[Secure-testing-commits] r49121 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Feb 22 10:49:26 UTC 2017
Author: jmm
Date: 2017-02-22 10:49:26 +0000 (Wed, 22 Feb 2017)
New Revision: 49121
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-22 09:45:03 UTC (rev 49120)
+++ data/CVE/list 2017-02-22 10:49:26 UTC (rev 49121)
@@ -6183,47 +6183,47 @@
CVE-2017-3848
RESERVED
CVE-2017-3847 (A vulnerability in the web framework of Cisco Firepower Management ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3846
RESERVED
CVE-2017-3845 (A vulnerability in the web-based management interface of Cisco Prime ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3844 (A vulnerability in exporting functions of the user interface for Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3843 (A vulnerability in the file download functions for Cisco Prime ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3842 (A vulnerability in the web-based management interface of the Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3841 (A vulnerability in the web interface of the Cisco Secure Access Control ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3840 (A vulnerability in the web interface of the Cisco Secure Access Control ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3839 (An XML External Entity vulnerability in the web-based user interface of ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3838 (A vulnerability in Cisco Secure Access Control System (ACS) could allow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3837 (An HTTP Packet Processing vulnerability in the Web Bridge interface of ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3836 (A vulnerability in the web framework Cisco Unified Communications ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3835 (A vulnerability in the sponsor portal of Cisco Identity Services Engine ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3834
RESERVED
CVE-2017-3833 (A vulnerability in the web framework of Cisco Unified Communications ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3832
RESERVED
CVE-2017-3831
RESERVED
CVE-2017-3830 (A vulnerability in an internal API of the Cisco Meeting Server (CMS) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3829 (A vulnerability in the web-based management interface of Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3828 (A vulnerability in the web-based management interface of Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3827 (A vulnerability in the Multipurpose Internet Mail Extensions (MIME) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3826
RESERVED
CVE-2017-3825
@@ -6235,7 +6235,7 @@
CVE-2017-3822 (A vulnerability in the logging subsystem of the Cisco Firepower Threat ...)
NOT-FOR-US: Cisco Firepower Threat Defense
CVE-2017-3821 (A vulnerability in the serviceability page of Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2017-3820 (A vulnerability in Simple Network Management Protocol (SNMP) functions ...)
NOT-FOR-US: Cisco IOS XE
CVE-2017-3819
@@ -9636,7 +9636,7 @@
CVE-2017-2685
RESERVED
CVE-2017-2684 (Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2017-2683
RESERVED
CVE-2017-2682
@@ -14599,11 +14599,11 @@
NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b57da0630c9fd36ed7a20fc0f98dc82cc0777fa (v4.9-rc8)
NOTE: https://groups.google.com/forum/#!topic/syzkaller/GFbGpX7nTEo
CVE-2016-9684 (The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2016-9683 (The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2016-9682 (The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2016-9681 (Multiple cross-site scripting (XSS) vulnerabilities in Serendipity ...)
- serendipity <removed>
CVE-2016-9680 (Citrix Provisioning Services before 7.12 allows attackers to obtain ...)
@@ -52552,29 +52552,29 @@
CVE-2015-6635
RESERVED
CVE-2015-6634 (The display drivers in Android before 5.1.1 LMY48Z allow remote ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6633 (The display drivers in Android before 5.1.1 LMY48Z and 6.0 before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6632 (libstagefright in Android before 5.1.1 LMY48Z and 6.0 before ...)
NOT-FOR-US: libstagefright
CVE-2015-6631 (libstagefright in Android before 5.1.1 LMY48Z and 6.0 before ...)
NOT-FOR-US: libstagefright
CVE-2015-6630 (SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6629 (Wi-Fi in Android 5.x before 5.1.1 LMY48Z allows attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6628 (Media Framework in Android before 5.1.1 LMY48Z and 6.0 before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6627 (The Audio component in Android before 5.1.1 LMY48Z and 6.0 before ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6626 (libstagefright in Android before 5.1.1 LMY48Z and 6.0 before ...)
NOT-FOR-US: libstagefright
CVE-2015-6625 (System Server in Android 6.0 before 2015-12-01 allows attackers to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6624 (System Server in Android 6.0 before 2015-12-01 allows attackers to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6623 (Wi-Fi in Android 6.0 before 2015-12-01 allows attackers to gain ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6622 (The Native Frameworks Library in Android before 5.1.1 LMY48Z and 6.0 ...)
TODO: check
CVE-2015-6621 (SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 ...)
@@ -52584,27 +52584,27 @@
CVE-2015-6619 (The kernel in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 ...)
TODO: check
CVE-2015-6618 (Bluetooth in Android 4.4 and 5.x before 5.1.1 LMY48Z allows ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6617 (Skia, as used in Android before 5.1.1 LMY48Z and 6.0 before ...)
TODO: check
CVE-2015-6616 (mediaserver in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 ...)
- TODO: check
+ NOT-FOR-US: mediaserver in Android
CVE-2015-6615
RESERVED
CVE-2015-6614 (Telephony in Android 5.x before 5.1.1 LMY48X allows attackers to gain ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6613 (Bluetooth in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6612 (libmedia in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2015-6611 (mediaserver in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 ...)
- TODO: check
+ NOT-FOR-US: mediaserver in Android
CVE-2015-6610 (libstagefright in Android before 5.1.1 LMY48X and 6.0 before ...)
NOT-FOR-US: libstagefright
CVE-2015-6609 (libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 ...)
- android-platform-frameworks-native <unfixed> (unimportant; bug #806375)
CVE-2015-6608 (mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before ...)
- TODO: check
+ NOT-FOR-US: mediaserver in Android
CVE-2015-6607 (SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows ...)
TODO: check
CVE-2015-6606 (The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin ...)
@@ -52726,17 +52726,17 @@
CVE-2015-6556 (EACommunicatorSrv.exe in the Framework Service in the client in ...)
TODO: check
CVE-2015-6555 (Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-6554 (Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2015-6553
REJECTED
CVE-2015-6552 (The management-services protocol implementation in Veritas NetBackup ...)
- TODO: check
+ NOT-FOR-US: Veritas NetBackup
CVE-2015-6551 (Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and ...)
- TODO: check
+ NOT-FOR-US: Veritas NetBackup
CVE-2015-6550 (bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through ...)
- TODO: check
+ NOT-FOR-US: Veritas NetBackup
CVE-2015-6549 (Cross-site scripting (XSS) vulnerability in an application console in ...)
NOT-FOR-US: Symantec NetBackup OpsCenter
CVE-2015-6548 (Multiple SQL injection vulnerabilities in a PHP script in the ...)
More information about the Secure-testing-commits
mailing list