[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Tue Oct 16 13:01:58 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cf5617d7 by Moritz Muehlenhoff at 2018-10-16T12:01:35Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1068,7 +1068,7 @@ CVE-2018-17982
 CVE-2018-17981
 	RESERVED
 CVE-2018-17980 (NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain ...)
-	TODO: check
+	NOT-FOR-US: NoMachine
 CVE-2015-9273 (The wp-slimstat (aka Slimstat Analytics) plugin before 4.1.6.1 for ...)
 	NOT-FOR-US: WordPress plugin wp-slimstat
 CVE-2015-9272 (The videowhisper-video-presentation plugin 3.31.17 for WordPress allows ...)
@@ -6804,13 +6804,13 @@ CVE-2018-1000212
 CVE-2018-15595
 	RESERVED
 CVE-2018-15593 (An issue was discovered in Ivanti Workspace Control before 10.3.10.0 ...)
-	TODO: check
+	NOT-FOR-US: Ivanti Workspace Control
 CVE-2018-15592 (An issue was discovered in Ivanti Workspace Control before 10.3.10.0 ...)
-	TODO: check
+	NOT-FOR-US: Ivanti Workspace Control
 CVE-2018-15591 (An issue was discovered in Ivanti Workspace Control before 10.3.10.0 ...)
-	TODO: check
+	NOT-FOR-US: Ivanti Workspace Control
 CVE-2018-15590 (An issue was discovered in Ivanti Workspace Control before 10.3.0.0 ...)
-	TODO: check
+	NOT-FOR-US: Ivanti Workspace Control
 CVE-2018-15589
 	RESERVED
 CVE-2018-15588
@@ -16510,7 +16510,7 @@ CVE-2018-11750 (Previous releases of the Puppet cisco_ios module did not validat
 CVE-2018-11749 (When users are configured to use startTLS with RBAC LDAP, at login ...)
 	- puppet <not-affected> (RBAC is specific to Puppet Enterprise)
 CVE-2018-11748 (Previous releases of the Puppet device_manager module creates ...)
-	TODO: check
+	NOT-FOR-US: Puppet device_manager module
 CVE-2018-11747
 	RESERVED
 CVE-2018-11746 (In Puppet Discovery prior to 1.2.0, when running Discovery against ...)
@@ -42994,7 +42994,7 @@ CVE-2018-2477
 CVE-2018-2476
 	RESERVED
 CVE-2018-2475 (Following the Gardener architecture, the Kubernetes apiserver of a ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2018-2474 (SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) ...)
 	NOT-FOR-US: SAP
 CVE-2018-2473
@@ -94354,17 +94354,17 @@ CVE-2017-2799 (An exploitable heap corruption vulnerability exists in the AddSst
 CVE-2017-2798 (An exploitable heap corruption vulnerability exists in the ...)
 	NOT-FOR-US: Antenna House DMC HTMLFilter
 CVE-2017-2797 (An exploitable heap overflow vulnerability exists in the ...)
-	NOT-FOR-US: AntennaHouse
+	NOT-FOR-US: Antenna House
 CVE-2017-2796
 	RESERVED
 CVE-2017-2795 (An exploitable heap corruption vulnerability exists in the Txo ...)
-	TODO: check
+	NOT-FOR-US: Antenna House 
 CVE-2017-2794 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
-	NOT-FOR-US: AntennaHouse
+	NOT-FOR-US: Antenna House
 CVE-2017-2793 (An exploitable heap corruption vulnerability exists in the ...)
-	NOT-FOR-US: AntennaHouse
+	NOT-FOR-US: Antenna House
 CVE-2017-2792 (An exploitable heap corruption vulnerability exists in the iBldDirInfo ...)
-	TODO: check
+	NOT-FOR-US: Antenna House 
 CVE-2017-2791 (JustSystems Ichitaro 2016 Trial contains a vulnerability that exists ...)
 	NOT-FOR-US: JustSystems Ichitaro 2016 Trial
 CVE-2017-2790 (When processing a record type of 0x3c from a Workbook stream from an ...)
@@ -94405,7 +94405,7 @@ CVE-2017-2779 (An exploitable memory corruption vulnerability exists in the RSRC
 CVE-2017-2778
 	RESERVED
 CVE-2017-2777 (An exploitable heap overflow vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: Iceni Argus
 CVE-2017-2776
 	RESERVED
 CVE-2017-2775 (An exploitable memory corruption vulnerability exists in the ...)
@@ -102435,15 +102435,15 @@ CVE-2016-9050 (An exploitable out-of-bounds read vulnerability exists in the cli
 CVE-2016-9049 (An exploitable denial-of-service vulnerability exists in the ...)
 	NOT-FOR-US: Aerospike Database
 CVE-2016-9048 (Multiple exploitable SQL Injection vulnerabilities exists in ...)
-	TODO: check
+	NOT-FOR-US: ProcessMaker Enterprise Core
 CVE-2016-9047
 	RESERVED
 CVE-2016-9046
 	RESERVED
 CVE-2016-9045 (A code execution vulnerability exists in ProcessMaker Enterprise Core ...)
-	TODO: check
+	NOT-FOR-US: ProcessMaker Enterprise Core
 CVE-2016-9044 (An exploitable command execution vulnerability exists in Information ...)
-	TODO: check
+	NOT-FOR-US: Information Builders WebFOCUS Business Intelligence Porta
 CVE-2016-9043 (An out of bound write vulnerability exists in the EMF parsing ...)
 	NOT-FOR-US: CorelDRAW X8
 CVE-2016-9042 (An exploitable denial of service vulnerability exists in the origin ...)
@@ -132815,7 +132815,7 @@ CVE-2015-8300 (Polycom BToE Connector before 3.0.0 uses weak permissions (Everyo
 CVE-2015-8299 (Buffer overflow in the Group messages monitor (Falcon) in KNX ETS ...)
 	NOT-FOR-US: Falcon
 CVE-2015-8298 (Multiple SQL injection vulnerabilities in the login page in RXTEC ...)
-	TODO: check
+	NOT-FOR-US: RXTEC
 CVE-2015-8297
 	REJECTED
 CVE-2015-8296



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf5617d736340aea8ed28721f36628dfd24cdc22

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf5617d736340aea8ed28721f36628dfd24cdc22
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181016/2175fe8b/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list