[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Dec 24 08:38:24 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
87c17879 by Salvatore Bonaccorso at 2018-12-24T08:36:16Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24,19 +24,19 @@ CVE-2018-20425 (libming 0.4.8 has a NULL pointer dereference in the pushdup func
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/163
 CVE-2018-20424 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote ...)
-	TODO: check
+	NOT-FOR-US: DiscuzX
 CVE-2018-20423 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote ...)
-	TODO: check
+	NOT-FOR-US: DiscuzX
 CVE-2018-20422 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote ...)
-	TODO: check
+	NOT-FOR-US: DiscuzX
 CVE-2018-20421 (Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of ...)
 	TODO: check
 CVE-2018-20420 (In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access ...)
-	TODO: check
+	NOT-FOR-US: webERP
 CVE-2018-20419 (DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add an ...)
-	TODO: check
+	NOT-FOR-US: DouCo DouPHP
 CVE-2018-20418 (index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allows ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2018-20417
 	RESERVED
 CVE-2018-20416
@@ -52,69 +52,69 @@ CVE-2018-20412
 CVE-2018-20411
 	RESERVED
 CVE-2018-20410 (WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer ...)
-	TODO: check
+	NOT-FOR-US: WellinTech KingSCADA
 CVE-2018-20409 (An issue was discovered in Bento4 1.5.1-627. There is a heap-based ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2018-20408 (An issue was discovered in Bento4 1.5.1-627. There is a memory leak in ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2018-20407 (An issue was discovered in Bento4 1.5.1-627. There is a memory leak in ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a ...)
 	TODO: check
 CVE-2018-20405 (BigTree 4.3 allows full path disclosure via authenticated admin/news/ ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2018-20404
 	RESERVED
 CVE-2018-20403
 	RESERVED
 CVE-2018-20402 (Safe Software FME Server through 2018.1 creates and enables three ...)
-	TODO: check
+	NOT-FOR-US: Safe Software FME Server
 CVE-2018-20401 (Zoom 5352 v5.5.8.6Y devices allow remote attackers to discover ...)
-	TODO: check
+	NOT-FOR-US: Zoom 5352 v5.5.8.6Y devices
 CVE-2018-20400 (Ubee DVW2108 6.28.1017 and DVW2110 6.28.2012 devices allow remote ...)
-	TODO: check
+	NOT-FOR-US: Ubee devices
 CVE-2018-20399 (Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2018-20398 (Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, ...)
-	TODO: check
+	NOT-FOR-US: Skyworth devices
 CVE-2018-20397 (mplus CBC383Z CBC383Z_mplus_MDr026 devices allow remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: mplus devices
 CVE-2018-20396 (NET&SYS MNG2120J 5.76.1006c and MNG6300 5.83.6305jrc2 devices allow ...)
-	TODO: check
+	NOT-FOR-US: NET&SYS devices
 CVE-2018-20395 (NETWAVE MNG6200 C4835805jrc12FU121413.cpr devices allow remote ...)
-	TODO: check
+	NOT-FOR-US: NETWAVE devices
 CVE-2018-20394 (Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855 ST80.20.26, and ...)
-	TODO: check
+	NOT-FOR-US: Thomson devices
 CVE-2018-20393 (Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, ...)
-	TODO: check
+	NOT-FOR-US: Technicolor devices
 CVE-2018-20392 (S-A WebSTAR DPC2100 v2.0.2r1256-060303 devices allow remote attackers ...)
-	TODO: check
+	NOT-FOR-US: S-A WebSTAR devices
 CVE-2018-20391 (TEKNOTEL CBW700N 81.447.392110.729.024 devices allow remote attackers ...)
-	TODO: check
+	NOT-FOR-US: TEKNOTEL devices
 CVE-2018-20390 (Kaonmedia CG2001-AN22A 1.2.1, CG2001-UDBNA 3.0.8, and CG2001-UN2NA ...)
-	TODO: check
+	NOT-FOR-US: Kaonmedia devices
 CVE-2018-20389 (D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-20388 (Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices ...)
-	TODO: check
+	NOT-FOR-US: Comtrend devices
 CVE-2018-20387 (Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices ...)
-	TODO: check
+	NOT-FOR-US: Bnmux devices
 CVE-2018-20386 (ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote ...)
-	TODO: check
+	NOT-FOR-US: ARRIS devices
 CVE-2018-20385 (CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT ...)
-	TODO: check
+	NOT-FOR-US: CastleNet devices
 CVE-2018-20384 (iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and IB-8120-W21E1 ...)
-	TODO: check
+	NOT-FOR-US: iNovo devices
 CVE-2018-20383 (ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote ...)
-	TODO: check
+	NOT-FOR-US: ARRIS devices
 CVE-2018-20382 (Jiuzhou BCM93383WRG 139.4410mp1.3921132mp1.899.004404.004 devices allow ...)
-	TODO: check
+	NOT-FOR-US: Jiuzhou devices
 CVE-2018-20381 (Technicolor DPC2320 dpc2300r2-v202r1244101-150420a-v6 devices allow ...)
-	TODO: check
+	NOT-FOR-US: Technicolor devices
 CVE-2018-20380 (Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and ...)
-	TODO: check
+	NOT-FOR-US: Ambit devices
 CVE-2018-20379 (Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices ...)
-	TODO: check
+	NOT-FOR-US: Technicolor devices
 CVE-2018-20378
 	RESERVED
 CVE-2018-20377 (Orange Livebox 00.96.320S devices allow remote attackers to discover ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/87c17879f385880f933b064b90d70e8b883c8376

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/87c17879f385880f933b064b90d70e8b883c8376
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181224/2dbeaec2/attachment.html>

More information about the debian-security-tracker-commits mailing list