[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Jun 21 20:30:23 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c53143d2 by Salvatore Bonaccorso at 2018-06-21T21:43:31+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -38,9 +38,9 @@ CVE-2018-12593
 CVE-2018-12592 (Polycom RealPresence Web Suite before 2.2.0 does not block a user's ...)
 	NOT-FOR-US: Polycom RealPresence Web Suite
 CVE-2018-12591 (Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti Networks EdgeSwitch
 CVE-2018-12590 (Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti Networks EdgeSwitch
 CVE-2018-12589
 	RESERVED
 CVE-2018-12588 (Cross-site scripting (XSS) vulnerability in ...)
@@ -2671,9 +2671,9 @@ CVE-2018-11528 (WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param
 CVE-2018-11527 (An issue was discovered in CScms v4.1. A Cross-site request forgery ...)
 	NOT-FOR-US: CScms
 CVE-2018-11526 (The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 ...)
-	TODO: check
+	NOT-FOR-US: "WordPress Comments Import & Export" plugin for WordPress
 CVE-2018-11525 (The plugin "Advanced Order Export For WooCommerce" for WordPress ...)
-	TODO: check
+	NOT-FOR-US: "Advanced Order Export For WooCommerce" plugin for WordPress
 CVE-2018-11524
 	RESERVED
 CVE-2018-11523 (upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such ...)
@@ -3771,7 +3771,7 @@ CVE-2018-11118 (The RSS subsystem in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 
 CVE-2018-11117 (Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 5.1.x, ...)
 	NOT-FOR-US: ILIAS
 CVE-2018-11116 (OpenWrt mishandles access control in /etc/config/rpcd and the ...)
-	TODO: check
+	NOT-FOR-US: OpenWrt
 CVE-2018-11115
 	RESERVED
 CVE-2018-11114
@@ -8848,7 +8848,7 @@ CVE-2018-9038 (Monstra CMS 3.0.4 allows remote attackers to delete files via an 
 CVE-2018-9037 (Monstra CMS 3.0.4 allows remote code execution via an upload_file ...)
 	NOT-FOR-US: Monstra CMS
 CVE-2018-9036 (CheckSec Canopy 3.x before 3.0.7 has stored XSS via the Login Page ...)
-	TODO: check
+	NOT-FOR-US: CheckSec Canopy
 CVE-2018-9035 (CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2018-9034 (Cross-site scripting (XSS) vulnerability in lib/interface.php of the ...)
@@ -9756,7 +9756,7 @@ CVE-2018-8729 (Multiple cross-site scripting (XSS) vulnerabilities in the Activi
 CVE-2018-8728 (server/app/views/static/code.html in Kontena before 1.5.0 allows XSS in ...)
 	NOT-FOR-US: Kontena
 CVE-2018-8727 (Path Traversal in Gateway in Mirasys DVMS Workstation 5.12.6 and ...)
-	TODO: check
+	NOT-FOR-US: Path Traversal in Gateway in Mirasys DVMS Workstation
 CVE-2017-18238 (An issue was discovered in Exempi before 2.4.4. The ...)
 	{DLA-1310-1}
 	- exempi 2.4.4-1 (low)
@@ -16965,13 +16965,13 @@ CVE-2018-6215
 CVE-2018-6214
 	RESERVED
 CVE-2018-6213 (In the web server on D-Link DIR-620 devices with a certain customized ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-6212 (On D-Link DIR-620 devices with a certain customized (by ISP) variant ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-6211 (On D-Link DIR-620 devices with a certain customized (by ISP) variant ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-6210 (D-Link DIR-620 devices, with a certain Rostelekom variant of firmware ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-6209 (In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxCryptMon.sys) ...)
 	NOT-FOR-US: Max Secure Anti Virus
 CVE-2018-6208 (In Max Secure Anti Virus 19.0.3.019,, the driver file ...)
@@ -20008,9 +20008,9 @@ CVE-2018-5239
 CVE-2018-5238
 	RESERVED
 CVE-2018-5237 (Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2018-5236 (Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2018-5235
 	RESERVED
 CVE-2018-5234 (The Norton Core router prior to v237 may be susceptible to a command ...)
@@ -31024,7 +31024,7 @@ CVE-2017-17445
 CVE-2017-17444
 	RESERVED
 CVE-2017-17443 (OPC Foundation Local Discovery Server (LDS) 1.03.370 required a ...)
-	TODO: check
+	NOT-FOR-US: OPC Foundation Local Discovery Server
 CVE-2017-17442 (In BlackBerry UEM Management Console version 12.7.1 and earlier, a ...)
 	NOT-FOR-US: BlackBerry
 CVE-2017-17441
@@ -31179,7 +31179,7 @@ CVE-2018-1152 (libjpeg-turbo 1.5.90 is vulnerable to a denial of service ...)
 	- libjpeg-turbo <unfixed>
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6
 CVE-2018-1151 (The web server on Western Digital TV Media Player 1.03.07 and TV Live ...)
-	TODO: check
+	NOT-FOR-US: web server on Western Digital TV Media Player and TV Live Hub
 CVE-2018-1150
 	RESERVED
 CVE-2018-1149
@@ -31917,7 +31917,7 @@ CVE-2017-17311
 CVE-2017-17310 (Electronic Numbers to URI Mapping (ENUM) module in some Huawei ...)
 	NOT-FOR-US: Huawei
 CVE-2017-17309 (Huawei HG255s-10 V100R001C163B025SP02 has a path traversal ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2017-17308 (SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, ...)
 	NOT-FOR-US: Huawei
 CVE-2017-17307 (Some Huawei Smartphones with software of VNS-L21AUTC555B141 have an ...)
@@ -32189,9 +32189,9 @@ CVE-2017-17175
 CVE-2017-17174
 	RESERVED
 CVE-2017-17173 (Due to insufficient parameters verification GPU driver of Mate 9 Pro ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2017-17172 (Huawei smart phones LYO-L21 with software LYO-L21C479B107, ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2017-17171 (Some Huawei smart phones have the denial of service (DoS) ...)
 	NOT-FOR-US: Huawei
 CVE-2017-17170 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; ...)
@@ -81853,7 +81853,7 @@ CVE-2017-1407 (IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could
 CVE-2017-1406
 	RESERVED
 CVE-2017-1405 (IBM Security Identity Manager Virtual Appliance 7.0 processes patches, ...)
-	TODO: check
+	NOT-FOR-US: IBM Security Identity Manager Virtual Appliance
 CVE-2017-1404
 	RESERVED
 CVE-2017-1403



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c53143d22f02f2b6f519253be12ca5b7f66c411a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c53143d22f02f2b6f519253be12ca5b7f66c411a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180621/6efc15a2/attachment.html>

More information about the debian-security-tracker-commits mailing list