[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Fri May 4 22:34:04 BST 2018


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5ba90523 by Moritz Muehlenhoff at 2018-05-04T23:33:45+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,13 +1,13 @@
 CVE-2018-10750 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-10749 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-10748 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-10747 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-10746 (An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-10745
 	RESERVED
 CVE-2018-10744
@@ -19,9 +19,9 @@ CVE-2018-10742
 CVE-2018-10741
 	RESERVED
 CVE-2018-10740 (Axublog 1.1.0 allows remote Code Execution as demonstrated by injection ...)
-	TODO: check
+	NOT-FOR-US: Axublog
 CVE-2018-10739 (An issue was discovered in Shanghai 2345 Security Guard 3.7.0. ...)
-	TODO: check
+	NOT-FOR-US: Shanghai 2345 Security Guard
 CVE-2018-10738
 	RESERVED
 CVE-2018-10737
@@ -47,7 +47,7 @@ CVE-2018-10728
 CVE-2018-10727
 	RESERVED
 CVE-2018-10726 (** DISPUTED ** A stored XSS vulnerability was found in Datenstrom ...)
-	TODO: check
+	NOT-FOR-US: Datenstrom Yellow
 CVE-2018-10725
 	RESERVED
 CVE-2018-10724
@@ -3969,7 +3969,7 @@ CVE-2018-9065
 CVE-2018-9064
 	RESERVED
 CVE-2018-9063 (MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2018-9062
 	RESERVED
 CVE-2018-9061
@@ -4495,13 +4495,13 @@ CVE-2018-8874 (In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allow
 CVE-2018-8873 (In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) ...)
 	NOT-FOR-US: 2345 Security Guard
 CVE-2018-8872 (In Schneider Electric Triconex Tricon MP model 3008 firmware versions ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2018-8871
 	RESERVED
 CVE-2018-8870
 	RESERVED
 CVE-2018-8869 (In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for ...)
-	TODO: check
+	NOT-FOR-US: Lantech
 CVE-2018-8868
 	RESERVED
 CVE-2018-8867
@@ -4509,7 +4509,7 @@ CVE-2018-8867
 CVE-2018-8866
 	RESERVED
 CVE-2018-8865 (In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow ...)
-	TODO: check
+	NOT-FOR-US: Lantech
 CVE-2018-8864
 	RESERVED
 CVE-2018-8863
@@ -4517,7 +4517,7 @@ CVE-2018-8863
 CVE-2018-8862
 	RESERVED
 CVE-2018-8861 (Vulnerabilities within the Philips Brilliance CT kiosk environment ...)
-	TODO: check
+	NOT-FOR-US: Philips Brilliance
 CVE-2018-8860
 	RESERVED
 CVE-2018-8859
@@ -4525,7 +4525,7 @@ CVE-2018-8859
 CVE-2018-8858
 	RESERVED
 CVE-2018-8857 (Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, ...)
-	TODO: check
+	NOT-FOR-US: Philips Brilliance
 CVE-2018-8856
 	RESERVED
 CVE-2018-8855
@@ -4533,7 +4533,7 @@ CVE-2018-8855
 CVE-2018-8854
 	RESERVED
 CVE-2018-8853 (Philips Brilliance CT devices operate user functions from within a ...)
-	TODO: check
+	NOT-FOR-US: Philips Brilliance
 CVE-2018-8852
 	RESERVED
 CVE-2018-8851
@@ -7972,7 +7972,7 @@ CVE-2018-7524 (A cross-site request forgery vulnerability has been identified in
 CVE-2018-7523 (In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed ...)
 	NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-7522 (In Schneider Electric Triconex Tricon MP model 3008 firmware versions ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2018-7521 (In Omron CX-Supervisor Versions 3.30 and prior, use after free ...)
 	NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-7520 (An improper access control vulnerability has been identified in ...)
