[Secure-testing-commits] r58723 - data/CVE

Raphael Geissert geissert at moszumanska.debian.org
Wed Dec 20 13:44:02 UTC 2017 

Author: geissert
Date: 2017-12-20 13:44:02 +0000 (Wed, 20 Dec 2017)
New Revision: 58723

Modified:
   data/CVE/list
Log:
NFUs, piwigo issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-20 13:33:30 UTC (rev 58722)
+++ data/CVE/list	2017-12-20 13:44:02 UTC (rev 58723)
@@ -115,19 +115,19 @@
 CVE-2017-17781
 	RESERVED
 CVE-2017-17780 (The Clockwork SMS clockwork-test-message.php component has XSS via a ...)
-	TODO: check
+	NOT-FOR-US: Clockwork SMS plugins for WordPress
 CVE-2017-17779 (Paid To Read Script 2.0.5 has SQL injection via the referrals.php id ...)
-	TODO: check
+	NOT-FOR-US: Paid To Read Script
 CVE-2017-17778 (Paid To Read Script 2.0.5 has XSS via the referrals.php tier parameter ...)
-	TODO: check
+	NOT-FOR-US: Paid To Read Script
 CVE-2017-17777 (Paid To Read Script 2.0.5 has authentication bypass in the admin panel ...)
-	TODO: check
+	NOT-FOR-US: Paid To Read Script
 CVE-2017-17776 (Paid To Read Script 2.0.5 has full path disclosure via an invalid ...)
-	TODO: check
+	NOT-FOR-US: Paid To Read Script
 CVE-2017-17775 (Piwigo 2.9.2 has XSS via the name parameter in an ...)
-	TODO: check
+	- piwigo <removed>
 CVE-2017-17774 (admin/configuration.php in Piwigo 2.9.2 has CSRF. ...)
-	TODO: check
+	- piwigo <removed>
 CVE-2017-17773
 	RESERVED
 CVE-2017-17772
@@ -149,11 +149,11 @@
 CVE-2017-17764
 	RESERVED
 CVE-2017-17763 (SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share ...)
-	TODO: check
+	NOT-FOR-US: SuperBeam
 CVE-2017-17762
 	RESERVED
 CVE-2017-17761 (An issue was discovered on Ichano AtHome IP Camera devices. The device ...)
-	TODO: check
+	NOT-FOR-US: Ichano AtHome IP Camera
 CVE-2017-17476 [OSA-2017-10: Session hijacking]
 	RESERVED
 	- otrs2 6.0.3-1 (bug #884801)
@@ -195,7 +195,7 @@
 CVE-2017-17760
 	RESERVED
 CVE-2017-17759 (Conarc iChannel allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOT-FOR-US: Conarc iChannel
 CVE-2017-17758 (TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to ...)
 	NOT-FOR-US: TP-Link
 CVE-2017-17757 (TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to ...)
@@ -2730,7 +2730,7 @@
 CVE-2017-17699 (K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer ...)
 	NOT-FOR-US: K7 Antivirus
 CVE-2017-17698 (Zoho ManageEngine Password Manager Pro 9 before 9.4 (9400) has ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine Password Manager Pro
 CVE-2017-17697 (The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 has ...)
 	TODO: check
 CVE-2017-17696 (Techno - Portfolio Management Panel through 2017-11-16 allows full path ...)

More information about the Secure-testing-commits mailing list