[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Sat Mar 10 06:09:39 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cce7252a by Salvatore Bonaccorso at 2018-03-10T07:08:28+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -16,9 +16,9 @@ CVE-2018-7998 (In libvips before 8.6.3, a NULL function pointer dereference ...)
NOTE: https://github.com/jcupitt/libvips/commit/20d840e6da15c1574b3ed998bc92f91d1e36c2a5
NOTE: https://github.com/jcupitt/libvips/issues/893
CVE-2018-7997 (Eramba e1.0.6.033 has Reflected XSS on the Error page of the CSV file ...)
- TODO: check
+ NOT-FOR-US: Eramba
CVE-2018-7996 (Eramba e1.0.6.033 has Stored XSS on the tooltip box via the ...)
- TODO: check
+ NOT-FOR-US: Eramba
CVE-2018-7994
RESERVED
CVE-2018-7993
@@ -220,7 +220,7 @@ CVE-2018-7896
CVE-2018-7895
RESERVED
CVE-2018-7894 (Eramba e1.0.6.033 has Reflected XSS in ...)
- TODO: check
+ NOT-FOR-US: Eramba
CVE-2018-7893
RESERVED
CVE-2018-7892
@@ -1054,9 +1054,9 @@ CVE-2018-7584 (In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14,
CVE-2018-7583 (Proxy.exe in DualDesk 20 allows Remote Denial Of Service (daemon crash) ...)
NOT-FOR-US: Proxy.exe in DualDesk 20
CVE-2018-7582 (WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of ...)
- TODO: check
+ NOT-FOR-US: WebLog Expert Web Server Enterprise
CVE-2018-7581 (\ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert ...)
- TODO: check
+ NOT-FOR-US: WebLog Expert Web Server Enterprise
CVE-2018-7580
RESERVED
CVE-2017-18211 (In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was ...)
@@ -18973,25 +18973,25 @@ CVE-2017-17332
CVE-2017-17331
RESERVED
CVE-2017-17330 (Huawei AR3200 V200R005C32; V200R006C10; V200R006C11; V200R007C00; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17329 (Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability. ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17328 (Huawei smartphones with software of MHA-AL00AC00B125 have an integer ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17327 (Huawei smartphones with software of MHA-AL00AC00B125 have an improper ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17326 (Huawei Mate 9 Pro Smartphones with software of LON-AL00BC00B139D; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17325 (Huawei video applications HiCinema with software of 8.0.3.308; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17324 (Huawei Mate 9 Pro smartphones with software LON-AL00BC00B139D; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17323 (Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17322 (Huawei Honor Smart Scale Application with software of 1.1.1 has an ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17321 (Huawei eNSP software with software of versions earlier than ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17320
RESERVED
CVE-2017-17319
@@ -19025,9 +19025,9 @@ CVE-2017-17306
CVE-2017-17305
RESERVED
CVE-2017-17304 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17303 (Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17302 (Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, ...)
NOT-FOR-US: Huawei
CVE-2017-17301 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, ...)
@@ -19071,11 +19071,11 @@ CVE-2017-17283 (Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 .
CVE-2017-17282
RESERVED
CVE-2017-17281 (SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17280 (NFC (Near Field Communication) module in Huawei mobile phones with ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17279 (The soundtrigger module in Huawei Mate 9 Pro smart phones with ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17278
RESERVED
CVE-2017-17277
@@ -19133,7 +19133,7 @@ CVE-2017-17252
CVE-2017-17251
RESERVED
CVE-2017-17250 (Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17249
RESERVED
CVE-2017-17248
@@ -19179,29 +19179,29 @@ CVE-2017-17229
CVE-2017-17228
RESERVED
CVE-2017-17227 (GPU driver in Huawei Mate 10 smart phones with the versions before ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17226 (The TripAdvisor app with the versions before TAMobileApp-24.6.4 ...)
