[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Tue Nov 20 09:20:55 GMT 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9a3193be by Moritz Muehlenhoff at 2018-11-20T09:20:20Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -81,7 +81,7 @@ CVE-2018-19335
 CVE-2018-19334
 	RESERVED
 CVE-2018-19333 (pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows ...)
-	TODO: check
+	NOT-FOR-US: gVisor
 CVE-2018-19332 (An issue was discovered in S-CMS v1.5. There is a CSRF vulnerability ...)
 	NOT-FOR-US: S-CMS
 CVE-2018-19331 (An issue was discovered in S-CMS v1.5. There is a SQL injection ...)
@@ -1711,9 +1711,9 @@ CVE-2018-18758
 CVE-2018-18757
 	RESERVED
 CVE-2018-18756 (Local Server 1.0.9 has a Buffer Overflow via crafted data on Port ...)
-	TODO: check
+	NOT-FOR-US: Local Server
 CVE-2018-18755 (K-iwi Framework 1775 has SQL Injection via the admin/user/group/update ...)
-	TODO: check
+	NOT-FOR-US: K-iwi Framework
 CVE-2018-18754 (ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root account ...)
 	NOT-FOR-US: ZyXEL
 CVE-2018-18753 (Typecho V1.1 allows remote attackers to send shell commands via ...)
@@ -2311,7 +2311,7 @@ CVE-2018-18520 (An Invalid Memory Address Dereference exists in the function elf
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23787
 	NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html
 CVE-2018-18519 (BestXsoftware Best Free Keylogger 5.2.9 allows local users to gain ...)
-	TODO: check
+	NOT-FOR-US: BestXsoftware Best Free Keylogger
 CVE-2018-18518
 	RESERVED
 CVE-2018-18517 (Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before ...)
@@ -3950,7 +3950,7 @@ CVE-2018-17908 (WebAccess Versions 8.3.2 and prior. During installation, the ...
 CVE-2018-17907 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0 ...)
 	NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-17906 (Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and ...)
-	TODO: check
+	NOT-FOR-US: Philips
 CVE-2018-17905 (When processing project files in Omron CX-Supervisor Versions 3.4.1.0 ...)
 	NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-17904 (Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This ...)
@@ -9239,11 +9239,11 @@ CVE-2018-15763 (Pivotal Container Service, versions prior to 1.2.0, contains an
 CVE-2018-15762 (Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions ...)
 	NOT-FOR-US: Pivotal
 CVE-2018-15761 (Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2018-15760
 	RESERVED
 CVE-2018-15759 (Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2018-15758 (Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to ...)
 	NOT-FOR-US: Spring Security OAuth
 CVE-2018-15757
@@ -26323,7 +26323,7 @@ CVE-2018-9211
 CVE-2018-9210
 	RESERVED
 CVE-2018-9209 (Unauthenticated arbitrary file upload vulnerability in FineUploader ...)
-	TODO: check
+	NOT-FOR-US: FineUploader
 CVE-2018-9208 (Unauthenticated arbitrary file upload vulnerability in jQuery Picture ...)
 	NOT-FOR-US: jQuery Picture
 CVE-2018-9207 (Arbitrary file upload in jQuery Upload File <= 4.0.2 ...)
@@ -26610,7 +26610,7 @@ CVE-2018-9088
 CVE-2018-9087
 	RESERVED
 CVE-2018-9086 (In some Lenovo ThinkServer-branded servers, a command injection ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2018-9085 (A write protection lock bit was left unset after boot on an older ...)
 	NOT-FOR-US: IBM
 CVE-2018-9084
@@ -47456,7 +47456,7 @@ CVE-2018-1843
 CVE-2018-1842 (IBM Cognos Analytics 11 Configuration tool, under certain ...)
 	NOT-FOR-US: IBM
 CVE-2018-1841 (IBM Cloud Private 2.1.0 could allow a local user to obtain the CA ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2018-1840
 	RESERVED
 CVE-2018-1839



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9a3193be292027053eba19fbda6bde1755677e42

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9a3193be292027053eba19fbda6bde1755677e42
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181120/fa2ed27d/attachment.html>

More information about the debian-security-tracker-commits mailing list