[Secure-testing-commits] r57779 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Nov 18 13:05:45 UTC 2017
Author: carnil
Date: 2017-11-18 13:05:45 +0000 (Sat, 18 Nov 2017)
New Revision: 57779
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-18 12:35:47 UTC (rev 57778)
+++ data/CVE/list 2017-11-18 13:05:45 UTC (rev 57779)
@@ -1,7 +1,7 @@
CVE-2017-16880 (The dump function in Util/TemplateHelper.php in filp whoops before ...)
- TODO: check
+ NOT-FOR-US: filp whoops
CVE-2017-1000230 (The Snap7 Server version 1.4.1 can be crashed when the ItemCount field ...)
- TODO: check
+ NOT-FOR-US: Snap7 Server
CVE-2017-1000227 (Stored XSS in Salutation Responsive WordPress + BuddyPress Theme ...)
TODO: check
CVE-2017-1000221 (In Opencast 2.2.3 and older if user names overlap, the Opencast search ...)
@@ -1103,7 +1103,7 @@
CVE-2017-16567 (Cross-site scripting (XSS) vulnerability in Logitech Media Server ...)
NOT-FOR-US: Logitech Media Server
CVE-2017-16566 (On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not ...)
- TODO: check
+ NOT-FOR-US: Jooan IP Camera A5 2.3.36 devices
CVE-2017-16565 (Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage ...)
NOT-FOR-US: Vonage
CVE-2017-16564 (Stored Cross-site scripting (XSS) vulnerability in /cgi-bin/config2 on ...)
@@ -8185,7 +8185,7 @@
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27013
NOTE: Fix: https://gerrit.asterisk.org/#/q/topic:ASTERISK-27013
CVE-2017-14077 (HTML Injection in Securimage 3.6.4 and earlier allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Securimage
CVE-2017-14076 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id ...)
NOT-FOR-US: NexusPHP
CVE-2017-14075 (This vulnerability allows local attackers to escalate privileges on ...)
@@ -17546,7 +17546,7 @@
CVE-2017-10890 (Session management issue in RX-V200 firmware versions prior to ...)
NOT-FOR-US: RX-V200 firmware
CVE-2017-10889 (TablePress prior to version 1.8.1 allows an attacker to conduct XML ...)
- TODO: check
+ NOT-FOR-US: TablePress
CVE-2017-10888 (BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac ...)
NOT-FOR-US: BOOK WALKER
CVE-2017-10887 (Untrusted search path vulnerability in BOOK WALKER for Windows ...)
@@ -36665,7 +36665,7 @@
CVE-2017-4940
RESERVED
CVE-2017-4939 (VMware Workstation (12.x before 12.5.8) installer contains a DLL ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2017-4938 (VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) ...)
NOT-FOR-US: VMware
CVE-2017-4937 (VMware Workstation (12.x before 12.5.8) and Horizon View Client for ...)
More information about the Secure-testing-commits
mailing list