[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Mar 16 09:29:02 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
05eb5612 by Salvatore Bonaccorso at 2018-03-16T10:28:40+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -19,7 +19,7 @@ CVE-2018-8730
 CVE-2018-8729 (Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log ...)
 	NOT-FOR-US: Activity Log plugin for WordPress
 CVE-2018-8728 (server/app/views/static/code.html in Kontena before 1.5.0 allows XSS in ...)
-	TODO: check
+	NOT-FOR-US: Kontena
 CVE-2018-8727
 	RESERVED
 CVE-2017-18238 (An issue was discovered in Exempi before 2.4.4. The ...)
@@ -59,7 +59,7 @@ CVE-2018-8722 (Zoho ManageEngine Desktop Central version 9.1.0 build 91099 has .
 CVE-2018-8721 (Zoho ManageEngine EventLog Analyzer version 11.0 build 11000 has Stored ...)
 	NOT-FOR-US: Zoho
 CVE-2018-8720 (ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name ...)
-	TODO: check
+	NOT-FOR-US: ServiceNow ITSM
 CVE-2018-8719
 	RESERVED
 CVE-2018-8718
@@ -8890,7 +8890,7 @@ CVE-2018-5478
 CVE-2018-5477 (An Information Exposure issue was discovered in ABB netCADOPS Web ...)
 	NOT-FOR-US: ABB netCADOPS Web Application
 CVE-2018-5476 (A Stack-based Buffer Overflow issue was discovered in Delta Electronics ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
 CVE-2018-5475 (A Stack-based Buffer Overflow issue was discovered in GE D60 Line ...)
 	NOT-FOR-US: GE D60 Line Distance Relay devices
 CVE-2018-5474
@@ -14178,7 +14178,7 @@ CVE-2017-17775 (Piwigo 2.9.2 has XSS via the name parameter in an ...)
 CVE-2017-17774 (admin/configuration.php in Piwigo 2.9.2 has CSRF. ...)
 	- piwigo <removed>
 CVE-2017-17773 (In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile
 CVE-2017-17772
 	RESERVED
 CVE-2017-17771
@@ -24669,19 +24669,19 @@ CVE-2017-16753 (An Improper Input Validation issue was discovered in Advantech .
 CVE-2017-16752
 	RESERVED
 CVE-2017-16751 (A Stack-based Buffer Overflow issue was discovered in Delta Electronics ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
 CVE-2017-16750
 	RESERVED
 CVE-2017-16749 (A Use-after-Free issue was discovered in Delta Electronics Delta ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
 CVE-2017-16748
 	RESERVED
 CVE-2017-16747 (An Out-of-bounds Write issue was discovered in Delta Electronics Delta ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
 CVE-2017-16746
 	RESERVED
 CVE-2017-16745 (A Type Confusion issue was discovered in Delta Electronics Delta ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics Delta Industrial Automation Screen Editor
 CVE-2017-16744
 	RESERVED
 CVE-2017-16743 (An Improper Authorization issue was discovered in PHOENIX CONTACT FL ...)
@@ -104971,7 +104971,7 @@ CVE-2016-0225 (IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0
 CVE-2016-0224 (SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, ...)
 	NOT-FOR-US: IBM
 CVE-2016-0223 (Cross-site scripting (XSS) vulnerability in the Webform Framework API ...)
-	TODO: check
+	NOT-FOR-US: IBM Forms Server
 CVE-2016-0222 (IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote ...)
 	NOT-FOR-US: IBM
 CVE-2016-0221 (Cross-site scripting (XSS) vulnerability in IBM Cognos TM1, as used in ...)
@@ -108760,7 +108760,7 @@ CVE-2015-7473 (runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users
 CVE-2015-7472 (IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 ...)
 	NOT-FOR-US: IBM
 CVE-2015-7471 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-7470 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
 	NOT-FOR-US: IBM
 CVE-2015-7469 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
@@ -108776,7 +108776,7 @@ CVE-2015-7465 (Cross-site request forgery (CSRF) vulnerability in Lifecycle Quer
 CVE-2015-7464 (Report Builder in IBM Jazz Reporting Service (JRS) 5.x before ...)
 	NOT-FOR-US: IBM
 CVE-2015-7463 (IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-7462 (IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to ...)
 	NOT-FOR-US: IBM
 CVE-2015-7461
@@ -108796,7 +108796,7 @@ CVE-2015-7455 (IBM WebSphere Portal 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0
 CVE-2015-7454 (Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 ...)
 	NOT-FOR-US: IBM
 CVE-2015-7453 (Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-7452 (IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before ...)
 	NOT-FOR-US: IBM
 CVE-2015-7451 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
@@ -108822,7 +108822,7 @@ CVE-2015-7442 (consoleinst.sh in IBM Installation Manager before 1.7.4.4 and 1.8
 CVE-2015-7441 (Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and ...)
 	NOT-FOR-US: IBM
 CVE-2015-7440 (IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-7439 (Cross-site scripting (XSS) vulnerability in InfoSphere Data Architect ...)
 	NOT-FOR-US: IBM
 CVE-2015-7438 (IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/05eb56122fcbbd50fa24517b4a453c9d29e2b874

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/05eb56122fcbbd50fa24517b4a453c9d29e2b874
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180316/eabf4c3c/attachment.html>

More information about the Secure-testing-commits mailing list