[Secure-testing-commits] r50581 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Apr 11 20:31:10 UTC 2017 

Author: jmm
Date: 2017-04-11 20:31:10 +0000 (Tue, 11 Apr 2017)
New Revision: 50581

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-11 19:39:48 UTC (rev 50580)
+++ data/CVE/list	2017-04-11 20:31:10 UTC (rev 50581)
@@ -35312,19 +35312,19 @@
 CVE-2016-5079
 	RESERVED
 CVE-2016-5078 (Paessler PRTG before 16.2.24.4045 has XSS via SNMP. ...)
-	TODO: check
+	NOT-FOR-US: Paessler PRTG
 CVE-2016-5077 (Netikus EventSentry before 3.2.1.44 has XSS via SNMP. ...)
-	TODO: check
+	NOT-FOR-US: Netikus EventSentry
 CVE-2016-5076 (CloudView NMS before 2.10a allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOT-FOR-US: CloudView NMS
 CVE-2016-5075 (CloudView NMS before 2.10a has XSS via a TELNET login. ...)
-	TODO: check
+	NOT-FOR-US: CloudView NMS
 CVE-2016-5074 (CloudView NMS before 2.10a has a format string issue exploitable over ...)
-	TODO: check
+	NOT-FOR-US: CloudView NMS
 CVE-2016-5073 (CloudView NMS before 2.10a has XSS via SNMP. ...)
-	TODO: check
+	NOT-FOR-US: CloudView NMS
 CVE-2016-5072 (OXID eShop before 2016-06-13 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: OXID eShop
 CVE-2016-5071 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the ...)
 	NOT-FOR-US: Sierra Wireless GX 440 devices with ALEOS firmware
 CVE-2016-5070 (Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store ...)
@@ -37614,7 +37614,7 @@
 CVE-2016-4335 (An exploitable buffer overflow exists in the XLS parsing of the ...)
 	NOT-FOR-US: Lexmark Document Filters
 CVE-2016-4334 (Jive before 2016.3.1 has an open redirect from the external-link.jspa ...)
-	TODO: check
+	NOT-FOR-US: Jive
 CVE-2016-4333 (The HDF5 1.8.16 library allocating space for the array using a value ...)
 	{DSA-3727-1 DLA-771-1}
 	- hdf5 1.10.0-patch1+docs-1 (bug #845301)
@@ -52310,9 +52310,9 @@
 CVE-2015-8277 (Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in ...)
 	NOT-FOR-US: Flexera FlexNet Publisher
 CVE-2015-8276 (LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow ...)
-	TODO: check
+	NOT-FOR-US: LVRTC eParakstitajs
 CVE-2015-8275 (LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow ...)
-	TODO: check
+	NOT-FOR-US: LVRTC eParakstitajs
 CVE-2015-8274
 	RESERVED
 CVE-2015-8273
@@ -52346,13 +52346,13 @@
 CVE-2015-8259
 	RESERVED
 CVE-2015-8258 (AXIS Communications products with firmware through 5.80.x allow remote ...)
-	TODO: check
+	NOT-FOR-US: AXIS Communications
 CVE-2015-8257
 	RESERVED
 CVE-2015-8256
 	RESERVED
 CVE-2015-8255 (AXIS Communications products allow CSRF, as demonstrated by ...)
-	TODO: check
+	NOT-FOR-US: AXIS Communications
 CVE-2015-8254 (The Frontel protocol before 3 on RSI Video Technologies Videofied ...)
 	NOT-FOR-US: Frontel
 CVE-2015-8253 (The Frontel protocol before 3 on RSI Video Technologies Videofied ...)
@@ -55288,9 +55288,9 @@
 CVE-2015-7293
 	RESERVED
 CVE-2015-7292 (Stack-based buffer overflow in the havok_write function in ...)
-	TODO: check
+ 	NOT-FOR-US: Amazon Fire OS
 CVE-2015-7291 (Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the ...)
-	NOT-FOR-US: Arris
+ 	NOT-FOR-US: Arris
 CVE-2015-7290 (Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web ...)
 	NOT-FOR-US: Arris
 CVE-2015-7289 (Arris DG860A, TG862A, and TG862G devices with firmware ...)
@@ -55342,17 +55342,17 @@
 CVE-2015-7266
 	RESERVED
 CVE-2015-7265 (Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request ...)
-	TODO: check
+	NOT-FOR-US: Facebook Proxygen
 CVE-2015-7264 (The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a ...)
-	TODO: check
+	NOT-FOR-US: Facebook Proxygen
 CVE-2015-7263 (The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Facebook Proxygen
 CVE-2015-7262 (QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage ...)
 	NOT-FOR-US: QNAP
 CVE-2015-7261 (The FTP service in QNAP iArtist Lite before 1.4.54, as distributed ...)
 	NOT-FOR-US: QNAP
 CVE-2015-7260 (Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain ...)
-	TODO: check
+	NOT-FOR-US: Liebert MultiLink Automated Shutdown
 CVE-2015-7259
 	RESERVED
 CVE-2015-7258
@@ -58393,7 +58393,7 @@
 CVE-2015-6036 (QNAP Signage Station before 2.0.1 allows remote attackers to bypass ...)
 	NOT-FOR-US: QNAP Signage Station
 CVE-2015-6035 (Opsview before 2015-11-06 has XSS via SNMP. ...)
-	TODO: check
+	NOT-FOR-US: Opsview
 CVE-2015-6034 (EPSON Network Utility 4.10 uses weak permissions (Everyone: Full ...)
 	NOT-FOR-US: Epson
 CVE-2015-6033 (Qolsys IQ Panel (aka QOL) before 1.5.1 does not verify the digital ...)
@@ -58410,9 +58410,9 @@
 CVE-2015-6029 (HP ArcSight Logger before 6.0 P2 does not limit attempts to ...)
 	NOT-FOR-US: HP Arcsight Logger
 CVE-2015-6028 (Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the ...)
-	TODO: check
+	NOT-FOR-US: Castle Rock Computing SNMPc
 CVE-2015-6027 (Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP. ...)
-	TODO: check
+	NOT-FOR-US: Castle Rock Computing SNMPc
 CVE-2015-6026
 	RESERVED
 CVE-2015-6025
@@ -58424,7 +58424,7 @@
 CVE-2015-6022 (Unrestricted file upload vulnerability in QNAP Signage Station before ...)
 	NOT-FOR-US: QNAP Signage Station
 CVE-2015-6021 (Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response. ...)
-	TODO: check
+	NOT-FOR-US: Spiceworks Desktop
 CVE-2015-6020 (ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote ...)
 	NOT-FOR-US: ZyXEL
 CVE-2015-6019 (The management portal on ZyXEL PMG5318-B20A devices with firmware ...)

More information about the Secure-testing-commits mailing list