[Secure-testing-commits] r55219 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Aug 30 04:32:44 UTC 2017
Author: carnil
Date: 2017-08-30 04:32:44 +0000 (Wed, 30 Aug 2017)
New Revision: 55219
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-30 04:25:26 UTC (rev 55218)
+++ data/CVE/list 2017-08-30 04:32:44 UTC (rev 55219)
@@ -124,7 +124,7 @@
CVE-2017-13716 (The C++ symbol demangler routine in cplus-dem.c in libiberty, as ...)
TODO: check
CVE-2016-10503 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-13715 (The __skb_flow_dissect function in net/core/flow_dissector.c in the ...)
- linux 4.3.1-1
[jessie] - linux <not-affected> (Vulnerable code introduced later)
@@ -2544,7 +2544,7 @@
CVE-2017-12857 (Polycom SoundStation IP, VVX, and RealPresence Trio that are running ...)
NOT-FOR-US: Polycom
CVE-2017-12856 (Cross-site scripting (XSS) vulnerability in C.P.Sub 5.2 allows remote ...)
- TODO: check
+ NOT-FOR-US: C.P.Sub
CVE-2017-12854
RESERVED
CVE-2017-12874 [Incorrect signature verification]
@@ -2814,7 +2814,7 @@
CVE-2017-12776 (SQL injection vulnerability in reports.php in NexusPHP 1.5 allows ...)
NOT-FOR-US: NexusPHP
CVE-2017-12775 (qa-include/qa-install.php in Question2Answer before 1.7.5 allows ...)
- TODO: check
+ NOT-FOR-US: question2answer
CVE-2017-12774 (finecms in 1.9.5\controllers\member\ContentController.php allows ...)
NOT-FOR-US: FineCMS
CVE-2017-12773
@@ -3710,7 +3710,7 @@
CVE-2017-12423
RESERVED
CVE-2017-12422 (NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before ...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2017-12421
RESERVED
CVE-2017-12420 (Heap-based buffer overflow in the SMB implementation in NetApp ...)
@@ -6099,7 +6099,7 @@
CVE-2017-11456 (Geneko GWR routers allow directory traversal sequences starting with a ...)
NOT-FOR-US: Geneko GWR routers
CVE-2017-11455 (diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through ...)
- TODO: check
+ NOT-FOR-US: Pulse Connect Secure
CVE-2017-11454
RESERVED
CVE-2017-11453
@@ -7777,11 +7777,11 @@
CVE-2017-10953
RESERVED
CVE-2017-10952 (This vulnerability allows remote attackers to execute arbitrary code ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2017-10951 (This vulnerability allows remote attackers to execute arbitrary code ...)
- TODO: check
+ NOT-FOR-US: Foxit Reader
CVE-2017-10950 (This vulnerability allows local attackers to execute arbitrary code on ...)
- TODO: check
+ NOT-FOR-US: Bitdefender Total Security
CVE-2017-10949 (Directory Traversal in Dell Storage Manager 2016 R2.1 causes ...)
NOT-FOR-US: Dell Storage Manager
CVE-2017-10948
@@ -8009,9 +8009,9 @@
CVE-2017-10832 ("Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows ...)
NOT-FOR-US: "Dokodemo eye Smart HD" SCR02HD Firmware
CVE-2017-10831 (Untrusted search path vulnerability in The electronic authentication ...)
- TODO: check
+ NOT-FOR-US: The CRCA user's Software system
CVE-2017-10830 (Untrusted search path vulnerability in Security Setup Tool all ...)
- TODO: check
+ NOT-FOR-US: Security Setup Tool
CVE-2017-10829
RESERVED
CVE-2017-10828 (Untrusted search path vulnerability in Flets Install Tool all versions ...)
@@ -59664,11 +59664,11 @@
CVE-2016-2980
RESERVED
CVE-2016-2979 (IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2978
RESERVED
CVE-2016-2977 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2976
RESERVED
CVE-2016-2975
@@ -59676,15 +59676,15 @@
CVE-2016-2974
RESERVED
CVE-2016-2973 (IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2972 (IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2971 (IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2970 (IBM Sametime 8.5 and 9.0 meetings server may provide detailed ...)
NOT-FOR-US: IBM
CVE-2016-2969 (IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2968 (IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows ...)