@@ -7998,11 +7998,11 @@ CVE-2018-7511 (In Eaton ELCSoft versions 2.04.02 and prior, there are multiple c
 CVE-2018-7510
 	RESERVED
 CVE-2018-7509 (WPLSoft in Delta Electronics versions 2.45.0 and prior writes data ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2018-7508 (A Cross-site Scripting issue was discovered in OSIsoft PI Web API ...)
 	NOT-FOR-US: OSIsoft PI
 CVE-2018-7507 (WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2018-7506 (The private key of the web server in Moxa MXview versions 2.8 and ...)
 	NOT-FOR-US: Moxa
 CVE-2018-7505
@@ -8028,7 +8028,7 @@ CVE-2018-7496 (An Information Exposure issue was discovered in OSIsoft PI Vision
 CVE-2018-7495
 	RESERVED
 CVE-2018-7494 (WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2018-7493 (CactusVPN through 6.0 for macOS suffers from a root privilege ...)
 	NOT-FOR-US: CactusVPN for macOS
 CVE-2017-18204 (The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel ...)
@@ -14297,11 +14297,11 @@ CVE-2018-5450
 CVE-2018-5449 (A NULL Pointer Dereference issue was discovered in Moxa OnCell ...)
 	NOT-FOR-US: Moxa
 CVE-2018-5448 (All versions of the Medtronic 2090 Carelink Programmer are affected by ...)
-	TODO: check
+	NOT-FOR-US: Medtronic
 CVE-2018-5447 (An Improper Input Validation issue was discovered in Nari PCS-9611 ...)
 	NOT-FOR-US: Nari PCS-9611 relay
 CVE-2018-5446 (All versions of the Medtronic 2090 Carelink Programmer are affected by ...)
-	TODO: check
+	NOT-FOR-US: Medtronic
 CVE-2018-5445 (A Path Traversal issue was discovered in Advantech WebAccess/SCADA ...)
 	NOT-FOR-US: Advantech WebAccess/SCADA
 CVE-2018-5444
@@ -65116,9 +65116,9 @@ CVE-2017-5540
 CVE-2017-5539 (The patch for directory traversal (CVE-2017-5480) in b2evolution ...)
 	- b2evolution <removed>
 CVE-2017-5536 (The GridServer Broker, and GridServer Director components of TIBCO ...)
-	TODO: check
+	NOT-FOR-US: TIBCO GridServer
 CVE-2017-5535 (The GridServer Broker, GridServer Driver, and GridServer Engine ...)
-	TODO: check
+	NOT-FOR-US: TIBCO GridServer
 CVE-2017-5534 (The tibbr user profiles components of tibbr Community, and tibbr ...)
 	NOT-FOR-US: tibbr
 CVE-2017-5533 (A vulnerability in the server content cache of TIBCO JasperReports ...)
@@ -70090,7 +70090,7 @@ CVE-2017-3777
 CVE-2017-3776 (Lenovo Help Android mobile app versions earlier than 6.1.2.0327 ...)
 	NOT-FOR-US: Lenovo Help Android mobile app
 CVE-2017-3775 (Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3774 (A stack overflow vulnerability was discovered within the web ...)
 	NOT-FOR-US: IBM
 CVE-2017-3773
@@ -75928,7 +75928,7 @@ CVE-2017-1745
 CVE-2017-1744
 	RESERVED
 CVE-2017-1743 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1742
 	RESERVED
 CVE-2017-1741 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a ...)
@@ -164508,7 +164508,7 @@ CVE-2013-6274
 CVE-2013-6273
 	RESERVED
 CVE-2013-6272 (The NotificationBroadcastReceiver class in the com.android.phone ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2013-6271 (Android 4.0 through 4.3 allows attackers to bypass intended access ...)
 	NOT-FOR-US: Android
 CVE-2013-6270



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ba90523018066bd98a5aac611c73f5aae4745ce

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ba90523018066bd98a5aac611c73f5aae4745ce
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180504/8e20ddea/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list