[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Jun 8 21:46:22 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7b2dbb45 by Salvatore Bonaccorso at 2018-06-08T22:45:29+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15,7 +15,7 @@ CVE-2018-12068
 CVE-2018-12067
 	RESERVED
 CVE-2018-12065 (A Local File Inclusion vulnerability in /system/WCore/WHelper.php in ...)
-	TODO: check
+	NOT-FOR-US: wityCMS
 CVE-2018-12064 (tinyexr 0.9.5 has a heap-based buffer over-read via ...)
 	TODO: check
 CVE-2018-12063
@@ -35,15 +35,15 @@ CVE-2018-12057
 CVE-2018-12056
 	RESERVED
 CVE-2018-12055 (Multiple SQL Injections exist in PHP Scripts Mall Schools Alert ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
 CVE-2018-12054 (Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
 CVE-2018-12053 (Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
 CVE-2018-12052 (SQL Injection exists in PHP Scripts Mall Schools Alert Management ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
 CVE-2018-12051 (Arbitrary File Upload and Remote Code Execution exist in PHP Scripts ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall Schools Alert Management Script
 CVE-2018-12050
 	RESERVED
 CVE-2018-XXXX [OVE-20180430-0004: mpatch: ensure fragment start isn't past the end of orig]
@@ -2149,9 +2149,9 @@ CVE-2018-11231 (In the Divido plugin for OpenCart, there is SQL injection. Attac
 CVE-2018-11230 (jbig2_add_page in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows ...)
 	NOT-FOR-US: jbig2enc
 CVE-2018-11229 (Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and ...)
-	TODO: check
+	NOT-FOR-US: Crestron devices
 CVE-2018-11228 (Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and ...)
-	TODO: check
+	NOT-FOR-US: Crestron devices
 CVE-2018-11227
 	RESERVED
 CVE-2018-11226 (The getString function in decompile.c in libming through 0.4.8 ...)
@@ -3600,7 +3600,7 @@ CVE-2018-10621
 CVE-2018-10620
 	RESERVED
 CVE-2018-10619 (An unquoted search path or element in RSLinx Classic Versions 3.90.01 ...)
-	TODO: check
+	NOT-FOR-US: RSLinx
 CVE-2018-10618
 	RESERVED
 CVE-2018-10617
@@ -3921,9 +3921,9 @@ CVE-2018-10508
 CVE-2018-10507
 	RESERVED
 CVE-2018-10506 (A out-of-bounds read information disclosure vulnerability in Trend ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2018-10505 (A pool corruption privilege escalation vulnerability in Trend Micro ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2018-10504 (The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-10503 (An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105. ...)
@@ -4262,9 +4262,9 @@ CVE-2018-10363
 CVE-2018-10360
 	RESERVED
 CVE-2018-10359 (A pool corruption privilege escalation vulnerability in Trend Micro ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2018-10358 (A pool corruption privilege escalation vulnerability in Trend Micro ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2018-10357 (A directory traversal vulnerability in Trend Micro Endpoint ...)
 	NOT-FOR-US: Trend Micro
 CVE-2018-10356 (A SQL injection remote code execution vulnerability in Trend Micro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7b2dbb457a5e0c0d1e72189855b7a2cdfb25d00f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7b2dbb457a5e0c0d1e72189855b7a2cdfb25d00f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180608/823b26a2/attachment.html>

More information about the debian-security-tracker-commits mailing list