diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2019-03-22 11:17:50 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2019-03-22 11:17:50 +0100 |
commit | 41973d452c5814d8530763e29030628e8e0eaabf (patch) | |
tree | 183b4457e525144795f6579b4e3ecb356c385276 | |
parent | 56c201b2b3bbddffa9b128b258d9a00d9cd79de5 (diff) |
NFUs
-rw-r--r-- | data/CVE/list | 86 |
1 files changed, 43 insertions, 43 deletions
diff --git a/data/CVE/list b/data/CVE/list index 9d3cfc4346..b644376769 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -44001,7 +44001,7 @@ CVE-2018-12574 (CSRF exists for all actions in the web interface on TP-Link TL-W CVE-2018-12573 RESERVED CVE-2018-12572 (Avast Free Antivirus prior to 19.1.2360 stores user credentials in mem ...) - TODO: check + NOT-FOR-US: Avast CVE-2018-12571 (uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified ...) NOT-FOR-US: Microsoft CVE-2018-12570 @@ -45171,53 +45171,53 @@ CVE-2018-12221 (Insufficient input validation in Kernel Mode Driver in Intel(R) CVE-2018-12220 (Logic bug in Kernel Mode Driver in Intel(R) Graphics Driver for Window ...) NOT-FOR-US: Intel CVE-2018-12219 (Insufficient input validation in Kernel Mode Driver in Intel(R) Graphi ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12218 (Unhandled exception in User Mode Driver in Intel(R) Graphics Driver fo ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12217 (Insufficient access control in Kernel Mode Driver in Intel(R) Graphics ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12216 (Insufficient input validation in Kernel Mode Driver in Intel(R) Graphi ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12215 (Insufficient input validation in Kernel Mode Driver in Intel(R) Graphi ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12214 (Potential memory corruption in Kernel Mode Driver in Intel(R) Graphics ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12213 (Potential memory corruption in Kernel Mode Driver in Intel(R) Graphics ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12212 (Buffer overflow in User Mode Driver in Intel(R) Graphics Driver for Wi ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12211 (Insufficient input validation in User Mode Driver in Intel(R) Graphics ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12210 (Multiple pointer dereferences in User Mode Driver in Intel(R) Graphics ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12209 (Insufficient access control in User Mode Driver in Intel(R) Graphics D ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12208 (Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11. ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12207 RESERVED CVE-2018-12206 (Improper configuration of hardware access in Intel QuickAssist Technol ...) NOT-FOR-US: Intel QuickAssist Technology for Linux CVE-2018-12205 (Privilege escalation vulnerability in Platform Sample/ Silicon Referen ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12204 (Privilege escalation vulnerability in Platform Sample/ Silicon Referen ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12203 (Denial of service vulnerability in Platform Sample/ Silicon Reference ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12202 (Privilege escalation vulnerability in Platform Sample/ Silicon Referen ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12201 (Buffer overflow vulnerability in Platform Sample / Silicon Reference f ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12200 (Insufficient access control in Intel(R) Capability Licensing Service b ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12199 (Buffer overflow in an OS component in Intel CSME before versions 11.8. ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12198 (Insufficient input validation in Intel(R) Server Platform Services HEC ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12197 RESERVED CVE-2018-12196 (Insufficient input validation in Intel(R) AMT in Intel(R) CSME before ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12195 RESERVED CVE-2018-12194 @@ -45225,21 +45225,21 @@ CVE-2018-12194 CVE-2018-12193 (Insufficient access control in driver stack for Intel QuickAssist Tech ...) NOT-FOR-US: Intel CVE-2018-12192 (Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11 ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12191 (Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12190 (Insufficient input validation in Intel CSME subsystem before versions ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12189 (Unhandled exception in Content Protection subsystem in Intel CSME befo ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12188 (Insufficient input validation in Intel CSME before versions 11.8.60, 1 ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12187 (Insufficient input validation in Intel(R) Active Management Technology ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12186 RESERVED CVE-2018-12185 (Insufficient input validation in Intel(R) AMT in Intel(R) CSME before ...) - TODO: check + NOT-FOR-US: