[Secure-testing-commits] r51023 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Apr 25 09:01:33 UTC 2017
Author: jmm
Date: 2017-04-25 09:01:32 +0000 (Tue, 25 Apr 2017)
New Revision: 51023
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-25 07:54:00 UTC (rev 51022)
+++ data/CVE/list 2017-04-25 09:01:32 UTC (rev 51023)
@@ -8,19 +8,19 @@
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
TODO: check, possibly affected only some head version
CVE-2017-8104 (In MyBB before 1.8.11, the smilie module allows Directory Traversal via ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2017-8103 (In MyBB before 1.8.11, the Email MyCode component allows XSS, as ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2017-8102 (Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an ...)
- TODO: check
+ - serendipity <removed>
CVE-2017-8101 (There is CSRF in Serendipity 2.0.5, allowing attackers to install any ...)
- TODO: check
+ - serendipity <removed>
CVE-2017-8100 (There is CSRF in the CopySafe Web Protection plugin before 2.6 for ...)
- TODO: check
+ NOT-FOR-US: CopySafe Web Protection plugin
CVE-2017-8099 (There is CSRF in the WHIZZ plugin before 1.1.1 for WordPress, allowing ...)
- TODO: check
+ NOT-FOR-US: WHIZZ plugin for Wordpress
CVE-2017-8098 (e107 2.1.4 is vulnerable to cross-site request forgery in ...)
- TODO: check
+ NOT-FOR-US: e107
CVE-2017-8097
RESERVED
CVE-2017-8096
@@ -46,17 +46,17 @@
CVE-2017-8086
RESERVED
CVE-2017-8085 (In Exponent CMS before 2.4.1 Patch #5, XSS in elFinder is possible in ...)
- TODO: check
+ NOT-FOR-US: Exponent CMS
CVE-2017-1000361 (DOMRpcImplementationNotAvailableException when sending Port-Status ...)
- TODO: check
+ NOT-FOR-US: OpenDaylight
CVE-2017-1000360 (StreamCorruptedException and NullPointerException in OpenDaylight ...)
- TODO: check
+ NOT-FOR-US: OpenDaylight
CVE-2017-1000359 (Java out of memory error and significant increase in resource ...)
- TODO: check
+ NOT-FOR-US: OpenDaylight
CVE-2017-1000358 (Controller throws an exception and does not allow user to add ...)
- TODO: check
+ NOT-FOR-US: OpenDaylight
CVE-2017-1000357 (Denial of Service attack when the switch rejects to receive packets ...)
- TODO: check
+ NOT-FOR-US: OpenDaylight
CVE-2017-8084
RESERVED
CVE-2017-8083
@@ -29993,11 +29993,11 @@
CVE-2016-6918
RESERVED
CVE-2016-6917 (Buffer overflow in nvhost_job.c in the NVIDIA video driver for ...)
- TODO: check
+ NOT-FOR-US: Nvidia driver for Android
CVE-2016-6916 (Integer overflow in nvhost_job.c in the NVIDIA video driver for ...)
- TODO: check
+ NOT-FOR-US: Nvidia driver for Android
CVE-2016-6915 (Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver ...)
- TODO: check
+ NOT-FOR-US: Nvidia driver for Android
CVE-2016-6914
RESERVED
CVE-2016-6913 (Cross-site scripting (XSS) vulnerability in AlienVault OSSIM before ...)
More information about the Secure-testing-commits
mailing list