[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f447b405 by Salvatore Bonaccorso at 2018-12-10T20:38:28Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -839,25 +839,25 @@ CVE-2018-20020
 CVE-2018-20019
 	RESERVED
 CVE-2018-20018 (S-CMS V3.0 has SQL injection via the S_id parameter, as demonstrated by ...)
-	TODO: check
+	NOT-FOR-US: S-CMS
 CVE-2018-20017 (SEMCMS 3.5 has XSS via the first text box to the SEMCMS_Main.php URI. ...)
-	TODO: check
+	NOT-FOR-US: SEMCMS
 CVE-2018-20016
 	RESERVED
 CVE-2018-20015 (YzmCMS v5.2 has admin/role/add.html CSRF. ...)
-	TODO: check
+	NOT-FOR-US: YzmCMS
 CVE-2018-20014
 	RESERVED
 CVE-2018-20013
 	RESERVED
 CVE-2018-20012 (PHPCMF 4.1.3 has XSS via the first input field to the ...)
-	TODO: check
+	NOT-FOR-US: PHPCMF
 CVE-2018-20011 (DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2018-20010 (DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2018-20009 (DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2018-1000866 (A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 ...)
 	NOT-FOR-US: Jenkins
 CVE-2018-1000865 (A sandbox bypass vulnerability exists in Script Security Plugin 1.47 ...)
@@ -13165,9 +13165,9 @@ CVE-2018-16638
 CVE-2018-16637
 	RESERVED
 CVE-2018-16636 (Nucleus CMS 3.70 allows HTML Injection via the index.php body ...)
-	TODO: check
+	NOT-FOR-US: Nucleus CMS
 CVE-2018-16635 (Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page ...)
-	TODO: check
+	NOT-FOR-US: Blackcat CMS
 CVE-2018-16634 (Pluck v4.7.7 allows CSRF via admin.php?action=settings. ...)
 	NOT-FOR-US: Pluck CMS
 CVE-2018-16633 (Pluck v4.7.7 allows XSS via the admin.php?action=editpage&page= page ...)
@@ -15326,7 +15326,7 @@ CVE-2018-15807 (POSIM EVO 15.13 for Windows includes an "Emergency Override
 CVE-2018-15806
 	RESERVED
 CVE-2018-15805 (Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML ...)
-	TODO: check
+	NOT-FOR-US: Accusoft PrizmDoc HTML5 Document Viewer
 CVE-2018-15804 (An issue was discovered in the MapR File System in MapR Converged Data ...)
 	NOT-FOR-US: MapR File System
 CVE-2018-15803
@@ -53452,7 +53452,7 @@ CVE-2018-1959
 CVE-2018-1958
 	RESERVED
 CVE-2018-1957 (IBM WebSphere Application Server 9 could allow sensitive information ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1956
 	RESERVED
 CVE-2018-1955
@@ -54024,7 +54024,7 @@ CVE-2018-1673 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to ...)
 CVE-2018-1672 (IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the ...)
 	NOT-FOR-US: IBM
 CVE-2018-1671 (IBM Curam Social Program Management 7.0.3 is vulnerable to HTML ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1670 (IBM Financial Transaction Manager for ACH Services for Multi-Platform ...)
 	NOT-FOR-US: IBM
 CVE-2018-1669 (IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f447b4054db2377c40c08a0170ecf29b0ac9065a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f447b4054db2377c40c08a0170ecf29b0ac9065a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181210/2d7cb4af/attachment.html>