[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Fri Nov 16 14:29:17 GMT 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b3ed02d2 by Moritz Muehlenhoff at 2018-11-16T14:28:56Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2018-19303
 CVE-2018-19302
 	RESERVED
 CVE-2018-19301 (tp4a TELEPORT 3.1.0 allows XSS via the login page because a crafted ...)
-	TODO: check
+	NOT-FOR-US: tp4a TELEPORT
 CVE-2018-19300
 	RESERVED
 CVE-2018-19299
@@ -37,7 +37,7 @@ CVE-2018-19288 (Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via
 CVE-2018-19287 (XSS in the Ninja Forms plugin before 3.3.18 for WordPress allows Remote ...)
 	NOT-FOR-US: Ninja Forms plugin for WordPress
 CVE-2018-19286 (The server in mubu note 2018-11-11 has XSS by configuring an account ...)
-	TODO: check
+	NOT-FOR-US: mubu note
 CVE-2018-19285
 	RESERVED
 CVE-2018-19284
@@ -6864,11 +6864,11 @@ CVE-2018-16623
 CVE-2018-16622 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: DoraCMS
 CVE-2018-16621 (Sonatype Nexus Repository Manager before 3.14 allows Java Expression ...)
-	TODO: check
+	NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2018-16620 (Sonatype Nexus Repository Manager before 3.14 has Incorrect Access ...)
-	TODO: check
+	NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2018-16619 (Sonatype Nexus Repository Manager before 3.14 allows XSS. ...)
-	TODO: check
+	NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2018-16618
 	RESERVED
 CVE-2018-1000670 (KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x ...)
@@ -9205,7 +9205,7 @@ CVE-2018-15710 (Nagios XI 5.5.6 allows local authenticated attackers to escalate
 CVE-2018-15709 (Nagios XI 5.5.6 allows remote authenticated attackers to execute ...)
 	NOT-FOR-US: Nagios XI
 CVE-2018-15708 (Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2018-15707 (Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site ...)
 	NOT-FOR-US: Advantech WebAccess
 CVE-2018-15706 (WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote ...)
@@ -10961,9 +10961,9 @@ CVE-2018-14937 (The Add page option in my little forum 2.4.12 allows XSS via the
 CVE-2018-14936 (The Add page option in my little forum 2.4.12 allows XSS via the Title ...)
 	NOT-FOR-US: My Little Forum
 CVE-2018-14935 (The Web administration console on Polycom Trio devices with software ...)
-	TODO: check
+	NOT-FOR-US: Polycom Trio
 CVE-2018-14934 (The Bluetooth subsystem on Polycom Trio devices with software before ...)
-	TODO: check
+	NOT-FOR-US: Polycom Trio
 CVE-2018-14933 (upgrade_handle.php on NUUO NVRmini devices allows Remote Command ...)
 	NOT-FOR-US: NUUO NVRmini devices
 CVE-2018-14932
@@ -25124,7 +25124,7 @@ CVE-2018-9582
 CVE-2018-9581
 	RESERVED
 CVE-2018-9580 (A Elevation of privilege vulnerability in the HTC bootloader. Product: ...)
-	TODO: check
+	NOT-FOR-US: HTC
 CVE-2018-9579
 	RESERVED
 CVE-2018-9578
@@ -25194,25 +25194,25 @@ CVE-2018-9547
 CVE-2018-9546
 	RESERVED
 CVE-2018-9545 (In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2018-9544 (In register_app of btif_hd.cc, there is a possible out-of-bounds read ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2018-9543 (In f2fs_format_utils.c WITH_BLKDISCARD is not defined, which may cause ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2018-9542 (In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2018-9541 (In avrc_pars_vendor_rsp of avcr_pars_ct.cc, there is a possible ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2018-9540 (In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a possible ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2018-9539 (In the ClearKey CAS descrambler, there is a possible use after free ...)
-	TODO: check
+	NOT-FOR-US: Android Media Framework
 CVE-2018-9538
 	RESERVED
 CVE-2018-9537 (In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a possible ...)
-	TODO: check
+	NOT-FOR-US: Android Media Framework
 CVE-2018-9536 (In numerous functions of libFDK, there are possible out of bounds ...)
-	TODO: check
+	NOT-FOR-US: Android Media Framework
 CVE-2018-9535 (In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible ...)
 	TODO: check
 CVE-2018-9534 (In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a ...)
@@ -25222,7 +25222,7 @@ CVE-2018-9533 (In ixheaacd_dec_data_init of ixheaacd_create.c there is a possibl
 CVE-2018-9532 (In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a ...)
 	TODO: check
 CVE-2018-9531 (In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a possible ...)
-	TODO: check
+	NOT-FOR-US: Android Media Framework
 CVE-2018-9530 (In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a ...)
 	TODO: check
 CVE-2018-9529 (In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is a ...)
@@ -25230,19 +25230,19 @@ CVE-2018-9529 (In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is a
 CVE-2018-9528 (In ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s there is a ...)
 	TODO: check
 CVE-2018-9527 (In vorbis_book_decodev_set of codebook.c there is a possible out of ...)
-	TODO: check
+	NOT-FOR-US: Android Media Framework
 CVE-2018-9526 (In device configuration data, there is an improperly configured ...)
 	TODO: check
 CVE-2018-9525 (In the AndroidManifest.xml file defining the SliceBroadcastReceiver ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2018-9524 (In functionality implemented in System UI, there are insufficient ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2018-9523 (In Parcel.writeMapInternal of Parcel.java, there is a possible parcel ...)
 	TODO: check
 CVE-2018-9522 (In the serialization functions of StatsLogEventWrapper.java, there is ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2018-9521 (In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out ...)
-	TODO: check
+	NOT-FOR-US: Android Media Framework
 CVE-2018-9520
 	RESERVED
 CVE-2018-9519



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3ed02d2cd89cfbe9a8f8f3fea1eafd815cf5604

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3ed02d2cd89cfbe9a8f8f3fea1eafd815cf5604
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181116/5615ac6d/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list