[Secure-testing-commits] r58723 - data/CVE
Raphael Geissert
geissert at moszumanska.debian.org
Wed Dec 20 13:44:02 UTC 2017
Author: geissert
Date: 2017-12-20 13:44:02 +0000 (Wed, 20 Dec 2017)
New Revision: 58723
Modified:
data/CVE/list
Log:
NFUs, piwigo issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-20 13:33:30 UTC (rev 58722)
+++ data/CVE/list 2017-12-20 13:44:02 UTC (rev 58723)
@@ -115,19 +115,19 @@
CVE-2017-17781
RESERVED
CVE-2017-17780 (The Clockwork SMS clockwork-test-message.php component has XSS via a ...)
- TODO: check
+ NOT-FOR-US: Clockwork SMS plugins for WordPress
CVE-2017-17779 (Paid To Read Script 2.0.5 has SQL injection via the referrals.php id ...)
- TODO: check
+ NOT-FOR-US: Paid To Read Script
CVE-2017-17778 (Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter ...)
- TODO: check
+ NOT-FOR-US: Paid To Read Script
CVE-2017-17777 (Paid To Read Script 2.0.5 has authentication bypass in the admin panel ...)
- TODO: check
+ NOT-FOR-US: Paid To Read Script
CVE-2017-17776 (Paid To Read Script 2.0.5 has full path disclosure via an invalid ...)
- TODO: check
+ NOT-FOR-US: Paid To Read Script
CVE-2017-17775 (Piwigo 2.9.2 has XSS via the name parameter in an ...)
- TODO: check
+ - piwigo <removed>
CVE-2017-17774 (admin/configuration.php in Piwigo 2.9.2 has CSRF. ...)
- TODO: check
+ - piwigo <removed>
CVE-2017-17773
RESERVED
CVE-2017-17772
@@ -149,11 +149,11 @@
CVE-2017-17764
RESERVED
CVE-2017-17763 (SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share ...)
- TODO: check
+ NOT-FOR-US: SuperBeam
CVE-2017-17762
RESERVED
CVE-2017-17761 (An issue was discovered on Ichano AtHome IP Camera devices. The device ...)
- TODO: check
+ NOT-FOR-US: Ichano AtHome IP Camera
CVE-2017-17476 [OSA-2017-10: Session hijacking]
RESERVED
- otrs2 6.0.3-1 (bug #884801)
@@ -195,7 +195,7 @@
CVE-2017-17760
RESERVED
CVE-2017-17759 (Conarc iChannel allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Conarc iChannel
CVE-2017-17758 (TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to ...)
NOT-FOR-US: TP-Link
CVE-2017-17757 (TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to ...)
@@ -2730,7 +2730,7 @@
CVE-2017-17699 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer ...)
NOT-FOR-US: K7 Antivirus
CVE-2017-17698 (Zoho ManageEngine Password Manager Pro 9 before 9.4 (9400) has ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine Password Manager Pro
CVE-2017-17697 (The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 has ...)
TODO: check
CVE-2017-17696 (Techno - Portfolio Management Panel through 2017-11-16 allows full path ...)
More information about the Secure-testing-commits
mailing list