[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sun Nov 18 08:29:09 GMT 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fba12d6c by Salvatore Bonaccorso at 2018-11-18T08:28:35Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2018-19350 (In SeaCMS v6.6.4, there is stored XSS via the ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2018-19349 (In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2018-19348 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-19347 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-19346 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-19345 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-19344 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-19343 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-19342 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-19341 (The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in ...)
-	TODO: check
+	NOT-FOR-US: Foxit Reader
 CVE-2018-19340 (Guriddo Form PHP 5.3 has XSS via the ...)
 	NOT-FOR-US: Guriddo Form PHP
 CVE-2018-19339
@@ -9336,9 +9336,9 @@ CVE-2018-15695 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote
 CVE-2018-15694 (ASUSTOR Data Master 3.1.5 and below allows authenticated remote ...)
 	NOT-FOR-US: ASUSTOR Data Master
 CVE-2018-15693 (Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows ...)
-	TODO: check
+	NOT-FOR-US: Inova Partner
 CVE-2018-15692 (Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows ...)
-	TODO: check
+	NOT-FOR-US: Inova Partner
 CVE-2018-15691 (Insecure deserialization of a specially crafted serialized object, in ...)
 	NOT-FOR-US: CA Release Automation
 CVE-2018-15690
@@ -26544,7 +26544,7 @@ CVE-2018-9087
 CVE-2018-9086 (In some Lenovo ThinkServer-branded servers, a command injection ...)
 	TODO: check
 CVE-2018-9085 (A write protection lock bit was left unset after boot on an older ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-9084
 	RESERVED
 CVE-2018-9083
@@ -26568,11 +26568,11 @@ CVE-2018-9075 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.3
 CVE-2018-9074 (For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 ...)
 	NOT-FOR-US: Lenovo
 CVE-2018-9073 (Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes ...)
-	TODO: check
+	NOT-FOR-US: Lenovo Chassis Management Module
 CVE-2018-9072
 	RESERVED
 CVE-2018-9071 (Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows ...)
-	TODO: check
+	NOT-FOR-US: Lenovo Chassis Management Module
 CVE-2018-9070 (For the Lenovo Smart Assistant Android app versions earlier than ...)
 	NOT-FOR-US: Lenovo
 CVE-2018-9069 (In some Lenovo IdeaPad consumer notebook models, a race condition in ...)
@@ -31227,15 +31227,15 @@ CVE-2018-7365
 CVE-2018-7364
 	RESERVED
 CVE-2018-7363 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2018-7362 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2018-7361 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2018-7360 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2018-7359 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2018-7358 (ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, ...)
 	NOT-FOR-US: ZTE ZXHN H168N product
 CVE-2018-7357 (ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, ...)
@@ -47470,7 +47470,7 @@ CVE-2018-1799 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server)
 CVE-2018-1798 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2018-1797 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1796
 	RESERVED
 CVE-2018-1795 (IBM Robotic Process Automation with Automation Anywhere Enterprise 10 ...)
@@ -47786,7 +47786,7 @@ CVE-2018-1641
 CVE-2018-1640
 	RESERVED
 CVE-2018-1639 (The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1638 (IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two ...)
 	NOT-FOR-US: IBM
 CVE-2018-1637



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fba12d6cdd0ed26bc797315bfeb1cf9ffd615eff

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fba12d6cdd0ed26bc797315bfeb1cf9ffd615eff
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181118/47c28ce7/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list