- TODO: check
+ NOT-FOR-US: The TripAdvisor app on Huawei
CVE-2017-17225 (The Near Field Communication (NFC) module in Huawei Mate 9 Pro mobile ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17224
RESERVED
CVE-2017-17223 (Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17222 (Import Language Package function in Huawei eSpace 7950 V200R003C30; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17221 (Import Signal Tone function in Huawei eSpace 7950 V200R003C30; eSpace ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17220 (SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17219 (SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17218 (SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17217 (Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17216 (Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17215
RESERVED
CVE-2017-17214
@@ -19233,9 +19233,9 @@ CVE-2017-17202 (Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C2
CVE-2017-17201 (Some huawei smartphones with software BTV-DL09C233B350, ...)
NOT-FOR-US: Huawei
CVE-2017-17200 (Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17199 (Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17198
RESERVED
CVE-2017-17197
@@ -19293,13 +19293,13 @@ CVE-2017-17172
CVE-2017-17171
RESERVED
CVE-2017-17170 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17169 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17168 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17167 (Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17166 (Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, ...)
NOT-FOR-US: Huawei
CVE-2017-17165 (IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 ...)
@@ -19333,17 +19333,17 @@ CVE-2017-17152 (IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, ...)
CVE-2017-17151 (Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, ...)
NOT-FOR-US: Huawei
CVE-2017-17150 (Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17149 (Huawei HiWallet App with the versions before 8.0.4 has an arbitrary ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17148 (Huawei DP300 V500R002C00 have a DoS vulnerability due to the lack of ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17147 (Huawei DP300 V500R002C00 have an integer overflow vulnerability due to ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17146 (Huawei DP300 V500R002C00 have a buffer overflow vulnerability due to ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17145 (Huawei Honor V9 Play smart phones with the versions before ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2017-17144 (Backup feature of SIP module in Huawei DP300 V500R002C00; ...)
NOT-FOR-US: Huawei
CVE-2017-17143 (SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; ...)
@@ -20680,15 +20680,15 @@ CVE-2018-0549
CVE-2018-0548
RESERVED
CVE-2018-0547 (Cross-site scripting vulnerability in WP All Import plugin prior to ...)
- TODO: check
+ NOT-FOR-US: WP All Import plugin for WordPress
CVE-2018-0546 (Cross-site scripting vulnerability in WP All Import plugin prior to ...)
- TODO: check
+ NOT-FOR-US: WP All Import plugin for WordPress
CVE-2018-0545
RESERVED
CVE-2018-0544 (Untrusted search path vulnerability in WinShot 1.53a and earlier ...)
- TODO: check
+ NOT-FOR-US: WinShot
CVE-2018-0543 (Untrusted search path vulnerability in Jtrim 1.53c and earlier ...)
- TODO: check
+ NOT-FOR-US: Jtrim installer
CVE-2018-0542
RESERVED
CVE-2018-0541
@@ -20728,11 +20728,11 @@ CVE-2018-0525 (Directory traversal vulnerability in Jubatus 1.0.2 and earlier al
CVE-2018-0524 (Jubatus 1.0.2 and earlier allows remote code execution via unspecified ...)
TODO: check
CVE-2018-0523 (Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker ...)
- TODO: check
+ NOT-FOR-US: Buffalo
CVE-2018-0522 (Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier ...)
- TODO: check
+ NOT-FOR-US: Buffalo
CVE-2018-0521 (Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker ...)
- TODO: check
+ NOT-FOR-US: Buffalo
CVE-2018-0520 (Cross-site request forgery (CSRF) vulnerability in FS010W firmware ...)
NOT-FOR-US: FS010W firmware
CVE-2018-0519 (Cross-site scripting vulnerability in FS010W firmware FS010W_00_V1.3.0 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cce7252ab27705a4c40c28f0cb433bea4ce5b259
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cce7252ab27705a4c40c28f0cb433bea4ce5b259
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180310/4a7008f5/attachment-0001.html>
More information about the Secure-testing-commits
mailing list