[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Mon Sep 3 11:40:14 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bb6f2c3c by Moritz Muehlenhoff at 2018-09-03T10:39:35Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,11 +5,11 @@ CVE-2018-16389
 CVE-2018-16388
 	RESERVED
 CVE-2018-16387 (An issue was discovered in Elefant CMS before 2.0.5. There is a CSRF ...)
-	TODO: check
+	NOT-FOR-US: Elefant CMS
 CVE-2018-16386
 	RESERVED
 CVE-2018-16385 (ThinkPHP before 5.1.23 allows SQL Injection via the ...)
-	TODO: check
+	NOT-FOR-US: ThinkPHP
 CVE-2018-16384 (A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity ...)
 	TODO: check
 CVE-2018-16383
@@ -19,9 +19,9 @@ CVE-2018-16382 (Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in ...)
 CVE-2018-16381
 	RESERVED
 CVE-2018-16380 (An issue was discovered in Ogma CMS 0.4 Beta. There is a CSRF ...)
-	TODO: check
+	NOT-FOR-US: Ogma CMS
 CVE-2018-16379 (Ogma CMS 0.4 Beta has XSS via the "Footer Text footer" field on the ...)
-	TODO: check
+	NOT-FOR-US: Ogma CMS
 CVE-2018-16378
 	RESERVED
 CVE-2018-16377
@@ -31,39 +31,39 @@ CVE-2018-16376 (An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer o
 CVE-2018-16375 (An issue was discovered in OpenJPEG 2.3.0. Missing checks for ...)
 	TODO: check
 CVE-2018-16374 (Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings. ...)
-	TODO: check
+	NOT-FOR-US: Frog CMS
 CVE-2018-16373 (Frog CMS 0.9.5 has an Upload vulnerability that can create files via ...)
-	TODO: check
+	NOT-FOR-US: Frog CMS
 CVE-2018-16372 (The issue was discovered in IdeaCMS through 2016-04-30. There is ...)
-	TODO: check
+	NOT-FOR-US: IdeaCMS
 CVE-2018-16371 (PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: ...)
-	TODO: check
+	NOT-FOR-US: PESCMS Team
 CVE-2018-16370 (In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP ...)
-	TODO: check
+	NOT-FOR-US: PESCMS Team
 CVE-2018-16369 (XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a ...)
 	TODO: check
 CVE-2018-16368 (SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows ...)
 	TODO: check
 CVE-2018-16367 (In OnlineJudge 2.0, the sandbox has an incorrect access control ...)
-	TODO: check
+	NOT-FOR-US: OnlineJudge
 CVE-2018-16366 (An issue discovered in idreamsoft iCMS V7.0.10. ...)
-	TODO: check
+	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-16365 (An issue discovered in idreamsoft iCMS V7.0.10. ...)
-	TODO: check
+	NOT-FOR-US: idreamsoft iCMS
 CVE-2018-16364
 	RESERVED
 CVE-2018-16363
 	RESERVED
 CVE-2018-16362 (An issue was discovered in the Source Integration plugin before 1.5.9 ...)
-	TODO: check
+	NOT-FOR-US: Mantis plugin
 CVE-2018-16361
 	RESERVED
 CVE-2018-16360
 	RESERVED
 CVE-2018-16359 (Google gVisor before 2018-08-23, within the seccomp sandbox, permits ...)
-	TODO: check
+	NOT-FOR-US: gVisor
 CVE-2018-16358 (A cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	- dotclear <removed>
 CVE-2018-16357
 	RESERVED
 CVE-2018-16356
@@ -71,11 +71,11 @@ CVE-2018-16356
 CVE-2018-16355
 	RESERVED
 CVE-2018-16354 (An issue was discovered in FHCRM through 2018-02-11. There is a SQL ...)
-	TODO: check
+	NOT-FOR-US: FHCRM
 CVE-2018-16353 (An issue was discovered in FHCRM through 2018-02-11. There is a SQL ...)
-	TODO: check
+	NOT-FOR-US: FHCRM
 CVE-2018-16352 (There is a PHP code upload vulnerablity in WeaselCMS 0.3.6 via ...)
-	TODO: check
+	NOT-FOR-US: WeaselCMS
 CVE-2018-16351
 	RESERVED
 CVE-2018-16350 (WUZHI CMS 4.1.0 has XSS via the index.php?m=core&f=set&v=basic ...)
@@ -95,7 +95,7 @@ CVE-2018-16344 (An issue was discovered in zzcms 8.3. It allows remote attackers
 CVE-2018-16343 (SeaCMS 6.61 allows remote attackers to execute arbitrary code because ...)
 	NOT-FOR-US: SeaCMS
 CVE-2018-16342 (ShowDoc v1.8.0 has XSS via a new page. ...)
-	TODO: check
+	NOT-FOR-US: ShowDoc
 CVE-2018-16341
 	RESERVED
 CVE-2018-16340



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb6f2c3cf12879c8ea1643946bbf5f22853db566

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bb6f2c3cf12879c8ea1643946bbf5f22853db566
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180903/aa95b4aa/attachment.html>

More information about the debian-security-tracker-commits mailing list