[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Tue, 17 Apr 2018 22:12:07 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5fb4adfd by Salvatore Bonaccorso at 2018-04-18T07:10:51+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,11 +3,11 @@ CVE-2018-10187
 CVE-2018-10186
        RESERVED
 CVE-2018-10185 (An issue was discovered in TuziCMS v2.0.6. There is a CSRF ...)
-       TODO: check
+       NOT-FOR-US: TuziCMS
 CVE-2018-10184
        RESERVED
 CVE-2018-10183 (An issue was discovered in BigTree 4.2.22. There is cross-site 
...)
-       TODO: check
+       NOT-FOR-US: BigTree
 CVE-2018-10182
        RESERVED
 CVE-2018-1000199
@@ -3156,7 +3156,7 @@ CVE-2018-8836 (Wago 750 Series PLCs with firmware version 
10 and prior include a
 CVE-2018-8835
        RESERVED
 CVE-2018-8834 (Parsing malformed project files in Omron CX-One versions 4.42 
and ...)
-       TODO: check
+       NOT-FOR-US: Omron
 CVE-2018-8833
        RESERVED
 CVE-2018-8832 (enhavo 0.4.0 has XSS via a user-group that contains executable 
...)
@@ -6492,7 +6492,7 @@ CVE-2018-7532 (Unauthentication vulnerabilities have been 
identified in Geutebru
 CVE-2018-7531 (An Improper Input Validation issue was discovered in OSIsoft PI 
Data ...)
        NOT-FOR-US: OSIsoft PI
 CVE-2018-7530 (Parsing malformed project files in Omron CX-One versions 4.42 
and ...)
-       TODO: check
+       NOT-FOR-US: Omron
 CVE-2018-7529 (A Deserialization of Untrusted Data issue was discovered in 
OSIsoft PI ...)
        NOT-FOR-US: OSIsoft PI
 CVE-2018-7528 (An SQL injection vulnerability has been identified in 
Geutebruck ...)
@@ -6524,7 +6524,7 @@ CVE-2018-7516 (A server-side request forgery 
vulnerability has been identified i
 CVE-2018-7515 (In Omron CX-Supervisor Versions 3.30 and prior, access of ...)
        NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-7514 (Parsing malformed project files in Omron CX-One versions 4.42 
and ...)
-       TODO: check
+       NOT-FOR-US: Omron
 CVE-2018-7513 (In Omron CX-Supervisor Versions 3.30 and prior, parsing 
malformed ...)
        NOT-FOR-US: Omron CX-Supervisor
 CVE-2018-7512 (A cross-site scripting vulnerability has been identified in 
Geutebruck ...)
@@ -9740,7 +9740,7 @@ CVE-2017-18104
 CVE-2017-18103
        RESERVED
 CVE-2017-18102 (The wiki markup component of atlassian-renderer from version 
8.0.0 ...)
-       TODO: check
+       NOT-FOR-US: wiki markup component of atlassian-renderer
 CVE-2017-18101 (Various administrative external system import resources in 
Atlassian ...)
        NOT-FOR-US: Atlassian
 CVE-2017-18100 (The agile wallboard gadget in Atlassian Jira before version 
7.8.1 ...)
@@ -13361,7 +13361,7 @@ CVE-2018-5192
 CVE-2018-5191
        REJECTED
 CVE-2018-5190 (PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B 
allows ...)
-       TODO: check
+       NOT-FOR-US: PicturesPro Photo Cart
 CVE-2018-5189 (Race condition in Jungo Windriver 12.5.1 allows local users to 
cause a ...)
        NOT-FOR-US: Jungo Windriver
 CVE-2018-5188
@@ -22634,7 +22634,7 @@ CVE-2018-1447 (The GSKit (IBM Spectrum Protect 7.1 and 
7.2) and (IBM Spectrum Pr
 CVE-2018-1446
        RESERVED
 CVE-2018-1445 (IBM WebSphere Portal 8.0.0 through 8.0.0.1, 8.5, and 9.0 is 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: IBM WebSphere Portal
 CVE-2018-1444 (IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site 
...)
