[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Tue Mar 20 09:31:21 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2875c3a7 by Salvatore Bonaccorso at 2018-03-20T10:31:02+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3411,7 +3411,7 @@ CVE-2018-7447 (mojoPortal through 2.6.0.0 is prone to multiple persistent cross-
CVE-2018-7446
RESERVED
CVE-2018-7445 (A buffer overflow was found in the MikroTik RouterOS SMB service when ...)
- TODO: check
+ NOT-FOR-US: MikroTik RouterOS
CVE-2018-7444
RESERVED
CVE-2017-18199 (realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote ...)
@@ -20268,7 +20268,7 @@ CVE-2018-1220 (EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect ..
CVE-2018-1219 (EMC RSA Archer, versions prior to 6.2.0.8, contains an improper access ...)
NOT-FOR-US: EMC RSA Archer
CVE-2018-1218 (In Dell EMC NetWorker versions prior to 9.2.1.1, versions prior to ...)
- TODO: check
+ NOT-FOR-US: EMC NetWorker
CVE-2018-1217
RESERVED
CVE-2018-1216 (A hard-coded password vulnerability was discovered in vApp Manager ...)
@@ -20459,7 +20459,7 @@ CVE-2018-1173
CVE-2018-1172
RESERVED
CVE-2018-1171 (This vulnerability allows local attackers to escalate privileges on ...)
- TODO: check
+ NOT-FOR-US: Joyent SmartOS
CVE-2018-1170 (This vulnerability allows adjacent attackers to inject arbitrary ...)
NOT-FOR-US: Volkswagen Customer-Link App and HTC Customer-Link Bridge
CVE-2018-1169 (This vulnerability allows remote attackers to execute arbitrary code ...)
@@ -144975,7 +144975,7 @@ CVE-2014-4026
CVE-2014-4025
RESERVED
CVE-2014-4024 (SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2014-4023 (Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in ...)
NOT-FOR-US: F5 BIG-IP
CVE-2014-4022 (The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, ...)
@@ -148927,9 +148927,9 @@ CVE-2014-2677
CVE-2014-2676
RESERVED
CVE-2014-2675 (Cross-site request forgery (CSRF) vulnerability in inc/AdminPage.php ...)
- TODO: check
+ NOT-FOR-US: WP HTML Sitemap plugin for WordPress
CVE-2014-2674 (Directory traversal vulnerability in the Ajax Pagination (twitter ...)
- TODO: check
+ NOT-FOR-US: Ajax Pagination (twitter Style) plugin for WordPress
CVE-2014-2671 (Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote ...)
NOT-FOR-US: Microsoft Windows Media Player
CVE-2014-2670 (Cross-site scripting (XSS) vulnerability in Properties.do in ZOHO ...)
@@ -149232,7 +149232,7 @@ CVE-2014-2552
CVE-2014-2551
RESERVED
CVE-2014-2550 (Cross-site request forgery (CSRF) vulnerability in the Disable ...)
- TODO: check
+ NOT-FOR-US: Disable Comments plugin for WordPress
CVE-2014-2549
RESERVED
CVE-2014-2548
@@ -149987,7 +149987,7 @@ CVE-2014-2299 (Buffer overflow in the mpeg_read function in wiretap/mpeg.c in th
CVE-2014-2298
RESERVED
CVE-2014-2297 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress
CVE-2014-2296
RESERVED
CVE-2014-2295
@@ -150068,7 +150068,7 @@ CVE-2014-2276 (The FileUploadController servlet in EMC Connectrix Manager Conver
CVE-2014-2275
RESERVED
CVE-2014-2274 (Cross-site request forgery (CSRF) vulnerability in the Subscribe To ...)
- TODO: check
+ NOT-FOR-US: Subscribe To Comments Reloaded plugin for WordPress
CVE-2014-2273 (The hx170dec device driver in Huawei P2-6011 before V100R001C00B043 ...)
NOT-FOR-US: Huawei Router
CVE-2014-2272
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2875c3a72474f5db50e624a05ded9620e2b7b8a0
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2875c3a72474f5db50e624a05ded9620e2b7b8a0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180320/9e1d13bd/attachment-0001.html>
More information about the Secure-testing-commits
mailing list