[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Tue Jul 31 21:36:09 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
01fa1645 by Salvatore Bonaccorso at 2018-07-31T20:35:50Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -431,7 +431,7 @@ CVE-2018-14583 (xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a bac
CVE-2018-14582 (index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a ...)
NOT-FOR-US: BageCMS
CVE-2018-14581 (Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before ...)
- TODO: check
+ NOT-FOR-US: Redgate .NET Reflector and SmartAssembly
CVE-2018-14580
RESERVED
CVE-2018-14579 (GolemCMS through 2008-12-24, if the install/ directory remains active ...)
@@ -592,7 +592,7 @@ CVE-2018-14535
CVE-2018-14534
RESERVED
CVE-2018-14533 (read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain ...)
- TODO: check
+ NOT-FOR-US: Inteno IOPSYS
CVE-2018-14532 (An issue was discovered in Bento4 1.5.1-624. There is a heap-based ...)
NOT-FOR-US: Bento4
CVE-2018-14531 (An issue was discovered in Bento4 1.5.1-624. There is an unspecified ...)
@@ -4253,17 +4253,17 @@ CVE-2018-12946
CVE-2018-12945
RESERVED
CVE-2018-12944 (Persistent Cross-Site Scripting (XSS) vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2018-12943 (Cross-Site Scripting (XSS) vulnerability in every page that includes ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2018-12942 (SQL injection vulnerability in the "Users management" functionality in ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2018-12941 (This vulnerability allows remote attackers to execute arbitrary code ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2018-12940 (Unrestricted file upload vulnerability in "op/op.UploadChunks.php" in ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2018-12939 (A directory traversal flaw in SeedDMS (formerly LetoDMS and MyDMS) ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2018-12937
RESERVED
CVE-2018-12938
@@ -8601,7 +8601,7 @@ CVE-2018-11340 (An unrestricted file upload vulnerability in importuser.cgi in A
CVE-2018-11339 (An XSS issue was discovered in Frappe ERPNext v11.x.x-develop b1036e5 ...)
NOT-FOR-US: Frappe ERPNext
CVE-2018-11338 (Intuit Lacerte 2017 for Windows in a client/server environment ...)
- TODO: check
+ NOT-FOR-US: Intuit Lacerte
CVE-2018-11337
RESERVED
CVE-2018-11336
@@ -10528,11 +10528,11 @@ CVE-2018-10611 (Java remote method invocation (RMI) input port in GE MDS PulseNE
CVE-2018-10610
RESERVED
CVE-2018-10609 (Martem TELEM GW6 and GWM devices with firmware ...)
- TODO: check
+ NOT-FOR-US: Martem TELEM GW6 and GWM devices
CVE-2018-10608 (SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited ...)
NOT-FOR-US: SEL AcSELerator Architect
CVE-2018-10607 (Martem TELEM GW6 and GWM devices with firmware ...)
- TODO: check
+ NOT-FOR-US: Martem TELEM GW6 and GWM devices
CVE-2018-10606
RESERVED
CVE-2018-10605
@@ -10540,7 +10540,7 @@ CVE-2018-10605
CVE-2018-10604 (SEL Compass version 3.0.5.1 and prior allows all users full access to ...)
NOT-FOR-US: SEL Compass
CVE-2018-10603 (Martem TELEM GW6 and GWM devices with firmware ...)
- TODO: check
+ NOT-FOR-US: Martem TELEM GW6 and GWM devices
CVE-2018-10602
RESERVED
CVE-2018-10601 (IntelliVue Patient Monitors MP Series (including ...)
@@ -10562,7 +10562,7 @@ CVE-2018-10594 (Delta Industrial Automation COMMGR from Delta Electronics versio
CVE-2018-10593 (A vulnerability in DB Manager version 3.0.1.0 and previous and ...)
NOT-FOR-US: BD Kiestra and InoqulA systems
CVE-2018-10592 (Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers ...)