        NOT-FOR-US: IBM
 CVE-2018-1443 (An XML parsing vulnerability affects IBM SAML-based single 
sign-on ...)
@@ -22782,7 +22782,7 @@ CVE-2018-1373 (IBM Security Guardium Big Data 
Intelligence (SonarG) 3.1 uses an 
 CVE-2018-1372 (IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does 
not ...)
        NOT-FOR-US: IBM Security Guardium Big Data Intelligence
 CVE-2018-1371 (An IBM WebSphere MQ 8.0.0.8, 9.0.0.2, and 9.0.4 Client 
connecting to a ...)
-       TODO: check
+       NOT-FOR-US: IBM WebSphere MQ
 CVE-2018-1370
        RESERVED
 CVE-2018-1369
@@ -40868,7 +40868,7 @@ CVE-2017-12703 (A Cross-Site Request Forgery (CSRF) 
issue was discovered in West
 CVE-2017-12702 (An Externally Controlled Format String issue was discovered in 
...)
        NOT-FOR-US: Advantech WebAccess
 CVE-2017-12701 (BMC Medical Luna CPAP Machines released prior to July 1, 2017, 
contain ...)
-       TODO: check
+       NOT-FOR-US: BMC Medical Luna CPAP Machines
 CVE-2017-12700
        RESERVED
 CVE-2017-12699 (An Incorrect Default Permissions issue was discovered in 
AzeoTech ...)
@@ -49729,15 +49729,15 @@ CVE-2017-9640 (A Path Traversal issue was discovered 
in Automated Logic Corporat
 CVE-2017-9639 (An issue was discovered in Fuji Electric V-Server Version 
3.3.22.0 and ...)
        NOT-FOR-US: Fuji Electric V-Server
 CVE-2017-9638 (Mitsubishi E-Designer, Version 7.52 Build 344 contains six code 
...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi E-Designer
 CVE-2017-9637
        RESERVED
 CVE-2017-9636 (Mitsubishi E-Designer, Version 7.52 Build 344 contains five 
code ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi E-Designer
 CVE-2017-9635
        RESERVED
 CVE-2017-9634 (Mitsubishi E-Designer, Version 7.52 Build 344 contains two code 
...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi E-Designer
 CVE-2017-9633 (An Improper Restriction of Operations within the Bounds of a 
Memory ...)
        NOT-FOR-US: Continental AG Infineon S-Gold 2
 CVE-2017-9632 (A Missing Encryption of Sensitive Data issue was discovered in 
PDQ ...)
@@ -61341,7 +61341,7 @@ CVE-2017-6022 (A hard-coded password issue was 
discovered in Becton, Dickinson a
 CVE-2017-6021
        RESERVED
 CVE-2017-6020 (Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME 
LAquis ...)
-       TODO: check
+       NOT-FOR-US: Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA 
ME LAquis SCADA software
 CVE-2017-6019 (An issue was discovered in Schneider Electric Conext ComBox, 
model ...)
        NOT-FOR-US: Schneider Electric
 CVE-2017-6018 (An open redirect issue was discovered in B. Braun Medical 
SpaceCom ...)
@@ -153691,7 +153691,7 @@ CVE-2014-2296
 CVE-2014-2295
        RESERVED
 CVE-2014-2294 (Open Web Analytics (OWA) before 1.5.7 allows remote attackers 
to ...)
-       TODO: check
+       NOT-FOR-US: Open Web Analytics
 CVE-2014-2293 (Zikula Application Framework before 1.3.7 build 11 allows 
remote ...)
        NOT-FOR-US: Zikula
 CVE-2014-2292 (Unspecified vulnerability in the Linux Network Connect client 
in ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5fb4adfddf4e86c249ef7b212a1ec29d160e0dee

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5fb4adfddf4e86c249ef7b212a1ec29d160e0dee
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to