Intel CVE-2018-12184 RESERVED CVE-2018-12183 @@ -46265,7 +46265,7 @@ CVE-2018-11790 (When loading a document with Apache Open Office 4.1.5 and earlie NOTE: https://www.openwall.com/lists/oss-security/2019/01/16/2 NOTE: https://github.com/LibreOffice/core/commit/bbc94edb9a91b27910d43610db9994df10dd99e1 CVE-2018-11789 (When accessing the heron-ui webpage, people can modify the file paths ...) - TODO: check + NOT-FOR-US: Apache Heron CVE-2018-11788 (Apache Karaf provides a features deployer, which allows users to "hot ...) - apache-karaf <itp> (bug #881297) CVE-2018-11787 (In Apache Karaf version prior to 3.0.9, 4.0.9, 4.1.1, when the webcons ...) @@ -46393,7 +46393,7 @@ CVE-2018-11749 (When users are configured to use startTLS with RBAC LDAP, at log CVE-2018-11748 (Previous releases of the Puppet device_manager module creates configur ...) NOT-FOR-US: Puppet device_manager module CVE-2018-11747 (Previously, Puppet Discovery was shipped with a default generated TLS ...) - TODO: check + NOT-FOR-US: Puppet Discovery CVE-2018-11746 (In Puppet Discovery prior to 1.2.0, when running Discovery against Win ...) NOT-FOR-US: Puppet Discovery CVE-2018-11745 @@ -51064,11 +51064,11 @@ CVE-2018-10095 (Cross-site scripting (XSS) vulnerability in Dolibarr before 7.0. CVE-2018-10094 (SQL injection vulnerability in Dolibarr before 7.0.2 allows remote att ...) - dolibarr <removed> CVE-2018-10093 (AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 al ...) - TODO: check + NOT-FOR-US: AudioCodes IP phone CVE-2018-10092 (The admin panel in Dolibarr before 7.0.2 might allow remote attackers ...) - dolibarr <removed> CVE-2018-10091 (AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 al ...) - TODO: check + NOT-FOR-US: AudioCodes IP phone CVE-2018-10090 RESERVED CVE-2018-10089 @@ -82886,11 +82886,11 @@ CVE-2017-16257 CVE-2017-16256 RESERVED CVE-2017-16255 (An exploitable buffer overflow vulnerability exists in the PubNub mess ...) - TODO: check + NOT-FOR-US: Insteon Hub CVE-2017-16254 (An exploitable buffer overflow vulnerability exists in the PubNub mess ...) - TODO: check + NOT-FOR-US: Insteon Hub CVE-2017-16253 (An exploitable buffer overflow vulnerability exists in the PubNub mess ...) - TODO: check + NOT-FOR-US: Insteon Hub CVE-2017-16252 (Specially crafted commands sent through the PubNub service in Insteon ...) NOT-FOR-US: Insteon Hub CVE-2017-16251 (A vulnerability in the conferencing component of Mitel ST 14.2, releas ...) @@ -132316,7 +132316,7 @@ CVE-2016-9168 (A missing X-Frame-Options header in the NDS Utility Monitor in ND CVE-2016-9167 (NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP ...) NOT-FOR-US: Novell CVE-2016-9166 (NetIQ eDirectory versions prior to 9.0.2, under some circumstances, co ...) - TODO: check + NOT-FOR-US: Novell CVE-2016-9165 (The get_sessions servlet in CA Unified Infrastructure Management (form ...) NOT-FOR-US: CA Unified Infrastructure Management CVE-2016-9164 (Directory traversal vulnerability in diag.jsp file in CA Unified Infra ...) @@ -142978,7 +142978,7 @@ CVE-2016-5821 (Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0 CVE-2016-5820 REJECTED CVE-2016-5819 (Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G ...) - TODO: check + NOT-FOR-US: Moxa CVE-2016-5818 (An issue was discovered in Schneider Electric PowerLogic PM8ECC device ...) NOT-FOR-US: Schneider CVE-2016-5817 (SQL injection vulnerability in news pages in Cargotec Navis WebAccess ...) @@ -143016,7 +143016,7 @@ CVE-2016-5802 (An issue was discovered in Delta Electronics WPLSoft, Versions pr CVE-2016-5801 (An issue was discovered in OmniMetrix OmniView, Version 1.2. Insuffici ...) NOT-FOR-US: OmniMetrix OmniView CVE-2016-5800 (A malicious attacker can trigger a remote buffer overflow in the Commu ...) - TODO: check + NOT-FOR-US: Fatek CVE-2016-5799 (Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3 ...) NOT-FOR-US: Moxa CVE-2016-5798 (An issue was discovered in Fatek Automation PM Designer V3 Version 2.1 ...) @@ -168375,17 +168375,17 @@ CVE-2015-6464 (The administrative web interface on Moxa EDS-405A and EDS-408A sw CVE-2015-6463 (CodeWrights HART Comm DTM components, as used with Endress+Hauser Fiel ...) NOT-FOR-US: CodeWrights HART Comm DTM components CVE-2015-6462 (Reflected Cross-Site Scripting (nonpersistent) allows an attacker to c ...) - TODO: check + NOT-FOR-US: Schneider CVE-2015-6461 (Remote file inclusion allows an attacker to craft a specific URL refer ...) - TODO: check + NOT-FOR-US: Schneider CVE-2015-6460 (Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Serve ...) NOT-FOR-US: CODESYS Gateway Server CVE-2015-6459 (Absolute path traversal vulnerability in the download feature in FileD ...) NOT-FOR-US: FileDownloadServlet CVE-2015-6458 (Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow conditi ...) - TODO: check + NOT-FOR-US: Moxa CVE-2015-6457 (Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow conditi ...) - TODO: check + NOT-FOR-US: Moxa CVE-2015-6456 (GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1. ...) NOT-FOR-US: PulseNET CVE-2015-6455 |