- TODO: check
+ NOT-FOR-US: Yokogawa
CVE-2018-10591 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
NOT-FOR-US: Advantech
CVE-2018-10590 (In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess ...)
@@ -17056,11 +17056,11 @@ CVE-2018-7997 (Eramba e1.0.6.033 has Reflected XSS on the Error page of the CSV
CVE-2018-7996 (Eramba e1.0.6.033 has Stored XSS on the tooltip box via the ...)
NOT-FOR-US: Eramba
CVE-2018-7994 (Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2018-7993 (HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2018-7992 (Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2018-7991
RESERVED
CVE-2018-7990
@@ -17130,7 +17130,7 @@ CVE-2018-7959
CVE-2018-7958
RESERVED
CVE-2018-7957 (Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2018-7956
RESERVED
CVE-2018-7955
@@ -17150,7 +17150,7 @@ CVE-2018-7949 (The iBMC (Intelligent Baseboard Management Controller) of some Hu
CVE-2018-7948
RESERVED
CVE-2018-7947 (Huawei mobile phones with versions earlier before Emily-AL00A ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2018-7946
RESERVED
CVE-2018-7945
@@ -17176,7 +17176,7 @@ CVE-2018-7936
CVE-2018-7935
RESERVED
CVE-2018-7934 (Some Huawei mobile phone with the versions before BLA-L29 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2018-7933 (Huawei home gateway products HiRouter-CD20 and WS5200 with the ...)
NOT-FOR-US: Huawei
CVE-2018-7932 (Huawei AppGallery versions before 8.0.4.301 has an arbitrary ...)
@@ -24959,9 +24959,9 @@ CVE-2018-5546
CVE-2018-5545
RESERVED
CVE-2018-5544 (When the F5 BIG-IP APM 13.0.0-13.1.1 or 12.1.0-12.1.3 renders certain ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5543 (The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2018-5542 (F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS ...)
NOT-FOR-US: F5 BIG-IP
CVE-2018-5541 (When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, ...)
@@ -34996,7 +34996,7 @@ CVE-2018-1720
CVE-2018-1719
RESERVED
CVE-2018-1718 (IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3 is ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1717
RESERVED
CVE-2018-1716
@@ -35156,7 +35156,7 @@ CVE-2018-1640
CVE-2018-1639
RESERVED
CVE-2018-1638 (IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2018-1637
RESERVED
CVE-2018-1636
@@ -38066,7 +38066,7 @@ CVE-2017-17176
CVE-2017-17175 (Short Message Service (SMS) module of Mate 9 Pro Huawei smart phones ...)
NOT-FOR-US: Huawei
CVE-2017-17174 (Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17173 (Due to insufficient parameters verification GPU driver of Mate 9 Pro ...)
NOT-FOR-US: Huawei
CVE-2017-17172 (Huawei smart phones LYO-L21 with software LYO-L21C479B107, ...)
@@ -51196,7 +51196,7 @@ CVE-2017-13654
CVE-2017-13653
RESERVED
CVE-2017-13652 (NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are ...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2017-13651
RESERVED
CVE-2017-13650
@@ -75580,7 +75580,7 @@ CVE-2017-5695 (Data corruption vulnerability in firmware in Intel Solid-State Dr
CVE-2017-5694 (Data corruption vulnerability in firmware in Intel Solid-State Drive ...)
NOT-FOR-US: Intel
CVE-2017-5693 (Firmware in the Intel Puma 5, 6, and 7 Series might experience ...)
- TODO: check
+ NOT-FOR-US: Intel Puma
CVE-2017-5692
RESERVED
CVE-2017-5691 (Incorrect check in Intel processors from 6th and 7th Generation Intel ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/01fa164591adc32f7512775c15f8b16024bd3d93
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/01fa164591adc32f7512775c15f8b16024bd3d93
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180731/066b0fc6/attachment.html>
More information about the debian-security-tracker-commits
mailing list