[Secure-testing-commits] r57779 - data/CVE

Salvatore Bonaccorso Sat, 18 Nov 2017 05:06:08 -0800

Author: carnil
Date: 2017-11-18 13:05:45 +0000 (Sat, 18 Nov 2017)
New Revision: 57779


Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-18 12:35:47 UTC (rev 57778)
+++ data/CVE/list       2017-11-18 13:05:45 UTC (rev 57779)
@@ -1,7 +1,7 @@
 CVE-2017-16880 (The dump function in Util/TemplateHelper.php in filp whoops 
before ...)
-       TODO: check
+       NOT-FOR-US: filp whoops
 CVE-2017-1000230 (The Snap7 Server version 1.4.1 can be crashed when the 
ItemCount field ...)
-       TODO: check
+       NOT-FOR-US: Snap7 Server
 CVE-2017-1000227 (Stored XSS in Salutation Responsive WordPress + BuddyPress 
Theme ...)
        TODO: check
 CVE-2017-1000221 (In Opencast 2.2.3 and older if user names overlap, the 
Opencast search ...)
@@ -1103,7 +1103,7 @@
 CVE-2017-16567 (Cross-site scripting (XSS) vulnerability in Logitech Media 
Server ...)
        NOT-FOR-US: Logitech Media Server
 CVE-2017-16566 (On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server 
does not ...)
-       TODO: check
+       NOT-FOR-US: Jooan IP Camera A5 2.3.36 devices
 CVE-2017-16565 (Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage 
...)
        NOT-FOR-US: Vonage
 CVE-2017-16564 (Stored Cross-site scripting (XSS) vulnerability in 
/cgi-bin/config2 on ...)
@@ -8185,7 +8185,7 @@
        NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27013
        NOTE: Fix: https://gerrit.asterisk.org/#/q/topic:ASTERISK-27013
 CVE-2017-14077 (HTML Injection in Securimage 3.6.4 and earlier allows remote 
attackers ...)
-       TODO: check
+       NOT-FOR-US: Securimage
 CVE-2017-14076 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id 
...)
        NOT-FOR-US: NexusPHP
 CVE-2017-14075 (This vulnerability allows local attackers to escalate 
privileges on ...)
@@ -17546,7 +17546,7 @@
 CVE-2017-10890 (Session management issue in RX-V200 firmware versions prior to 
...)
        NOT-FOR-US: RX-V200 firmware
 CVE-2017-10889 (TablePress prior to version 1.8.1 allows an attacker to 
conduct XML ...)
-       TODO: check
+       NOT-FOR-US: TablePress
 CVE-2017-10888 (BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for 
Mac ...)
        NOT-FOR-US: BOOK WALKER
 CVE-2017-10887 (Untrusted search path vulnerability in BOOK WALKER for Windows 
...)
@@ -36665,7 +36665,7 @@
 CVE-2017-4940
        RESERVED
 CVE-2017-4939 (VMware Workstation (12.x before 12.5.8) installer contains a 
DLL ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2017-4938 (VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 
8.5.9) ...)
        NOT-FOR-US: VMware
 CVE-2017-4937 (VMware Workstation (12.x before 12.5.8) and Horizon View Client 
for ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57779 - data/CVE

Reply via email to