[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Tue Sep 25 21:39:24 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
73f6c9a3 by Moritz Muehlenhoff at 2018-09-25T20:38:53Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -913,7 +913,7 @@ CVE-2018-17109
CVE-2018-17108 (The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android ...)
NOT-FOR-US: SBIbuddy
CVE-2018-17107 (In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in ...)
- TODO: check
+ NOT-FOR-US: Tgstation tgstation-server
CVE-2018-17106 (In Tinyftp Tinyftpd 1.1, a buffer overflow exists in the text variable ...)
NOT-FOR-US: Tinyftpd
CVE-2018-17105
@@ -1067,7 +1067,7 @@ CVE-2018-17052
CVE-2018-17051 (K-Net Cisco Configuration Manager through 2014-11-19 has XSS via ...)
NOT-FOR-US: K-Net Cisco Configuration Manager
CVE-2018-17050 (The mintToken function of a smart contract implementation for PolyAi ...)
- TODO: check
+ NOT-FOR-US: smart contract
CVE-2018-17049 (CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback ...)
NOT-FOR-US: CQU-LANKERS
CVE-2018-17048
@@ -1163,11 +1163,11 @@ CVE-2018-17005 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR
CVE-2018-17004 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
NOT-FOR-US: TP-Link
CVE-2018-17003 (In LimeSurvey 3.14.7, HTML Injection and Stored XSS have been ...)
- TODO: check
+ - limesurvey <itp> (bug #472802)
CVE-2018-17002 (On the RICOH MP 2001 printer, HTML Injection and Stored XSS ...)
- TODO: check
+ NOT-FOR-US: RICOH
CVE-2018-17001 (On the RICOH SP 4510SF printer, HTML Injection and Stored XSS ...)
- TODO: check
+ NOT-FOR-US: RICOH
CVE-2018-17000 (A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c ...)
- tiff <unfixed> (bug #908778)
- tiff3 <removed>
@@ -1245,7 +1245,7 @@ CVE-2018-16967
CVE-2018-16966
RESERVED
CVE-2018-16965 (In Zoho ManageEngine SupportCenter Plus 8.1.0, there is HTML Injection ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2018-16964
RESERVED
CVE-2018-16963
@@ -1512,7 +1512,7 @@ CVE-2018-16835
CVE-2018-16834
RESERVED
CVE-2018-16833 (Zoho ManageEngine Desktop Central 10.0.271 has XSS via the "Features & ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2018-16832 (CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an attacker to ...)
NOT-FOR-US: xunfeng
CVE-2018-16949 (An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before ...)
@@ -1580,9 +1580,9 @@ CVE-2018-16824
CVE-2018-16823
RESERVED
CVE-2018-16822 (SeaCMS 6.64 allows SQL Injection via the upload/admin/admin_video.php ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2018-16821 (SeaCMS 6.64 allows arbitrary directory listing via ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2018-16820 (admin/index.php in Monstra CMS 3.0.4 allows arbitrary directory ...)
NOT-FOR-US: Monstra CMS
CVE-2018-16819 (admin/index.php in Monstra CMS 3.0.4 allows arbitrary file deletion ...)
@@ -1638,7 +1638,7 @@ CVE-2018-16795
CVE-2018-16794 (Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory ...)
NOT-FOR-US: Microsoft ADFS 4.0 Windows Server
CVE-2018-16793 (Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions ...)
- TODO: check
+ NOT-FOR-US: Rollup 18 for Microsoft Exchange Server
CVE-2018-16802 (An issue was discovered in Artifex Ghostscript before 9.25. Incorrect ...)
{DSA-4294-1 DLA-1504-1}
[experimental] - ghostscript 9.25~dfsg-1~exp1
@@ -1660,11 +1660,11 @@ CVE-2018-16788
CVE-2018-16787
RESERVED
CVE-2018-16786 (DedeCMS 5.7 SP2 allows XSS via an onhashchange attribute in the msg ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2018-16785 (XML injection vulnerability exists in the file of DedeCMS V5.7 SP2 ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2018-16784 (DedeCMS 5.7 SP2 allows XML injection, and resultant remote code ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2018-16783
RESERVED
CVE-2018-16782 (libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73f6c9a3547fd6e9356a3f59f9d7b51f68cb92f6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73f6c9a3547fd6e9356a3f59f9d7b51f68cb92f6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180925/f03ad55e/attachment.html>
More information about the debian-security-tracker-commits
mailing list