[Secure-testing-commits] r53272 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jul 8 07:42:15 UTC 2017
Author: carnil
Date: 2017-07-08 07:42:15 +0000 (Sat, 08 Jul 2017)
New Revision: 53272
Modified:
data/CVE/list
Log:
Process several NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-08 04:47:48 UTC (rev 53271)
+++ data/CVE/list 2017-07-08 07:42:15 UTC (rev 53272)
@@ -8138,7 +8138,7 @@
CVE-2017-7951 (WonderCMS before 2.0.3 has CSRF because of lack of a token in an ...)
NOT-FOR-US: WonderCMS
CVE-2017-7950 (Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: Nitro Pro
CVE-2017-7949
RESERVED
CVE-2017-7948 (Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 ...)
@@ -10061,11 +10061,11 @@
NOTE: https://github.com/curl/curl/commit/1890d59905414ab84a35892b2e45833654aa5c13
NOTE: Negligable security impact
CVE-2017-7406 (The D-Link DIR-615 device before v20.12PTb04 doesn't use SSL for any of ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2017-7405 (On the D-Link DIR-615 before v20.12PTb04, once authenticated, this ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2017-7404 (On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2017-7403
RESERVED
CVE-2017-7402 (Pixie 1.0.4 allows remote authenticated users to upload and execute ...)
@@ -11737,7 +11737,7 @@
CVE-2017-6869
RESERVED
CVE-2017-6868 (An Improper Authentication issue was discovered in Siemens SIMATIC CP ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2017-6867 (A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before ...)
NOT-FOR-US: Siemens
CVE-2017-6866
@@ -25251,7 +25251,7 @@
CVE-2017-2245 (Directory traversal vulnerability in Shortcodes Ultimate prior to ...)
TODO: check
CVE-2017-2244 (Cross-site request forgery (CSRF) vulnerability in MFC-J960DWN ...)
- TODO: check
+ NOT-FOR-US: MFC-J960DWN firmware
CVE-2017-2243 (Cross-site scripting vulnerability in Responsive Lightbox prior to ...)
TODO: check
CVE-2017-2242
@@ -25263,35 +25263,35 @@
CVE-2017-2239 (Marp versions v0.0.10 and earlier may allow an attacker to access ...)
TODO: check
CVE-2017-2238 (Cross-site request forgery (CSRF) vulnerability in Toshiba Home ...)
- TODO: check
+ NOT-FOR-US: Toshiba Home gateway HEM-GW16A
CVE-2017-2237 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and ...)
- TODO: check
+ NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
CVE-2017-2236 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and ...)
- TODO: check
+ NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
CVE-2017-2235 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and ...)
- TODO: check
+ NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
CVE-2017-2234 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and ...)
- TODO: check
+ NOT-FOR-US: Toshiba Home gateway HEM-GW16A firmware
CVE-2017-2233 (Untrusted search path vulnerability in Installer of PDF Digital ...)
- TODO: check
+ NOT-FOR-US: PDF Digital Signature Plugin
CVE-2017-2232 (Untrusted search path vulnerability in Installer of Shinseiyo Sogo ...)
- TODO: check
+ NOT-FOR-US: Installer of Shinseiyo Sogo Soft
CVE-2017-2231 (Untrusted search path vulnerability in The installer of MLIT ...)
- TODO: check
+ NOT-FOR-US: installer of MLIT DenshiSeikabutsuSakuseiShienKensa system
CVE-2017-2230 (Untrusted search path vulnerability in Douro Kouji Kanseizutou Check ...)
- TODO: check
+ NOT-FOR-US: Douro Kouji Kanseizutou Check Program
CVE-2017-2229 (Untrusted search path vulnerability in Douroshisetu Kihon Data Sakusei ...)
- TODO: check
+ NOT-FOR-US: Douroshisetu Kihon Data Sakusei System
CVE-2017-2228
RESERVED
CVE-2017-2227 (Untrusted search path vulnerability in The installer of Charamin OMP ...)
