[Git][security-tracker-team/security-tracker][master] NFU

[Henri Salo]

Henri Salo pushed to branch master at Debian Security Tracker / security-tracker


Commits:
20e1fc21 by Henri Salo at 2018-12-19T22:24:14Z
NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3502,8 +3502,10 @@ CVE-2018-20027 (The yaml_parse.load method in Pylearn2 allows code injection. ..
 	TODO: check
 CVE-2018-20026
 	RESERVED
+	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS V3 Products
 CVE-2018-20025
 	RESERVED
+	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS V3 Products
 CVE-2018-20024 (LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains ...)
 	- libvncserver <unfixed>
 	NOTE: https://github.com/LibVNC/libvncserver/issues/254
@@ -9952,15 +9954,17 @@ CVE-2018-19001 (Philips HealthSuite Health Android App, all versions. The softwa
 CVE-2018-19000
 	RESERVED
 CVE-2018-18999 (WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess/SCADA
 CVE-2018-18998
 	RESERVED
 CVE-2018-18997
 	RESERVED
+	NOT-FOR-US: ABB GATE-E2
 CVE-2018-18996
 	RESERVED
 CVE-2018-18995
 	RESERVED
+	NOT-FOR-US: ABB GATE-E2
 CVE-2018-18994
 	RESERVED
 CVE-2018-18993 (Two stack-based buffer overflow vulnerabilities have been discovered ...)
@@ -12786,10 +12790,12 @@ CVE-2018-17929 (In Delta Industrial Automation TPEditor, TPEditor Versions 1.90
 	NOT-FOR-US: TPEditor
 CVE-2018-17928
 	RESERVED
+	NOT-FOR-US: ABB CMS-770
 CVE-2018-17927 (In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and ...)
 	NOT-FOR-US: TPEditor
 CVE-2018-17926
 	RESERVED
+	NOT-FOR-US: ABB M2M ETHERNET
 CVE-2018-17925 (Multiple instances of this vulnerability (Unsafe ActiveX Control ...)
 	NOT-FOR-US: Gigasoft
 CVE-2018-17924 (Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix ...)
@@ -23191,7 +23197,7 @@ CVE-2018-13818 (** DISPUTED ** Twig before 2.4.4 allows Server-Side Template Inj
 CVE-2018-13817
 	RESERVED
 CVE-2018-13816 (A vulnerability has been identified in TIM 1531 IRC (All version < ...)
-	TODO: check
+	NOT-FOR-US: Siemens TIM 1531 IRC Modules
 CVE-2018-13815 (A vulnerability has been identified in SIMATIC S7-1200 (All versions), ...)
 	TODO: check
 CVE-2018-13814 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...)
@@ -31814,6 +31820,7 @@ CVE-2018-10613 (Multiple variants of XML External Entity (XXE) attacks may be us
 	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
 CVE-2018-10612
 	RESERVED
+	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Control V3 Products
 CVE-2018-10611 (Java remote method invocation (RMI) input port in GE MDS PulseNET and ...)
 	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
 CVE-2018-10610 (An out-of-bounds vulnerability in LeviStudioU, Versions 1.8.29 and ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/20e1fc210f55f98be2395005bf6ab7f2be0a5aeb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/20e1fc210f55f98be2395005bf6ab7f2be0a5aeb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181219/4d59b756/attachment-0001.html>