Salvatore Bonaccorso · Salvatore Bonaccorso · 486001ad
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15,9 +15,9 @@ CVE-2018-14383
 CVE-2018-14382 (InstantCMS 2.10.1 has /redirect?url= XSS. ...)
 	NOT-FOR-US: InstantCMS
 CVE-2018-14381 (Pagekit before 1.0.14 has a /user/login?redirect= open redirect ...)
-	TODO: check
+	NOT-FOR-US: Pagekit CMS
 CVE-2018-14380 (In Graylog before 2.4.6, XSS was possible in typeahead components, ...)
-	TODO: check
+	- graylog2 <itp> (bug #652273)
 CVE-2018-14379 (MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the ...)
 	- mp4v2 <unfixed>
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/17/1
@@ -681,7 +681,7 @@ CVE-2018-14084 (An issue was discovered in a smart contract implementation for M
 CVE-2018-14083
 	RESERVED
 CVE-2018-14082 (PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 has Cross-site ...)
-	TODO: check
+	NOT-FOR-US: PHP Scripts Mall JOB SITE (aka Job Portal)
 CVE-2018-14081
 	RESERVED
 CVE-2018-14080
@@ -9413,7 +9413,7 @@ CVE-2018-10618
 CVE-2018-10617 (Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 ...)
 	NOT-FOR-US: Delta Electronics Delta Industrial Automation DOPSoft
 CVE-2018-10616 (ABB Panel Builder 800 all versions has an improper input validation ...)
-	TODO: check
+	NOT-FOR-US: ABB Panel Builder 800
 CVE-2018-10615 (Directory traversal may lead to files being exfiltrated or deleted on ...)
 	NOT-FOR-US: GE MDS PulseNET and MDS PulseNET Enterprise
 CVE-2018-10614
@@ -17257,7 +17257,7 @@ CVE-2018-7548 (In subst.c in zsh through 5.4.2, there is a NULL pointer derefere
 CVE-2018-7547 (lyadmin 1.x has XSS via the config[WEB_SITE_TITLE] parameter to the ...)
 	NOT-FOR-US: lyadmin
 CVE-2018-7546 (wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 ...)
-	TODO: check
+	NOT-FOR-US: Kingsoft WPS Office 2016 and Jinshan PDF
 CVE-2018-7545
 	RESERVED
 CVE-2017-18206 (In utils.c in zsh before 5.4, symlink expansion had a buffer overflow. ...)
@@ -24591,7 +24591,7 @@ CVE-2018-5244 (In Xen 4.10, new infrastructure was introduced as part of an over
 CVE-2018-5233 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: Grav CMS admin plugin
 CVE-2018-5232 (The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Jira
 CVE-2018-5231 (The ForgotLoginDetails resource in Atlassian Jira before version ...)
 	NOT-FOR-US: Atlassian
 CVE-2018-5230 (The issue collector in Atlassian Jira before version 7.6.6, from ...)