[Secure-testing-commits] r52602 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jun 16 04:49:26 UTC 2017 

Author: carnil
Date: 2017-06-16 04:49:26 +0000 (Fri, 16 Jun 2017)
New Revision: 52602

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-16 04:12:19 UTC (rev 52601)
+++ data/CVE/list	2017-06-16 04:49:26 UTC (rev 52602)
@@ -99,11 +99,11 @@
 CVE-2017-9676
 	RESERVED
 CVE-2017-9675 (On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an ...)
-	TODO: check
+	NOT-FOR-US: D-Link DIR-605L devices
 CVE-2017-9674 (In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on ...)
-	TODO: check
+	NOT-FOR-US: SimpleCE
 CVE-2017-9673 (In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an ...)
-	TODO: check
+	NOT-FOR-US: SimpleCE
 CVE-2017-9672
 	RESERVED
 CVE-2017-9671
@@ -227,7 +227,7 @@
 CVE-2017-9614
 	RESERVED
 CVE-2017-9613 (Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors ...)
-	TODO: check
+	NOT-FOR-US: SAP SuccessFactors
 CVE-2017-9612
 	RESERVED
 CVE-2017-9611
@@ -476,7 +476,7 @@
 CVE-2017-9506
 	RESERVED
 CVE-2017-9505 (Atlassian Confluence starting with 4.3.0 before 6.2.1 did not check if ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Confluence
 CVE-2017-9504
 	RESERVED
 CVE-2017-9503 [scsi: null pointer dereference while processing megasas command]
@@ -717,7 +717,7 @@
 CVE-2017-9420 (Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin ...)
 	NOT-FOR-US: Spiffy Calendar plugin for WordPress
 CVE-2017-9419 (Cross-site scripting (XSS) vulnerability in the Webhammer WP Custom ...)
-	TODO: check
+	NOT-FOR-US: Webhammer WP Custom Fields Search plugin for WordPress
 CVE-2017-9418 (SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for ...)
 	NOT-FOR-US: WP-Testimonials plugin for WordPress
 CVE-2017-9417 (Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute ...)
@@ -1049,7 +1049,7 @@
 	NOTE: https://github.com/VirusTotal/yara/issues/674
 	NOTE: https://github.com/VirusTotal/yara/commit/925bcf3c3b0a28b5b78e25d9efda5c0bf27ae699
 CVE-2016-10395 (In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running ...)
-	TODO: check
+	NOT-FOR-US: FlexNet Publisher
 CVE-2016-10394
 	RESERVED
 CVE-2016-10393
@@ -3337,7 +3337,7 @@
 CVE-2017-8488 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8487 (Windows OLE in Windows XP and Windows Server 2003 allows an attacker ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-8486
 	RESERVED
 CVE-2017-8485 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
@@ -3389,7 +3389,7 @@
 CVE-2017-8462 (The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8461 (Windows RPC with Routing and Remote Access enabled in Windows XP and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2017-8460 (Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows ...)
 	NOT-FOR-US: Microsoft
 CVE-2017-8459 (** DISPUTED ** Brave 0.12.4 has a Status Bar Obfuscation issue in which ...)
@@ -5115,7 +5115,7 @@
 CVE-2017-7877 (CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to ...)
 	NOT-FOR-US: flatCore
 CVE-2017-7876 (QNAP QTS before 4.2.6 build 20170517 allows command injection. ...)
-	TODO: check
+	NOT-FOR-US: QNAP QTS
 CVE-2017-7875 (In wallpaper.c in feh before v2.18.3, if a malicious client pretends to ...)
 	{DLA-899-1}
 	- feh 2.18-2 (low; bug #860367)
@@ -5875,7 +5875,7 @@
 CVE-2017-7630
 	RESERVED
 CVE-2017-7629 (QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password ...)
-	TODO: check
+	NOT-FOR-US: QNAP QTS
 CVE-2017-7628 (The "Smart related articles" extension 1.1 for Joomla! has SQL ...)
 	NOT-FOR-US: Joomla extension
 CVE-2017-7627 (The "Smart related articles" extension 1.1 for Joomla! does not prevent ...)
@@ -13592,7 +13592,7 @@
 CVE-2017-5245
 	RESERVED
 CVE-2017-5244 (Routes used to stop running Metasploit tasks (either particular ones ...)
-	TODO: check
+	NOT-FOR-US: Metasploit
 CVE-2017-5243 (The default SSH configuration in Rapid7 Nexpose hardware appliances ...)
 	NOT-FOR-US: Rapid7 Nexpose hardware appliances
 CVE-2017-5242
@@ -23465,7 +23465,7 @@
 CVE-2017-1380
 	RESERVED
 CVE-2017-1379 (IBM API Connect 5.0.0.0 could allow a remote attacker to obtain ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1378
 	RESERVED
 CVE-2017-1377
@@ -23829,7 +23829,7 @@
 CVE-2017-1198
 	RESERVED
 CVE-2017-1197 (IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2017-1196 (IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require ...)
 	NOT-FOR-US: IBM
 CVE-2017-1195
@@ -60497,7 +60497,7 @@
 CVE-2015-7733
 	RESERVED
 CVE-2015-7732 (The Avira Mobile Security app before 1.5.11 for iOS sends sensitive ...)
-	TODO: check
+	NOT-FOR-US: Avira Mobile Security app
 CVE-2015-7731
 	RESERVED
 CVE-2015-7730 (SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and ...)

More information about the Secure-testing-commits mailing list