- TODO: check
+ NOT-FOR-US: installer of Charamin OMP
CVE-2017-2226 (Untrusted search path vulnerability in Setup file of advance ...)
TODO: check
CVE-2017-2225 (Untrusted search path vulnerability in EbidSettingChecker.exe (version ...)
- TODO: check
+ NOT-FOR-US: EbidSettingChecker.exe
CVE-2017-2224 (Cross-site scripting vulnerability in Event Calendar WD prior to ...)
- TODO: check
+ NOT-FOR-US: Event Calendar WD
CVE-2017-2223 (Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, ...)
TODO: check
CVE-2017-2222 (Cross-site scripting vulnerability in WP-Members prior to version ...)
@@ -25299,17 +25299,17 @@
CVE-2017-2221
RESERVED
CVE-2017-2220 (Untrusted search path vulnerability in Installer of CASL II simulator ...)
- TODO: check
+ NOT-FOR-US: Installer of CASL II simulator
CVE-2017-2219 (Untrusted search path vulnerability in the [Simeji for Windows] ...)
NOT-FOR-US: Simeji
CVE-2017-2218 (Untrusted search path vulnerability in Installer of QuickTime for ...)
- TODO: check
+ NOT-FOR-US: Installer of QuickTime for Windows
CVE-2017-2217 (Open redirect vulnerability in WordPress Download Manager prior to ...)
TODO: check
CVE-2017-2216 (Cross-site scripting vulnerability in WordPress Download Manager prior ...)
TODO: check
CVE-2017-2215 (Untrusted search path vulnerability in Installer of "Setup file of ...)
- TODO: check
+ NOT-FOR-US: Installer of "Setup file of advance preparation"
CVE-2017-2214 (Untrusted search path vulnerability in AppCheck and AppCheck Pro prior ...)
NOT-FOR-US: AppCheck
CVE-2017-2213 (Untrusted search path vulnerability in SemiDynaEXE ...)
@@ -25323,7 +25323,7 @@
CVE-2017-2209 (Untrusted search path vulnerability in the installer of Houkokusyo ...)
NOT-FOR-US: Houkokusyo Sakusei Shien Tool
CVE-2017-2208 (Untrusted search path vulnerability in Installer of Electronic ...)
- TODO: check
+ NOT-FOR-US: Installer of Electronic tendering and bid opening system
CVE-2017-2207 (Untrusted search path vulnerability in the installer of SaAT Personal ...)
NOT-FOR-US: SaAT Personal
CVE-2017-2206 (Untrusted search path vulnerability in the installer of SaAT Netizen ...)
@@ -25363,17 +25363,17 @@
CVE-2017-2189 (Untrusted search path vulnerability in RW-4040 driver installer for ...)
NOT-FOR-US: RW4040
CVE-2017-2188 (Untrusted search path vulnerability in Installer of Denshinouhin Check ...)
- TODO: check
+ NOT-FOR-US: Installer of Denshinouhin Check System
CVE-2017-2187 (Cross-site scripting vulnerability in WP Live Chat Support prior to ...)
NOT-FOR-US: WP Live Chat
CVE-2017-2186 (HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass ...)
- TODO: check
+ NOT-FOR-US: HOME SPOT CUBE2 firmware
CVE-2017-2185 (HOME SPOT CUBE2 firmware V101 and earlier allows authenticated ...)
- TODO: check
+ NOT-FOR-US: HOME SPOT CUBE2 firmware
CVE-2017-2184 (Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an ...)
- TODO: check
+ NOT-FOR-US: HOME SPOT CUBE2 firmware
CVE-2017-2183 (HOME SPOT CUBE2 firmware V101 and earlier allows authenticated ...)
- TODO: check
+ NOT-FOR-US: HOME SPOT CUBE2 firmware
CVE-2017-2182 (Hands-on Vulnerability Learning Tool "AppGoat" for Web Application ...)
NOT-FOR-US: Hands-on Vulnerability Learning Tool
CVE-2017-2181 (Hands-on Vulnerability Learning Tool "AppGoat" for Web Application ...)
More information about the Secure-testing-commits
mailing list