[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
18652c1a by Moritz Muehlenhoff at 2018-07-18T14:30:22+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1182,17 +1182,17 @@ CVE-2018-13866 (An issue was discovered in the HDF HDF5 1.8.20 library. There is
 CVE-2018-13865 (An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-13864 (A directory traversal vulnerability has been found in the Assets ...)
-	TODO: check
+	NOT-FOR-US: Play Framework
 CVE-2018-13862 (Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 ...)
-	TODO: check
+	NOT-FOR-US: Touchpad / Trivum WebTouch Setup
 CVE-2018-13861 (Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 ...)
-	TODO: check
+	NOT-FOR-US: Touchpad / Trivum WebTouch Setup
 CVE-2018-13860 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 ...)
-	TODO: check
+	NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
 CVE-2018-13859 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 ...)
-	TODO: check
+	NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
 CVE-2018-13858 (MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 ...)
-	TODO: check
+	NOT-FOR-US: MusicCenter / Trivum Multiroom Setup
 CVE-2018-13863 (The MongoDB bson JavaScript module (also known as js-bson) versions ...)
 	- node-bson <itp> (bug #897282)
 	NOTE: https://github.com/mongodb/js-bson/commit/bd61c45157c53a1698ff23770160cf4783e9ea4a
@@ -19878,7 +19878,7 @@ CVE-2018-6683
 CVE-2018-6682
 	RESERVED
 CVE-2018-6681 (Abuse of Functionality vulnerability in the web interface in McAfee ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2018-6680
 	RESERVED
 CVE-2018-6679
@@ -33996,7 +33996,7 @@ CVE-2018-1614 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using ...
 CVE-2018-1613
 	RESERVED
 CVE-2018-1612 (IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1611
 	RESERVED
 CVE-2018-1610
@@ -99584,11 +99584,11 @@ CVE-2016-6566 (The valueAsString parameter inside the JSON payload contained by 
 CVE-2016-6565 (The Imagely NextGen Gallery plugin for Wordpress prior to version ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2016-6564 (Android devices with code from Ragentek contain a privileged binary ...)
-	TODO: check
+	NOT-FOR-US: Ragentek
 CVE-2016-6563 (Processing malformed SOAP messages when performing the HNAP Login ...)
-	TODO: check
+	NOT-FOR-US: HNAP
 CVE-2016-6562 (On iOS and Android devices, the ShoreTel Mobility Client app version ...)
-	TODO: check
+	NOT-FOR-US: ShoreTel Mobility Client
 CVE-2016-6561 (illumos smbsrv NULL pointer dereference allows system crash. ...)
 	NOT-FOR-US: illumos
 CVE-2016-6560 (illumos osnet-incorporation bcopy() and bzero() implementations make ...)
@@ -99596,7 +99596,7 @@ CVE-2016-6560 (illumos osnet-incorporation bcopy() and bzero() implementations m
 CVE-2016-6559 (Improper bounds checking of the obuf variable in the link_ntoa() ...)
 	TODO: check
 CVE-2016-6558 (A command injection vulnerability exists in apply.cgi on the ASUS ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2016-6557 (In ASUS RP-AC52 access points with firmware version 1.0.1.1s and ...)
 	NOT-FOR-US: ASUS RP-AC52 access points
 CVE-2016-6556
@@ -99610,7 +99610,7 @@ CVE-2016-6553 (Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses .
 CVE-2016-6552 (Green Packet DX-350 uses non-random default credentials of: ...)
 	NOT-FOR-US: Green Packet DX-350
 CVE-2016-6551 (Intellian Satellite TV antennas t-Series and v-Series, firmware ...)
-	TODO: check
+	NOT-FOR-US: Intellian
 CVE-2016-6550 (The U by BB&T app 1.5.4 and earlier for iOS does not properly verify ...)
 	NOT-FOR-US: BB&T
 CVE-2016-6549 (The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, ...)
@@ -99618,17 +99618,17 @@ CVE-2016-6549 (The Zizai Tech Nut device allows unauthenticated Bluetooth pairin
 CVE-2016-6548 (The Zizai Tech Nut mobile app makes requests via HTTP instead of ...)
 	NOT-FOR-US: Zizai Tech Nut mobile app
 CVE-2016-6547 (The Zizai Tech Nut mobile app stores the account password used to ...)
-	TODO: check
+	NOT-FOR-US: Zizai Tech Nut mobile app
 CVE-2016-6546 (The iTrack Easy mobile application stores the account password used to ...)
-	TODO: check
+	NOT-FOR-US: iTrack
 CVE-2016-6545 (Session cookies are not used for maintaining valid sessions in iTrack ...)
-	TODO: check
+	NOT-FOR-US: iTrack
 CVE-2016-6544 (getgps data in iTrack Easy can be modified without authentication by ...)
-	TODO: check
+	NOT-FOR-US: iTrack
 CVE-2016-6543 (A captured MAC/device ID of an iTrack Easy can be registered under ...)
-	TODO: check
+	NOT-FOR-US: iTrack
 CVE-2016-6542 (The iTrack device tracking ID number, also called "LosserID" in the ...)
-	TODO: check
+	NOT-FOR-US: iTrack
 CVE-2016-6541 (TrackR Bravo device allows unauthenticated pairing, which enables ...)
 	NOT-FOR-US: TrackR
 CVE-2016-6540 (Unauthenticated access to the cloud-based service maintained by TrackR ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18652c1a2baf2bff1eeb9fc0140c75e348b91180

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18652c1a2baf2bff1eeb9fc0140c75e348b91180
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180718/c5f7acde/attachment.html>