[Secure-testing-commits] r58255 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 4 21:29:22 UTC 2017
Author: carnil
Date: 2017-12-04 21:29:22 +0000 (Mon, 04 Dec 2017)
New Revision: 58255
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-04 21:10:19 UTC (rev 58254)
+++ data/CVE/list 2017-12-04 21:29:22 UTC (rev 58255)
@@ -1542,9 +1542,9 @@
CVE-2017-17058 (The WooCommerce plugin through 3.x for WordPress has a Directory ...)
NOT-FOR-US: WooCommerce plugin for WordPress
CVE-2017-17057 (There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The ...)
- TODO: check
+ NOT-FOR-US: ZKTeco ZKTime Web Software
CVE-2017-17056 (The ZKTime Web Software 2.0.1.12280 allows the Administrator to ...)
- TODO: check
+ NOT-FOR-US: ZKTeco ZKTime Web Software
CVE-2017-17055
RESERVED
CVE-2017-17054 (In aubio 0.4.6, a divide-by-zero error exists in the function ...)
@@ -4127,7 +4127,7 @@
CVE-2017-16722
RESERVED
CVE-2017-16721 (A Cross-site Scripting issue was discovered in Geovap Reliance SCADA ...)
- TODO: check
+ NOT-FOR-US: Geovap Reliance SCADA
CVE-2017-16720
RESERVED
CVE-2017-16719 (An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort ...)
@@ -6518,7 +6518,7 @@
CVE-2017-15890
RESERVED
CVE-2017-15889 (Command injection vulnerability in smart.cgi in Synology DiskStation ...)
- TODO: check
+ NOT-FOR-US: Synology DiskStation Manager
CVE-2017-15888 (Cross-site scripting (XSS) vulnerability in Custom Internet Radio List ...)
NOT-FOR-US: Synology
CVE-2017-15887 (An improper restriction of excessive authentication attempts ...)
@@ -17581,9 +17581,9 @@
CVE-2017-12081
RESERVED
CVE-2017-12080 (An information exposure vulnerability in default HTTP configuration ...)
- TODO: check
+ NOT-FOR-US: Synology Photo Station
CVE-2017-12079 (Files or directories accessible to external parties vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Synology Photo Station
CVE-2017-12078
RESERVED
CVE-2017-12077 (Uncontrolled Resource Consumption vulnerability in ...)
@@ -20751,7 +20751,7 @@
CVE-2017-11019
RESERVED
CVE-2017-11018 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-11017 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
TODO: check
CVE-2017-11016
@@ -20763,7 +20763,7 @@
CVE-2017-11013 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
TODO: check
CVE-2017-11012 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2017-11011
RESERVED
CVE-2017-11010
@@ -21124,13 +21124,13 @@
CVE-2017-10904
RESERVED
CVE-2017-10903 (Improper authentication issue in PTW-WMS1 firmware version 2.000.012 ...)
- TODO: check
+ NOT-FOR-US: PTW-WMS1 firmware
CVE-2017-10902 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: PTW-WMS1 firmware
CVE-2017-10901 (Buffer overflow in PTW-WMS1 firmware version 2.000.012 allows remote ...)
- TODO: check
+ NOT-FOR-US: PTW-WMS1 firmware
CVE-2017-10900 (PTW-WMS1 firmware version 2.000.012 allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: PTW-WMS1 firmware
CVE-2017-10899 (SQL injection vulnerability in the A-Reserve and A-Reserve for MT ...)
TODO: check
CVE-2017-10898 (SQL injection vulnerability in the A-Member and A-Member for MT cloud ...)
@@ -21140,15 +21140,15 @@
CVE-2017-10896
RESERVED
CVE-2017-10895 (sDNSProxy.exe ver1.1.0.0 and earlier allows remote attackers to cause ...)
- TODO: check
+ NOT-FOR-US: sDNSProxy
CVE-2017-10894 (StreamRelay.NET.exe ver2.14.0.7 and earlier allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: StreamRelay.NET
CVE-2017-10893
RESERVED
CVE-2017-10892 (Untrusted search path vulnerability in Music Center for PC version ...)
- TODO: check
+ NOT-FOR-US: Music Center for PC
CVE-2017-10891 (Untrusted search path vulnerability in Media Go version 3.2.0.191 and ...)
- TODO: check
+ NOT-FOR-US: Media Go
CVE-2017-10890 (Session management issue in RX-V200 firmware versions prior to ...)
NOT-FOR-US: RX-V200 firmware
CVE-2017-10889 (TablePress prior to version 1.8.1 allows an attacker to conduct XML ...)
@@ -21182,7 +21182,7 @@
CVE-2017-10875 (I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an ...)
NOT-FOR-US: I-O DATA DEVICE LAN DISK Connect
CVE-2017-10874 (PWR-Q200 does not use random values for source ports of DNS query ...)
- TODO: check
+ NOT-FOR-US: PWR-Q200
CVE-2017-10873 (OpenAM (Open Source Edition) allows an attacker to bypass ...)
NOT-FOR-US: OpenAM
CVE-2017-10872
@@ -21208,7 +21208,7 @@
CVE-2017-10862 (jwt-scala 1.2.2 and earlier fails to verify token signatures correctly ...)
NOT-FOR-US: jwt-scala
CVE-2017-10861 (Directory traversal vulnerability in QND Advance/Standard allows an ...)
- TODO: check
+ NOT-FOR-US: QND Advance/Standard
CVE-2017-10860 (Untrusted search path vulnerability in "i-filter 6.0 installer" ...)
NOT-FOR-US: i-filter 6.0 installer
CVE-2017-10859 (Untrusted search path vulnerability in "i-filter 6.0 installer" ...)
More information about the Secure-testing-commits
mailing list