[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Tue May 15 11:35:23 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f0685441 by Moritz Muehlenhoff at 2018-05-15T12:33:38+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -12,9 +12,9 @@ CVE-2018-11100 (The decompileSETTARGET function in decompile.c in libming throug
 CVE-2018-11099
 	RESERVED
 CVE-2018-11098 (An issue was discovered in Frog CMS 0.9.5. There is a file upload ...)
-	TODO: check
+	NOT-FOR-US: Frog CMS
 CVE-2018-11097 (An issue was discovered in cloudwu/cstring through 2016-11-09. There is ...)
-	TODO: check
+	NOT-FOR-US: cloudwu
 CVE-2018-11096
 	RESERVED
 CVE-2018-11095 (The decompileJUMP function in decompile.c in libming through 0.4.8 ...)
@@ -26,9 +26,9 @@ CVE-2018-11093
 CVE-2018-11092
 	RESERVED
 CVE-2018-11091 (An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file ...)
-	TODO: check
+	NOT-FOR-US: MyBiz MyProcureNet
 CVE-2018-11090 (An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This ...)
-	TODO: check
+	NOT-FOR-US: MyBiz MyProcureNet
 CVE-2018-11089
 	RESERVED
 CVE-2018-11088
@@ -231,9 +231,9 @@ CVE-2018-10993
 CVE-2018-10991
 	REJECTED
 CVE-2018-10990 (On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a ...)
-	TODO: check
+	NOT-FOR-US: Arris Touchstone Telephony Gateway
 CVE-2018-10989 (Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are ...)
-	TODO: check
+	NOT-FOR-US: Arris Touchstone Telephony Gateway
 CVE-2018-10988
 	RESERVED
 CVE-2018-10987
@@ -592,7 +592,7 @@ CVE-2018-10827 (LiteCart before 2.1.2 allows remote attackers to cause a denial 
 CVE-2018-10826
 	RESERVED
 CVE-2018-10825 (Mimo Baby 2 devices do not use authentication or encryption for the ...)
-	TODO: check
+	NOT-FOR-US: Mimo Baby 2
 CVE-2018-10824
 	RESERVED
 CVE-2018-10823
@@ -1988,7 +1988,7 @@ CVE-2018-10254 (Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read
 CVE-2018-10253 (Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack ...)
 	NOT-FOR-US: Paessler PRTG Network Monitor
 CVE-2018-10252 (An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a ...)
-	TODO: check
+	NOT-FOR-US: Actiontec WCB6200Q
 CVE-2018-10251 (A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and ...)
 	NOT-FOR-US: Sierra Wireless AirLink routers
 CVE-2018-10250 (iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a ...)
@@ -5405,7 +5405,7 @@ CVE-2018-8845
 CVE-2018-8844
 	RESERVED
 CVE-2018-8843 (Rockwell Automation Arena versions 16.10.00 and prior contains a use ...)
-	TODO: check
+	NOT-FOR-US: Rockwell
 CVE-2018-8842
 	RESERVED
 CVE-2018-8841
@@ -15830,7 +15830,7 @@ CVE-2018-5232
 CVE-2018-5231
 	RESERVED
 CVE-2018-5230 (The issue collector in Atlassian Jira before version 7.6.6, from ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2018-5229
 	RESERVED
 CVE-2018-5228 (The /browse/~raw resource in Atlassian Fisheye and Crucible before ...)
@@ -29288,7 +29288,7 @@ CVE-2018-0593
 CVE-2018-0592
 	RESERVED
 CVE-2018-0591 (The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS Ver ...)
-	TODO: check
+	NOT-FOR-US: KINEPASS
 CVE-2018-0590 (Ultimate Member plugin prior to version 2.0.4 for WordPress allows ...)
 	NOT-FOR-US: WordPress plugin ultimate-member
 CVE-2018-0589 (Ultimate Member plugin prior to version 2.0.4 for WordPress allows ...)
@@ -29310,7 +29310,7 @@ CVE-2018-0582 (Cross-site scripting vulnerability in ASUS RT-AC68U Firmware vers
 CVE-2018-0581 (Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version ...)
 	NOT-FOR-US: ASUS
 CVE-2018-0580 (Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series ...)
-	TODO: check
+	NOT-FOR-US: CELSYS
 CVE-2018-0579 (Cross-site scripting vulnerability in Open Graph for Facebook, Google+ ...)
 	NOT-FOR-US: WordPress plugin wonderm00ns-simple-facebook-open-graph-tags
 CVE-2018-0578 (Cross-site scripting vulnerability in PixelYourSite plugin prior to ...)
@@ -31288,7 +31288,7 @@ CVE-2017-16862 (The IncomingMailServers resource in Atlassian Jira before versio
 CVE-2017-16861 (It was possible for double OGNL evaluation in certain redirect action ...)
 	NOT-FOR-US: Atlassian Fisheye and Crucible
 CVE-2017-16860 (The invalidRedirectUrl template in Atlassian Application Links before ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2017-16859
 	RESERVED
 CVE-2017-16858 (The 'crowd-application' plugin module (notably used by the Google Apps ...)
@@ -38624,21 +38624,21 @@ CVE-2017-14440 (An exploitable code execution vulnerability exists in the ILBM i
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0489
 	NOTE: https://hg.libsdl.org/SDL_image/rev/bfa08dc02b3c
 CVE-2017-14439 (Exploitable denial of service vulnerabilities exists in the Service ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2017-14438 (Exploitable denial of service vulnerabilities exists in the Service ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2017-14437 (An exploitable denial of service vulnerability exists in the web ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2017-14436 (An exploitable denial of service vulnerability exists in the web ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2017-14435 (An exploitable denial of service vulnerability exists in the web ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2017-14434 (An exploitable command injection vulnerability exists in the web ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2017-14433 (An exploitable command injection vulnerability exists in the web ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2017-14432 (An exploitable command injection vulnerability exists in the web ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2017-14430 (D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) ...)
 	NOT-FOR-US: D-Link
 CVE-2017-14429 (The DHCP client on D-Link DIR-850L REV. A (with firmware through ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0685441c8059f7255a3ca03efa9c650ce8f7d25

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f0685441c8059f7255a3ca03efa9c650ce8f7d25
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180515/1e85e783/attachment.html>

More information about the debian-security-tracker-commits mailing list