NOT-FOR-US: IBM
CVE-2016-2967
@@ -59692,7 +59692,7 @@
CVE-2016-2966
RESERVED
CVE-2016-2965 (IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2964
RESERVED
CVE-2016-2963 (Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote ...)
@@ -59704,7 +59704,7 @@
CVE-2016-2960 (IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.0.x ...)
NOT-FOR-US: IBM
CVE-2016-2959 (IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-2958 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 ...)
NOT-FOR-US: IBM
CVE-2016-2957 (IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 ...)
@@ -69136,11 +69136,11 @@
CVE-2016-0357 (IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through ...)
NOT-FOR-US: IBM
CVE-2016-0356 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0355 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0354 (IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2016-0353 (IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when ...)
NOT-FOR-US: IBM
CVE-2016-0352
@@ -70443,7 +70443,7 @@
CVE-2015-8335 (Huawei VCN500 with software before V100R002C00SPC201 logs passwords in ...)
NOT-FOR-US: Huawei
CVE-2015-8334 (SQL injection vulnerability in the Operation and Maintenance Unit ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2015-8333 (The Operation and Maintenance Unit (OMU) in Huawei VCN500 with ...)
NOT-FOR-US: Huawei
CVE-2015-8332 (Huawei Video Content Management (VCM) before V100R001C10SPC001 does ...)
@@ -73031,7 +73031,7 @@
CVE-2015-7518 (Multiple cross-site scripting (XSS) vulnerabilities in information ...)
- foreman <itp> (bug #663101)
CVE-2015-7517 (Multiple SQL injection vulnerabilities in the Double Opt-In for ...)
- TODO: check
+ NOT-FOR-US: Double Opt-In for Download plugin for WordPress
CVE-2015-7516 (ONOS before 1.5.0 when using the ifwd app allows remote attackers to ...)
NOT-FOR-US: Onos
CVE-2015-7515 (The aiptek_probe function in drivers/input/tablet/aiptek.c in the ...)
@@ -73683,7 +73683,7 @@
CVE-2015-7256
RESERVED
CVE-2015-7255 (ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2015-7254 (Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s ...)
NOT-FOR-US: Huawei
CVE-2015-7253 (The Web Console in Commvault Edge Server 10 R2 allows remote attackers ...)
@@ -75525,7 +75525,7 @@
CVE-2015-6589
RESERVED
CVE-2015-6588 (Cross-site scripting (XSS) vulnerability in login-fsp.html in MODX ...)
- TODO: check
+ NOT-FOR-US: MODX Revolution
CVE-2015-6587 (The vlserver in OpenAFS before 1.6.13 allows remote authenticated ...)
{DSA-3320-1 DLA-342-1}
- openafs 1.6.13-1
@@ -80937,7 +80937,7 @@
CVE-2015-4650
RESERVED
CVE-2015-4649 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
- TODO: check
+ NOT-FOR-US: Aruba Networks ClearPass Policy Manager
CVE-2015-4648 (Stack-based buffer overflow in the Ipropsapi.ipropsapiCtrl.1 ActiveX ...)
NOT-FOR-US: Pansonic Security API
CVE-2015-4647 (Multiple stack-based buffer overflows in Ipropsapi in Panasonic ...)
@@ -83570,15 +83570,15 @@
CVE-2015-3658 (The Page Loading functionality in WebKit in Apple Safari before 6.2.7, ...)
NOT-FOR-US: Apple WebKit
CVE-2015-3657 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
- TODO: check
+ NOT-FOR-US: Aruba Networks ClearPass Policy Manager
CVE-2015-3656 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
- TODO: check
+ NOT-FOR-US: Aruba Networks ClearPass Policy Manager
CVE-2015-3655 (Cross-site request forgery (CSRF) vulnerability in Aruba Networks ...)
- TODO: check
+ NOT-FOR-US: Aruba Networks ClearPass Policy Manager
CVE-2015-3654 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
- TODO: check
+ NOT-FOR-US: Aruba Networks ClearPass Policy Manager
CVE-2015-3653 (Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before ...)
- TODO: check
+ NOT-FOR-US: Aruba Networks ClearPass Policy Manager
CVE-2015-3652
RESERVED
CVE-2015-3651
More information about the Secure-testing-commits
mailing list