[Secure-testing-commits] r57704 - data/CVE

Fri Nov 17 09:26:09 UTC 2017

Author: jmm
Date: 2017-11-17 09:26:09 +0000 (Fri, 17 Nov 2017)
New Revision: 57704

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-11-17 09:24:07 UTC (rev 57703)
+++ data/CVE/list	2017-11-17 09:26:09 UTC (rev 57704)
@@ -58,9 +58,9 @@
 CVE-2017-1000219 (npm/KyleRoss windows-cpu all versions vulnerable to command injection ...)
 	NOT-FOR-US: npm/KyleRoss windows-cpu
 CVE-2017-1000218 (LightFTP version 1.1 is vulnerable to a buffer overflow in the ...)
-	TODO: check
+	NOT-FOR-US: LightFTP
 CVE-2017-1000213 (WBCE v1.1.11 is vulnerable to reflected XSS via the "begriff" POST ...)
-	TODO: check
+	NOT-FOR-US: WBCE
 CVE-2017-1000210 (picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer ...)
 	NOT-FOR-US: picoTCP
 CVE-2017-1000209 (The Java WebSocket client nv-websocket-client does not verify that the ...)
@@ -284,7 +284,7 @@
 CVE-2018-0001
 	RESERVED
 CVE-2017-16866 (dayrui FineCms 5.2.0 before 2017.11.16 has Cross Site Scripting (XSS) ...)
-	TODO: check
+	NOT-FOR-US: dayrui FineCms
 CVE-2017-16865
 	RESERVED
 CVE-2017-16864
@@ -329,7 +329,7 @@
 CVE-2017-16844 (Heap-based buffer overflow in the loadbuf function in formisc.c in ...)
 	- procmail <unfixed> (bug #876511)
 CVE-2017-16843 (Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the ...)
-	TODO: check
+	NOT-FOR-US: Vonage VDV-23
 CVE-2017-16842 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: Yoast SEO plugin for WordPress
 CVE-2017-16841 (LanSweeper 6.0.100.75 has XSS via the description parameter to ...)
@@ -524,7 +524,7 @@
 CVE-2017-16778
 	RESERVED
 CVE-2017-16777 (If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) ...)
-	TODO: check
+	NOT-FOR-US: HashiCorp Vagrant VMware Fusion plugin
 CVE-2017-16776
 	RESERVED
 CVE-2017-16775
@@ -640,7 +640,7 @@
 CVE-2017-16720
 	RESERVED
 CVE-2017-16719 (An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2017-16718
 	RESERVED
 CVE-2017-16717
@@ -648,7 +648,7 @@
 CVE-2017-16716
 	RESERVED
 CVE-2017-16715 (An Information Exposure issue was discovered in Moxa NPort 5110 Version ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2017-16714
 	RESERVED
 CVE-2017-16713
@@ -3158,7 +3158,7 @@
 CVE-2017-15807
 	RESERVED
 CVE-2017-15806 (The send function in the ezcMailMtaTransport class in Zeta Components ...)
-	TODO: check
+	NOT-FOR-US: Zeta Components Mail
 CVE-2016-10516 (Cross-site scripting (XSS) vulnerability in the render_full function in ...)
 	- python-werkzeug 0.11.11+dfsg1-1
 	NOTE: http://blog.neargle.com/2016/09/21/flask-src-review-get-a-xss-from-debuger/
@@ -3771,9 +3771,9 @@
 CVE-2017-15518
 	RESERVED
 CVE-2017-15517 (AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to ...)
-	TODO: check
+	NOT-FOR-US: AltaVault OST Plug-in
 CVE-2017-15516 (NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a ...)
-	TODO: check
+	NOT-FOR-US: NetApp
 CVE-2017-15515
 	RESERVED
 CVE-2017-15514


