[Secure-testing-commits] r51589 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri May 12 21:34:01 UTC 2017
Author: jmm
Date: 2017-05-12 21:34:01 +0000 (Fri, 12 May 2017)
New Revision: 51589
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-12 21:28:39 UTC (rev 51588)
+++ data/CVE/list 2017-05-12 21:34:01 UTC (rev 51589)
@@ -2563,11 +2563,11 @@
CVE-2016-10332
RESERVED
CVE-2016-10331 (Directory traversal vulnerability in download.php in Synology Photo ...)
- TODO: check
+ NOT-FOR-US: Synology Photo Station
CVE-2016-10330 (Directory traversal vulnerability in synophoto_dsm_user, a SUID ...)
- TODO: check
+ NOT-FOR-US: Synology Photo Station
CVE-2016-10329 (Command injection vulnerability in login.php in Synology Photo Station ...)
- TODO: check
+ NOT-FOR-US: Synology Photo Station
CVE-2015-9054
RESERVED
CVE-2015-9053
@@ -19166,15 +19166,15 @@
CVE-2017-2168
RESERVED
CVE-2017-2167 (Untrusted search path vulnerability in Installer for PrimeDrive ...)
- TODO: check
+ NOT-FOR-US: PrimeDrive
CVE-2017-2166
RESERVED
CVE-2017-2165
RESERVED
CVE-2017-2164 (Cross-site scripting vulnerability in SOY CMS with installer 1.8.12 ...)
- TODO: check
+ NOT-FOR-US: SOY CMS
CVE-2017-2163 (Directory traversal vulnerability in SOY CMS Ver.1.8.1 to Ver.1.8.12 ...)
- TODO: check
+ NOT-FOR-US: SOY CMS
CVE-2017-2162
RESERVED
CVE-2017-2161
@@ -19186,7 +19186,7 @@
CVE-2017-2158
RESERVED
CVE-2017-2157 (Untrusted search path vulnerability in installers for The Public ...)
- TODO: check
+ NOT-FOR-US: The Public Certification Service
CVE-2017-2156 (Untrusted search path vulnerability in Vivaldi installer for Windows ...)
NOT-FOR-US: Vivaldi installer Windows
CVE-2017-2155 (Buffer overflow in Hoozin Viewer 2, 3, 4.1.5.15 and earlier, 5.1.2.13 ...)
@@ -19256,7 +19256,7 @@
CVE-2017-2123 (Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door ...)
NOT-FOR-US: OneThird CMS
CVE-2017-2122 (Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, ...)
- TODO: check
+ NOT-FOR-US: Nessus
CVE-2017-2121
RESERVED
CVE-2017-2120 (SQL injection vulnerability in the WBCE CMS 1.1.10 and earlier allows ...)
@@ -28247,61 +28247,61 @@
CVE-2017-0282
RESERVED
CVE-2017-0281 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0280 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0279 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0278 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0277 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0276 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0275 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0274 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0273 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0272 (The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0271 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0270 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0269 (The Microsoft Server Message Block 1.0 (SMBv1) allows denial of ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0268 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0267 (Microsoft Server Message Block 1.0 (SMBv1) allows an information ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0266 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0265 (Microsoft PowerPoint for Mac 2011 allows a remote code execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0264 (Microsoft PowerPoint for Mac 2011 allows a remote code execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0263 (The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0262 (Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0261 (Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0260
RESERVED
CVE-2017-0259 (The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0258 (The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0257
RESERVED
CVE-2017-0256 (A spoofing vulnerability exists when the ASP.NET Core fails to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0255 (Microsoft SharePoint Foundation 2013 SP1 allows an elevation of ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0254 (Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0253
RESERVED
CVE-2017-0252
@@ -28311,65 +28311,65 @@
CVE-2017-0250
RESERVED
CVE-2017-0249 (An elevation of privilege vulnerability exists when the ASP.NET Core ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0248 (Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0247 (A denial of service vulnerability exists when the ASP.NET Core fails ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0246 (The Graphics Component in the kernel-mode drivers in Windows Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0245 (The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0244 (The kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0243
RESERVED
CVE-2017-0242 (An information disclosure vulnerability exists in the way some ActiveX ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0241 (An elevation of privilege vulnerability exists when Microsoft Edge ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0240 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0239
RESERVED
CVE-2017-0238 (A remote code execution vulnerability exists in Microsoft browsers in ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0237
RESERVED
CVE-2017-0236 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0235 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0234 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0233 (An elevation of privilege vulnerability exists in Microsoft Edge that ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0232
RESERVED
CVE-2017-0231 (A spoofing vulnerability exists when Microsoft browsers render ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0230 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0229 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0228 (A remote code execution vulnerability exists in Microsoft browsers in ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0227 (A remote code execution vulnerability exists in Microsoft Edge in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0226 (A remote code execution vulnerability exists when Internet Explorer ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0225
RESERVED
CVE-2017-0224 (A remote code execution vulnerability exists in the way JavaScript ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0223
RESERVED
CVE-2017-0222 (A remote code execution vulnerability exists when Internet Explorer ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0221 (A vulnerability exists when Microsoft Edge improperly accesses objects ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0220 (The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0219
RESERVED
CVE-2017-0218
@@ -28381,11 +28381,11 @@
CVE-2017-0215
RESERVED
CVE-2017-0214 (Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0213 (Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0212 (Windows Hyper-V allows an elevation of privilege vulnerability when ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0211 (An elevation of privilege vulnerability exists in Windows 10, Windows ...)
