[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Fri Dec 21 16:11:47 GMT 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0dbf1bc0 by Moritz Muehlenhoff at 2018-12-21T16:11:20Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -232,9 +232,9 @@ CVE-2018-20304 (wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01
CVE-2018-20303 (In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal ...)
NOT-FOR-US: Go Git Service
CVE-2018-20302 (An XSS issue was discovered in Steve Pallen Xain before 0.6.2 via the ...)
- TODO: check
+ NOT-FOR-US: Steve Pallen Xain
CVE-2018-20301 (An issue was discovered in Steve Pallen Coherence before 0.5.2 that is ...)
- TODO: check
+ NOT-FOR-US: Steve Pallen Coherence
CVE-2018-20300 (Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code ...)
NOT-FOR-US: Empire CMS
CVE-2018-20299 (An issue was discovered in several Bosch Smart Home cameras (360 degree ...)
@@ -7762,11 +7762,11 @@ CVE-2018-19600
CVE-2018-19599
RESERVED
CVE-2018-19598 (Statamic 2.10.3 allows XSS via First Name or Last Name to the /users ...)
- TODO: check
+ NOT-FOR-US: Statamic
CVE-2018-19597 (CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a ...)
- TODO: check
+ NOT-FOR-US: CMS Made Simple
CVE-2018-19596 (Zurmo 3.2.4 allows HTML Injection via an admin's use of HTML in the ...)
- TODO: check
+ NOT-FOR-US: Zurmo
CVE-2018-19595 (PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute ...)
NOT-FOR-US: PbootCMS
CVE-2018-19594
@@ -8603,11 +8603,11 @@ CVE-2018-19510
CVE-2018-19509
RESERVED
CVE-2018-19508 (CMSimple 4.7.5 has XSS via an admin's upload of an SVG file at a ...)
- TODO: check
+ NOT-FOR-US: CMSimple
CVE-2018-19507 (CMSimple 4.7.5 has XSS via an admin's use of a ...)
- TODO: check
+ NOT-FOR-US: CMSimple
CVE-2018-19506 (Zurmo 3.2.4 has XSS via an admin's use of the name parameter in the ...)
- TODO: check
+ NOT-FOR-US: Zurmo
CVE-2018-19505
RESERVED
CVE-2018-19504 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) ...)
@@ -9597,13 +9597,13 @@ CVE-2018-19244 (An XML External Entity (XXE) vulnerability exists in the Charles
CVE-2018-19243
RESERVED
CVE-2018-19242 (Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2018-19241 (Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2018-19240 (Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2018-19239 (TRENDnet TEW-673GRU v1.00b40 devices have an OS command injection ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2018-19238
RESERVED
CVE-2018-19237
@@ -9613,9 +9613,9 @@ CVE-2018-19236
CVE-2018-19235
RESERVED
CVE-2018-19234 (The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise ...)
- TODO: check
+ NOT-FOR-US: Miss Marple Enterprise
CVE-2018-19233 (COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users ...)
- TODO: check
+ NOT-FOR-US: Miss Marple Enterprise
CVE-2018-19232
RESERVED
CVE-2018-19231
@@ -10491,7 +10491,7 @@ CVE-2018-18873 (An issue was discovered in JasPer 2.0.14. There is a NULL pointe
CVE-2018-18872
RESERVED
CVE-2018-18871 (Missing password verification in the web interface on Gigaset Maxwell ...)
- TODO: check
+ NOT-FOR-US: Gigaset
CVE-2018-18870
RESERVED
CVE-2018-18869 (EmpireCMS V7.5 allows remote attackers to upload and execute arbitrary ...)
@@ -10633,7 +10633,7 @@ CVE-2018-18812
CVE-2018-18811
RESERVED
CVE-2018-18810 (The Administrator Service component of TIBCO Software Inc.'s TIBCO ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2018-18809
RESERVED
CVE-2018-18808
@@ -10733,7 +10733,7 @@ CVE-2018-18769
CVE-2018-18768
RESERVED
CVE-2018-18767 (An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2018-18766
RESERVED
CVE-2018-18765 (An exploitable arbitrary memory read vulnerability exists in the MQTT ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0dbf1bc0fe61c4d8c5636370b5f1b47beff79014
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0dbf1bc0fe61c4d8c5636370b5f1b47beff79014
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181221/d1081304/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list