[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Wed Nov 14 18:46:43 GMT 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
265690cd by Moritz Muehlenhoff at 2018-11-14T18:45:16Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27651,43 +27651,43 @@ CVE-2018-8559
CVE-2018-8558 (An information disclosure vulnerability exists when Microsoft Outlook ...)
NOT-FOR-US: Microsoft
CVE-2018-8557 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8556 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8555 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8554 (An elevation of privilege vulnerability exists when DirectX improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8553 (A remote code execution vulnerability exists in the way that Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8552 (An information disclosure vulnerability exists when VBScript ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8551 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8550 (An elevation of privilege exists in Windows COM Aggregate Marshaler, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8549 (A security feature bypass exists when Windows incorrectly validates ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8548
RESERVED
CVE-2018-8547 (A cross-site-scripting (XSS) vulnerability exists when an open source ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8546 (A denial of service vulnerability exists in Skype for Business, aka ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8545 (An information disclosure vulnerability exists in the way that ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8544 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8543 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8542 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8541 (A remote code execution vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8540
RESERVED
CVE-2018-8539 (A remote code execution vulnerability exists in Microsoft Word ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8538
RESERVED
CVE-2018-8537
@@ -27717,11 +27717,11 @@ CVE-2018-8526
CVE-2018-8525
RESERVED
CVE-2018-8524 (A remote code execution vulnerability exists in Microsoft Outlook ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8523
RESERVED
CVE-2018-8522 (A remote code execution vulnerability exists in Microsoft Outlook ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8521
RESERVED
CVE-2018-8520
@@ -27795,7 +27795,7 @@ CVE-2018-8487
CVE-2018-8486 (An information disclosure vulnerability exists when DirectX improperly ...)
NOT-FOR-US: Microsoft
CVE-2018-8485 (An elevation of privilege vulnerability exists when DirectX improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8484 (An elevation of privilege vulnerability exists when the DirectX ...)
NOT-FOR-US: Microsoft
CVE-2018-8483
@@ -27813,7 +27813,7 @@ CVE-2018-8478
CVE-2018-8477
RESERVED
CVE-2018-8476 (A remote code execution vulnerability exists in the way that Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8475 (A remote code execution vulnerability exists when Windows does not ...)
NOT-FOR-US: Microsoft
CVE-2018-8474 (A security feature bypass vulnerability exists when Lync for Mac 2011 ...)
@@ -27823,7 +27823,7 @@ CVE-2018-8473 (A remote code execution vulnerability exists when Microsoft Edge
CVE-2018-8472 (An information disclosure vulnerability exists in the way that the ...)
NOT-FOR-US: Microsoft
CVE-2018-8471 (An elevation of privilege vulnerability exists in the way that the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8470 (A security feature bypass vulnerability exists in Internet Explorer ...)
NOT-FOR-US: Microsoft
CVE-2018-8469 (An elevation of privilege vulnerability exists in Microsoft Edge that ...)
@@ -27857,7 +27857,7 @@ CVE-2018-8456 (A remote code execution vulnerability exists in the way that the
CVE-2018-8455 (An elevation of privilege vulnerability exists in the way that the ...)
NOT-FOR-US: Microsoft
CVE-2018-8454 (An information disclosure vulnerability exists when Windows Audio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8453 (An elevation of privilege vulnerability exists in Windows when the ...)
NOT-FOR-US: Microsoft
CVE-2018-8452 (An information disclosure vulnerability exists when the scripting ...)
@@ -27865,7 +27865,7 @@ CVE-2018-8452 (An information disclosure vulnerability exists when the scripting
CVE-2018-8451
RESERVED
CVE-2018-8450 (A remote code execution vulnerability exists when Windows Search ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8449 (A security feature bypass exists when Device Guard incorrectly ...)
NOT-FOR-US: Microsoft
CVE-2018-8448 (An elevation of privilege vulnerability exists when Microsoft Exchange ...)
@@ -27931,11 +27931,11 @@ CVE-2018-8419 (An information disclosure vulnerability exists when the Windows k
CVE-2018-8418
RESERVED
CVE-2018-8417 (A security feature bypass vulnerability exists in Microsoft JScript ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8416 (A tampering vulnerability exists when .NET Core improperly handles ...)
TODO: check
CVE-2018-8415 (A tampering vulnerability exists in PowerShell that could allow an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8414 (A remote code execution vulnerability exists when the Windows Shell ...)
NOT-FOR-US: Microsoft
CVE-2018-8413 (A remote code execution vulnerability exists when "Windows Theme API" ...)
@@ -27949,9 +27949,9 @@ CVE-2018-8410 (An elevation of privilege vulnerability exists when the Windows K
CVE-2018-8409 (A denial of service vulnerability exists when System.IO.Pipelines ...)
NOT-FOR-US: Microsoft
CVE-2018-8408 (An information disclosure vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8407 (An information disclosure vulnerability exists when "Kernel Remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8406 (An elevation of privilege vulnerability exists when the DirectX ...)
NOT-FOR-US: Microsoft
CVE-2018-8405 (An elevation of privilege vulnerability exists when the DirectX ...)
@@ -28254,7 +28254,7 @@ CVE-2018-8258
CVE-2018-8257
RESERVED
CVE-2018-8256 (A remote code execution vulnerability exists when PowerShell ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2018-8255
RESERVED
CVE-2018-8254 (An elevation of privilege vulnerability exists when Microsoft ...)
@@ -32178,7 +32178,7 @@ CVE-2018-6981
NOT-FOR-US: VMware
NOTE: https://seclists.org/bugtraq/2018/Nov/12
CVE-2018-6980 (VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2018-6979 (The VMware Workspace ONE Unified Endpoint Management Console (A/W ...)
NOT-FOR-US: VMware
CVE-2018-6978
@@ -45761,43 +45761,43 @@ CVE-2018-2493
CVE-2018-2492
RESERVED
CVE-2018-2491 (When opening a deep link URL in SAP Fiori Client with log level set to ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2490 (The broadcast messages received by SAP Fiori Client are not protected ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2489 (Locally, without any permission, an arbitrary android application ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2488 (It is possible for a malware application installed on an Android ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2487 (SAP Disclosure Management 10.x allows an attacker to exploit through a ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2486
RESERVED
CVE-2018-2485 (It is possible for a malicious application or malware to execute ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2484
RESERVED
CVE-2018-2483 (HTTP Verb Tampering is possible in SAP BusinessObjects Business ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2482 (SAP Mobile Secure Android Application, Mobile-secure.apk Android ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2481 (In some SAP standard roles, in SAP_ABA versions, 7.00 to 7.02, 7.10 to ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2480
RESERVED
CVE-2018-2479 (SAP BusinessObjects Business Intelligence Platform (BIWorkspace), ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2478 (An attacker can use specially crafted inputs to execute commands on ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2477 (Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2476 (Due to insufficient URL Validation in forums in SAP NetWeaver versions ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2475 (Following the Gardener architecture, the Kubernetes apiserver of a ...)
NOT-FOR-US: SAP
CVE-2018-2474 (SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) ...)
NOT-FOR-US: SAP
CVE-2018-2473 (SAP BusinessObjects Business Intelligence Platform Server, versions ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2018-2472 (SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web ...)
NOT-FOR-US: SAP
CVE-2018-2471 (Under certain conditions SAP BusinessObjects Business Intelligence ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/265690cd9419e27af7f286cfcb138cd55f6c2697
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/265690cd9419e27af7f286cfcb138cd55f6c2697
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181114/262b6814/attachment.html>
More information about the debian-security-tracker-commits
mailing list