[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Sep 27 10:08:24 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cf36d301 by Salvatore Bonaccorso at 2018-09-27T09:07:53Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2018-17570 (utils/ut_ws_svr.c in ViaBTC Exchange Server before 2018-08-21 has an ...)
-	TODO: check
+	NOT-FOR-US: ViaBTC Exchange Server
 CVE-2018-17569 (network/nw_buf.c in ViaBTC Exchange Server before 2018-08-21 has an ...)
-	TODO: check
+	NOT-FOR-US: ViaBTC Exchange Server
 CVE-2018-17568 (utils/ut_rpc.c in ViaBTC Exchange Server before 2018-08-21 has an ...)
-	TODO: check
+	NOT-FOR-US: ViaBTC Exchange Server
 CVE-2018-17567
 	RESERVED
 CVE-2018-17566 (In ThinkPHP 5.1.24, the inner function delete can be used for SQL ...)
@@ -27,9 +27,9 @@ CVE-2018-17558
 CVE-2018-17557
 	RESERVED
 CVE-2018-17556 (MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media ...)
-	TODO: check
+	NOT-FOR-US: MODX Revolution
 CVE-2018-17555 (The web component on ARRIS TG2492LG-NA 061213 devices allows remote ...)
-	TODO: check
+	NOT-FOR-US: ARRIS TG2492LG-NA 061213 devices
 CVE-2018-17554
 	RESERVED
 CVE-2018-17553
@@ -323,7 +323,7 @@ CVE-2018-17412
 CVE-2018-17411 (An XML External Entity (XXE) vulnerability exists in iWay Data Quality ...)
 	TODO: check
 CVE-2018-17410 (Horus CMS allows SQL Injection, as demonstrated by a request to the ...)
-	TODO: check
+	NOT-FOR-US: Horus CMS
 CVE-2018-17409
 	RESERVED
 CVE-2018-17408
@@ -411,7 +411,7 @@ CVE-2018-17367
 CVE-2018-17366 (An issue was discovered in MCMS 4.6.5. There is a CSRF vulnerability ...)
 	NOT-FOR-US: MCMS
 CVE-2018-17365 (SeaCMS 6.64 allows remote attackers to delete arbitrary files via the ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2018-17364 (OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via ...)
 	NOT-FOR-US: OTCMS
 CVE-2018-17363
@@ -523,21 +523,21 @@ CVE-2018-17318
 CVE-2018-17317 (FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers ...)
 	NOT-FOR-US: FruityWifi
 CVE-2018-17316 (On the RICOH MP C6003 printer, HTML Injection and Stored XSS ...)
-	TODO: check
+	NOT-FOR-US: RICOH MP C6003 printer
 CVE-2018-17315 (On the RICOH MP C2003 printer, HTML Injection and Stored XSS ...)
-	TODO: check
+	NOT-FOR-US: RICOH MP C2003 printer
 CVE-2018-17314 (On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS ...)
-	TODO: check
+	NOT-FOR-US: RICOH Aficio MP 305+ printer
 CVE-2018-17313 (On the RICOH MP C307 printer, HTML Injection and Stored XSS ...)
-	TODO: check
+	NOT-FOR-US: RICOH MP C307 printer
 CVE-2018-17312 (On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS ...)
-	TODO: check
+	NOT-FOR-US: RICOH Aficio MP 301 printer
 CVE-2018-17311 (On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS ...)
-	TODO: check
+	NOT-FOR-US: RICOH MP C6503 Plus printer
 CVE-2018-17310 (On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS ...)
-	TODO: check
+	NOT-FOR-US: RICOH MP C1803 JPN printer
 CVE-2018-17309 (On the RICOH MP C406Z printer, HTML Injection and Stored XSS ...)
-	TODO: check
+	NOT-FOR-US: RICOH MP C406Z printer
 CVE-2018-17308
 	RESERVED
 CVE-2018-17307
@@ -1080,7 +1080,7 @@ CVE-2018-17082 (The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32,
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76582
 	NOTE: https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e
 CVE-2018-17081 (e107 2.1.9 allows CSRF via ...)
-	TODO: check
+	NOT-FOR-US: e107
 CVE-2018-17080
 	RESERVED
 CVE-2018-17079
@@ -1320,9 +1320,9 @@ CVE-2018-16971 (Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure
 CVE-2018-16970 (Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct ...)
 	NOT-FOR-US: Wisetail Learning Ecosystem
 CVE-2018-16969 (Citrix ShareFile StorageZones Controller before 5.4.2 has Information ...)
-	TODO: check
+	NOT-FOR-US: Citrix ShareFile StorageZones Controller
 CVE-2018-16968 (Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory ...)
-	TODO: check
+	NOT-FOR-US: Citrix ShareFile StorageZones Controller
 CVE-2018-16967
 	RESERVED
 CVE-2018-16966
@@ -1911,11 +1911,11 @@ CVE-2018-16715 (An issue was discovered in Absolute Software CTES Windows Agent
 CVE-2018-16714
 	RESERVED
 CVE-2018-16713 (IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or ...)
-	TODO: check
+	NOT-FOR-US: IObit Advanced SystemCare
 CVE-2018-16712 (IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or ...)
-	TODO: check
+	NOT-FOR-US: IObit Advanced SystemCare
 CVE-2018-16711 (IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or ...)
-	TODO: check
+	NOT-FOR-US: IObit Advanced SystemCare
 CVE-2018-16710 (** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to ...)
 	- octoprint <itp> (bug #718591)
 	NOTE: https://github.com/foosel/OctoPrint/issues/2814



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf36d3010eaa722aa6116f05c00bd66142edadd8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf36d3010eaa722aa6116f05c00bd66142edadd8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180927/c9ac6272/attachment.html>

More information about the debian-security-tracker-commits mailing list