[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Sun Oct 14 20:13:10 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6526309e by Moritz Muehlenhoff at 2018-10-14T19:12:47Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2018-18284
 CVE-2018-18283
 	RESERVED
 CVE-2018-18282 (Next.js 7.0.0 and 7.0.1 has XSS via the 404 or 500 /_error page. ...)
-	TODO: check
+	NOT-FOR-US: Next.js
 CVE-2018-18281
 	RESERVED
 CVE-2018-18280
@@ -23,7 +23,7 @@ CVE-2018-18276
 CVE-2018-18275
 	RESERVED
 CVE-2018-18274 (A issue was found in pdfalto 0.2. There is a heap-based buffer overflow ...)
-	TODO: check
+	NOT-FOR-US: pdfalto
 CVE-2018-18273
 	RESERVED
 CVE-2018-18272
@@ -5012,7 +5012,7 @@ CVE-2018-16212
 CVE-2018-16211
 	RESERVED
 CVE-2018-16210 (WAGO 750-881 Ethernet Controller devices, versions 01.09.18(13) and ...)
-	TODO: check
+	NOT-FOR-US: WAGO
 CVE-2018-16209
 	RESERVED
 CVE-2018-16208
@@ -6199,7 +6199,7 @@ CVE-2018-15757
 CVE-2018-15756
 	RESERVED
 CVE-2018-15755 (Cloud Foundry CF Networking Release, versions 2.11.0 prior to 2.16.0, ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2018-15754
 	RESERVED
 CVE-2018-15753 (An issue was discovered in the MensaMax (aka com.breustedt.mensamax) ...)
@@ -16026,9 +16026,9 @@ CVE-2018-11829
 CVE-2018-11828
 	RESERVED
 CVE-2018-11827 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11826 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11825
 	RESERVED
 CVE-2018-11824
@@ -20742,7 +20742,7 @@ CVE-2018-10143
 CVE-2018-10142
 	RESERVED
 CVE-2018-10141 (GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2018-10140 (The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 ...)
 	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2018-10139 (The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks ...)
@@ -23903,7 +23903,7 @@ CVE-2018-8892
 CVE-2018-8891
 	RESERVED
 CVE-2018-8890 (An information disclosure vulnerability in the Management Console of ...)
-	TODO: check
+	NOT-FOR-US: BlackBerry
 CVE-2018-8889 (A directory traversal vulnerability in the Connect Service of the ...)
 	NOT-FOR-US: BlackBerry
 CVE-2018-8888
@@ -30122,7 +30122,7 @@ CVE-2018-6684
 CVE-2018-6683 (Exploiting Incorrectly Configured Access Control Security Levels ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6682 (Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2018-6681 (Abuse of Functionality vulnerability in the web interface in McAfee ...)
 	NOT-FOR-US: McAfee
 CVE-2018-6680
@@ -30861,17 +30861,17 @@ CVE-2018-6507
 CVE-2018-6506 (Cross-Site Scripting (XSS) exists in the Add Forum feature in the ...)
 	NOT-FOR-US: miniBB
 CVE-2018-6505 (A potential Unauthenticated File Download vulnerability has been ...)
-	TODO: check
+	NOT-FOR-US: ArcSight Management Center (ArcMC)
 CVE-2018-6504 (A potential Cross-Site Request Forgery (CSRF) vulnerability has been ...)
-	TODO: check
+	NOT-FOR-US: ArcSight Management Center (ArcMC)
 CVE-2018-6503 (A potential Access Control vulnerability has been identified in ...)
-	TODO: check
+	NOT-FOR-US: ArcSight Management Center (ArcMC)
 CVE-2018-6502 (A potential Reflected Cross-Site Scripting (XSS) Security ...)
-	TODO: check
+	NOT-FOR-US: ArcSight Management Center (ArcMC)
 CVE-2018-6501 (Potential security vulnerability of Insufficient Access Controls has ...)
-	TODO: check
+	NOT-FOR-US: ArcSight Management Center (ArcMC)
 CVE-2018-6500 (A potential Directory Traversal Security vulnerability has been ...)
-	TODO: check
+	NOT-FOR-US: ArcSight Management Center (ArcMC)
 CVE-2018-6499 (Remote Code Execution in the following products Hybrid Cloud ...)
 	NOT-FOR-US: Hybrid Cloud Management Containerized Suite
 CVE-2018-6498 (Remote Code Execution in the following products Hybrid Cloud ...)
@@ -31604,9 +31604,9 @@ CVE-2018-6264
 CVE-2018-6263
 	RESERVED
 CVE-2018-6262 (NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2018-6261 (NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2018-6260
 	RESERVED
 CVE-2018-6259 (NVIDIA GeForce Experience all versions prior to 3.14.1 contains a ...)
@@ -32998,7 +32998,7 @@ CVE-2018-5923
 CVE-2018-5922
 	RESERVED
 CVE-2018-5921 (A potential security vulnerability has been identified with certain HP ...)
-	TODO: check
+	NOT-FOR-US: HP printers
 CVE-2018-5920
 	RESERVED
 CVE-2018-5919
@@ -33031,7 +33031,7 @@ CVE-2018-5907 (Possible buffer overflow in msm_adsp_stream_callback_put due to l
 CVE-2018-5906
 	RESERVED
 CVE-2018-5905 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5904
 	RESERVED
 CVE-2018-5903
@@ -34377,13 +34377,13 @@ CVE-2018-5404
 CVE-2018-5403
 	RESERVED
 CVE-2018-5402 (The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App ...)
-	TODO: check
+	NOT-FOR-US: Auto-Maskin
 CVE-2018-5401 (The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App ...)
-	TODO: check
+	NOT-FOR-US: Auto-Maskin
 CVE-2018-5400 (The Auto-Maskin products utilize an undocumented custom protocol to ...)
-	TODO: check
+	NOT-FOR-US: Auto-Maskin
 CVE-2018-5399 (The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear ...)
-	TODO: check
+	NOT-FOR-US: Auto-Maskin
 CVE-2018-5398
 	RESERVED
 CVE-2018-5397
@@ -34395,7 +34395,7 @@ CVE-2018-5395
 CVE-2018-5394
 	RESERVED
 CVE-2018-5393 (The TP-LINK EAP Controller is TP-LINK's software for remotely ...)
-	TODO: check
+	NOT-FOR-US: TP-LINK
 CVE-2018-5392 (mingw-w64 version 5.0.4 by default produces executables that opt in to ...)
 	- mingw-w64 <unfixed> (unimportant)
 	NOTE: https://sourceforge.net/p/mingw-w64/mailman/message/31034877/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6526309ed859686fa19469392830f0221460c96b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6526309ed859686fa19469392830f0221460c96b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181014/809136e9/attachment.html>

More information about the debian-security-tracker-commits mailing list