Salvatore Bonaccorso · Salvatore Bonaccorso · 54c518c1
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5,13 +5,14 @@ CVE-2018-16553
 CVE-2018-16552 (MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, ...)
 	TODO: check
 CVE-2018-16551 (LavaLite 5.5 has XSS via a /edit URI, as demonstrated by ...)
-	TODO: check
+	NOT-FOR-US: LavaLite
 CVE-2018-16550 (TeamViewer 10.x through 13.x allows remote attackers to bypass the ...)
-	TODO: check
+	NOT-FOR-US: TeamViewer
 CVE-2018-16549 (HScripts PHP File Browser Script v1.0 allows Directory Traversal via ...)
-	TODO: check
+	NOT-FOR-US: HScripts PHP File Browser Script
 CVE-2018-16548 (An issue was discovered in ZZIPlib through 0.13.69. There is a memory ...)
-	TODO: check
+	- zziplib <unfixed>
+	NOTE: https://github.com/gdraheim/zziplib/issues/58
 CVE-2018-16547
 	RESERVED
 CVE-2018-16546 (Amcrest networked devices use the same hardcoded SSL private key across ...)
@@ -226,9 +227,9 @@ CVE-2018-16438 (An issue was discovered in the HDF HDF5 1.8.20 library. There is
 	- hdf5 <undetermined>
 	NOTE: H5L_extern_query@H5Lexternal.c:498-10___out-of-bounds-read
 CVE-2018-16437 (Gxlcms 2.0 has Directory Traversal exploitable by an administrator. ...)
-	TODO: check
+	NOT-FOR-US: Gxlcms
 CVE-2018-16436 (Gxlcms 2.0 has SQL Injection exploitable by an administrator. ...)
-	TODO: check
+	NOT-FOR-US: Gxlcms
 CVE-2018-16435 (Little CMS (aka Little Color Management System) 2.9 has an integer ...)
 	{DSA-4284-1}
 	- lcms2 2.9-3 (bug #907983)
@@ -409,7 +410,7 @@ CVE-2018-16382 (Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in ...)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392503
 	NOTE: Crash in CLI tool, no security impact
 CVE-2018-16381 (e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&amp;action=list ...)
-	TODO: check
+	NOT-FOR-US: e107
 CVE-2018-16380 (An issue was discovered in Ogma CMS 0.4 Beta. There is a CSRF ...)
 	NOT-FOR-US: Ogma CMS
 CVE-2018-16379 (Ogma CMS 0.4 Beta has XSS via the &quot;Footer Text footer&quot; field on the ...)
@@ -4128,11 +4129,11 @@ CVE-2018-14773 (An issue was discovered in Http Foundation in Symfony 2.7.0 thro
 CVE-2018-14772
 	RESERVED
 CVE-2018-14771 (VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers ...)
-	TODO: check
+	NOT-FOR-US: VIVOTEK FD8177 devices
 CVE-2018-14770 (VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers ...)
-	TODO: check
+	NOT-FOR-US: VIVOTEK FD8177 devices
 CVE-2018-14769 (VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF. ...)
-	TODO: check
+	NOT-FOR-US: VIVOTEK FD8177 devices
 CVE-2018-14768 (Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, ...)
 	NOT-FOR-US: VIVOTEK devices
 CVE-2018-1999025 (A man in the middle vulnerability exists in Jenkins TraceTronic ...)