[Secure-testing-commits] r55297 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Aug 31 09:18:08 UTC 2017
Author: carnil
Date: 2017-08-31 09:18:08 +0000 (Thu, 31 Aug 2017)
New Revision: 55297
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-31 09:17:42 UTC (rev 55296)
+++ data/CVE/list 2017-08-31 09:18:08 UTC (rev 55297)
@@ -15,13 +15,13 @@
CVE-2017-14043
RESERVED
CVE-2017-14038 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect ...)
- TODO: check
+ NOT-FOR-US: CrushFTP
CVE-2017-14037 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header ...)
- TODO: check
+ NOT-FOR-US: CrushFTP
CVE-2017-14036 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has XSS. ...)
- TODO: check
+ NOT-FOR-US: CrushFTP
CVE-2017-14035 (CrushFTP 8.x before 8.2.0 has a serialization vulnerability. ...)
- TODO: check
+ NOT-FOR-US: CrushFTP
CVE-2017-14051 (An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in ...)
- linux <unfixed>
NOTE: https://patchwork.kernel.org/patch/9929625/
@@ -953,7 +953,7 @@
CVE-2017-13671 (app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent ...)
NOT-FOR-US: MISP (Malware Information Sharing Platform and Threat Sharing)
CVE-2017-13670 (In BlackCat CMS 1.2, remote authenticated users can upload any file via ...)
- TODO: check
+ NOT-FOR-US: BlackCat CMS
CVE-2017-13669 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered ...)
NOT-FOR-US: NexusPHP
CVE-2017-13668
More information about the Secure-testing-commits
mailing list