[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Oct 19 11:26:03 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
34f3435f by Salvatore Bonaccorso at 2018-10-19T10:25:37Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,13 +3,13 @@ CVE-2018-18490
 CVE-2018-18489
 	RESERVED
 CVE-2018-18488 (In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection ...)
-	TODO: check
+	NOT-FOR-US: Gxlcms
 CVE-2018-18487 (In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database ...)
-	TODO: check
+	NOT-FOR-US: Gxlcms
 CVE-2018-18486 (An issue was discovered in PHPSHE 1.7. SQL injection exists via the ...)
-	TODO: check
+	NOT-FOR-US: PHPSHE
 CVE-2018-18485 (An issue was discovered in PHPSHE 1.7. admin.php?mod=db&act=del allows ...)
-	TODO: check
+	NOT-FOR-US: PHPSHE
 CVE-2018-18484 (An issue was discovered in cp-demangle.c in GNU libiberty, as ...)
 	TODO: check
 CVE-2018-18483 (The get_count function in cplus-dem.c in GNU libiberty, as distributed ...)
@@ -1393,7 +1393,7 @@ CVE-2018-17965 (ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGI
 	- imagemagick <unfixed> (unimportant)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1052
 CVE-2018-17964 (Aryanic HighPortal 12.5 has XSS via an Add Tags action. ...)
-	TODO: check
+	NOT-FOR-US: Aryanic HighPortal
 CVE-2018-17963 (qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes ...)
 	- qemu <unfixed>
 	- qemu-kvm <removed>
@@ -6114,21 +6114,21 @@ CVE-2018-15978
 CVE-2018-15977
 	RESERVED
 CVE-2018-15976 (Adobe Technical Communications Suite versions 1.0.5.1 and below have ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-15975
 	RESERVED
 CVE-2018-15974 (Adobe Framemaker versions 1.0.5.1 and below have an insecure library ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-15973 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-15972 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-15971 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-15970 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-15969 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2018-15968 (Adobe Acrobat and Reader versions 2018.011.20063 and earlier, ...)
 	NOT-FOR-US: Adobe
 CVE-2018-15967 (Adobe Flash Player versions 30.0.0.154 and earlier have a privilege ...)
@@ -6693,7 +6693,7 @@ CVE-2018-15767
 CVE-2018-15766 (On install, Dell Encryption versions prior 10.0.1 and Dell Endpoint ...)
 	NOT-FOR-US: Dell
 CVE-2018-15765 (Dell EMC Secure Remote Services, versions prior to 3.32.00.08, ...)
-	TODO: check
+	NOT-FOR-US: EMC Secure Remote Services
 CVE-2018-15764 (Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote ...)
 	NOT-FOR-US: EMC ESRS Policy Manager
 CVE-2018-15763 (Pivotal Container Service, versions prior to 1.2.0, contains an ...)
@@ -7011,7 +7011,7 @@ CVE-2018-15618
 CVE-2018-15617
 	RESERVED
 CVE-2018-15616 (A vulnerability in the Web UI component of Avaya Aura System Platform ...)
-	TODO: check
+	NOT-FOR-US: Avaya Aura System Platform
 CVE-2018-15615 (A vulnerability in the Supervisor component of Avaya Call Management ...)
 	NOT-FOR-US: Avaya
 CVE-2018-15614
@@ -7394,7 +7394,7 @@ CVE-2018-15494 (In Dojo Toolkit before 1.14, there is unescaped string injection
 	- dojo 1.14.1+dfsg1-1 (bug #906540)
 	NOTE: https://github.com/dojo/dojox/pull/283
 CVE-2018-15493 (vBulletin 5.4.3 has an Open Redirect. ...)
-	TODO: check
+	NOT-FOR-US: vBulletin
 CVE-2018-15492 (A vulnerability in the lservnt.exe component of Sentinel License ...)
 	NOT-FOR-US: Sentinel License Manager
 CVE-2018-15491 (A vulnerability in the permission and encryption implementation of ...)
@@ -7497,13 +7497,13 @@ CVE-2018-15440
 CVE-2018-15439
 	RESERVED
 CVE-2018-15438 (A vulnerability in the web-based management interface of Cisco Prime ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15437
 	RESERVED
 CVE-2018-15436 (A vulnerability in the web-based management interface of Cisco Webex ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15435 (A vulnerability in the web-based management interface of Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15434 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15433 (A vulnerability in the server backup function of Cisco Prime ...)
@@ -7569,7 +7569,7 @@ CVE-2018-15404 (A vulnerability in the web interface of Cisco Integrated Managem
 CVE-2018-15403 (A vulnerability in the web interface of Cisco Emergency Responder, ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15402 (A vulnerability in Cisco Enterprise NFV Infrastructure Software ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15401 (A vulnerability in the web-based management interface of Cisco Hosted ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15400 (A vulnerability in the web-based management interface of Cisco Cloud ...)
@@ -7583,7 +7583,7 @@ CVE-2018-15397 (A vulnerability in the implementation of Traffic Flow Confidenti
 CVE-2018-15396 (A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity ...)
 	NOT-FOR-US: Cisco
 CVE-2018-15395 (A vulnerability in the authentication and authorization checking ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-15394
 	RESERVED
 CVE-2018-15393



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/34f3435f9aeb172f9aa856f23d9952617a1281f2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/34f3435f9aeb172f9aa856f23d9952617a1281f2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181019/b055748a/attachment.html>

More information about the debian-security-tracker-commits mailing list