[Secure-testing-commits] r53394 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Jul 11 21:18:44 UTC 2017
Author: jmm
Date: 2017-07-11 21:18:44 +0000 (Tue, 11 Jul 2017)
New Revision: 53394
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-11 21:14:17 UTC (rev 53393)
+++ data/CVE/list 2017-07-11 21:18:44 UTC (rev 53394)
@@ -1503,7 +1503,7 @@
CVE-2017-10601
RESERVED
CVE-2017-10600 (ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates ...)
- TODO: check
+ NOT-FOR-US: ubuntu-image
CVE-2017-9996 (The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x ...)
- ffmpeg 7:3.2.5-1
- libav <undetermined>
@@ -9391,15 +9391,15 @@
CVE-2017-7731 (A weak password recovery vulnerability in Fortinet FortiPortal ...)
NOT-FOR-US: Fortinet FortiPortal
CVE-2017-7730 (iSmartAlarm cube devices allow Denial of Service. Sending a SYN flood ...)
- TODO: check
+ NOT-FOR-US: iSmartAlarm
CVE-2017-7729 (On iSmartAlarm cube devices, there is Incorrect Access Control because ...)
- TODO: check
+ NOT-FOR-US: iSmartAlarm
CVE-2017-7728 (On iSmartAlarm cube devices, there is authentication bypass leading to ...)
- TODO: check
+ NOT-FOR-US: iSmartAlarm
CVE-2017-7727
REJECTED
CVE-2017-7726 (iSmartAlarm cube devices have an SSL Certificate Validation ...)
- TODO: check
+ NOT-FOR-US: iSmartAlarm
CVE-2017-7725 (concrete5 8.1.0 places incorrect trust in the HTTP Host header during ...)
NOT-FOR-US: concrete5
CVE-2017-7724
@@ -11439,7 +11439,7 @@
CVE-2017-7176
RESERVED
CVE-2017-7175 (NfSen before 1.3.8 allows remote attackers to execute arbitrary OS ...)
- TODO: check
+ NOT-FOR-US: NfSen
CVE-2017-7174 (The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 ...)
NOT-FOR-US: Chef Manage
CVE-2017-7173
@@ -25639,11 +25639,11 @@
CVE-2017-2246
RESERVED
CVE-2017-2245 (Directory traversal vulnerability in Shortcodes Ultimate prior to ...)
- TODO: check
+ NOT-FOR-US: Shortcodes Ultimate
CVE-2017-2244 (Cross-site request forgery (CSRF) vulnerability in MFC-J960DWN ...)
NOT-FOR-US: MFC-J960DWN firmware
CVE-2017-2243 (Cross-site scripting vulnerability in Responsive Lightbox prior to ...)
- TODO: check
+ NOT-FOR-US: Responsive Lightbox
CVE-2017-2242
RESERVED
CVE-2017-2241
@@ -25651,7 +25651,7 @@
CVE-2017-2240
RESERVED
CVE-2017-2239 (Marp versions v0.0.10 and earlier may allow an attacker to access ...)
- TODO: check
+ NOT-FOR-US: Marp
CVE-2017-2238 (Cross-site request forgery (CSRF) vulnerability in Toshiba Home ...)
NOT-FOR-US: Toshiba Home gateway HEM-GW16A
CVE-2017-2237 (Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and ...)
@@ -25835,13 +25835,13 @@
CVE-2017-2148 (Cross-site scripting vulnerability in WN-AC1167GR firmware version ...)
NOT-FOR-US: WN-AC1167GR firmware
CVE-2017-2147 (Cross-site scripting vulnerability in WP Statistics version 12.0.4 and ...)
- NOT-FOR-US: WP Statistics
+ NOT-FOR-US: WP Statistics
CVE-2017-2146 (Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 ...)
- TODO: check
+ NOT-FOR-US: Cybozu Garoon
CVE-2017-2145 (Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows ...)
- TODO: check
+ NOT-FOR-US: Cybozu Garoon
CVE-2017-2144 (Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another ...)
- TODO: check
+ NOT-FOR-US: Cybozu Garoon
CVE-2017-2143 (CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor ...)
NOT-FOR-US: CS-Cart
CVE-2017-2142 (Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows ...)
@@ -27333,7 +27333,7 @@
CVE-2017-1399
RESERVED
CVE-2017-1398 (IBM WebSphere Commerce Enterprise, Professional, Express, and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1397
RESERVED
CVE-2017-1396
@@ -27455,7 +27455,7 @@
CVE-2017-1338
RESERVED
CVE-2017-1337 (IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1336
RESERVED
CVE-2017-1335
@@ -27561,7 +27561,7 @@
CVE-2017-1285
RESERVED
CVE-2017-1284 (IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with ability ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2017-1283
RESERVED
CVE-2017-1282 (IBM Content Navigator & CMIS 2.0 and 3.0 is vulnerable to cross-site ...)
@@ -28929,23 +28929,23 @@
CVE-2017-0673 (A remote code execution vulnerability in the Android media framework. ...)
NOT-FOR-US: Android media framework
CVE-2017-0672 (A denial of service vulnerability in the Android libraries. Product: ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-0671 (A remote code execution vulnerability in the Android libraries. ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-0670 (A denial of service vulnerability in the Android framework. Product: ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-0669 (A information disclosure vulnerability in the Android framework. ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-0668 (A information disclosure vulnerability in the Android framework. ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-0667 (A elevation of privilege vulnerability in the Android framework. ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-0666 (A elevation of privilege vulnerability in the Android framework. ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-0665 (A elevation of privilege vulnerability in the Android framework. ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-0664 (A elevation of privilege vulnerability in the Android framework. ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2017-0663 (A remote code execution vulnerability in libxml2 could enable an ...)
- libxml2 <undetermined>
NOTE: https://android.googlesource.com/platform/external/libxml2/+/521b88fbb6d18312923f0df653d045384b500ffc
@@ -29931,7 +29931,7 @@
CVE-2017-0341 (All versions of the NVIDIA Windows GPU Display Driver contain a ...)
NOT-FOR-US: NVIDIA Windows drivers
CVE-2017-0340 (An elevation of privilege vulnerability in the NVIDIA Libnvparser ...)
- TODO: check
+ NOT-FOR-US: NVIDIA driver for Android
CVE-2017-0339 (An elevation of privilege vulnerability in the NVIDIA crypto driver ...)
NOT-FOR-US: NVIDIA driver for Android
CVE-2017-0338 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
@@ -29959,7 +29959,7 @@
CVE-2017-0327 (An elevation of privilege vulnerability in the NVIDIA crypto driver ...)
NOT-FOR-US: NVIDIA driver for Android
CVE-2017-0326 (An information disclosure vulnerability in the NVIDIA Video Driver due ...)
- TODO: check
+ NOT-FOR-US: NVIDIA driver for Android
CVE-2017-0325 (An elevation of privilege vulnerability in the NVIDIA I2C HID driver ...)
NOT-FOR-US: NVIDIA driver for Android
CVE-2017-0324 (All versions of NVIDIA Windows GPU Display Driver contain a ...)
More information about the Secure-testing-commits
mailing list