[Secure-testing-commits] r50620 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Apr 13 10:01:52 UTC 2017
Author: jmm
Date: 2017-04-13 10:01:52 +0000 (Thu, 13 Apr 2017)
New Revision: 50620
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-13 09:45:52 UTC (rev 50619)
+++ data/CVE/list 2017-04-13 10:01:52 UTC (rev 50620)
@@ -491,11 +491,11 @@
CVE-2017-7629
RESERVED
CVE-2017-7628 (The "Smart related articles" extension 1.1 for Joomla! has SQL ...)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2017-7627 (The "Smart related articles" extension 1.1 for Joomla! does not prevent ...)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2017-7626 (The "Smart related articles" extension 1.1 for Joomla! has XSS in ...)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2017-7625 (In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the ...)
NOT-FOR-US: Fiyo CMS
CVE-2017-7624 (The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ...)
@@ -1543,17 +1543,17 @@
CVE-2017-7285 (A vulnerability in the network stack of MikroTik Version 6.38.5 ...)
NOT-FOR-US: MikroTik
CVE-2017-7284 (An attacker that has hijacked a Unitrends Enterprise Backup (before ...)
- TODO: check
+ NOT-FOR-US: Unitrends Enterprise Backup
CVE-2017-7283
RESERVED
CVE-2017-7282
RESERVED
CVE-2017-7281 (An issue was discovered in Unitrends Enterprise Backup before 9.1.2. A ...)
- TODO: check
+ NOT-FOR-US: Unitrends Enterprise Backup
CVE-2017-7280 (An issue was discovered in api/includes/systems.php in Unitrends ...)
- TODO: check
+ NOT-FOR-US: Unitrends Enterprise Backup
CVE-2017-7279 (An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 ...)
- TODO: check
+ NOT-FOR-US: Unitrends Enterprise Backup
CVE-2017-7278
RESERVED
CVE-2017-7277 (The TCP stack in the Linux kernel through 4.10.6 mishandles the ...)
@@ -32517,7 +32517,7 @@
CVE-2016-5857 (The Qualcomm SPCom driver in Android before 7.0 allows local users to ...)
NOTE: Red Hat seem to have typoed the CVE, which should be CVE-2016-5875, asked to confirm
CVE-2016-5856 (Drivers/soc/qcom/spcom.c in the Qualcom SPCom driver in the Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm driver for Android
CVE-2016-5855
RESERVED
CVE-2016-5854
@@ -34354,7 +34354,7 @@
NOTE: Reproducer http://bugzilla.maptools.org/attachment.cgi?id=654
NOTE: Upstream fix https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2
CVE-2016-5313 (Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2016-5312
RESERVED
CVE-2016-5311
@@ -36452,19 +36452,19 @@
CVE-2016-4898
RESERVED
CVE-2016-4897 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
- TODO: check
+ NOT-FOR-US: Usermin
CVE-2016-4896 (SetucoCMS allows remote attackers to alter or disclose information, ...)
- TODO: check
+ NOT-FOR-US: SetucoCMS
CVE-2016-4895 (SetucoCMS allows remote authenticated users to execute arbitrary code. ...)
- TODO: check
+ NOT-FOR-US: SetucoCMS
CVE-2016-4894 (SetucoCMS allows remote attackers to cause a denial of service. ...)
- TODO: check
+ NOT-FOR-US: SetucoCMS
CVE-2016-4893 (SQL injection vulnerability in SetucoCMS. ...)
- TODO: check
+ NOT-FOR-US: SetucoCMS
CVE-2016-4892 (Cross-site scripting (XSS) vulnerability in SetucoCMS. ...)
- TODO: check
+ NOT-FOR-US: SetucoCMS
CVE-2016-4891 (Cross-site request forgery (CSRF) vulnerability in SetucoCMS. ...)
- TODO: check
+ NOT-FOR-US: SetucoCMS
CVE-2016-4890
RESERVED
CVE-2016-4889
@@ -38064,7 +38064,7 @@
NOTE: http://seclists.org/bugtraq/2016/May/11
NOTE: https://support.zabbix.com/browse/ZBX-10741
CVE-2016-4337 (SQL injection vulnerability in the mgr.login.php file in Ktools.net ...)
- TODO: check
+ NOT-FOR-US: Photostore
CVE-2016-4336 (An exploitable out-of-bounds write exists in the Bzip2 parsing of the ...)
NOT-FOR-US: Lexmark Document Filters
CVE-2016-4335 (An exploitable buffer overflow exists in the XLS parsing of the ...)
@@ -48481,9 +48481,9 @@
CVE-2016-1180 (Cross-site scripting (XSS) vulnerability in the Cyber-Will ...)
NOT-FOR-US: Cyber-Will Social-button Premium plugin
CVE-2016-1179 (Cross-site scripting (XSS) vulnerability in the standard template of ...)
- TODO: check
+ NOT-FOR-US: appleple a-blog cms
CVE-2016-1178 (The session management of the comment functionality in appleple a-blog ...)
- TODO: check
+ NOT-FOR-US: appleple a-blog cms
CVE-2016-1177 (The management screen in Falcon WisePoint 4.3.1 and earlier and ...)
NOT-FOR-US: Falcon WisePoint
CVE-2016-1176 (Buffer overflow in the ActiveX control in Sharp EVA Animeter allows ...)
@@ -54976,11 +54976,11 @@
CVE-2015-7565
RESERVED
CVE-2015-7564 (Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier ...)
- TODO: check
+ NOT-FOR-US: TeamPass
CVE-2015-7563 (Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and ...)
- TODO: check
+ NOT-FOR-US: TeamPass
CVE-2015-7562 (Mulitple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 ...)
- TODO: check
+ NOT-FOR-US: TeamPass
CVE-2015-7561
RESERVED
NOT-FOR-US: OpenShift
More information about the Secure-testing-commits
mailing list