NOT-FOR-US: Microsoft
CVE-2017-0210 (An elevation of privilege vulnerability exists when Internet Explorer ...)
@@ -28429,7 +28429,7 @@
CVE-2017-0191 (A denial of service vulnerability exists in the way that Windows 7, ...)
NOT-FOR-US: Microsoft
CVE-2017-0190 (The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0189 (An elevation of privilege vulnerability exists in Windows 10 when the ...)
NOT-FOR-US: Microsoft
CVE-2017-0188 (A Win32k information disclosure vulnerability exists in Windows 8.1, ...)
@@ -28459,7 +28459,7 @@
CVE-2017-0176
RESERVED
CVE-2017-0175 (The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0174
RESERVED
CVE-2017-0173
@@ -28467,7 +28467,7 @@
CVE-2017-0172
RESERVED
CVE-2017-0171 (Windows DNS Server allows a denial of service vulnerability when ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0170
RESERVED
CVE-2017-0169 (An information disclosure vulnerability exists when Windows Hyper-V ...)
@@ -28655,7 +28655,7 @@
CVE-2017-0078 (The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 ...)
NOT-FOR-US: Microsoft
CVE-2017-0077 (The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0076 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
NOT-FOR-US: Microsoft
CVE-2017-0075 (Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and ...)
@@ -28681,7 +28681,7 @@
CVE-2017-0065 (Microsoft Edge allows remote attackers to obtain sensitive information ...)
NOT-FOR-US: Microsoft
CVE-2017-0064 (A security feature bypass vulnerability exists in Internet Explorer ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2017-0063 (The Color Management Module (ICM32.dll) memory handling functionality ...)
NOT-FOR-US: Microsoft
CVE-2017-0062 (The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; ...)
@@ -39872,29 +39872,29 @@
CVE-2016-4888 (Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ...)
NOT-FOR-US: ZOHO ManageEngine ServiceDesk Plus
CVE-2016-4887 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4886 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4885 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4884 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4883 (Cross-site scripting vulnerability in baserCMS version 3.0.10 and ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4882 (Cross-site request forgery (CSRF) vulnerability in baserCMS version ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4881 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4880 (Cross-site scripting vulnerability in baserCMS plugin Blog version ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4879 (Cross-site request forgery (CSRF) vulnerability in baserCMS plugin ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4878 (Cross-site request forgery (CSRF) vulnerability in baserCMS version ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4877 (Cross-site scripting vulnerability in baserCMS plugin Mail version ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4876 (Cross-site request forgery (CSRF) vulnerability in baserCMS version ...)
- TODO: check
+ NOT-FOR-US: baserCMS
CVE-2016-4875 (Multiple cross-site scripting (XSS) vulnerabilities in the IVYWE (1) ...)
NOT-FOR-US: IVYWE
CVE-2016-4874 (Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct ...)
@@ -39933,13 +39933,13 @@
CVE-2016-4860 (Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not ...)
NOT-FOR-US: Yokogawa STARDOM
CVE-2016-4859 (Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.3, ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2016-4858 (Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2016-4857 (Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2016-4856 (Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2016-4855 (Cross-site scripting vulnerability in ADOdb versions prior to 5.20.6 ...)
{DLA-620-1}
- libphp-adodb 5.20.6-1 (unimportant; bug #837418)
@@ -39979,9 +39979,9 @@
CVE-2016-4840 (Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus ...)
NOT-FOR-US: Coordinate Plus App for Android
CVE-2016-4839 (The Android Apps Money Forward (prior to v7.18.0), Money Forward for ...)
- TODO: check
+ NOT-FOR-US: Money Forward
CVE-2016-4838 (The Android Apps Money Forward (prior to v7.18.0), Money Forward for ...)
- TODO: check
+ NOT-FOR-US: Money Forward
CVE-2016-4837 (SQL injection vulnerability in the Seed Coupon plugin before 1.6 for ...)
NOT-FOR-US: EC-CUBE
CVE-2016-4836
More information about the Secure-testing-commits
mailing list