[Git][security-tracker-team/security-tracker][master] NFUs

Tue Jun 26 20:38:48 BST 2018

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
85a74eea by Moritz Muehlenhoff at 2018-06-26T21:38:32+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -320,7 +320,7 @@ CVE-2018-12737
 CVE-2018-12736
 	RESERVED
 CVE-2018-12735 (SAJ Solar Inverter allows remote attackers to obtain potentially ...)
-	TODO: check
+	NOT-FOR-US: SAJ Solar Inverter
 CVE-2018-12734
 	RESERVED
 CVE-2018-12733
@@ -391,9 +391,9 @@ CVE-2018-12705 (DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validat
 CVE-2018-12704
 	RESERVED
 CVE-2018-12703 (The approveAndCallcode function of a smart contract implementation for ...)
-	TODO: check
+	NOT-FOR-US: Block 18
 CVE-2018-12702 (The approveAndCallcode function of a smart contract implementation for ...)
-	TODO: check
+	NOT-FOR-US: Globalvillage ecosystem
 CVE-2018-12701
 	RESERVED
 CVE-2018-12700 (A Stack Exhaustion issue was discovered in debug_write_type in debug.c ...)
@@ -749,9 +749,9 @@ CVE-2018-12605
 CVE-2018-12604 (GreenCMS 2.3.0603 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: GreenCMS
 CVE-2018-12603 (Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS ...)
-	TODO: check
+	NOT-FOR-US: LFCMS
 CVE-2018-12602 (A CSRF vulnerability exists in LFCMS 3.7.0: users can be added ...)
-	TODO: check
+	NOT-FOR-US: LFCMS
 CVE-2018-12601 (There is a heap-based buffer overflow in ReadImage in input-tga.ci in ...)
 	- sam2p <removed>
 	NOTE: https://github.com/pts/sam2p/issues/41
@@ -2040,19 +2040,19 @@ CVE-2018-12085 (Liblouis 3.6.0 has a stack-based Buffer Overflow in the function
 	NOTE: https://github.com/liblouis/liblouis/issues/595
 	NOTE: https://github.com/liblouis/liblouis/commit/dbfa58bb128cae86729578ac596056b3385817ef
 CVE-2018-12084 (The mintToken function of a smart contract implementation for BitAsean ...)
-	TODO: check
+	NOT-FOR-US: BitAsean
 CVE-2018-12083 (The mintToken function of a smart contract implementation for GOAL ...)
-	TODO: check
+	NOT-FOR-US: GOAL
 CVE-2018-12082 (The mintToken function of a smart contract implementation for Fujinto ...)
-	TODO: check
+	NOT-FOR-US: Fujinto
 CVE-2018-12081 (The mintToken function of a smart contract implementation for Target ...)
-	TODO: check
+	NOT-FOR-US: Target Coin
 CVE-2018-12080 (The mintToken function of a smart contract implementation for Internet ...)
-	TODO: check
+	NOT-FOR-US: Internet Node Token
 CVE-2018-12079 (The mintToken function of a smart contract implementation for ...)
-	TODO: check
+	NOT-FOR-US: Substratum
 CVE-2018-12078 (The mintToken function of a smart contract implementation for PolyAI ...)
-	TODO: check
+	NOT-FOR-US: PolyAI
 CVE-2018-12077
 	RESERVED
 CVE-2018-12076
@@ -2068,21 +2068,21 @@ CVE-2018-12072 (An issue was discovered in Cloud Media Popcorn A-200 ...)
 CVE-2018-12071 (A Session Fixation issue exists in CodeIgniter before 3.1.9 because ...)
 	- codeigniter <itp> (bug #471583)
 CVE-2018-12070 (The sell function of a smart contract implementation for SEC, a ...)
-	TODO: check
+	NOT-FOR-US: SEC
 CVE-2018-12069
 	RESERVED
 CVE-2018-12068 (The sell function of a smart contract implementation for Target Coin ...)
-	TODO: check
+	NOT-FOR-US: Target Coin
 CVE-2018-12067 (The sell function of a smart contract implementation for Substratum ...)
-	TODO: check
+	NOT-FOR-US: Substratum
 CVE-2018-12065 (A Local File Inclusion vulnerability in /system/WCore/WHelper.php in ...)
 	NOT-FOR-US: wityCMS
 CVE-2018-12064 (tinyexr 0.9.5 has a heap-based buffer over-read via ...)
 	NOT-FOR-US: tinyexr
 CVE-2018-12063 (The sell function of a smart contract implementation for Internet Node ...)
-	TODO: check
+	NOT-FOR-US: Internet Node Token
 CVE-2018-12062 (The sell function of a smart contract implementation for SwftCoin ...)
-	TODO: check
+	NOT-FOR-US: SwfCoin
 CVE-2018-12061
 	RESERVED
 CVE-2018-12060
@@ -3269,11 +3269,11 @@ CVE-2018-11591 (Espruino before 1.98 allows attackers to cause a denial of servi
 CVE-2018-11590 (Espruino before 1.99 allows attackers to cause a denial of service ...)
 	NOT-FOR-US: Espruino
 CVE-2018-11589 (Multiple SQL injection vulnerabilities in Centreon 3.4.6 including ...)
-	TODO: check
+	NOT-FOR-US: Centreon
 CVE-2018-11588 (Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an ...)
-	TODO: check
+	NOT-FOR-US: Centreon
 CVE-2018-11587 (There is Remote Code Execution in Centreon 3.4.6 including Centreon ...)
-	TODO: check
+	NOT-FOR-US: Centreon
 CVE-2018-11586 (XML external entity (XXE) vulnerability in api/rest/status in ...)
 	NOT-FOR-US: SearchBlox
 CVE-2018-11585
@@ -3628,7 +3628,7 @@ CVE-2018-11448
 CVE-2018-11447
 	RESERVED
 CVE-2018-11446 (The buy function of a smart contract implementation for Gold Reward ...)
-	TODO: check
+	NOT-FOR-US: Gold Reward
 CVE-2018-11445 (A CSRF issue was discovered on the User Add/System Settings Page ...)
 	NOT-FOR-US: EasyService Billing
 CVE-2018-11444 (A SQL Injection issue was observed in the parameter "q" in ...)
@@ -31431,6 +31431,7 @@ CVE-2018-1307 (In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or WSDL
 	NOT-FOR-US: Apache juddi-client
 CVE-2018-1306
 	RESERVED
+	NOT-FOR-US: Apache Portals Pluto
 CVE-2018-1305 (Security constraints defined by annotations of Servlets in Apache ...)
 	{DLA-1301-1}
 	- tomcat9 <itp> (bug #802312)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/85a74eea5c4ba39d727e6b412e5787be098e220c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/85a74eea5c4ba39d727e6b412e5787be098e220c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180626/6901d1bd/attachment.html>
