[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Fri Sep 14 10:33:46 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
504ab7d2 by Salvatore Bonaccorso at 2018-09-14T09:33:21Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2018-17051 (K-Net Cisco Configuration Manager through 2014-11-19 has XSS via ...)
- TODO: check
+ NOT-FOR-US: K-Net Cisco Configuration Manager
CVE-2018-17050
RESERVED
CVE-2018-17049 (CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback ...)
- TODO: check
+ NOT-FOR-US: CQU-LANKERS
CVE-2018-17048
RESERVED
CVE-2018-17047
@@ -11,9 +11,9 @@ CVE-2018-17047
CVE-2018-17046 (translate man before 2018-08-21 has XSS via ...)
TODO: check
CVE-2018-17045 (An issue was discovered in CMS MaeloStore V.1.5.0. There is a CSRF ...)
- TODO: check
+ NOT-FOR-US: CMS MaeloStore
CVE-2018-17044 (In YzmCMS 5.1, stored XSS exists via the ...)
- TODO: check
+ NOT-FOR-US: YzmCMS
CVE-2018-17043 (An issue has been found in doc2txt through 2014-03-19. It is a ...)
TODO: check
CVE-2018-17042 (An issue has been found in dbf2txt through 2012-07-19. It is a infinite ...)
@@ -23,25 +23,25 @@ CVE-2018-17041
CVE-2018-17040
RESERVED
CVE-2018-17039 (MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted ...)
- TODO: check
+ NOT-FOR-US: MiniCMS
CVE-2018-17038
RESERVED
CVE-2018-17037 (user/editpost.php in UCMS 1.4.6 mishandles levels, which allows ...)
- TODO: check
+ NOT-FOR-US: UCMS
CVE-2018-17036 (An issue was discovered in UCMS 1.4.6. It allows PHP code injection ...)
- TODO: check
+ NOT-FOR-US: UCMS
CVE-2018-17035 (UCMS 1.4.6 has SQL injection during installation via the ...)
- TODO: check
+ NOT-FOR-US: UCMS
CVE-2018-17034 (UCMS 1.4.6 has XSS via the install/index.php mysql_dbname parameter. ...)
- TODO: check
+ NOT-FOR-US: UCMS
CVE-2018-17033
RESERVED
CVE-2018-17032
RESERVED
CVE-2018-17031 (In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger ...)
- TODO: check
+ NOT-FOR-US: Go Git Service
CVE-2018-17030 (BigTree CMS 4.2.23 allows remote authenticated users, if possessing ...)
- TODO: check
+ NOT-FOR-US: BigTree CMS
CVE-2018-17029
RESERVED
CVE-2018-17028
@@ -49,11 +49,11 @@ CVE-2018-17028
CVE-2018-17027
RESERVED
CVE-2018-17026 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title ...)
- TODO: check
+ NOT-FOR-US: Monstra CMS
CVE-2018-17025 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title ...)
- TODO: check
+ NOT-FOR-US: Monstra CMS
CVE-2018-17024 (admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title ...)
- TODO: check
+ NOT-FOR-US: Monstra CMS
CVE-2018-17023 (Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 ...)
NOT-FOR-US: ASUS GT-AC5300 routers
CVE-2018-17022 (Stack-based buffer overflow on the ASUS GT-AC5300 router through ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/504ab7d206fc59e6d165b7605bf160fb89dbe561
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/504ab7d206fc59e6d165b7605bf160fb89dbe561
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180914/b5795911/attachment.html>
More information about the debian-security-tracker-commits
mailing list