2018-19658
@@ -12165,17 +12165,17 @@ CVE-2018-16605 (D-Link DIR-600M devices allow XSS via the Hostname and Username
CVE-2018-16604 (An issue was discovered in Nibbleblog v4.0.5. With an admin's username ...)
NOT-FOR-US: Nibbleblog
CVE-2018-16603 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16602 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16601 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16600 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16599 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16598 (An issue was discovered in Amazon Web Services (AWS) FreeRTOS through ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16597 (An issue was discovered in the Linux kernel through 4.18.6. Incorrect ...)
- linux 4.8.5-1
[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -12367,19 +12367,19 @@ CVE-2018-16530
CVE-2018-16529
RESERVED
CVE-2018-16528 (Amazon Web Services (AWS) FreeRTOS through 1.3.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16527 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16526 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16525 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16524 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16523 (Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16522 (Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS
CVE-2018-16521 (An XML External Entity (XXE) vulnerability exists in HTML Form Entry ...)
NOT-FOR-US: OpenMRS
CVE-2018-16520
@@ -14270,7 +14270,7 @@ CVE-2018-15799
CVE-2018-15798
RESERVED
CVE-2018-15797 (Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to ...)
- TODO: check
+ NOT-FOR-US: Cloud Foundry
CVE-2018-15796 (Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an ...)
NOT-FOR-US: Cloud Foundry
CVE-2018-15795 (Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a ...)
@@ -23590,7 +23590,7 @@ CVE-2018-12157
CVE-2018-12156
RESERVED
CVE-2018-12155 (Data leakage in cryptographic libraries for Intel IPP before 2019 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2018-12154 (Denial of Service in Unified Shader Compiler in Intel Graphics Drivers ...)
NOT-FOR-US: Intel
CVE-2018-12153 (Denial of Service in Unified Shader Compiler in Intel Graphics Drivers ...)
@@ -25796,9 +25796,9 @@ CVE-2018-11350 (An issue was discovered in Jirafeau before 3.4.1. The file "
CVE-2018-11349 (The administration panel of Jirafeau before 3.4.1 is vulnerable to ...)
NOT-FOR-US: Jirafeau
CVE-2018-11348 (Two XSS vulnerabilities are located in the profile edition page of the ...)
- TODO: check
+ NOT-FOR-US: Yunihost
CVE-2018-11347 (The YunoHost 2.7.2 through 2.7.14 web application is affected by one ...)
- TODO: check
+ NOT-FOR-US: Yunihost
CVE-2018-11346 (An insecure direct object reference vulnerability in download.cgi in ...)
NOT-FOR-US: ASUSTOR
CVE-2018-11345 (An unrestricted file upload vulnerability in upload.cgi in ASUSTOR ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ea69d4205ad9a3c419eef6cf666853c055160aa1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ea69d4205ad9a3c419eef6cf666853c055160aa1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181207/72ea23f0/attachment.html>
More information about the debian-security-tracker-commits
mailing list