[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Thu Dec 13 20:16:28 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
07967eb6 by Salvatore Bonaccorso at 2018-12-13T20:15:42Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36723,9 +36723,9 @@ CVE-2018-7693
CVE-2018-7692 (Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 ...)
NOT-FOR-US: NetIQ eDirectory
CVE-2018-7691 (A potential Remote Unauthorized Access in Micro Focus Fortify Software ...)
- TODO: check
+ NOT-FOR-US: Micro Focus
CVE-2018-7690 (A potential Remote Unauthorized Access in Micro Focus Fortify Software ...)
- TODO: check
+ NOT-FOR-US: Micro Focus
CVE-2018-7689 (Lack of permission checks in the InitializeDevelPackage function in ...)
- open-build-service <unfixed> (low; bug #903797)
[stretch] - open-build-service <no-dsa> (Minor issue)
@@ -53837,7 +53837,7 @@ CVE-2018-1928 (IBM StoredIQ 7.6.0 does not implement proper authorization of use
CVE-2018-1927 (IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which ...)
NOT-FOR-US: IBM
CVE-2018-1926 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1925
RESERVED
CVE-2018-1924
@@ -53887,7 +53887,7 @@ CVE-2018-1903
CVE-2018-1902
RESERVED
CVE-2018-1901 (IBM WebSphere Application Server 8.5 and 9.0 could allow a remote ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1900 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and ...)
NOT-FOR-US: IBM
CVE-2018-1899
@@ -53915,9 +53915,9 @@ CVE-2018-1889
CVE-2018-1888
RESERVED
CVE-2018-1887 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1886 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1885
RESERVED
CVE-2018-1884 (IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and ...)
@@ -54047,23 +54047,23 @@ CVE-2018-1823
CVE-2018-1822 (IBM FlashSystem 900 product GUI allows a specially crafted attack to ...)
NOT-FOR-US: IBM
CVE-2018-1821 (IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1820 (IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site ...)
NOT-FOR-US: IBM
CVE-2018-1819 (IBM Financial Transaction Manager for Digital Payments for ...)
NOT-FOR-US: IBM
CVE-2018-1818 (IBM Security Guardium 10 and 10.5 contains hard-coded credentials, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1817 (IBM Security Guardium 10 and 10.5 is vulnerable to cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1816
RESERVED
CVE-2018-1815 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1814 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1813 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1812 (IBM Robotic Process Automation with Automation Anywhere Enterprise 10 ...)
NOT-FOR-US: IBM
CVE-2018-1811
@@ -54079,11 +54079,11 @@ CVE-2018-1807
CVE-2018-1806
RESERVED
CVE-2018-1805 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1804 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1803 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1802 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
NOT-FOR-US: IBM
CVE-2018-1801
@@ -54209,7 +54209,7 @@ CVE-2018-1742 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-
CVE-2018-1741 (IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 does not properly ...)
NOT-FOR-US: IBM
CVE-2018-1740 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1739
RESERVED
CVE-2018-1738 (IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0 could allow an ...)
@@ -54355,11 +54355,11 @@ CVE-2018-1669 (IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5
CVE-2018-1668
RESERVED
CVE-2018-1667 (IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1666
RESERVED
CVE-2018-1665 (IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1664 (IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 ...)
NOT-FOR-US: IBM
CVE-2018-1663 (IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, 7.6, and 2018.4 could allow ...)
@@ -54383,7 +54383,7 @@ CVE-2018-1655 (IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rm
CVE-2018-1654 (IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and ...)
NOT-FOR-US: IBM
CVE-2018-1653 (IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1652 (IBM DataPower Gateway 7.1.0.0 through 7.1.0.19, 7.2.0.0 through ...)
NOT-FOR-US: IBM
CVE-2018-1651
@@ -54719,29 +54719,29 @@ CVE-2018-1487 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server)
CVE-2018-1486
RESERVED
CVE-2018-1485 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1484 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1483 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site ...)
NOT-FOR-US: IBM WebSphere Portal
CVE-2018-1482
RESERVED
CVE-2018-1481 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 stores ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1480 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1479 (IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request ...)
NOT-FOR-US: IBM
CVE-2018-1478 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1477
RESERVED
CVE-2018-1476 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1475 (IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout ...)
NOT-FOR-US: IBM
CVE-2018-1474 (IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1473 (IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. ...)
NOT-FOR-US: IBM
CVE-2018-1472
@@ -107434,7 +107434,7 @@ CVE-2017-1270 (IBM Security Guardium 10.0 does not renew a session variable afte
CVE-2017-1269 (IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A ...)
NOT-FOR-US: IBM
CVE-2017-1268 (IBM Security Guardium 10 and 10.5 uses a one-way cryptographic hash ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1267 (IBM Security Guardium 10.0 and 10.1 processes patches, image backups ...)
NOT-FOR-US: IBM
CVE-2017-1266 (IBM Security Guardium 10.0 specifies permissions for a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/07967eb69a22e71523a1e7f781d46940de758475
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/07967eb69a22e71523a1e7f781d46940de758475
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181213/4aaf9101/attachment.html>
More information about the debian-security-tracker-commits
mailing list